IntroductionCertain Internet service providers have begun to interfere with their users' communications by injecting forged or spoofed packets - data that appears to come from the other end but was actually generated by an Internet service provider (ISP) in the middle. This spoofing is one means (although not the only means) of blocking, jamming, or degrading users' ability to use particular applications, services, or protocols. One important means of holding ISPs accountable for this interference is the ability of some subscribers to detect and document it reliably. We have to learn what ISPs are doing before we can try to do something about it. Internet users can often detect interference by comparing data sent at one end with data received at the other end of a connection.



website >> EFF

---

LETS BEGIN IN 2010

IntroductionCertain Internet service providers have begun to interfere with their users' communications by injecting forged or spoofed packets - data that appears to come from the other end but was actually generated by an Internet service provider (ISP) in the middle. This spoofing is one means (although not the only means) of blocking, jamming, or degrading users' ability to use particular applications, services, or protocols. One important means of holding ISPs accountable for this interference is the ability of some subscribers to detect and document it reliably. We have to learn what ISPs are doing before we can try to do something about it. Internet users can often detect interference by comparing data sent at one end with data received at the other end of a connection.



website >> EFF

Wow, the paranoia is getting pretty deep.

This also describes two totally different issues, one of an ISP adding his own advertising to Google (which would be nearly impossible to do "on the fly" but easy enough with a caching proxy -- a way to save bandwidth) and a way that some large high-speed providers try to preserve bandwidth.

For the first case, it seems pretty transparent.

For the typical cable provider, they usually put 10 to 20 megabytes of bandwidth to a "pedestal" which then feeds about 50 homes. One kid running "torrent" can starve the rest of the neighborhood -- which is why that is also a violation of the typical cable ISP's terms of service. You aren't supposed to use all of your provider's bandwidth all of the time and still pay $20/month.

They can't afford that.

But as a "privacy issue?"

I guess it'd be easier for the ISP to simply terminate the account, rather than try to control usage.

---

It surprise me the an ISP provider like comast would go to that extreme.

---

LETS BEGIN IN 2010

For the typical cable provider, they usually put 10 to 20 megabytes of bandwidth to a "pedestal" which then feeds about 50 homes. One kid running "torrent" can starve the rest of the neighborhood -- which is why that is also a violation of the typical cable ISP's terms of service. You aren't supposed to use all of your provider's bandwidth all of the time and still pay $20/month.

What? Where did you hear that? The terms of service are usually "unlimited", so that's what we use: UNLIMITED...

Here is a good example:

---

In May 2007, Comcast began engaging in protocol-specific interference with the activities of its subscribers. When confronted by users and by EFF, Comcast responded with denials and answers that told less than the whole story. In October 2007, however, after independent testing by the Associated Press and EFF, it became clear that Comcast is, in fact, interfering with BitTorrent, Gnutella, and potentially other common file sharing protocols employed by millions of Internet users. In specific, it appears that Comcast is injecting forged RST packets into TCP communications, in an effort to disrupt certain protocols commonly used for file-sharing. The interference efforts appear to be triggered by the protocol that a subscriber uses, not by the number of connections made or amount of bandwidth used by the subscriber.

In the wake of this set of revelations and in response to the lack of detailed technical information from Comcast, EFF has continued its independent testing of Comcast's protocol-specific interference efforts (at the same time, others have sued Comcast and filed petitions with the FCC).

At a minimum, consumers deserve a complete description of what they are getting when they buy "unlimited Internet access" from an ISP. Only if they know what is going on and who is to blame for deliberate interference can consumes make informed choices about which ISP to prefer (to the extent they have choices among residential broadband providers) or what counter-measures they might employ. Policy-makers, as well, need to understand what is actually being done by ISPs in order to pierce the evasive and ambiguous rhetoric employed by some ISPs to describe their interference activities.

Accordingly, EFF is developing information and software tools intended to help subscribers test their own broadband connections. While these tests initially will require a relatively high degree of technical knowledge, we hope that we will be able to develop tools that will bring these testing efforts within reach of more subscribers.

This web page will collect EFF's white papers, software tools, blog entries, and other materials relating to this ongoing project.

---

LETS BEGIN IN 2010

Hi,

It surprise me the an ISP provider like comast would go to that extreme.

