VPN Clients Not Allowed On Residential Service 558
wayn3 writes "ComputerWorld reports here that two of the major cable companies have language in their terms of service that VPN clients are forbidden for "residential" class, forcing clients on their "business" offering which is at twice or more times the cost of residential service.
Has any been bit by this, and do those companies consider SSH a VPN client? This would stop me from telecommuting since my company would not be able to afford the business service."
@home has that in its AUP but... (Score:2, Interesting)
Re:@home has that in its AUP but... (Score:2)
The easiest way for companies to do this (And I have already seen it as I work for a company who sells and maintains a VPN Solution) is to block UDP port 500, as well as IP Protocol 50/51. If they want to be really anal they also block TCP1443, but that would stop other ssl traffic not just the VPN.
Alot will also block IP Protocol 57 (SKIP) just to be thorough.
Why would they do this? Because business accounts use more bandwidth on average. Lets take your average non-tech, just someone who needs access to the internal server to do thier work. They work from home for a day and use more bandwidth in that day than they normally use in 2 weeks. This makes perfect business sense, and is well within thier rights. Just as it is within your rights to get another ISP.
Re:@home has that in its AUP but... (Score:4, Insightful)
Bull. Show me stats - real stats that back this up. Residential users actually use more bandwidth than a business user @ home ever would. Gnutella, Browsing heavy graphical sites, etc. Most business users use VPN to check .... email. Maybe access a file server but how many files will they work on at once?
This is typical telco mindset being applied by cable companies - jack up business rates for the same service you provide to homes since you lose money on residential service. Then try to get as many folks on business lines as possible. Same thing happened with dial up - telcos wanted us to have business lines for hoem dialup users into our corporate networks - and we did - why? The IT managers wanted 'business class' support on these lines to get problems fixed faster - like it was gonna shut the company down if manager X couldn't dial in from home on his 2nd phone line and the telco hadn't committed to having it fixed by X hours. (um - what about the first)
I chuckle at all the ISP issues out there - just like banks - the bigger monoliths screw you while you get GREAT service and such from smaller ones. My ISP is a mom/pop phone company that got bought by another company that specialized in running mom/pops. We have excellent service (DSL), great rates, and they are pretty laid back about how you use it (no blocks - not even port 25, etc)
Re:@home has that in its AUP but... (Score:2)
Re:@home has that in its AUP but... (Score:2)
I can sign something saying that I will kill myself. Doesn't make it legally binding. BTW, I highly doubt he signed anything, not that that's a requirement for it to be binding.
Legally can is debatable. They are a monopoly in restraint of free trade. But I don't really want to get into that argument, cause I could see a court going either way.
My point (and I believe the point of the original commenter), is that they likely won't permanently cut off service to someone who is paying them a nice monthly fee and isn't harming anyone, especially if that person refuses to upgrade to a business level service. The clause is there as an excuse to shut people off who are bothering them in some way, not to be taken literally.
Remember when Netscape had a 30 day trial, then you were supposed to pay for it? Did they have a legal right to take it from you or sue you after 30 days? Yes (well, actually, maybe, but that's another legal question). Did they sue any consumers? Of course not. They actually encouraged consumers to break the "contract". Because it wasn't in their best interests to enforce it.
What's wrong with this? (Score:4, Insightful)
If you require internet access for work, then you get a work account. If you require it for home, then it's a home account.
Hell, if you work from home, get the damn work account, then deduct the cost from your income taxes.
Re:What's wrong with this? (Score:3, Insightful)
Now if they can solve (a), and say that business users have 5 nines uptime then the price difference is justified.
Re:What's wrong with this? (Score:2)
Re:What's wrong with this? (Score:5, Informative)
1) Better service (i.e. technical support).
2) Perhaps a static IP address.
3) Web hosting, email hosting for multiple
accounts.
4) Some other item that adds value to the service
thus justifying the added cost to you.
Also, business class service is meant for situations where more bandwidth needs to be allocated for your use (such as with a web server that gets many hits).
Differentiating your servous based on what applications you use, if the application does not use any more bandwidth that any other regular users use, is just unacceptable.
I personnaly do have a business account, but that was because I was willing to pay for a static IP.
Re:What's wrong with this? (Score:4, Informative)
I work for one of these cm isp's. When a customer pays the business rate here they DO get better QOS, ability to call our business help desk (which staffs local people who are much sharper folks than the retards at the nation helpdesk for residential customers). They also get access to our other services, static ip, etc. We have even higher levels of service where your modem is basically watched ALL the time and if your modem goes down, there's someone on it before you can even pick up the phone, 24/7.
I know for a fact that probably 80% of the cm isp's out there aren't like us, but those of us who *are* customer satisfaction oriented cringe when we get lumped in with the ones who don't give a damn...
Re:What's wrong with this? (Score:2)
It's no laughing matter to check your books and realize that 5% of your clients are being charged 1/3 of what they should be.
But yes, higher contract fees should mean higher QoS (even if it doesn't always come out that way
Re:What's wrong with this? (Score:5, Interesting)
Second, the network isn't going to give me any more bandwidth than I'm paying for, so it shouldn't matter what I'm doing with the bandwidth that I have.
Now, as far as the extras that a business account provides:
Tech support - don't need it, and they don't support Linux anyway.
Static IP address - the residential service gives me that anyway - and even if it didn't, I would be somewhat inconvenienced, but it's not something I care about.
Web hosting, email hosting, etc... - don't need it, don't want it.
other value added services - don't need them, don't want them, wouldn't use them.
So I have absolutely no use for the business service and I physically cannot use more bandwidth than their network will give me (which is what I'm paying for) so I don't see any reason for them to get all pissy about what kind of packets I'm sending over the bandwidth that I pay for.
Besides, I use Cox and I seriously doubt that they have the technical knowhow to navigate themselves out of a wet paper bag, much less figure out what applications I'm running on my computer at home.
Re:What's wrong with this? (Score:4, Insightful)
I would go further and get your local or state consumer protection and/or public utility board involved.
Why? The cable companies have been advertising how you can have "always on" "faster than dial-up" internet connections. No where in those ads do they say that the price offered is only for "casual surfing" or anything like that. Plain and simple, the cable companies are engaging in "bait and switch"... advertising one service then saying "Hey, that's not really for you. You want this much more expensive service."
