Comcast Confirmed as Discriminating Against FileSharing Traffic

An anonymous reader writes "Comcast has been singled out as discriminating against filesharing traffic in quantitative tests conducted by the Associated Press. MSNBC's coverage of the discovery is quite even-handed. The site notes that while illegal content trading is a common use of the technology, Bittorrent is emerging as an effective medium for transferring 'weighty' legal content as well. 'Comcast's technology kicks in, though not consistently, when one BitTorrent user attempts to share a complete file with another user. Each PC gets a message invisible to the user that looks like it comes from the other computer, telling it to stop communicating. But neither message originated from the other computer -- it comes from Comcast.'" This is confirmation of anecdotal evidence presented by Comcast users back in August.

Any World of Warcraft users...

...noticing problems downloading the patches on Comcast?

Just wondering since WoW uses Bittorrent to distribute its patches (one example of a very legitimate use).

Encrypt Everything

They're basically doing this with a "man in the middle" attack by sending false messages to both parties in the communication, pretending to be the other. This is why all net traffic needs to be encrypted and signed.

Illegal forgery and defense

It likely is illegal.

Just because it is their network DOES not give them the right to FORGE IP packets to look as if they come from elsewhere.

That would be like a courier service forging documents from 2 people wanting to communicate saying "Stop sending documents" if they didn't want them to talk. They'd never do something that stupid, and if they did, they couldn't get out of charges by saying they were only forging documents through their service.

Forgery is illegal. Someone who had a forged RST packet sent in their name should have forgery charges pressed and sue for impersonation.

A technical defense is to block RST packets. Probably not hard to do under Linux, and likely trivial.

Re:Illegal forgery and defense

A technical defense is to block RST packets. Probably not hard to do under Linux, and likely trivial.

Also probably very silly to do. And won't work unless both ends of the communication are doing it.

Re:Illegal forgery and defense

A technical defense is to block RST packets. Probably not hard to do under Linux, and likely trivial.

Sure you could modify the source to ignore the RST flag, but that would probably completely hose your networking, since it's sort of an integral part of TCP/IP functioning. Sometimes the packet with FIN set does get lost.

I guess it might work for a while until you ran out of memory for tracking state of all the connections that never close. :D

World of Warcraft

If one wishes to find a legitimate example of bittorrent sharing of legitimate files, one need look no further than the largest MMORPG on the market - World of Warcraft. Patches are automatically (assuming the user doesn't disable the feature) downloaded using bittorrent. And Blizzard is more than aware of and approving of this, given that they programmed the feature. Needless to say, I think any internet service provider who disrupts a consumer's legitimate use of their internet connection is a service provider that doesn't deserve the consumer's money...

Encryption

In my experience, bittorrent transfers are much faster on my Comcast connection when I choose to encrypt them. That suggests to me that Comcast is indeed throttling normal bittorrent traffic.

Re:Encryption

If you're using a decent client like uTorrent, Azureus, KTorrent, or Deluge, just check the options.
 
  encryption is useless in this case, however, since bittorrent traffic is obvious to an intelligent packet shaper such as the Sandvine systems that Comcast uses. Bittorrent usage generates a very distinctive signature even if you just look at the volume ant timing of packets. Once it figures out you're using bittorrent, it just needs to send the RST packet, which will have the same effect regardless of encryption: Your client will think that the remote peer closed the connection.

Not just P2P traffic

I've posted this before, but it's pertinent and bears repeating, it's not just P2P traffic that Comcast is filtering. A sysadmin I know has been blogging on Comcast filtering corporate e-mail traffic as well.

http://kkanarski.blogspot.com/2007/09/comcast-filtering-lotus-notes-update.html [blogspot.com]

Title Inapt

When I read the words "discriminating against" I assumed that Comcast was simply giving higher priority to non-bittorrent traffic. Given what they are doing, I think "interfering with" would be better language. This isn't just a passive downgrading. This is active blocking.

Fix to comcast.