Are you having a laugh or what?

*NOTHING* Comcast do would surprise me, considering they've been a haven for spammers for more years than I care to remember. They've got one of the worst reputations in the industry.... :-(


TTFN - Pete.

---

For the typical cable provider, they usually put 10 to 20 megabytes of bandwidth to a "pedestal" which then feeds about 50 homes. One kid running "torrent" can starve the rest of the neighborhood -- which is why that is also a violation of the typical cable ISP's terms of service. You aren't supposed to use all of your provider's bandwidth all of the time and still pay $20/month.

What? Where did you hear that? The terms of service are usually "unlimited", so that's what we use: UNLIMITED...

Here is a good example:

From the basic design specifications of the typical Hybrid Fiber Cable system.

Using Cable terminology, there is a head-end somewhere that feeds the whole community. There is fiber running out to the various neighborhoods, and the speed of the cable is FINITE, it is not INFINITE. The pedestal hooks to the fiber, and converts data running on the fiber to data running on the coax that feeds the neighborhood, and that cable runs at a specific, fixed speed. It is FINITE.

Going the other direction, the cable company buys bandwidth from someone at some level -- a big cable company may peer, or they may buy bandwidth from a major backbone, but all of the interconnections to do that run at a FINITE speed.

So, "unlimited" can't be infinite.

Edit:

I realized after answering the other question that you are reacting to the fact that "unlimited" should be unlimited, and my technical answer addressed that.

What it didn't address is the moral/legal aspect.

Any ISP buys a fixed amount of bandwidth. Let's say Comcast has 10 gigabits/second into a given city. Let us also assume that they pay $50,000/month for that service.

Let us assume that they have 500 torrent users, each pushing nearly 20 megabits/second, 24/7.

If they charge $19.95/month for "unlimited" cable, then those torrent users are getting $50,000 worth of bandwidth and generating $10,000 worth of revenue.

How long can Comcast stay in business at those rates??

This is why some practices are prohibited in the Comcast Terms of Service.

... and it's the same with DSL and Wireless.

---

At a minimum, consumers deserve a complete description of what they are getting when they buy "unlimited Internet access" from an ISP. Only if they know what is going on and who is to blame for deliberate interference can consumes make informed choices about which ISP to prefer (to the extent they have choices among residential broadband providers) or what counter-measures they might employ. Policy-makers, as well, need to understand what is actually being done by ISPs in order to pierce the evasive and ambiguous rhetoric employed by some ISPs to describe their interference activities.

Look, I'm far from defending Comcast, but this really is time for a reality check.

By signing up with any ISP, you have to agree to their Terms of Service.

Comcast has published their Terms of Service here.

Section viii says you can't knowingly or otherwise interfere with the network. Using 100% of the available bandwidth 100% of the time means less bandwidth available for others.

Peer to peer file sharing applications are very good at loading a circuit to 100% of line speed.

The real kicker is section xiv, which I will reproduce verbatim:

run programs, equipment, or servers from the Premises that provide network content or any other services to anyone outside of your Premises LAN (Local Area Network), also commonly referred to as public services or servers. Examples of prohibited services and servers include, but are not limited to, e-mail, Web hosting, file sharing, and proxy services and servers;

Note "file sharing" -- BitTorrent and Gnutella are both Peer-to-Peer file sharing applications.

I'm not endorsing their methods. In fact, I think the idea of spoofing RST packets is a pretty goofy and ineffective way of dealing with what is a breach of contract on the part of the customer.

This kind of problem is solved by terminating service to the abusing customer, and telling them why they've been terminated for abuse.

Do I think Comcast is right to interfere? No. I think they should stand up and say "if you want to run servers, or heavy P2P file sharing, we will allow it at the proper commercial rate" -- but not at $29.95/month.

---

Agreed, and the truth of the matter is that virtually everyone in the US is in violation of the AUP/EULA for residential internet access in one way or another (and Comcast's AUP isn't significantly different than other ISP's whether BB or DU).

The strange part about the 'China Firewall' style interference is that since they control modem at the client location in the first place, why they would choose to resort this method for bandwidth control?