Or, if you just want to be sly, just use another port than the usual VPN one (80, 21, etc).
Re:What's wrong with this? (Score:4, Interesting)
Granted not a lot of people use vpn as personal, but what about the people that do? sometimes there are non-business related things u can use vpn for.. should they be penalized too?
~slak
Re:What's wrong with this? (Score:2, Insightful)
Re:What's wrong with this? (Score:3, Insightful)
It is the exact same service, just that they turn the other way when you run a VPN. I agree that if you are a professional telecommuter, then yes, you can afford the $100 a month, have the company pay, or deduct it from your taxes. I occasionally have to call in to my company a do periodic support after hours. I'm not going to spend 3 times as much a month to use a telnet/ssh connection that consumes
Re:What's wrong with this? (Score:2)
Listen closely....
THERE IS NO DIFFERENCE! The cable compnaies are just screwing the end customer. They want that higher rate because you likely to use more bandwidth.
I Say this over and over...we need laws(because it seems like the only thing anyone listens to anymore, Commone sense, is dead in this country) that state to bandwidth providers, that that is what they do, and they can't control what you do with the bandwidth....especially since there is no DIFFERENCE!
What's wrong? Business class doesn't exist. (Score:4, Interesting)
The places that talk about the restrictions on residential service seem to imply that just by paying more, one can sign up for a "business class" service that is essentially the same as residential service but without those restrictions.
Unfortunately, that's not the case. Business class service (except briefly for some of the areas served by Cox cable) over cable lines does not exist. It is a strawman that cable ISPs use to pretend that their restrictions on "business" use are somehow rational. This is a re-occuring thread in various @Home newgroups.
Hopefully having an article in ComputerWorld will produce more explicit explanation from cable ISPs about what exactly they mean by business use.
Consider that a common Comcast@Home commercial shows someone auditioning for an acting job halfway across the country through an @Home webcast. If that's not allowed, I smell a bait-and-switch lawsuit.
Re:What's wrong with this? (Score:2)
EXACTLY. I ssh out to read my personal mail, and the wife uses Yahoo! Mail. I also use a VPN client for Notes and some Intranet surfing. The problem is, Comcast's service has been so shitty, that I literally had to put my cablemodem on X10 and cron it to bounce every 30 mins from 8am to 8pm and every hour 8pm to 8am just to keep the connection up. Otherwise, the connection would stall after anywhere from a half hour to a few hours.
Until they improve their qos, there's no way in hell I'm going to pay for an upgraded account. Especially now that they're trying to learn how to run their own network. I'll wait, thanks. Oh, and I haven't met a network yet that successfully blocks my VPN client. It looks just like SSL traffic, but trips the hell out of snort with Large Packet warnings.
Sounds reasonable to me (Score:2, Insightful)
Seriously, who here runs a VPN that doesn't connect to their office? I can't really see a use for a VPN besides connecting widely distributed corporate offices and internal networks, which is most certainly deserving of business-class rates.
Argument from personal incredulity is a fallacy (Score:4, Insightful)
I can. I have family in the area, some with broadband of various kinds. If we shared files more (which will probably happen in the future), it would be nice if we could be hooked up on a VPN so we could just drag and drop to various locations, rather than emailing. It would be simpler and it would take up less bandwidth (one copy vs one upload + one download).
no, it doesn't.. (Score:2, Insightful)
Re:Sounds reasonable to me (Score:2, Insightful)
I don't. And I think it's the same thing.
Personally, I say give me a bandwith limit and a QOS agreement and keep your nose out of my business.
--tim
Re:Sounds reasonable to me (Score:2, Insightful)
Maybe the providers should be honest and start offering something to distinguish the home service (a network pipe with no QoS) to the busines service (a network pipe with no QoS that costs more). Then people might be think they are worth buying.
But no, in your strange deluded world, I should pay more to my network provider for the privillege of using some encryption software on my machine and some encryption software on the machine at work, because those encrypted bytes are so much heavier on the network than their unencrypted bretheren.
IHBT, fuckwit.
Re:Sounds reasonable to me (Score:2)
Your company can't afford it? (Score:2, Informative)
That said, I don't think this is fair. I also don't think it is fair when a company *cough*Verizon*cough* offers "full Internet service* but then blocks ports on the router and outlaws servers in the TOS. If all they want to sell is a watered down, "just look at the pretty pictures and don't do anything technical" service that's within their rights--but then say so on the label.
Re:Your company can't afford it? (Score:5, Interesting)
I work for a large (3000+ people) company in the Philadelphia region. The company currently supports telecommuting with broadband through VPN. Currently, they pay $39.95 per month for connectivity, plus $30 per month for outsourced broadband routers/firewalls. (The latter part I think is stupid, but I digress.) So for each person telecommuting, they pay roughly $70 per month
Now, increase that highspeed access from $39.95 to $95.00, and they would have to pay roughly $125 per month per person. If only 300 out of the 3000 people here telecommute, that's a cost of $37,500 a month, or $450,000 a year just for broadband users. At the previous price, it would be roughly $252,000 per year. Almost 200k more. That's a lot of money to just "find" in your budget. So what happens? Comcast loses money because my company suspends all high-speed telecommuting. So now instead of getting their extra 200k a year, they get nothing, and the people who benefited from telecommuting no longer can.
You know, if Comcast wanted all these people/companies to shell out $50 more per month, the LEAST they could do is remove that 128kbps upstream cap they enforce for business accounts. Its really annoying to transfer large files to work or VPN to a server when you can't send out over 15K/sec, peak.
How to classify a VPN? (Score:5, Informative)
Even encrypted HTTP, HTTPS, can be used to build a VPN-similar type of thing (think "VNC"). Since HTTPS is used to encrypt on-line banking traffic, e-commerce sites and such, they cannot just stop everyone from using HTTPS.
Furthermore, since the data (by definition) is encrypted, it is impossible to peek at the data to determine if a data stream is "a VPN" or just some other HTTPS transfer.
The conlusion is that they will have huge problems trying to enforce this.
