Comcast Admits Delaying, Not Blocking, P2P Traffic

haibijon writes "The executive declined to talk in detail about the technology, citing spammers or other miscreants who might exploit that knowledge. But he insisted the company was not stopping file transfers from happening, only postponing them in certain cases. He compared it to making a phone call and getting a busy signal, then trying again and getting through."

Sure, Comcast.

[EveryNickIsTaken (1054794)]

On that note, I'm not "cancelling" my service with you. I'm merely "delaying" signing back up with your company (indefinitely).

Re:

[Mille Mots (865955)]

I think a more apt analogy would be something like, "I'm not refusing to pay my bill. Think of it as having the check returned for NSF and then having to resubmit it and it goes through." I'm sure that they wouldn't have a problem with that, considering all the Nigerian scammers out there trying to get your routing information.

Re:Laughable concept, post-dating

[Hellkitten (574820)]

Back in the olden days, when people used to write checks, a friend of mine used to make his phone bills payable to "Adolf Hitler" and "Ayatollah Khomenei" and they all went through, every one of them.

That's because they both work for the phone companies

Re:

[elrous0 (869638)]

I wonder if they would accept their customers delaying their payments. "Don't worry Comcast. We're not STOPPING our payments. We're just DELAYING them."

Re:

[Merk (25521)]

Speaking of canceling your service, it sounds like a good time to talk alternatives. I, like many people here I'm sure, want a service that gives me the following:

• A static IP (or multiple static IPs)
• Honest usage caps, if it's unlimited, it's unlimited and maybe I pay a bit more. If it's limited, I want to know the limits
• High bandwidth, low latency
• No packet filtering or port blocking
• The option to run servers (web, mail, game, etc.)
• Something not too expensive (i.e. I don't want to pay for "business

"Postponing..."

[InvisblePinkUnicorn (1126837)]

So they're not actually stopping the transfers, they're postponing them indefinitely.

*Sigh of relief*

Re:"Postponing..."

[dunkelfalke (91624)]

it's not dead, it's resting ;-)

Re:"Postponing..."

[Adambomb (118938)]

It is an Ex-Packet!

I'm not delinquent in paying my bill

[mandark1967 (630856)]

I'm just delaying it...I tried to put my payment in the mailbox and there were other letters there so I waited until it was less congested....

Cool

[Rik Sweeney (471717)]

That'll please everyone trying to download the latest version of Ubuntu. Just to make sure this doesn't happen in the future I'll hammer the server directly.

But enough of my whining, Prison Break was on last night...

Re:

[speaker of the truth (1112181)]

But enough of my whining, Prison Break was on last night...

And apparently now its on your computer. I guess someone isn't with Comcast.

He compares it to a phone call....

[OctoberSky (888619)]

I compare it to paying a gym membership, heading towards the treadmill only to be stopped by a trainer and told there is someone on it already. You look, see no one is on it, ask again and are allowed to use it. Sometimes the trainer comes over and tells you that you have to get off for someone else. Everytime you get off, no one else gets on. So you have to restart your workout whenever the trainer asks.

Re:He compares it to a phone call....

[by Anonymous Coward]

what is this "gym" you speak of?

Re:

[Dunbal (464142)]

I hear you have to go OUTSIDE to get there. Don't do it, it's too risky!

Oh, and tell mom to buy another case of Mountain Dew, I'm running out.

Re:He compares it to a phone call....

[rtb61 (674572)]

I see it more like a courier. You call a courier, put you package in the van and away it goes travelling down a Comcast owned toll way. Along they way a bunch of Comcast hijackers jump out from behind a bush, pull the van over, grab your package and throw it into a ditch. The van driver informs you your package has been dumped, doesn't tell you exactly why, and you have to call another courier a hope this time the package makes it.

By the way, you get charged each and every time the courier drives on the Comcast toll way, even when the additional traffic is as a result of their, fraudulent actions. The actions are fraudulent because, it is costing you in additional computer time, in additional energy usage, in your lost time and of course additional traffic charges (all traffic counts especially when unlimited, ain't really unlimited).

Makes me wonder

[The-Ixian (168184)]

if they are simply port blocking or doing deep packet inspection. If it is the former I would think it would be pretty easy to circumnavigate...if it is the latter....then I suppose SSL would be the solution.

Re:

[by Anonymous Coward]

SSL isn't going to protect against a man-in-the-middle attack unless you're verifying certificates. That means web pages are likely safe from manipulation by some intelligent equipment in the middle, but it seems unlikely that bittorrent nodes have certificates signed by a CA (otherwise, the device in the middle can just make its own self-signed cert as needed and you'll never know).

I'm pretty sure that equipment already exists which can do that for encrypted bittorrent traffic.

Re:Makes me wonder

[norton_I (64015)]

Technically that is certainly true. You could make the legal argument that presenting a certificate as belonging to another organization if fraud.