Set your bittorrent client to only use encrypted traffic. It fixes comcast's little red wagon fast.

Almost all up to date bittorrent clients support this.

Doesn't the very act of policing content

make them somewhat responsible for what content is on their network?

"Hello, RIAA. I have reason to believe Comcast is allowing illegal music trafficking to occur."

It's Comcastic!

Comcast... Where?

Comcast is in many different cities - each office running independently of all others. Which offices are blocking bittorrent? I use it all the time, on Comcast, without any trouble. I have more issues at work (with traffic shaping junk) than Comcast. So, I do not see how this is a company-wide problem. It may be something only used in problematic areas.

I'm outraged!

This is the worst Internet injustice since the last thing that had Slashdot's panties in a wad. And that one was so horrible that everyone forgot about it.

What would be nice

If I remember correctly, Comcast says that something like 1% of the user base causes 15% of the bandwidth, etc. Therefore, they throttle the thing that takes up the most bandwidth (torrents), in the name of helping out all the other users.

However, I would love to see stats on what percentage of their users actually use bittorrent. Until someone can prove that more than 1% use it, they can use that argument and 85% of people will shout"Yeah, more bandwidth for me, screw those pirates", without realizing the legitimate torrent uses (such as linux distro rollouts, patches as mentioned before, media defender email leaks, etc).

At leas the media is finally catching on, but until we get people to realizing that it is a slippery slope that affects them, there will not be enough uproar to stop them.

So, if we could only get our hands on how many people use it... we might be able to make some noise. Until then, the average joe will say "So What?"

Re:Common Carrier

ISPs generally don't have common carrier status.

From wikipedia [wikipedia.org]: "Internet Service Providers generally wish to avoid being classified as a "common carrier" and, so far, have managed to do so. Before 1996, such classification could be helpful in defending a monopolistic position, but the main focus of policy has been on competition, so "common carrier" status has little value for ISPs, while carrying obligations they would rather avoid. The key FCC Order on this point is: IN RE FEDERAL-STATE JOINT BOARD ON UNIVERSAL SERVICE, 13 FCC Rcd. 11501 (1998), which holds that ISP service (both "retail" and backbone) is an "information service" (not subject to common carrier obligations) rather than a "telecommunications service" (which might be classified as "common carriage")."

Re:Yea, right

It's not the legality that Comcast takes issue with, it's the use of bandwidth. You're not supposed to actually use the bandwidth you buy, you see.

Re:Yea, right

In their (partial) defense, their business model is probably something like:

- Offer a huge bandwidth that most people won't use

- Some will use it, costing us more than we charge, but that's overwhelmed by increased business by people who want the bandwidth from the ad while not actually using it

But then this happens:

- Whoops! File sharing is a Killer App that many people are using.

- On average we are now losing money.

Of course, the proper course of action is to alter their contracts (after the current ones expire) to charge more money for more use, perhaps in various rates. Yes, that will drive people to other companies who don't do this...who will also lose money.

Let the market figure it out.

Anyway, wouldn't generating fake signals to alter the operation of your applications be illegal? That's above and beyond throttling or blocking (gray enough as it is.)

Re:Subtitled: How To Lose Your Customers To DSL

After Comcast loses all their customers to DSL, will they complain about [whatever DSL company]'s unfair monopoly advantage?

This is exceptionally unlikely to happen. The social groups that Slashdot folks circulate in are not the average. I know it's hard to believe, but very few of Comcast's customers give a shit about BitTorrent of p2p, even if they where aware of their existence. Most of Comcast's customers are average low-volume (if at all) computer users who have Comcast to view television, and picked up Interweb connectivity as part of a package.

Comcast has decided that p2p degrades their system, for them it's more of a technical issue than a political one (though I'm sure the **AA Gestapo have been in touch with them).

Re:Good

Now maybe the "net neutrality isn't important because we can trust giant corporations not to screw their customers crowd" will shut up. Of course, the people getting paid to lobby or keep those bills out of Congress won't change their mind, but maybe regular people will. And that's a step in the right direction.