Re:How to classify a VPN? (Score:2)
Re:How to classify a VPN? (Score:3, Interesting)
Of course, I'm one of those lucky people who has a choice of cable modem at my house or several xDSL providers. So if the cable company ever decides to ban VPN's and if they ever figure out how to effectively enforce such a ban (doubtful) then I get to take advantage of competition.
The good news is for those of you without such a plethora of choices is that enforcement, AFAIK is currently impossible.
What if AT&T upped your phone bill? (Score:4, Interesting)
Imagine your phone company doubling your bill because they analysed your calls and decided you made a call to the office!!
I buy bandwidth. What I do with the bandwidth is nobody's business (obvious exceptions included..)
Actually, that analogy is relevant... (Score:5, Insightful)
Here's the point: Business usage (phone, cable, whatever) CAN be more costly to the provider because these users will scream louder and demand quicker restoration of service when something goes wrong (line failure due to snowstorm, flooding, you name it). They also threaten to sue for lost business revenues due to the company's failure to restore said service in what they think is a timely manner. Residential customers don't bring that baggage.
So, they don't really care if you USE the line for business, because you won't be able to file suit as in the case above -- according to the TOS you weren't supposed to be using it for that purpose anyway. BUT, if you want them to treat your service as an essential component of running your business, you have to pay business rates...which is not wholly unfair IMHO.
Re:Actually, that analogy is relevant... (Score:5, Insightful)
If I have more downtime in a month than I am guaranteed, I expect the entire month for free. This should be at least a two or three sigma event, so it shouldn't be too costly for the involved companies to give me this.
Then give me an honest deal that says "Residential Service == guaranteed 98% uptime", "Business Service == guaranteed 99.95% uptime". Real business users WILL pay for the guaranteed 99.95% uptime, and home users, even those who casually use VPNs to transfer files to and fro from servers at work, or to log into some machines at work to do some compiles or testing, will probably stick with residential (unless they telecommute exclusive and their company needs them to be guaranteed available all the time).
Frankly, there's no excuse for anything else, and if residential service can't even be maintained at that sort of guaranteed service level, the provider doesn't deserve to stay in that business anyway (and I don't want to sign up with them).
Home business lines are treated as residential (Score:3, Interesting)
But then modems came along - and the telcos had to beef up their switching equipment because evening residential usage jumped way up. That's why there was a short-lived proposal for a modem tax. But the telcos eventually figured out that selling second (and third lines) for modems, teenagers and other heavy users was more profitable than that tax, and a lot less politically explosive.
Nowadays, I doubt many telcos care about home business use - during the day there's excess capacity in the residential areas since they're currently designed to handle everyone getting online in the evening.
Re:What if AT&T upped your phone bill? (Score:3, Informative)
AT&T cable cut out on me again last night. I see that their FAQ page has changed and now explicitly forbids servers- but how can you even be connected to the internet (inter meaning "between") unless you serve some traffic? Certainly you can't run the file sharing services that are driving their business without running a server.
I'm sure someone will respond and say something like "yeah, but it's in their best interest financially to do this". Well, yeah, but I don't give a shit about their bottom line. I am a pissed off customer. My gas company doesn't care which rooms I heat. My water company doesn't care what flavor kool-aid I make. I pay for 128k upstream bandwidth and goddamit I expect it.
Re:What if AT&T upped your phone bill? (Score:3, Informative)
Wrong - use your head man. If all of AT&T's customers used 100% their cable modem's capacity 24 hours a day, you would not be getting broadband for $40 a month.
A full T1 is (1.544 Mbps) usually comes in somewhere at about $1500/month. My cable modem from @Home (2.2 Mbps downstream / 128k upstream) costs $40/month. Is this starting to make sense to you?
Unless you want to pay $500/month for your cable modem, quit bitching that AT&T doesn't want you to saturate it with traffic 24 hours a day.
Re:What if AT&T upped your phone bill? (Score:2)
It depends: if in your contract there isn't a clause stating the minimum guaranteed bandwidth, you really bought only the ability to use your ISP's network, and your ISP sells that at cheap prices only because it is confident that you won't use really much bandwidth (or that you won't have really much traffic).
Now, what IMHO is wrong is the assumption that people putting up a VPN would automatically generate a lot of traffic...
The analogy with voice calls is not really appropriate, since they use little bandwidth (quite less than 64kbps, thanks to compression)
Re:What if AT&T upped your phone bill? (Score:5, Insightful)
Well (assuming you're with a cableco), that's not at all true. You contribute to paying for the overall bandwidth usage.
The issue here is that what cableco's want to do is charge by the byte, but they know that they need to market their product as flat rate to attract the mythical "average user" who does nothing but suck pay-per-view content from the cableco's portal (no, idiots, that's a cable TV customer, you already own that market).
So what they are doing (in the UK as well, where I am based) is writing clauses into the AUP's that are designed to prohibit the sort of things that high bandwidth users are likely to do, without actually mentioning bandwidth per se. The aim isn't primarily to stop those activities, it's to limit bandwidth usage either directly (by not bringing in traffic to servers) or indirectly (by punting the high usage customers).
The UK basically has three broadband providers, DSL from the monopoly telco, and cable modems from two cableco's. And that's it. The telco acts exactly like the cableco's highlighted here; abusive, obstructive, restrictive, incompetent and internally muddled. It's impossible to get a straight answer out of them on policies.
In contrast, the two UK cableco's are (currently) behaving strangely honestly. One of the two, NTL, brought in a blanket ban on all servers. In the outcry that followed, they reversed this, and instead made their policy clear; it's all about bandwidth (as above). They acknowledged that they would only pursue those customers who generated an unfair amount of external traffic, like were running a server that was constantly attracting more traffic than their cable could cope with, leaving packets to expire alone and unloved throughout the network. The other UK cableco, Telewest, recently sent out a huge email about their technical policies. It named names internally, it gave usage numbers, server details, it basically treated the customers as intelligent, informed people, and solicited feedback. "Tell us how you want us to develop your network," they said, and I think they meant it. They understand that a prerequisite to having customers is to have happy customers who aren't just sitting fuming and waiting for their contracts to expire. There will probably be some dissenting followups here, and it's certainly the case that NTL and Telewest do screw over some customers, but they are getting better.
