ISPs Fight Against Encrypted BitTorrent Downloads

oglsmm writes to mention an Ars Technica article about a new product intended to detect and throttle encrypted BitTorrent traffic. When torrents first saw common use ISPs would throttle the bandwidth available to them, in order to ensure connectivity for everyone. Some clients began encrypting their data to get around this, and the company Allot Communications is now claiming their NetEnforcer product will return the advantage to the ISPs. From the article: "Certainly, increasing BitTorrent traffic is a concern for ISPs. In early 2004, torrents accounted for 35 percent of all traffic on the Internet. By the end of that year, this figure had almost doubled, and some estimate that in certain markets, such as Asia, torrent traffic uses as much as 80 percent of all bandwidth. However, BitTorrent is an extremely important tool that has many uses other than what everyone assumes it is good for, namely movie piracy."

Re:Question

[Xemu]

Easy. All traffic is slowed down by default. If the traffic is digitally signed by a Microsoft trusted computing device then it's allowed to travel faster through the pipes. All other traffic is slow pr0n.

Illegal?

[BloodyIron]

Isnt it illegal to read any part of encrypted data accross the internet? (with certain exceptions, ie: NSA actions/warrants, etc)

Stunned...but not

[svunt]

This is funny...last month, I downloaded one linux distro via torrent, it was a dvd iso, can't remember the file size, let's say 4.5GB for argument. The other squillion terabytes I grabbed all came from my ISP's own news server, about a zillion hours of not-so-legal content, all provided at full speed by the guys who'd like to throttle my legal torrent traffic? If ISPs were that concerned about traffic, they'd close some of the zombie hosts on their own networks sending out billions of spam emails a day.

What new ATT SBC does

[shawn443]

I have noticed that once the upload stats get to about 10 gig or so my dynamic ip expires about every 2 hours. Before I started using btdownloadcurses my ip would change about once every two weeks. Remote access in terms of my dynamic ip address was rarely a problem. Granted this is only an observation, yet I still assume categories of customers are made by upload stats. This caused me to script ipshow. ATT, go screw yourself and your "sticky ips", I am not running ebay here, I just want access to my computers.

Re:Not quite...

[interiot]

Or they can just be nicer about their bandwidth caps... don't advertise "unlimited bandwidth", and if a customer gets near their monthly cap, then slow them down to 64kbps down or something like that. If a customer only uses BitTorrent twice a month, why does the ISP have to go to the trouble of trying to detect an encrypted connection and slowing it down?

Re:Bittorrent will fight back.

[CodeBuster]

All of this could probably be pretty easily foiled by having Bittorrent mask what it's doing by sending noise once in a while to throw these tools off.

This is actually a common feature in many cryptosystems which serves to prevent a successful cryptanalysis via "cribs" or short passages of known plaintext within the cipher text, especially at known location such as the start of the message (the Germans made this mistake with their Enigma traffic during WWII for example with standard message headers on their daily weather reports to the U-Boat flotillas). If the protocol were modified to introduce random segments of padding (i.e. junk) into the packets then cryptanalysis via cribbing would most probably be rendered impractical.

Re:Many uses other than Movie Piracy

[jimmypw]

In response - I was able to contact my ISP and mentioned this problem. They then put me on a service that had no blocked or throttled ports but also made me agree to accept any civil proceedings brought against my IP address.

Re:well, it only makes sense

[Fatal67]

We pay up to $60 per month to have this great thing called broadband, and what do we get?

A best effort burstable connection.

Carriers wanting to restrict VOIP use, throttling Bittorrent traffic, refusing to guarantee any particular level of service, etc

I have only heard of one company blocking competitor's voip, and that was dealt with by the FCC. As far as QoS goes, the service providers would like to offer higher QoS for a fee, which I have no issue with. Unfortunately, some folks are of the opinion that offering a QoS service is a Net Neutrality issue and would like to see legislation passed to prevent service providers from offering such a service.

Token Bucket

[Anonymous Coward]

Back in my networking class we learned about the Token Bucket algorithm [wikipedia.org] for traffic shaping.
I don't get why ISP don't apply this to their customers, it would be perfect, or am I missing something?

ISPs oversell bandwidth to consumers: If they sell you 1 MB/s then they might have 1 MB/s for every 50 customers they serve. Now with a token bucket that fills at a rate of 10 to 30 KB/s, depending on demand, and has a capacity of perhaps 1 GB normal users would generally have full speed almost all the time, while heavy users would be limited to the bucket fill rate, unless they save up some tokens.