This story does make me wish I was not boycotting Comcast already though, so I could boycott it for this.

Actually, this will hurt net neutrality because everyone is getting QoS confused with Net Neutrality!

QoS is legal, and it should exist. Prioritizing classes of traffic is OK, provided the classes are generic classes of traffic (e.g., email, web, ftp, p2p, voip, etc).

Net Neutrality is compatible with QoS. What Net Neutrality proponents want isn't avoidance of QoS, but to prevent deals where if you use Windows Live Search, it comes up instantly, while if you use Google, you'll find yourself waiting a good minute for the frontpage to load up. I.e., both use the same class of traffic (web), but service is differentiated based on who can pay.

So Comcast causing Bittorrent problems is OK for Net Neutrality. But if Comcast suddenly lets Blizzard's WoW updates unimpeded while causing problems for say, Linux ISO torrents, then that conflicts with Net Neutrality.

Basically, like traffic should be treated alike. But unlike traffic may be treated differently. So if Comcast charged an extra $10 for enhanced VoIP QoS, that's OK, as long as it's for all VoIP, not just say, Vonage only, or Skype.

Net Neutrality opponents like to bleat the Anti-QoS line because it's the easiest way to spread FUD, when they really mean "Google, pay us, or we'll make your page take ages to load, while making Windows Live Search load instantly".

Re:Comcast != Common Carrier

Source quench [wikipedia.org] is an ICMP message, similar to destination unreachable but less severe. It's a way for a host to tell another host (or router) that it's sending data too fast for it to process and should back off. It was an early attempt at preemptive traffic control to throttle back before something has to start dropping packets.

There's not a whole lot of equipment that sends them, but pretty much every OS I've come across honors the messages to some extent. I don't know if the cheap NAT routers that many people use pass them along or not, though NAT in general tends to be fairly broken when it comes to ICMP.

If a man in the middle were to spoof ICMP source quench packets that looked like they came from either of the p2p nodes that were communicating, the effect would be that they would start sending data more slowly to each other. The connection would still be open, they just wouldn't transmit as fast as they could.

After reading the article it became clear that what Comcast is doing is much more evil. They're setting RST flags on packets (or maybe spoofing new packets in the right segment range with it set), which causes the entire connection to abort rather than just be slowed down. It could cause a lot of grief if their filter misidentifies something as p2p and starts shutting down the connections, as apparently happens to Lotus Notes [blogspot.com] traffic.

That last link has some good packet dumps of it happening.

Re:LOL

But we now have the "Hammer" method. Boycott the bastards, no matter what the cost.
Then when the people we use as an alternative to Comcast start to mess with us, just
DROP them too.

What a great idea! Okay, let me see, what's my alternative to Comcast? I know, DSL! Oh, wait, my house is too far from the CO, and AT&T isn't interested in expanding service in our location. Okay then, I'll go to FiOS! Oh, wait, it isn't available in my state. Alright, how about a satellite service? What's that? Half-second lag times? Well, that just about destroys any gaming or VoIP links, and costs a ridiculous amount in both startup and monthly costs, so that's out... Wireless? Nope, nothing in our area.

My choices are literally dial-up, Comcast, or nothing. And dial-up and nothing aren't really options because I often have to VPN into my office from home.

Ah yes, simple market response. I can choose any broadband provider I want, as long as it's Comcast.

Re:LOL

You could relocate, that'll show em!!

Nothing says you hate a service more than if you were to rip up the foundation of your life, career, and family just to avoid them.

Re:you know ...

Except for the fact that vast tracts of the good ol' US are exactly like he's describing. As soon as you move out of a major metropolitan area, your options start to get extremely limited.

Re:ha

Nope. This has been discussed ad nauseum already, but Comcast (and Sandvine, which they are in all likelihood using) isn't looking at the actual data, it's looking at the overall pattern of traffic. It is still going to send RST packets, regardless of whether or not your connections are encrypted.