So my point is that there are different ways of doing things. Marketing droids can be invited to consider that it's OK to talk about bandwidth usage upfront, as long as you make it clear that you're only concerned with extreme cases and not 95% of Joe Users. Technical guys can be made to realise that if you involve your customers and don't lie to them or dissemble, they will be more understanding when you have problems. Lawyers can be instructed to stick to the important issues when writing AUP's, and not to create sleepless nights for low usage customers who just want to set up secure remote access to their boxen.
Honesty, clarity. It's all we ask for, really. Target the users that are costing you money, do it directly, and don't make vague threats that will just piss off the 95% of low usage customers that you rely on to generate money.
Is that so hard to understand? NTL and Telewest in the UK get it.
Re:What if AT&T upped your phone bill? (Score:2)
True, but with a buisness line you get a listing in the yellow pages, and you typically make more peak time calls. (Yes a steriotypical teen might spend more time on the phone, but that is not peak hours)
Both make a buisness line more expensive, though I'm not sure that it is that much more.
where does it stop? (Score:4, Insightful)
Re:where does it stop? (Score:5, Insightful)
What if I'm not using a VPN but just doing research on the web for work? Are the cable companies gonna stipulate that you can't do anything for a business from home, even browsing the web?
All that you're supposed to be doing with it is downloading "digital content" and associated advertisements from major media companies. You're a home user, right? That means that you aren't supposed to be able to think for yourself or want to do anything creative or interesting with your computer and your internet connection. Remember, it's a cable modem. That means you're supposed to use it like cable TV. You want to pretend that you're a thinking individual, well, in this country, you gotta pay extra for that, because that's not what the economy needs of its citizens.
-Rob
Ssshhhh, don't tell Adelphia! (Score:3, Flamebait)
Also on the last TOS update they disallowed sucking feeds on their mostly-broken newsservers. They really don't know what they're doing, because in the grand scheme of things, they're just pushing those people to a sucking feed on an external newsserver, and eating their head-end bandwidth. Besides, an off-hours sucking feed would probably be more benign, and I'd be happy to adjust my cron setup to cooperate.
AFAIK they have no anti-VPN wording in their TOS, but IMHO that's only because they aren't clued in to its existence to forbid it.
IMHO, Adelphia wants to be in the 'TV for your computer' business.
Same old, same old. (Score:4, Insightful)
Well, rewarding this kind of arrogant big-brother attitude by giving them even MORE money for business-class service is certainly going to encourage a change for the better, wouldn't it? Or, perhaps, you should tell them to shove their port filters, and their DHCP garbage, up their network interface, and switch to someone else who does indeed provides real internet connectivity.
People really need to vote with their feet, and stop agreeing to put on their Internet provider's straightjackets. There are ISPs who will sell you a residential class DSL service, with a static IP address, and let you run servers. That's real Internet connectivity.
Re:Same old, same old. (Score:2)
Fucking saying fuck every second fucking word doesn't actually fucking address the fucking issue.
The issue is that what cable providers mean is that high bandwidth customers should pay more (which they should). But they're too chicken shit to say it, and instead choose to wrap it all up in convoluted small print (sorry, "small font", and what's that all about?) that is really just designed to let them punt high usage customers whenever they feel like it.
It's mendacious and dishonest, and that's the issue here.
If they start sniffing packets (Score:3, Informative)
Hey, is HTTP based, so how would they tell the difenrence ?
Telecommuting IS a Business activity... (Score:3, Interesting)
If you are TELECOMMUTING then you ARE a business customer. The only difference is that you aren't PAYING as a business customer.
Everyone can argue about if there should be different "classes" of service, but that is the business structure the Providers have chosen.
There will be people posting here "I use VPN but not for business." With those people I agree: Simply claiming the using VPN makes you a "business" customer is unfair.
But in the case where you ARE using the service as a business but want to only get charged the residential rate:
Quit your whining and stop being cheap
A business has the right to charge you the rates they see as fair and you have the right to not use their convenient service and start driving to work.
Re:Telecommuting IS a Business activity... (Score:2)
Re:Telecommuting IS a Business activity... (Score:3, Insightful)
Why should that matter? Do you pay more for bus/train/toll because you are going to work, instead of to the movies?
You should pay for the service you're getting: bandwidth, IP address and quality of service. What you do with it is non of the ISP's bussiness.
Re:Telecommuting IS a Business activity... (Score:2)
No, but do you get charged more if you go to a movie and you're a business person as opposed to a student? Students pay less at movies then someone who works... even though you're both going to see the same movie.
The situation is the same. Residential people are less willing to spend money on internet connectivity and they are charged a lower price to entice thier usage of the system. business are willing to pay more and are charged accordingly.
god, i forget what the term is, but there's an economics word for this. old people and students get discounts in the real world, non-workers get discounts in the virtual one. annoying, but fair.
Re:Telecommuting IS a Business activity... (Score:2)
god, i forget what the term is, but there's an economics word for this. old people and students get discounts in the real world, non-workers get discounts in the virtual one. annoying, but fair.
The "economics word" is "price discrimination". And under the Robinson-Patman act, it is sometimes illegal.
Re:Telecommuting IS a Business activity... (Score:2)
That's right. Internet access is a product and I want to pay for the product. The product in this case is bandwidth and quality of service.
I'm willing to pay for that. Why should I pay more, for using less as a typical VPN/bussiness user, that some teenager who stays all day on Gnutella downloading videos?
Re:Telecommuting IS a Business activity... (Score:2)
Actually, the constitution doesn't guarantee AT&T free, Dartmouth v. Woodward did that when it granted natural personhood to corporations. But you never hear conservative originalists braying about that one, do you?
Plus, the constitution grants the government the right to regulate interstate commerce and the right to provide for the general welfare. That includes fairness in commerce, Mr. "everyone I disagree with must be a commie".
Re:Telecommuting IS a Business activity... (Score:2)
You complain about being tarred with the socialist brush, but you make the classic liberal mistake of conflating "promote the general welfare" with "provide for the general welfare?"