Furthermore it's a standaard traffic shaping algorithm, so I would guess the ISP's equipment could easily handle this.

What am I missing?

Torrents are identifyable

[davidwr]

It's easy for a router to distinguish traffic that "looks like" web traffic from traffic that "looks like" typical torrent traffic.

It's not practical yet to distinguish child porn, drug sites, and hate mail except on a whack-a-mole basis.

The technology is coming. Someday, they will be able to identify an unencrypted image as "likely child, likely porn" and flag it for human review to send to the police, or simply drop it. Ditto hate mail and drug sites where those are illegal.

Re:well, it only makes sense

[Desert Raven]

I wouldn't go so far as to call it fraud, but I would say that the ISPs have to be a LOT more clear about what you're actually paying for.

I lease a rack with a colocation service, I've got a 100base-T connection from my rack, and no doubt I can saturate it 24/7 if I had a mind to. However, my contract clearly states that I am allowed an average usage of X Gb/month, which is significantly lower than 100Mb/sec * 1 month. This is standard for such contracts.

The problem on the consumer side is that to enforce that, every single customer would have to be managed for bandwidth use, and billed accordingly. Believe it or not, that's not so simple. It requires a significant amount of additional hardware, software and manpower to deal with that, plus the additional cost of dealing with customer service in the billing department. For the colo, not so big a deal for a few hundred customers, for a cable company, it would be more of an issue dealing with several tens of thousands of customers. Truth is, I'd bet that a lot of colos don't even bother to monitor bandwidth on individual customers unless they suspect the customer is really hitting the bandwidth hard. I'm willing to bet if I called my provider, they wouldn't be able to tell me what my usage was, because my traffic is low enough as to not be worth monitoring. Collecting those kind of stats on the router definitely hits performance.

I can't say for sure what the best answer is, but ala carte pricing for bandwidth use is not likely to be practical from the ISP's perpective. All I can say is that they should be very up-front about what you are and are not paying for.

3rd World

[alexgieg]

Here in Brazil many broadband ISPs guarantee you a MAXIMUM of 10% of the bandwidth you contracted. Meaning: you get something that's announced as 2 Mbps connection and that usually works at that speed, but which could drop to 200 kbps (in peak hours, for example, or for whatever reason the provider thinks is deserved), and the ISP wouldn't be required to improve the situation at all. Nice guys, eh?

Re:well, it only makes sense

[Anonymous Coward]

The company I work for . . . had an issue . . . that resulted in huge bandwidth use for a 4 hour period that put us waaaaay over our monthly cap. We got a nice bill from the colo center at the end of the month that detailed exactly how much over we used. They do track it.

Depends upon the ISP

[element-o.p.]

At the ISP where I used to work, we really didn't give a rip what you did with your pipe so long as it didn't cause us problems :)

So, if you were using Bit Torrent (or KaZaA or gnutella or....), we didn't care so long as MPAA/RIAA/BSA/**AA didn't send us a notification of infringing content. If we received such a notification, we would send a warning to the infringing customer. If said customer continued pirating software/movies/whatever, we would continue to send warnings to the customer until either the customer learned how to not get caught or the *AA's would send a subpoena request. While our AUP's stated that we *could* terminate a user's account for copyright infringement, I can't think of a single case where we actually exercised the option.

The bottom line is that dictating how a customer uses the pipe is a waste of time and resources. For me (as an ISP) to tell you (as a customer) how to use your connection just involves me in a never ending arms race and annoys you. So why bother?

Basically, as has already been mentioned, the biggest reason that ISP's get upset with file sharing is because it taxes networks that weren't designed for 24/7 usage from so many customers. Rather than trying to restrict what *protocols* are used on networks, I suspect that, some time in the future, ISP's will begin charging the same way almost every other utility does: charging per unit of bandwidth consumed, possibly with a flat fee until some cap is reached, and then a price per unit of bandwidth consumed after that.

Need more info

[Panaphonix]

Sorry but this doesn't sound credible. How would the ISP be off the hook after giving you an unrestricted connection? Also, when people have been sued by **AA in the past, there was never an understanding between the customer and the ISP that the provider would block certain kinds of traffic and that would legally shield the users (I'm inferring this based on the discussion you describe in your post). Which ISP do you have and who did you contact there?

Q. - How can you tell if this is happening?

[Brit_in_the_USA]

I would like to know how I can tell if such throttling is happening.