Logic would seem to indicate that it has more to do with IP and DMCA concerns than bandwidth hogging. ;-)

Of course, some folks don't like to concede the fact that sharing their entire music/video collection with everyone else on the planet is and always has been been copyright infringement and well beyond the principles of fair use. In light of that, one should not be too surprised that ISPs might take proactive measures to ensure they can defend themselves adequately in vicarious liability lawsuits. Pretty much just basic CYA really.

Alinator

More Information from the EFF on comast part 1

Comcast is the second largest Internet Service Provider (ISP) in the United States. They run the cable TV and cable Internet networks in many parts of the United States, and many consumers know them as their duopoly or monopoly provider of residential broadband Internet access.

Some time around May 2007, Comcast installed new software or equipment on its networks that began selectively interfering with some of Comcast's customers' TCP/IP connections.1 The most widely discussed interference was with certain BitTorrent peer-to-peer (P2P) file-sharing communications, but other protocols have also been affected. This white paper is intended to set forth the current state of public knowledge about Comcast's interference activities.

How Do We Know Comcast Is Forging Traffic?Initial reports of users having trouble with BitTorrent connections began to circulate on discussion forums around May 2007.2 Those affected appeared to be Comcast subscribers, and observers began speculating began about the causes. A Comcast subscriber named Robb Topolski ran a tool called a packet sniffer3 while attempting to "seed" (i.e., offer to others for download) files on BitTorrent and discovered unexpected TCP RST packets that were causing inbound connections to his computer to die. Based on his observations, he speculated that Comcast may have been responsible for this interference.

TCP is a standard protocol that computers use to exchange information on the Internet.4 RST packets, also known as "reset" packets, are a kind of TCP message that is normally sent when a computer receives TCP packets that it believes it should not have received, or when it thinks it has closed a connection but keeps receiving traffic from the other side. When received, RST packets will generally cause ordinary networking software to close its side of the connection in response.

After becoming aware of Topolski's research, EFF contacted Comcast to inquire about these reports of interference with BitTorrent communications. A Comcast representative told us that while Comcast did perform "network management" that might interfere with particular subscribers in rare circumstances, it did not block or target any application or protocol.5

In the wake of Comcast's representations to us, we continued to receive reports of protocol-specific interference, leading us to began performing our own tests. We observed that our attempts to seed a test file (a public domain book) using BitTorrent over a Comcast residential broadband account failed, with connections being disrupted by unexpected TCP RST packets. The Associated Press (AP) was apparently conducting similar experiments, and they subsequently brought the story to widespread public attention.6

The EFF tests used a packet sniffer called Wireshark at both ends of a connection: one on Comcast's network, one from elsewhere. Our tests confirmed that the RST packets were being forged and injected somewhere in the network between the two communicating parties. For example, if we call one end of the connection Alice and the other end Bob, Alice receives a number of RST packets (typically 3-5) from Bob, but Bob's packet sniffer has no record of his computer ever having sent them. Bob, in turn, receives a series of RST messages from Alice, but Alice's computer similarly has no record of having sent them. These inconsistencies in the packet logs at each end of the connection demonstrate that some intermediate party was forging traffic in both directions; each side receives forged RST packets that contain a sender IP address and TCP sequence number that falsely indicates that it was sent by the other.

EFF's tests corroborated AP's results — comparisons of packet logs between two communicating parties showed that an intervening computer (almost certainly Comcast's) was injecting forged RST packets into the communications, effectively telling both ends of the connection to stop communicating. We replicated these tests using Comcast residential broadband accounts in California and Oregon. We controlled for the possibility that other intermediary ISPs might have been involved by testing several connections provided by other ISPs (including Sonic, AT&T, and overseas ISPs). In a series of over a dozen tests, we observed only jamming of connections inbound to Comcast subscribers.7 The only likely explanation of these observations is that Comcast was forging and injecting the RST packets in order to interfere with certain connections.

For readers who are interested in the full technical details of this process, as well as instructions on replicating the experiments, EFF has published a separate, and much more detailed, technical guide.

---

LETS BEGIN IN 2010

Part 2

What Communications Are Affected?Initial investigations suggest that Comcast is interfering with some subset of protocols, rather than interfering equally with TCP/IP traffic generally.

EFF has run tests of Comcast's treatment of BitTorrent, Gnutella, and World Wide Web (i.e., HTTP) protocols. We have seen definite interference by injection of RST packets into certain classes of BitTorrent and Gnutella TCP sessions (which we explain in more detail below).