Re:Telecommuting IS a Business activity... (Score:4, Insightful)
If you don't like the way Company A sells their bandwidth, don't purchase from Company A.
How about, if I don't like the way Company A sells their product, I rescind the government granted right-of-way that allowed Company A to dig up countless miles of public and private property to bring their product to me?
Fair is a socialist concept.
So is eminent domain, but without it we wouldn't have any cables (or utilities) reaching our homes at all. If we're already granting corporate monopolies based on one socialist theory, why stop there?
Re:Telecommuting IS a Business activity... (Score:2)
what's wrong with this picture?
higher prices and customer harm are signs of a real monopoly...
Re:Telecommuting IS a Business activity... (Score:4, Interesting)
Obviously there are secure ways besides VPNs to implement this functionality, and eventually I think we'll see a move towards these. The question remains how will the enforce this prohibition? And if it's allowed on business connections, does that mean they'll support it, too?
See, the real issue here isn't "no you can't do that here," but that certain types of users call with certain kinds of questions, and this allows those answering the questions to segregate the questions so the right people can answer them. IP/SEC traffic requires certain very specific protocols and ports to be opened which may not normally be open on a standard ISP network. Most legacy hardware, and much current hardware doesn't support IP/SEC, so it cannot work. Your cable modem/router probably doesn't, unless it's high end or very new.
By prohibiting this activity on their "home" networks, they need not burn cycles explaining why "you can't do that, it just won't work," while really saying "our hardware can't handle it." The latter unfairly casts a negative shadow on an ISP who simply didn't design their network to handle this traffic, and perhaps doesn't see that as being cost effective to do.
So this is another attempt to cover themselves for not providing any sort of support for VPN, including enabling the funcationality on their hardware. It's like their not supporting more than one machine in your house, or not supporting linux on their cable network. It would cost them way more to do it right than it's worth. They aren't doing anything wrong, though they're not doing anyone any favors, either. They aren't likely to tell you to stop, just not to ask for help. IP/SEC may never work on these networks, but other VPN-like items will probably fly under the radar.
bad Business activity... (Score:2)
The model no longer applies. First, there is no valid regulation. This is evident from the unilteral change clauses in TOS, which essentially say, "We have the right to screw you at will. Pay up or go away." Second, the private companies in question have no intention to subsidize anything. They are simply squeezing what they can from who they can. We no longer have regulated public telcos.
What we have is a cartel of rapists. In the best of all worlds, competition would come to the rescue and drive all of the greedheads out. In this world a small number of private interests have been given control of access to publically built networks and do not allow competition. The variable TOS are proof of their dishonesty and the high cell phone, long distance, cable and local phone bills you pay each month are the result.
What the fools don't realize is that regulation can return and that it can be made reasonable. They think they have been given this magic tollbox that they can squeeze and squeeze. The electric utility deregulation effort should sober them up. That they are pulling tricks like this shows that they are total fools. In time the public will get fed up, just like it did over Ma Bell's policies. People's expectations will change.
All that being said, I'd love to see the cable companies ban M$'s brand of bandwith hogging "VPN". Their tools are so sad. The IT folks tried one of those "services" on my machine a month ago. It was so slow that it was unusable. Bandwith capping would do this, as the goofey stuff uses megabytes of useless tranfers each second. The dinky little cable gets clogged up fast when people start using that trash.
Re:bad Business activity... (Score:2)
Reality check: No one is getting full, unrestricted T1 Internet service for under $150 per month! (I know people who purchase bandwidth by the handful of T3s, they can't even get lower.)
The broadband providers have to go to utilize some set of restrictions to bring you the speeds that people want mainly for Web surfing. While they may be doing some stupid things to achieve this, the truth is that the broadband providers have laid out a HUGE fixed expense that they won't see a profit on for years, plus they are trying to figure out how to even be MONTH-TO-MONTH PROFITABLE on the bandwidth and operations side as well. Or maybe you didn't notice Excite@Home's bankruptcy...
If they are "rapists," maybe you should set up your own cable network, and prove it. You can rent power poles for $20 a year. Go stick up some cable around your neighborhood, and make deals with backbone providers!
Re:Telecommuting IS a Business activity... (Score:2, Insightful)
In some cases, yes you are right about VPN being a business activity. In many other cases there are home users that can take advantage of VPN access when their employer is not funding it, or provides a nominal kickback that is = to a $20/mo dialup fee. Or perish the thought, you run a VPN host at home so you can grab stuff off your personal machine when away.
I can agree with them nailing bandwidth hogs with a surcharge or higher (expensive) class of service. When I get tier 1 access from a GSP, I pay for volume and service level - and they don't care what the content is. I don't think it unreasonable to pass those charges down within reason.
Sure the phone company charges a higher business rate. But wait! they will put in a bare-bones 2nd line for $10/mo. That often gets used for fax (or dialup for broadband challenged). What they don't give you is a commercial level of service. Go figure.
Airlines charge higher business fares. Maybe because business travelers want to book at the last minute and make 6 itinerary changes during the trip. Cool... you get that extra service for a fee. If I plan a business trip in advance and get a restricted fare, they don't just upcharge because I used my corp AMEX. I just get the cheap fare and get upcharged if and when I need extras like last minute changes.
You Get What You Pay For - just don't charge me extra for crap I'm not using!!!
Re:Telecommuting IS a Business activity... (Score:2)
Anyway, as a residential user who mainly uses his broadband connection to work from home I could not agree with you more. As a matter of fact, I could not agree with you at all. If it were not for the ability to control my servers remotely over my broadband connection then I would not HAVE a broadband connection. I don't do anything else online to justify the $50/mo expense. I hardly think I'm alone, and I doubt my provider would push this issue, either -- UNLESS I made demands for support ...or...*ding*
- [Lights On]
...try to sue my ISP for damage to my business becaue of some outtage or other service interruption.My bet is that these clauses exist only as a defense from support requests / lawsuits.
What stresses their service more: CNN video streaming or SSH connections to my servers?
Re:Telecommuting IS a Business activity... (Score:3)
I'll say that when the service goes out for an hour, any you say "shoot, guess I'll go iron my socks for a while and call support if it isn't back up when I'm done" then you are not a business customer.