Not that it matters for the moment. Comcast can't currently afford to intercept all SSL connections, inspect the certificate to see if they can forge it, and proxy the connection just to do packet inspection.

Furthermore, I think you can prevent that. Essentially, create a new "CA" key whenever you create a .torrent file, and include the public key in the .torrent. Then, on-the-fly build a chain of authority stemming from that key. Then, whenever you get directed to a new peer, the message includes a public key for that peer, signed by your current peer, and so forth. Even if comcast tries to join the network to disrupt it, they can't disrupt communication between nodes when the chain-of-authority does not use their keys, and if tampering is detected, their keys can be revoked, un-authenticating any bogus keys they have generated and signed.

Sounds like a fun project, actually, assuming it doesn't already exist.

Re:

[evilviper (135110)]

Comcast can't currently afford to intercept all SSL connections, inspect the certificate to see if they can forge it, and proxy the connection just to do packet inspection.

No need for that:

Require all users to add and authorize Comcast's cert.
Proxy all SSL/TLS connections.
Block all other encrypted traffic.

Even if comcast tries to join the network to disrupt it, they can't disrupt communication between nodes when the chain-of-authority does not use their keys,

What? Why would they need to "join" bittorrent i

Re:

[Bender Unit 22 (216955)]

No they just (start) to throttle all encrypted communication. Didn't we hear about an ISP who did/does this?
And/or they buy a device like the netenforcer http://www.allot.com/ [allot.com] which the manufacturer claims can throttle torrent traffic.

Re:

[muffen (321442)]

They are probably just using some type of QoS that throttles P2P traffic so it doesn't exceed X% bandwidth usage.

Re:

[justthinkit (954982)]

I think this would be preferable to what they are doing. Comcast is telling each side "The other side hung up". Limiting P2P to a certain % would still allow some P2P to happen. Then, night time would be a productive time to download a Ubuntu 7.1 DVD iso, for example -- no one is awake, no other internet traffic is happening, go for it.

If all ISPs did this, and advertised the percent cap...ok, my pie in the sky just fell on my head.

Re:Makes me wonder

[walt-sjc (145127)]

From what I understand, they are forging packets that make your BT client think that peers have hung up on you. Since they (comcast) are the man-in-the-middle, they can easily perform these types of attacks.

And that's what this is. An attack. QOS would just slow things down, this kills. I don't mind QOS. I do mind active damage.

It's time to take p2p to the next level - implementing some of the concepts of the old freenet (the encryption part) and make the traffic unidentifiable. Maybe move it to UDP and make it look like DNS. Or Skype.

Re:

[Andy Dodd (701)]

I agree.

What the Comcast rep is describing in the article sounds like QoS - Any time there's a queue in a router somewhere, BT traffic goes to the back of the line. The end result is that if the network is being heavily used for other more latency/bandwidth critical uses, BT slows down, but if you use BT at 4 AM when no one else is using the network it'll be nice and fast.

What Comcast is actually doing is forcing connections to close if they have certain traffic patterns, regardless of whether or not the n

Re:

[Husgaard (858362)]

From what I understand, they are forging packets that make your BT client think that peers have hung up on you.

Technically this means they are lying to the customers using BT. And the purpose of their lying is financial gain.

But isn't this the definition of fraud? Why is nobody going to jail for this?

Re:

[BosstonesOwn (794949)]

To make a point in spite of killing my ability to mod, what happens when they just start wiping out encrypted packets next ? One cable started throttling encrypted traffic as well and basically killed vpn for every one.

The idea f this being a cat and mouse game should be absurd , they should stop mangling any data and design capacity to handle this issue. Move on to docsis 3.0 and then keep the uploads where they are , maybe see if bonding upstream channels are possible to loosen the network up a little.

The

Merely delaying the packets - beyond the TTL

[GuyverDH (232921)]

Sorry about that - oh, did your precious cargo expire?

What, you were transporting critical medical records via Torrent? and someone died? Too bad - we were preventing you from pirating movies / music / software.

See, the problem here is that they cannot know what is being transported. The protocol by itself is not bad. If that were the case, they'd have to block TCP/IP - as all bad things over the net come through via TCP/IP - of course - all good things come that way too....

Re:

[BlowHole666 (1152399)]

TCP/IP - of course - all good things come that way too....

Yes like my porn, and that order for my new wife.

Delaying, not blocking my check?

[FlopEJoe (784551)]

So I should be able to delay, but not block, my payment check to them?

First Class or Coach?

[hyades1 (1149581)]

This sounds a lot like getting the camel's nose into the tent. Once it's established that there are two or more "classes" of information, and those classes can be treated differently, there's endless opportunities to make some customers "a little more equal" than others. And charge them a premium, of course.