There have also been credible reports of TCP RST packet forgery occurring against Lotus Notes communications, a "groupware" suite used by many businesses for email, calendaring and enterprise file sharing.9 Following public discussion of this issue, Comcast reportedly adjusted its systems so that Lotus Notes works correctly again.10 One firm also reported that Comcast was jamming their clients' Windows Remote Desktop connections. The report appeared quite credible (the submitter informed us that they had numerous clients, and were experiencing problems only with those using Comcast), but it did not contain concrete evidence in the form of packet logs. The submitter subsequently informed us that the problem had dissipated. Because the resolution coincided with the resolution of Lotus Notes interference, we believe that changes to Comcast's jamming algorithms are the most likely explanation for these changes.

EFF has also received unconfirmed reports that Comcast is interfering with other protocols. In particular, some Comcast users have reported that medium and large-sized FTP and HTTP transfers have been interrupted. The FTP and HTTP reports, however, have not included enough detail for us to be certain that there is a problem attributable to forgery of packets by Comcast. Our attempts to test for interference in large HTTP transfers have occasionally resulted in what seem to be interrupted connections, but these results are not consistently reproducible, and we cannot say at this point that there is any interference or that it is caused by Comcast.11

We do not presently have enough data to form complete theories about the details of the algorithm that Comcast has been using to select connections for interdiction. We intend to continue testing, however, and will post an update based on our results or those of others.

What Are The Effects Of Comcast's Packet Forgery?There has been some confusion about the impact of Comcast's interference, with Comcast characterizing the impact on its customers as "delaying" some network communications. As both a technical and metaphorical description, this characterization is incomplete and misleading.

The consequences of Comcast's spoofing of TCP RST packets are complicated. At a low level, the forged RST packets cause the targeted TCP connections to die as soon as computers try to establish them.12 But the practical consequences depend on which higher level protocol (Gnutella, BitTorrent, Lotus Notes, etc) was using the TCP/IP connection, and on the particular software that is implementing that protocol, and on the way that the user interacts with that software.

In many cases, however, injection of forged RST packets will cause software to fail in its attempts to do something a user asks of it. For instance, a BitTorrent client elsewhere on the Internet may fail in downloading a rare document that is available as a BitTorrent seed from a Comcast user.13

In the case of a typical Gnutella node, RST forgery will impair the node's ability to discover and establish proper communications with other parts of the Gnutella network. Gnutella connections can normally be started in either direction: the Comcast user connects outwards, or other Gnutella nodes connect inwards. So, for example, when Alice's Gnutella client starts up, it runs through a "cache" of nodes that it has communicated with in the past.14 It attempts to make outbound connections to these nodes, in the hope that some of them are currently online (most of them are not, because Gnutella nodes are usually transient). At the same time, other Gnutella nodes may be connecting inwards, either because they have Alice's IP address in their cache, or because a node Alice has established a connection with tells them that Alice is online.15 We observed these inwards connections being jammed by Comcast. The practical result is that it takes longer — potentially much longer — for Alice's Gnutella node establish connections with a sufficient number of other healthy Gnutella nodes to ensure reliable data transfers.16 Because it takes longer to establish these connections, it takes longer for the node to begin obtaining meaningful results for its searches (generally speaking, only after users have meaningful search results, can they initiate downloads). Comcast's interference will also have certain large-scale effects on the structure of the Gnutella network, because there is a large set of nodes (those on Comcast's network) which can only be talked to by outside nodes when the Comcast nodes initiates the connection. So, for instance, Comcast's jamming prevents conversation between Comcast nodes and nodes that are behind firewalls. These limits on interconnection are likely to reduce the effectiveness of the Gnutella network for all of its users.

In our tests, we did not observe Comcast forging RST packets to interfere with Gnutella search, upload or download operations.17 It was only the initial connection attempts that failed. Users whose ability to upload or find and download a rare file on the Gnutella network was dependent on a connection that would have been established from a non-Comcast node to a Comcast node will have lost this functionality because of Comcast's interference. Also, some users will be discouraged enough by Gnutella's reduced performance that they give up. While it is difficult to say how many users are in this category, Comcast's efforts to impair Gnutella's connection establishment will drastically effect how well Gnutella works for this set of users.