If the service goes out for ten minutes and you are on the phone right away screaming at them to restore your service RIGHT NOW because every minute that goes by you are losing money, then you are a business customer.
So how are they going to find out? (Score:2, Interesting)
DSL In Cincinnati (Score:2)
SSH works fine, though, and a clever tunneling setup can bypass their silly MAT trap in a lot of cases.
Actually, It's Worse Than That (Score:5, Informative)
I invesigated Comcast cable a while back, as I'm out of range for DSL. Their terms of service were, in a word, unacceptable.
I suspect that you could get away with practically anything as long as nobody complained and you didn't generate too much traffic.
Oh, as to their "business solution"? DSL. Not an option. Near as I can tell, there is no such thing as "business class cable" Internet.
No high-speed internet for me. Sigh.
Re:Actually, It's Worse Than That (Score:5, Funny)
(The real kicker) They explicitly claim ownership of all intellectual property that you generate and that passes through their network.
This is good. Now generate some illegal content (slander, or copyright violations), and then use as your defense "The cable company (which has deeper pockets) owns that content, so sue them not me.
Re:Actually, It's Worse Than That (Score:2)
FYI, I do use Comcast Broadband, I do run servers, I do use VPN. They don't enforce those rules at all.
BTW, when I signed up, they didn't have any clause about ownership of IP. That needs to be looked into. Chances are it will disappear as soon as someone tries to sue them for ownership of IP.
Re:Actually, It's Worse Than That (Score:2)
The other items are typicial stupidity, but this item is beyond belief. Sounds like it rates a
-
A lot of that may just by CYA kind of stuff (Score:2)
I'll give you another example, here are some selected acceptable usage policies from the dorms at my university:
"The provision of network services from user computers (e.g., BBS, Chat, DHCP, DNS, FTP, IRC, NNTP, POP2/POP3, SMTP, Telnet, WINS, etc.) is prohibited. Users who have a bonafide academic need to provide such services from their personal computer must have prior written authorization from ResComp administration prior to activating any such service(s) on the ResComp network."
According to this literally, you can be busted for having a personal FTP server to access your stuff from a lab. Do we bust people for this? Hell no, the reason for the policy is so that if someone is running a huge website from their dorm room and eating up bandwidth, we can make them stop. Many Linux users in the dorms have a number of personal servers on their computers and I've never seen any of them busted (I work for Network Operations).
"To conserve server resources for all users, pop mail clients (e.g., Eudora, Netscape Messenger, Outlook, Outlook Express, etc.), if set to automatically retrieve mail from the server, must be set to retrieve mail no more frequently than every thirty (30) minutes. Users may manually retrieve mail as frequently as they wish."
No, you won't get in any trouble if you set it yo 10 minutes. The purpose again, is just a CYA incase some moron sets it to once every 30 seconds or something.
"The residential network may only be used for legal purposes and to access only those systems, software and data for which the user is authorized. Sharing access to copyrighted software or other copyrighted material (including MP3 files from copyrighted music media and digitized video from copyrighted motion pictures, etc.) on the network is prohibited."
Makes sense, but some take it to mean that we police the network. We don't, and I'm sure plenty of this goes on. This policy is in there so if you do it, the RIAA/whoever whines about it, we can shut down the network conenction and refer you to this section of the code.
"Under no circumstances may users give others access to University systems."
Again, not a nazilike policy. If someone is in your dorm room and you have a remote X session open to a CS server or something, and you let them compile something on it, noone will know or care. IF you do something stupid like give out your login to said system, you'll get in trouble.
The rules sound a little stupid and strict at time because we want to protect ourselves from potential lawsuits and problems. I suspect these rules are for the same reason.
Re:Actually, It's Worse Than That (Score:2)
The Intellectual property statement is this: "Through these actions, a user also authorizes Excite@Home and its distribution affiliates to reproduce, publish, display, transmit and distribute such content as necessary for @Home to deliver the content in a timely manner."
The actions they're referring to is posting content in the personal web space they provide. Obviously they need to transmit, etc. the content in order for people to view it on the web. They are not claiming ownership of anything that passes through their network.
No business can satisfy people who look at a regular AUP and see it in the most twisted and evil way possible.
Don't you get it yet? (Score:5, Funny)
They've all but said that outright. They don't sell bandwidth. They sell a high speed web surfing experience.
This should no longer surprise anybody here. Let's get over it.
leftover from excite (Score:3, Interesting)
I'm sure comcast and cox will get a clue when they also fling excite the bord later next year.
Re:leftover from excite (Score:2)
From http://help.attbroadband.com/faq.jsp?content_id=41 6&category_id=34&lobid=1 [attbroadband.com]
Can I Host a Server?
AT&T Broadband does not allow servers to be connected to the cable modem. This means that no computer in a personal network can be used as a server.
linux specifically mentioned
There is no mention of Linux in the AT&T Broadband Internet Subscriber Agreement [attbroadband.com], are you referring to a different document when you quote "AT&T's TOS"?
As far as I can tell, the only difference between the old service and the new service is that my bandwidth is now limited and latency to internet locations is higher. They still have a draconian subscriber agreement, to the point of telling me I can't even have servers on my HOME network. It also mentions that I am not allowed to NAT my home network to the internet. If I want to have more than 1 computer access the internet, I have to buy their "home networking solution" and pay $9.95/month. [attbroadband.com] I am only allowed to connect 3 computers to the internet, if I want to connect more than that, I am SOL. If I NAT my computers, AT&T treatens to prosecute. From the subscriber agreement:
(g.) Theft of Service. Customer shall not connect the Service or any AT&T Broadband Equipment to more computers, either on or outside of the Premises, than are reflected in Customer's account with AT&T Broadband. Customer acknowledges that any unauthorized receipt of the Service constitutes theft of service, which is a violation of federal law and can result in both civil and criminal penalties.