I'm thinking of an airline that's planning to ensure that if you fly coach, your bags will be the last ones off the plane.

Re:

[CRCulver (715279)]

I'm thinking of an airline that's planning to ensure that if you fly coach, your bags will be the last ones off the plane.

You must be thinking of them all, then, since it was established in the discussion to that story that most airlines have offered these services for years already.

I've noticed this behavior

[Maestro485 (1166937)]

I like to leave my Slackware downloads seeding just for the hell of it, and I've noticed that Comcast doesn't exactly block the traffic but does something similar to what this article describes. During certain hours (typically mid-morning and evening, roughly), all torrent activity will cease for a minute or two and then resume normally. This only happens at certain "peak" times and usually rather infrequently. Torrent speeds are generally quite good later on at night and on the weekends.

Not that I agree

False advertising?

[DoofusOfDeath (636671)]

Does Comcast advertise very high transfer speeds? Because if they advertise that, knowing that they intentionally force lower speeds for some kinds of traffic, that sounds like fraud.

Comcast is still lying -- and not just about this

[Arrogant-Bastard (141720)]

As has been noted in numerous places, Comcast isn't just forging RST packets to disrupt P2P traffic -- they're also doing it to disrupt Lotus Notes traffic...which makes the "we're doing it to stop the bad guys" excuse a transparent lie.

Moreover, disrupting P2P traffic will have no effect on "spammers and other miscreants", as they have far more sophisticated, self-organizing C&C methods already deployed. (No doubt having anticipated that use of traditional P2P would leave them vulnerable to such countermeaures.)

But the truly galling part is that Comcast continues to repeat the same big lie they trotted out years ago: "We take the spam problem seriously". This is utter nonsense, of course; spam emission levels from their network continue to steadily increase, as they have for half a decade, to the point where their only serious rival for the #1 spot on the world's list of top spam-sending network is Verizon.

So what this episode tells us is that Comcast has the capability to monitor and modify traffic, but only chooses to do so when it might affect their profits -- not when it might could the unceasing flow of abuse outbound from their network.

Re:Comcast is still lying -- and not just about th

[Lumpy (12016)]

Last friday they had a large layoff in their Ad sales division. I know of several people that lost their job there and many said they did this country wide, gutting lots of jobs.

Funny though, they did not trim the fat. Lots of middle management still there that really are not needed.

Me thinks Comcast is circling the toilet bowl. still on the outer edge but we all know the spiral is a logarithmic one.

I'm waiting for the next round on the CableTV side (oh yea it's coming!). I have a bunch of friends there

Lets be realistic

[packetmon (977047)]

You don't like it leave. Its that simple. Maybe if Comcast customers started leaving in drones, Comcast would re-think their insane policy. Anything else is akin to whining like a child because you can't have the toy you wanted. If your phone company DID decide to pretend they were you and pick up and hang up your call what would you do. 1) Sue 2) Find new phone company. For those in a place where you're trapped in with solely one provider, I feel your pain. Maybe people need to start calling their local po

Just shy of the bullseye...

[glindsey (73730)]

He compared it to making a phone call and getting a busy signal, then trying again and getting through

Hey, good phone analogy, but you're not quite right, Mr. Comcast Executive. Let me try to lend you a hand: it's like already being on a phone call and having it dropped in the middle of your conversation. Over and over and over. And it makes you so angry you vow you're going to cancel your service and switch to a competitor, except you can't, because they're the Phone Company, the only game in town.

At least, that's the way it works for a huge portion of Comcast's service area, including large swaths of Chicagoland.

Technically they are blocking

[JoeCommodore (567479)]

If they terminate a connection from happening they are blocking it. It may be OK to them to call it 'delaying' but technically the connection is blocked initially.

Should have used tubes...

[MosesJones (55544)]

Comparing with a phone service is correct, if they did this to a commercial customer and deliberately stopped a certain percentage of calls that had to then be re-dialled they would be accused of blocking calls.

He should have said "its like a set of tubes its just that P2P traffic is heavier so it sinks to the bottom, and as everyone knows with rivers they flow slower at the bottom so we aren't delaying them its just that P2P traffic is like a Pike, its a heavier fish that swims at the bottom while the normal internet stuff is like a salmon at the surface. Pike also eat cute little ducklings so P2P is evil"

nothing new for canadians

[whydotheydothat (1178245)]

Rogers does that in Canada on a regular basis. When I called them up, they admitted they block bit torrent. I asked them why don't they do this AFTER i use all my "unlimited" 60GB/month ($50)? No answer. Go figure.

A Low Tech Load Balancer?

[tgatliff (311583)]

Sounds like a low tech form of load balancing... Dont these guys have the money to buy a good traffic shaping device? :-)

I do understand that many people might have bad experiences with the Comcast broadban, but I really like Comcast where I am. I have several VPN tunnels setup across multiple offices which is very nice and stable. Also, most of the time there speed is outstanding as long as my traffic shaping is good on the outbound side.