So, in many cases, Comcast subscribers will experience problems more severe than a mere "delay" to their traffic. For instance, a user who tries to publish a file by seeding it on BitTorrent (as the Associated Press did with the Bible, and as we did with other copyright-free texts in our tests) will find that others are unable to download the file from them. And, as described above, a user who tries to use Gnutella to find a file but gets no meaningful search results after trying for ten minutes may well give up, concluding that Gnutella is ineffective. In both of these examples, Comcast's packet forgery prevents the transfer of data rather than delaying it.

In fact, the characterization of Comcast's packet forgery as "delaying" certain traffic is only true under special conditions, and is certainly not true in general. We can think of only two examples of such special conditions:

If Comcast does not jam connections all of the time, and the software that is being jammed keeps reattempting its connections indefinitely, and the user doesn't give up and close the software, then the packet forgery would have had the effect of merely delaying a certain communication.
If a non-Comcast user named Alice was trying to download a file over BitTorrent, and that file was seeded by a Comcast user named Charlie and another non-Comcast user named Delilah, then even if Alice's connection to Charlie is jammed, she might still be able to download the file from Delilah. Comcast might argue that Alice's download is only "delayed" (i.e., she was forced to download the file more slowly from non-Comcast customers) rather than prevented altogether.
In circumstances other than these special cases, Comcast customers will not experience the interference as a "delay"; their software will simply not work.

What Is So Bad About Comcast's Actions?One objectionable aspect of Comcast's conduct is that they are spoofing packets — that is, impersonating parties to an exchange of data. Comcast is essentially deploying against their own customers techniques more typically used by malicious hackers (this is doubtless how Comcast would characterize other parties that forged traffic to make it appear that it came from Comcast). In this sense Comcast is behaving worse than if they dropped a proportion of packets under congested circumstances in order to throttle bandwidth usage, or even if they blocked certain ports on their network. In other words, Comcast is essentially behaving like a telephone operator that interrupts a phone conversation, impersonating the voice of each party to tell the other that "this call is over, I'm hanging up."

It might be argued that Comcast is primarily deceiving computers, rather than human beings, but humans may be misdirected and forced to cope with Comcast's deception. The failure of packets to convey the meaning specified by the protocol means that human beings will get misleading messages from their software ("remote host closed connection," as opposed to "connect blocked" for instance). It also means that programmers cannot rely on standards to ensure that their software responds in a manner appropriate to the circumstances. If ISPs continue to forge and inject RST packets, for example, programmers will have to ask themselves "does an RST packet at such and such a moment mean that an old TCP connection is still active, or that the other end doesn't want to talk, or that some ISP is interfering"? In other words, ISPs could become an omnipresent adversary that developers have to constantly worry about when writing their code.

Comcast's conduct also threatens innovation by undermining the end-to-end principle.18 The Internet has enabled a cascade of innovations precisely because any programmer — whether employed by a huge corporation, a startup, or tinkering at home for fun — has been able to create new protocols and applications that operate over TCP/IP, without having to obtain permission from anyone. Comcast's recent moves threaten to create a situation in which innovators may need to obtain permission and assistance from an ISP in order to guarantee that their protocols will operate correctly. By arbitrarily using RST packets in a manner at odds with TCP/IP standards, Comcast threatens to Balkanize the open standards that are the foundation of the Internet.

Comcast's interference is potentially troubling as well to the extent it may hobble potential competitors deploying next-generation video distribution services. BitTorrent Inc., for example, now distributes films under license from Hollywood movie studios19 and thus competes with Comcast's cable TV products. Similarly, Vuze, which recently filed a petition with the FCC for rule-making regarding Comcast's interference practices, also sells downloads from a huge library of licensed content, using BitTorrent as a distribution mechanism.20 Other companies and products, such as Joost and Miro, also rely on P2P protocols that are similar to those that are being impeded by Comcast. Efforts undertaken by Comcast that interfere with the ability of these next-generation competitors in the video distribution marketplace are cause for concern.

What About "Network Management"?Comcast has asserted, without any details, that its actions are necessary for managing the impact of high-volume users who cause congestion on their cable networks. Based on the information Comcast has disclosed, it does not appear that this presents a compete picture of Comcast's activities, nor does it adequately justify them.