Oh yeah, sounds like AT&T is a great benevolent father-figure and @Home is the bad guy. I am shocked that anyone would be taken in by such propaganda.
are you sure? (Score:2)
Really, I hope you are right but I'm afraid they are all a bunch of greedheads looking to stick it to you every way they can. Find me the words, "public interest" in any of the contracts.
unenforcable (Score:2)
I think they put these clauses in their contract so that *IF* you abuse of your priviledges, they have the rights to pull the plug. And even then, the only way they'd know is if everybody on your block complained of piss poor performance, and they decided to start investigate who is sucking all the bandwidth.
I have never gotten a call, email or letter from the providers complaining about this. I am not going to worry about it.
Hmmmm (Score:2)
Paying for business behavoir is wrong. (Score:2, Interesting)
My two cents,
Chad
Roadrunner (Score:3, Informative)
Plus they recently added a nationwide dialup service. 10 hours / month for free, 99 cents an hour after that. In the past year I've had only three memorable outages and one was at 1am.
Do this make me sound like Scott Case's bitch or what?
Re:Roadrunner (Score:2)
What is this dialup service you speak of, though? Does it mean that with the broadband access you can also use a phone line while on the road? I can't seem to find mention of this on their site... This is a feature I could find useful.
Back on topic, this story is an example of why it's bad for this sort of thing to be managed by a regulated monopoly. Where I live, the nearest DSL CO is too far away, so the only viable, affordable alternative is Roadrunner, but it's ok thusfar. However, if I was stuck with Comcast, I'd be pissed...
um, if you want support (Score:2)
Are they automatically changing your monthly rate because they detect you using a VPN? I didn't see that. Just don't call up and ask for help getting you VPN to work with their service unless you are willing to pay.
Did I miss something? This doesn't seem as bad as the write-up implies.
@Home/Cox policy vs reality (Score:3, Insightful)
The policy says
In reality I have and continue to use ssh for unix connectivity without hearing a thing from them. I've used pptp in the past when I was forced to work on Evil Empire(tm) OSes and that worked fine. I've got some GRE stuff running now between Cisco boxes on cable modem and that is fine as well.
The only thing they really watch for here is overall transfer volume. Use a gig a day every day for a week and you'll get The Phone Call. Other than this monitoring they don't have the time, energy, or hardware to observe/filter anything else.
I'd say go ahead and use it as you see fit
Shielding Support -- true intention? (Score:3, Insightful)
Sue them under Robinson-Patman? (Score:5, Interesting)
I have comcast, I dont see this in the TOS (Score:4, Informative)
Ive been looking at these TOS for a while, becuase a whole lot of crap has been going on with comcast lately. Here are some of the email I've recieved from them lately.
They are changing mail services. This means my address changes from user@mediaone.net to user@comcast.com (or comcast.net, cant remember). No prob, EXCEPT the new addres becomes active Dec 29th, old address is deactive Dec 31s. This means we have 3 days to make the udate to all our online accounts, subscriptions, mailing list, etc. and what 3 days do we get? Sat, Sun, New Years Eve. If I have a problem making this update for one of my accounts, good luck finding someone to help, since most companies will be closed these 3 days.
Furthermore, until mid Jan, we will only have 1 comcast email address. What about those of us now that have 2 or 3 address. We only have 1 until mid Jan. I have an email, my wife has an email, some families have kids with emails. I guess someone in the household get left out in the cold for half a month (luckily for me/my wife, I've already transitioned to my own personal domain with email, so its not an issue for me, but Im sure it is for MANY, MANY people). They wont get email in that time, and what happens when they try to switch over one of their accounts in mid jan, and the system tells them "to confirm your update, we have send an email to your previous address. Please click the link in that email to complete your update".
What else have they told me lately...oh yeah. They send me an email all about how some home pages are going to change, something really minor. Then, burried 5 paragraphs down, they mention that, by the way, there will also be a new acceptable use policy effective Jan 1st, 2002 which "includes new information on several subjects, including use of bandwidth". Are they going to charge us for excessive downloads or uploads? I tried to look up these changes at the URL I posted above, but I see nothing about bandwidth. It says what I can/cant do, but nothing about how much of it I can do. Im puzzled. Are they getting worried about wireless neighborhood area networks?
What else...oh yeah. Im getting a new modem mailed to me that I have to hook up by end of year. According to them "This new modem will prepare your computer for upcoming Comcast High Speed Internet product enhancements including improved reliability and new features". I talked with some people, and came up with rumors that they are decreasing our upload speed to 128Kbit. I currently get 250Kbit up, and I know people that get almost 400Kbit up. I looked on their site, and nowhere do they mention upload speeds anymore, except on one pricing chart, they list the serivice as "1.5/128K" (1.5Mbit down/128Kbit up). Im afraid this new modem is their attempt to "upgrade" my upload speeds.
Oh, yeah, I almost forgot about the letter I got through postal mail last week...price goes up $5.
YEAH COMCAST!!!!!!
There is very little business cable service (Score:2)
I understand the rollout for a major US company has been stalled for the last two years because there is no @work version of @home in most markets, and now there is even less @home. About 30% of their employees were on cable systems who blocked ports, or randomly cut off accounts without warning. Negotiations were tried, and failed, since the cable companies just didn't have the business acumen to understand money being waved under their noses. They had settled on @home as the only viable service, and didn't want to build the extra reliability/stability necessary for @work, even if the margins were higher.
The other problem is that for the few cable companies who offer a business rate, the ToSes still don't allow VPNs or servers, nor do they offer Service Level Agreements or static IPs or allow NATing. About the only thing they offer is money back for when the service is down.
Until every cable (and DSL) company is forced to offer a TRUE business class of service, with acceptable TOSes, static IP (or multiple static IPs), no firewalling of any kind, etc, companies are going to be forced to use residential service for their telecommuters. Its just the state of broadband today, it may take years to shake out given the level of corruption of politicians in the US and the EU.
the AC
I love New Hampshire :) (Score:3, Informative)
I found this out when I mentioned servers while talking to a tech support guy, and he told me that servers were prohibited. I challenged him to show me the clause in the agreement that said this, and he pointed me to a web site. On the site, it asks for your zip code, and you get a different version of the agreement depending on your location. He was looking at the Massachusetts version, and I was looking at the New Hampshire one. Apparently he hadn't been aware of the distinction either until then
-- Brett
A View from the Other Side (Score:5, Insightful)
Having briefly worked as tech support for @Home, allow me to show a brief glimpse of why providers may want to do this.
