GNG News Guy
11-28-2007, 01:00 PM
http://i.dslr.net/urls/54/25954.gif (http://www.dslreports.com/shownews/The-EFF-Test-Your-ISP-Project-89789)
It was recently discovered that Comcast (http://www.thegng.org/shownews/88591) was using forged TCP/IP packets to throttle upstream p2p bandwidth. While the Associated Press got credit for the discovery, it was actually one of our forum users that first uncovered the practice. In fact, site user Robb Topolski had already discovered how to thwart the system (http://www.thegng.org/shownews/87077) months before it even hit the AP's radar. Earlier this month, we had him confirm that Cox was doing something similar (http://www.thegng.org/shownews/Cox-Also-Disrupting-P2P-Traffic-89481).
The Associated Press report ignited an Internet firestorm, and today the Electronic Frontier Foundation is adding fuel to the fire. The outfit has released a series of reports on Comcast's traffic shaping, as well as a guide allowing ISP users to test for packet forgery or other forms of traffic interference by their ISPs.
"Comcast is discriminating among different kinds of Internet traffic based on the protocols being used by its customers," says EFF Senior Intellectual Property Attorney Fred von Lohmann. "When confronted, Comcast has been evasive and misleading in its responses, so we decided to start gathering the facts ourselves." Those facts are compiled in this report (http://www.eff.org/wp/packet-forgery-isps-report-comcast-affair), and the EFF cites Topolski's May findings (http://www.thegng.org/forum/r18323368-Comcast-is-using-Sandvine-to-manage-P2P-Connections) from our forums.
Comcast has argued that the practice falls under the realm of "reasonable network management." This language is important, because while there is no law outlawing such activity, the FCC does have a policy statement (http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-260435A1.pdf) (pdf) that insists consumers are "entitled to run applications and services of their choice." That is, unless an ISP is restricting access to protect their network from harm.
The EFF however does not buy Comcast's justification:It is true that some broadband users send and receive a lot more traffic than others, and that interfering with their traffic can reduce congestion for an ISP. This does not imply that protocol-specific packet forgery is a necessary or legitimate means of responding to the congestion; there are more reasonable mechanisms available to ISPs to ensure that low-volume users are not crowded out by high-volume users.
They say that the packet forgery does not discriminate between high consumption users and regular use:we saw no evidence that Comcast was targeting their jamming efforts at customers based on their individual consumption of bandwidth. For example, an attempt to seed a 500KB file to a single BitTorrent downloader, instigated after the seeding Internet connection had been idle for the preceding day, triggered the injection of forged RST packets. The pattern of interference by Comcast was exactly the same after the user had uploaded 500MB or so of data over the following day.
In other words, Comcast cannot hide behind the excuse of reasonable network management because the forging of packets is not reasonable, and the practice does little to reel in high-consumption users specifically. The EFF argues that Comcast "did not exhaust the reasonable, user-friendly, and standards-compliant responses before they began taking decidedly less reasonable measures."
As our recent Cox report shows (http://www.thegng.org/shownews/Cox-Also-Disrupting-P2P-Traffic-89481), Comcast is not alone in the use of forged RST packets as a heavy handed solution to network congestion. To get a better handle on how many ISPs are engaged in these kind of practices, the EFF has offered this guide (http://www.eff.org/wp/detecting-packet-injection) that walks users through the use of Wireshark (http://www.wireshark.org/) to help test for protocol discrimination (note: networking knowledge required).
"If ISPs won't give their customers accurate information about their Internet traffic controls, we have to detect and document them for ourselves," says EFF Staff Technologist Seth Schoen.
read comment(s) (http://www.dslreports.com/shownews/The-EFF-Test-Your-ISP-Project-89789)
It was recently discovered that Comcast (http://www.thegng.org/shownews/88591) was using forged TCP/IP packets to throttle upstream p2p bandwidth. While the Associated Press got credit for the discovery, it was actually one of our forum users that first uncovered the practice. In fact, site user Robb Topolski had already discovered how to thwart the system (http://www.thegng.org/shownews/87077) months before it even hit the AP's radar. Earlier this month, we had him confirm that Cox was doing something similar (http://www.thegng.org/shownews/Cox-Also-Disrupting-P2P-Traffic-89481).
The Associated Press report ignited an Internet firestorm, and today the Electronic Frontier Foundation is adding fuel to the fire. The outfit has released a series of reports on Comcast's traffic shaping, as well as a guide allowing ISP users to test for packet forgery or other forms of traffic interference by their ISPs.
"Comcast is discriminating among different kinds of Internet traffic based on the protocols being used by its customers," says EFF Senior Intellectual Property Attorney Fred von Lohmann. "When confronted, Comcast has been evasive and misleading in its responses, so we decided to start gathering the facts ourselves." Those facts are compiled in this report (http://www.eff.org/wp/packet-forgery-isps-report-comcast-affair), and the EFF cites Topolski's May findings (http://www.thegng.org/forum/r18323368-Comcast-is-using-Sandvine-to-manage-P2P-Connections) from our forums.
Comcast has argued that the practice falls under the realm of "reasonable network management." This language is important, because while there is no law outlawing such activity, the FCC does have a policy statement (http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-260435A1.pdf) (pdf) that insists consumers are "entitled to run applications and services of their choice." That is, unless an ISP is restricting access to protect their network from harm.
The EFF however does not buy Comcast's justification:It is true that some broadband users send and receive a lot more traffic than others, and that interfering with their traffic can reduce congestion for an ISP. This does not imply that protocol-specific packet forgery is a necessary or legitimate means of responding to the congestion; there are more reasonable mechanisms available to ISPs to ensure that low-volume users are not crowded out by high-volume users.
They say that the packet forgery does not discriminate between high consumption users and regular use:we saw no evidence that Comcast was targeting their jamming efforts at customers based on their individual consumption of bandwidth. For example, an attempt to seed a 500KB file to a single BitTorrent downloader, instigated after the seeding Internet connection had been idle for the preceding day, triggered the injection of forged RST packets. The pattern of interference by Comcast was exactly the same after the user had uploaded 500MB or so of data over the following day.
In other words, Comcast cannot hide behind the excuse of reasonable network management because the forging of packets is not reasonable, and the practice does little to reel in high-consumption users specifically. The EFF argues that Comcast "did not exhaust the reasonable, user-friendly, and standards-compliant responses before they began taking decidedly less reasonable measures."
As our recent Cox report shows (http://www.thegng.org/shownews/Cox-Also-Disrupting-P2P-Traffic-89481), Comcast is not alone in the use of forged RST packets as a heavy handed solution to network congestion. To get a better handle on how many ISPs are engaged in these kind of practices, the EFF has offered this guide (http://www.eff.org/wp/detecting-packet-injection) that walks users through the use of Wireshark (http://www.wireshark.org/) to help test for protocol discrimination (note: networking knowledge required).
"If ISPs won't give their customers accurate information about their Internet traffic controls, we have to detect and document them for ourselves," says EFF Staff Technologist Seth Schoen.
read comment(s) (http://www.dslreports.com/shownews/The-EFF-Test-Your-ISP-Project-89789)