It is true that some broadband users send and receive a lot more traffic than others, and that interfering with their traffic can reduce congestion for an ISP. This does not imply that protocol-specific packet forgery is a necessary or legitimate means of responding to the congestion; there are more reasonable mechanisms available to ISPs to ensure that low-volume users are not crowded out by high-volume users, which we discuss below.21

Furthermore, in our testing, we saw no evidence that Comcast was targeting their jamming efforts at customers based on their individual consumption of bandwidth. For example, an attempt to seed a 500KB file to a single BitTorrent downloader, instigated after the seeding Internet connection had been idle for the preceding day, triggered the injection of forged RST packets. The pattern of interference by Comcast was exactly the same after the user had uploaded 500MB or so of data over the following day. If Comcast had carefully engineered its interventions to prevent certain users from contributing disproportionately to network congestion, we would expect to see jamming only after subscribers consumed large amounts of bandwidth, or when they were participating in large numbers of connections in a short period of time.22

There are methods available to Comcast to limit the amount of traffic that P2P software transmits on their network, without preventing any categories of connections, interfering with any protocols, or forging packets. For example, ISPs can implement dynamic per-user traffic shaping. They can set a limit on the amount of data per second that any user can transmit on the network. They can also set these limits on a dynamic basis, so that (1) the limits are gradually relaxed as the network becomes less congested and vice-versa and (2) so that the limits primarily slow the traffic of users who are downloading large to very large files that take minutes to transfer. We have observed Comcast to take most of these steps in managing their cable networks, but in our testing, we have never seen them make the kinds of dynamic adjustments to their rate limits that would be necessary to gracefully avert severe network congestion.23 This suggests — though it cannot prove — that even if Comcast began forging RST packets in response to problems with network congestion, they did not exhaust the reasonable, user-friendly, and standards-compliant responses before they began taking decidedly less reasonable measures.

Whatever congestion control mechanisms an ISP may choose to deploy, it is critical that it informs consumers of the limits that such mechanisms will impose on their Internet access. Unfortunately, ISPs frequently advertise their services as "unlimited," unmetered Internet connections. Subscribers who purchase "unlimited Internet access" have no reason to expect that particular applications or protocols will fail based on protocol-specific interference by their ISPs. In fact, increased transparency in the market for Internet access may encourage marketplace solutions that encourage customers to sort themselves into high- and low-bandwidth groups.24

What Countermeasures Are Available Against Comcast's Interference Activities?Individual users have few (if any) options to unilaterally defend themselves against Comcast's packet forgery. Collectively, however, the community of users and software developers may be able to develop effective countermeasures against Comcast's current interference activities, although the costs of deploying these may be high.

Individual users cannot do much to protect TCP connections against RST spoofing, because the forged packets are being sent in both directions. Although Alice might be able to configure a firewall to recognize and intercept Comcast's forged packets before they affect the state of her computer's network communications, there is no way she can ensure that Bob has gone to the same lengths. Moreover, Alice acting alone may have difficulty filtering out Comcast's forged RST packets without the risk of also blocking RST packets that were legitimately sent by the parties with whom she is communicating. The use of cryptography offers another possible countermeasure, but it again requires that Alice secure Bob's cooperation before it can be deployed.

Because unilateral RST filtering and encryption are ineffective, the only feasible option for end users is to find protocols, or alternative use-cases for their existing protocols, that are not blocked by Comcast. For example, users intent on sharing large files could opt to do so using email attachments or Lotus Notes, assuming Comcast is not interdicting those protocols. Of course, Comcast could begin interfering with other protocols at any time.

Software developers have more options than individual users to defend traffic against RST spoofing. Their strongest card is cryptography. By modifying the software that both Alice and Bob run, software developers can ensure that both Alice and Bob use the same encryption system. Encrypting traffic theoretically lets them authenticate the authorship of each packet, ensuring that none of them are forged, and prevents ISP intermediaries from telling which protocol a particular connection is using. If ISPs cannot identify the protocol a particular connection is using, they cannot directly discriminate based on protocol.