An inordinate amount of cable internet support calls are VPN related. If you thought that clueless people having trouble connecting to their AOL email was a tech support nightmare, you've not seen anything until you get someone unable to connect to a VPN. A typical call would go like: "Dammit, why can't I get online!" After asking a few questions and running some tests it's made clear that the connection is fine, and they're able to connect through their desktop machine, just not their laptop. "Okay," I'd say, "It's probably just an error in the settings somewhere." I'd then proceed to describe how to open up the relevant controls in NT4 (it was always NT4...) "What? Are you kidding?!" they'd scream "This is my companies laptop and we're not allowed to touch anything on it!!!!!" "That's a problem, then," I'd say. "You'll have to have your sys admin check the settings for you then." "You're fucking kidding me! I'm in Redmond, WA and the company is in Denver! I work from home!"
The story was always the same: dumbass company gives employess laptops so they can work from home, and told them they had to get a broadband internet service, but didn't configure the machines for even DHCP or give the employees the admin passwords to configure things. You'd get that call about 20 times a day.
I'm so fucking glad I'm back in research. :)
So? (Score:3, Insightful)
-
Re:A View from the Other Side (Score:3, Interesting)
Those clueless morons! (Score:3, Funny)
If some data still remains on the network after phase one of the plan, they move on to phase two, where you pay per hop. At the basic rate of $39.95, the maximum hop count is five. If you pay for "expanded basic" it goes to ten, and "business class" is unlimited (at least for the first three months)!
These guys would license the number of mouseclicks and keystrokes if they thought anyone would pay. I think it's all part of a huge conspiracy to make dialup service more attractive.
All joking aside, the real issue with VPN has nothing whatsoever to do with bandwidth. It is more about controlling the availability of ports and access to IP addresses that might otherwise be blocked. Carried to it's logical conclusion, you get a few people with commercial high speed connections and unrestricted access -- then a few thousand cable customers using VPN to circumvent access restrictions by the cable company. It still has nothing to do with bandwidth, because in an unrestricted environment this type of VPN would be unnecessary -- you would still have the same packets going to the same destination (probaby via a more efficient route).
If these guys have any brains, they are fearful of a P2P like utility that might facilitate the exchange of quasi-public VPN logons, which would create a "Massive Rogue Virtual Network" (MRVN). In the pefect nightmare scenario, we throw in a bunch of house-to-house 802.11b users that eventually hit a residential cable modem "gateway" that allows entry to the MRVN world. Of course, all of this could be solved with reasonable pricing and fewer restrictions, but they're not that smart.
I have just about had it with their incessant "dumbing down" of the service. As time goes by, broadband costs more and more while it delivers less and less.
I just don't get it! (Score:3, Interesting)
Just spent 10 minutes TRYING to find an "Acceptable Use Policy" or something similar.
It's just NOT THERE... Really, it seems, they don't *care* what you do with your Internet Service! Basic rate is $50/mo, Biz use starts at $65. (I subscribed to a plan they no longer offer, a single static IP for $50/mo)
I know, I'm in bed with that evil monopoly, Pac Bell, but Hey! This is COOL! I've run my own DNS/Web/Mail/Proxy/NTP/etc Linux server for 2 years without a hitch. No complaints, nothin' - and reliable bandwidth to boot.
I *LOVE* these guys! (Even if they ARE an evil monopoly)
-Ben
Re:How the hell would they know? (Score:2, Redundant)
Assuming you have a choice (Score:5, Insightful)
*IF* you're lucky, you can "choose" between the monopoly cable company's service and the monopoly phone company's service. If you are REALLY lucky, you can get DSL from a CLEC or COVAD reseller. If you are insanely fortunate, you can get wireless service or your buddy next door has a T-1 you can tap into.
I live a few miles from AOL, mci/worldcom/uunet, and many other MAJOR data centers. Yet *my* choices are: Cable modem, overpriced IDSL service, ISDN, or modem. People living in spitting distance of the main MCI center can't even get my limited selection.
There is no choice, the broadband providers are well aware of that fact, and they are determined to keep it that way.
Re:The decision is easy, then (Score:2)
Re:Communication types (Score:2)
Well how about if you provider is the only game in town(and please name the town with more than one cable system available to any random house)...you can't get DSL, and the Provider has these stupid clauses...and they only offer residential grade service, no business grade...frnakly I would pay more for a business grade line if the charges were reasonable say $100/MO, and it offered me, lower latency, higher bandwidth/throughput, and I could legitimately run the things I want too(really I just want my DNS, and Web ports back)...
Re:Communication types (Score:2)
Cablevision ROCKS! (Score:2, Informative)
Re:Wow. (Score:2)
Re:Why waste your time with VPN???? (Score:2)
1) Bandwidth prohibitive. Term Server and Citrix are better than VNC, but the bandwidth requirement is still insane
2) "All you're sending is keystrokes, mouse movements, and video refreshes.." oh, is that all, that doesn't sound like anything important. Your argument I suppose is that with all that junk/noise going through, what could they possibly get? One thing is the keystrokes are easy, just grab packets that go in one direction and you have the video separated from mouse/keyboard events. All those passwords you type are suddenly in clear view. Since the downstream is essentially just video, then it's not too difficult to extract the sensitive information you are viewing. If telnet is insecure, this is even worse...
Using VPN is a very clean, efficient, and secure solution. Traffic is entirely encrypted, and the connection is transparent. Unlike what you suggest, VPN only sends what traffic is actually needed to be transferred between client and server, i.e. smb, nfs, http, ftp, whatever. For example, if modifying a Word document, you are *constantly* sending traffic back and forth, all of it somewhat sensitive with Term Server. With VPN, you pull down the
You really need to think things through before making a suggestion like this again. If I ever interviewed you for a sysadmin position, you would be turned down in a heartbeat based on this alone....
Re:Back to Bandwidth (Score:2)
Dialup providers have been doing that forever (q.v. Prodigy, AT&T)--sending out warnings to people whose usage seems "excessive." They just didn't tell customers that they were using a two standard deviation test :).
Info about Comcast business-class service (Score:2)