Bad analogy..

[bleh-of-the-huns (17740)]

I disagree with comcasts analogy. Its not like getting a busy signal, its like an operator coming on the line mid conversation and tell both partys please try again later and disconnecting them. The busy signal occurs when you initiate the call and the receiving end is busy an unable to answer. What they are doing is at a certain threshold (that no one knows of course), getting into the middle of the connection, pretending to be each other, and disconnecting the connection.

A better analogy for comcast to use would be something along the lines of we are promoting identify theft by pretending to be the recipient and closing your connection so we can redirect the traffic and steal whatever you are downloading :) (okay the last paragraph is sorta absurd.. but still it amused me when I read that back to myself so it stays)

The obvious solution

[Danathar (267989)]

Well obviously if this is affecting you should drop Comcast and chose from the 3 or 4 other major broadband providers that can provide megabit service to your home.

Oh..that's right...there aren't any other major providers in your area....

Forged RST Packet Traffic Shaping

[Agripa (139780)]

I am not blocking forged RST packets from Comcast IP addresses. I am just placing them into a very long delay queue in my traffic shaper.

Re:

[mikeee (137160)]

That's clever. What you really want is a router/NAT in front of your home net that held incoming RST packets for, say, 250ms, and then dropped rather than forwarding them if they were followed by data packets. (Any of the current traffic-shaping modules easily capable of this?)

Comcast could still *block* the connection, but then they'd have to be using some kind of statefull firewall, which is much more expensive and doubtful to be worth the bother.

Bad Analogy

[SeaFox (739806)]

He compared it to making a phone call and getting a busy signal, then trying again and getting through.

In the case of getting a busy signal, the party you are trying to reach is already on the phone, thereby denying you the ability to reach them.* This is more like you try to call someone and get the "all circuits are busy" message, then try again and get through. The point is in the example he used, the reason you can't connect is because of the answering party, not your phone company. Which closer to what is happening. And getting the "all circuits is busy" message is a sign of too little capacity, and considered poor service. Which is really what's going on at Comcast, too.

------
* We'll ignore CallWaiting, and the fact most phone companies let you have two calls running at the same time, alternating between them. Heck on some can combine them into a conference call on the fly.

Re:

[Dunbal (464142)]

Ok, I'm sufficiently braced for the "You're a bloody pirate!" comments.

      No, most slashdotters realize that you are doing all you can to fight global warming...

Re:

[Technician (215283)]

AT&T rolls out their FIOS and suddenly all these anti-Comcast articles start showing up.

Actualy, ATT roll out is not important for most of the US as it hasn't hit our state, city, neighborhood, street, house yet. It's about as important to this as the rain in New Orleans or the fires in LA. It just happened to be near the same time frame.

The real issue is the new version of Ubuntu came out. The server mirror overloaded. My download died at 80%. I used the mirror because Bit-torrent would have take

Re:Interesting (...speaking of FIOS)

[Arrogant-Bastard (141720)]

It's possible to track FIOS rollouts merely by noting spam sources whose rDNS matches it, e.g., "*.fios.verizon.net". To date, this has been a 100.00% indicator of spam. For example, in the last few minutes, one of my mail servers has observed the following:

pool-70-104-193-136.nrflva.fios.verizon.net
pool-71-170-157-58.dllstx.fios.verizon.net
pool-71-178-175-162.washdc.fios.verizon.net
pool-71-180-67-156.tampfl.fios.verizon.net
pool-71-187-176-23.nwrknj.fios.verizon.net
pool-71-245-227-130.bstnma.fios.verizon.net
pool-71-245-247-31.nycmny.fios.verizon.net
pool-71-245-74-238.prvdri.fios.verizon.net
pool-71-251-69-183.tampfl.fios.verizon.net
pool-72-64-87-227.dllstx.fios.verizon.net
pool-72-66-1-223.washdc.fios.verizon.net
pool-72-75-227-248.bflony.fios.verizon.net
pool-72-90-121-2.ptldor.fios.verizon.net
pool-72-94-19-223.phlapa.fios.verizon.net
pool-72-95-136-185.pitbpa.fios.verizon.net
pool-96-229-80-50.lsanca.fios.verizon.net

That's a mail server with one user. Production mail servers with tens of thousands of users typically note 5000-10000 such systems every day.

So from here, it appears that new FIOS rollouts are being 0wned nearly as quickly as they're connected, and that they're staying 0wned. I'm sure the spammers are quite pleased with the quality service provided by Verizon et.al.

Re:

[Dunbal (464142)]

Get this, they updated our cable box and gave us $20 off for a year!

      The natives were happy when they got beads and trinkets, too.