In practice, achieving this outcome may be difficult and costly for software developers. On top of the engineering required to implement an encrypted variant of existing protocols, there are numerous other considerations. For example, developers will have to find an adequate public key management system for P2P protocols; they may also have to employ low level cryptographic protocols (such as IPsec) to effectively disguise the underlying protocol being used, requiring changes to the user's operating system. They may also need to design their applications to resist ever more determined "traffic analysis" attacks by ISPs seeking to determine what protocols and kinds of data subscribers may be using.25 This "arms race" may ultimately force ISPs to rely on dynamic, protocol independent traffic shaping — something Comcast could implement today.

By Peter Eckersley, Fred von Lohmann and Seth Schoen

Packet Forgery

---

LETS BEGIN IN 2010

Yes, I subsribe to EFF and had read the articles.

The point Ned and I have been driving at is that BB providers have long had the means to manage bandwidth concerns virtually from day one without having to resort to packet injection (which is nothing new BTW) to do it.

Therefore, one must conclude the motivation behind it lies somewhere else. Since no one here is disputing the fact that there are legitmate uses for P2P applications, lets face it, the vast majority of traffic on P2P networks is technically illegal (whether it should be is another matter entirely). As a result, the ISP has every legal right to interfere with anything it deems as 'suspicious' traffic in any way they see fit when it comes to passing it over their their network.

As the authors point out, the only real you solution you have is to pass the traffic through an encrypted 'tunnel' so that the ISP would have no way to make a determination about the underlying protocols in use to implement the filter. I find it highly unlikely they would resort to wholesale blocking of encrypted traffic for obvious reasons.

Personally I think their arguments about the definition of 'unlimited' are kind of silly, since one can find a plethora of similar marketing hyperbole in all walks of life.

Alinator

Because unilateral RST filtering and encryption are ineffective, the only feasible option for end users is to find protocols, or alternative use-cases for their existing protocols, that are not blocked by Comcast. For example, users intent on sharing large files could opt to do so using email attachments or Lotus Notes, assuming Comcast is not interdicting those protocols. Of course, Comcast could begin interfering with other protocols at any time.

<snipped>

Packet Forgery

Again, going back to Comcast's Terms-of-Service:

If two users want to swap files, and one of them sends a file to an FTP server "out there" (or even on a Comcast-hosted FTP server) and the other person picks the file up, that's completely legitimate.

My big problem with what the EFF is saying is that Comcast does not have the right to enforce their ToS -- or to extend a little bit, that contracts are not binding.

I'll reiterate: Comcast should not spoof packets because it does not work. It probably makes things worse by wasting even more bandwidth. They should refuse service to users who violate their ToS.

---

Therefore, one must conclude the motivation behind it lies somewhere else. Since no one here is disputing the fact that there are legitmate uses for P2P applications, lets face it, the vast majority of traffic on P2P networks is technically illegal (whether it should be is another matter entirely). As a result, the ISP has every legal right to interfere with anything it deems as 'suspicious' traffic in any way they see fit when it comes to passing it over their their network.

The biggest issue with Torrent is that it looks like a distributed denial of service attack.

You want to download a movie and you want to get it quickly, your torrent (is it a client or a server?) connects to a whole bunch of other torrent users, and each one starts sending you a segment from the file. The application then assembles the chunks into one big hole.

What I see as a service provider is a whole great ruddy stack of packets coming from every which way at high speed, and converging on my router, possibly faster than my wire speed.

With enough packets, nothing gets through. In fact, it's the same argument I've given that BOINC needs to back off more so that we don't get the kind of "server crush" we've got right now. The BOINC client is effectively a DDoS tool against the SETI servers at Berkeley.

If Torrent throttled just a little bit more, if it was a little bit more network friendly, we wouldn't see people like Comcast rebelling against it.

Thankfully, I'm not in the business of providing bandwidth, so I don't have to deal with it. I can keep Torrent off of my network easily.

---

The biggest issue with Torrent is that it looks like a distributed denial of service attack.

<snip>

Thankfully, I'm not in the business of providing bandwidth, so I don't have to deal with it. I can keep Torrent off of my network easily.

Good point. I haven't messed with BitTorrent in awhile, forgot about that aspect about its technology.

So there's one technically valid reason to terminate a torrents TCP connections to residential service without notice.