I use the latest Bitcommet Client and no matter what I set for upload/download rates I never break about ~ 80kb (or is it KB) download speed. No matter if I am downloading ~10 files simultaneously or just 1 or 2 popular files. "Health" is always >1500%

I have tried several web speed tests and my cable speed is indeed the ~ 5Mbit/s DL / 0.5Mbit/s UL that I am purchasing.

I am using XP, XP firewall and a recent model linksys router. I have configured port forwarding on the router and Bitcomments reports that it is happy and not struggling behind a firewall.

I would appreciate any thoughts or suggestions. - I was wondering if there is any reliable Bitcomment speed test that can be performed?

I wouldn't have a problem with that, if...

[Solandri]

If an ISP wants to sell a 3 Mbps service but wants to oversubscribe it by 10x, that's fine. But then they should advertise it as 3 Mbps at 10% saturation. Instead they advertise and sell it as 3 Mbps, then use secret criteria to determine who they try to kick off their service for "overusing" it. Lately they've started adding (very, very) fine print stating you're not supposed to use all that bandwidth 24/7. But the whole thing would sit better with the public if they were just up-front about it.

Re:compare to land

[Anonymous Coward]

The Small cable ISP I work for does not have this problem. We have burstable bulk internet lines that give us as much bandwidth as we need. We pay for bandwidth by the terabyte. We Prioritise traffic at our packet shaper like so:

1. VOIP traffic
2. game traffic
3. HTTP + e-mail
4. everything else.

Every customre has a contract that clearly states: you have access to X amount of GB's per month. Download what you want in accordance to local laws. If you go over X amount of GB's per month you will be charged overage per additional GB's.

That way we dont need to throttle traffic and the customer knows exactly what they are paying for. So little johney goes to town on bit torrent, everyone else is still fast.

Re:compare to land

[HiThere]

Your solution is a fair one, so I don't expect it to be chosen. (I've become a bit cynical about corporate ethics...as well as the ethics of many individual people.)

Re:compare to land

[Yaotzin]

I don't really understand what the problem is. Here in Sweden you can get a 24 Mbit/s (down) for about $40 USD a month and that is without bandwidth throttling.

Re:compare to land

[Kadin2048]

I had the same idea a while back when I was reading about how bad the folks in Australia get hit for broadband. If you think the situation sucks here in the U.S., they really get screwed -- it's almost impossile to get an uncapped (transfer) account there at all. In a situation like that, it seems to me like it would make sense to have two distinct tiers of traffic: local traffic that wasn't going to leave the country (and thus wouldn't have to go through expensive undersea cables and be subject to peering agreements), and international traffic. The latter is what's expensive, the former ought to be free or close to free.

Rather than fighting bittorrent, an ISP like Comcast could just put a cap on the traffic that you could send through to other networks (and publish what the limits are, in terms of burst versus constant throughput, etc.), and then give you your full unthrottled connection to other Comcast subscribers, because this really doesn't cost them anything. Their network ought to be capable of letting someone basically saturate their connection from one node to another node on the same subnet, and with some intelligent caching, they could keep a lot of the BT traffic here.

If they set up the incentive structure correctly, they could probably reduce the load at critical points on their network due to BT traffic, while giving end-users (both heavy downloaders and "burst" users) a better overall experience. They would also eliminate the incentive to obfuscute BT traffic and end the cat-and-mouse game that seems inevitable under the current system.

Re:well, it only makes sense

[secolactico]

According to a friend, who used to work at an Airline's checkin counter (or whatever they are called) they also "oversell" luggage capacity. Apparently, airliners are designed assuming that not all passengers are going to be carrying luggage (or maybe only a carry-on). So the incidents of "lost luggages" are usually suitcases and the like that were left behind and sent afterwards.

Of course, she might have been pulling my leg. Can anyone confirm or deny this?

Re:compare to land

[Wolfbaine]

Such a thing is (or at least was) commonly done in Australia. Many ISPs hold membership to their regional internet association, which provides low cost traffic for local transit (through exchanges such as WAIX [waia.asn.au], PIPE [pipenetworks.com] and the academic AARNET [aarnet.edu.au]). Traditionally ISPs have passed on unmetered access to these networks (not contributing to the established quotas) however this has become uncommon with many ISPs pocketing the savings and counting all the traffic.

Indeed many local pirates were using the networks for file trading under an assumption of protection from prosecution (saving the ISPs from the usual traffic bills) until crack downs [zdnet.com.au] shut down the more popular sites.