Re:Encryption (Score 4, Informative)

It appears to me that the Sandvine system uses a rudimentary heuristic to decide when something should be blocked. One can trigger the RST packets merely by making a few inbound connections to a Comcast IP. I have been unfortunately been triggering it for several months now by connecting to a machine at home with SSH. It will allow a few connections, (like, maybe 5-8 or so in a 30 minute period of time), before it shuts down *all existing TCP sessions that are inbound on the IP* and apparently *all* attempts at additional incoming connections to the IP in question. This lasts for some period of time around 30 minutes to an hour, then things work normally again. I've had to rewrite my file synching scripts so that they use SCP over a single SSH tunnel -- everything goes over one SSH connection, which I keep open the whole time I might need to transfer something from home. This has solved the problem, but the Sandvine system is anything but brilliant, and excessively heavy-handed. I had a detailed conversation with a Comcast rep. via the website chat thingy, and at the end, I said something like, "so, if I want to remain a Comcast customer, I have to be willing to deal with Comcast fiddling with my TCP sessions?", to which the rep. replied, "yes, basically." He then tried to upsell me some higher level of service which is $40 more per month than the $50 I am already paying.