Alinator

<edit> BTW, I read the full AUP from Comcast you posted the link for earlier. That's where I came to the conclusion that if they chose to fully enforce all terms to a strict interpretation, they might have about 2 residential subscribers left after all was said and done. ;-)

Alinator

The biggest issue with Torrent is that it looks like a distributed denial of service attack.

<snip>

Thankfully, I'm not in the business of providing bandwidth, so I don't have to deal with it. I can keep Torrent off of my network easily.

Good point. I haven't messed with BitTorrent in awhile, forgot about that aspect about its technology.

So there's one technically valid reason to terminate a torrents TCP connections to residential service without notice.

Alinator

<edit> BTW, I read the full AUP from Comcast you posted the link for earlier. That's where I came to the conclusion that if they chose to fully enforce all terms to a strict interpretation, they might have about 2 residential subscribers left after all was said and done. ;-)

Alinator

For my customers, I really only have one rule: don't get my attention.

From that everything else follows: use up more than your fair share of bandwidth, expect to see a change in your monthly rate to reflect that (we don't set explicit limits, and we've never needed to enforce that), we've also lowered a few based on light usage.

Our "no nudity" rule follows from the "don't get my attention" rule -- not opposed to nudity, just don't like the bandwidth it consumes.

The point of having rules is simple: if one customer pays 1% of your monthly cost of doing business, but drives off the rest of your customers, you won't last long when all is said and done. ;-)

Comcast is justified.

---

For my customers, I really only have one rule: don't get my attention.

From that everything else follows: use up more than your fair share of bandwidth, expect to see a change in your monthly rate to reflect that (we don't set explicit limits, and we've never needed to enforce that), we've also lowered a few based on light usage.

Our "no nudity" rule follows from the "don't get my attention" rule -- not opposed to nudity, just don't like the bandwidth it consumes.

The point of having rules is simple: if one customer pays 1% of your monthly cost of doing business, but drives off the rest of your customers, you won't last long when all is said and done. ;-)

Comcast is justified.

LOL...

Agreed, like most things in life, if you go looking for trouble you'll most likely find it! :-)

Alinator

On P2P file sharing how is that any different than a person sharing a book, video or game to another person? Example: A person that has bought a CD he tells a friend about the CD he bought. That friend says I would like to listen to that CD when your done.

To me that is sharing music!!

---

LETS BEGIN IN 2010

On P2P file sharing how is that any different than a person sharing a book, video or game to another person?

Easy, in all those cases as long you're 'sharing' the original copy of the media, you don't have access to it while the other person is using it. Also, when the other person returns it to you, they've lost their access to the content.

In addition, the act of physically transferring the media to the other party implies a private, personal, non commercial relationship between the parties in that context.

All of those and other factors are what distinguish fair use from copyright infringement.

I think it should be pretty clear that publically offering your media files online to anyone in the world who happens by doesn't meet the requirements of fair use for copywritten material.

Alinator

<edit> One other historical note to keep in mind is that back in the old Analog days, you paid a royalty (here in the US at least) to RIAA for every cassette, cartridge, and reel of audio tape you purchased to compensate copyright holders for the obvious and unpolicable infringement which did, is, and will continue to go on. I'm pretty sure that applies to MPAA and videotape as well.

Perhaps if the IT industry hadn't made such a big stink about it when the entertainment industry suggested doing the same for enduser recordable digital media we might not have the huge mess we see today. However I doubt that, since the entertainment industry has always taken the viewpoint that what's ours is ours, and what's yours is really ours too.

On P2P file sharing how is that any different than a person sharing a book, video or game to another person? Example: A person that has bought a CD he tells a friend about the CD he bought. That friend says I would like to listen to that CD when your done.

To me that is sharing music!!

What we're talking about here is "Copyright" -- which is by definition the right to make copies.

Under copyright law, If I create a work (a novel, a textbook, music, sculpture, painting, software, whatever) then I have the sole right to control how copies are made.

Books are the easy case: I write a book, I grant my publisher a license to print copies and you buy a copy. Under the doctrine of first sale, you now have the right do with it whatever you wish, read it, sell it, burn it, whatever, with one exception -- you can't make another copy of it.

With file sharing, you don't give up your copy when someone else downloads it.

... and if you don't have the explicit right to make new copies, then you are in violation of U.S. and International law.

---