Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

EFF Releases Tool For Testing ISP Interference

kdawson posted more than 5 years ago | from the switzerland-as-in-neutrality dept.

The Internet 96

Placid notes that the EFF has announced Switzerland, a tool for testing if your ISP is interfering with your Net connection (e.g. by resetting BitTorrent transfers). It's command-line only at this point. Of course the tool is FOSS, and you can contribute to it via its SourceForge project. From the announcement: "Developed by the Electronic Frontier Foundation, Switzerland is an open source software tool for testing the integrity of data communications over networks, ISPs, and firewalls. It will spot IP packets which are forged or modified between clients, inform you, and give you copies of the modified packets."

cancel ×

96 comments

Sorry! There are no comments related to the filter you selected.

Somewhere... (4, Funny)

symbolset (646467) | more than 5 years ago | (#24450179)

A dozen Blackberrys are ringing.

Look, Tim. I know it's Saturday but I need you to get to the switching center and shut down project ticktock right away. We're about to have some serious liability issues with it.

After the weekend we can start on a workaround.

cool, just downloaded it (0, Redundant)

Jay Tarbox (48535) | more than 5 years ago | (#24450201)

and am installing Python now and trying to get it running.

Re:cool, just downloaded it (1)

Jay Tarbox (48535) | more than 5 years ago | (#24450283)

Ok, not much luck under windows so far. got an NTP error that I can't get around. Bored now. Moving on.

Re:cool, just downloaded it (3, Informative)

jrwr00 (1035020) | more than 5 years ago | (#24450387)

Python under win32 is a little on the odd side, i got it to work under cygwin python, Charter Com, in St. Louis Missouri, Doesnt Packet Shape, but the DNS Redir to a search engine is annoying.....

Re:cool, just downloaded it (1)

Jay Tarbox (48535) | more than 5 years ago | (#24450615)

thanks. Actually haven't tried anything with cygwin, and it looks very interesting.

Re:cool, just downloaded it (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#24451425)

Ok, not much luck under windows so far. got an NTP error that I can't get around. Bored now. Moving on.

Yes, WIndows bores the shit out of me too. Why don't you try a real operating system instead of that Fischer-Price toy you're using that's designed for the dumb masses? Yes that might mean acquiring some skill, which (oh noes!) may require some reading and some effort. Isn't that scary?

Like most Windows users (I guess it comes from always using the mainstream, not because you have deliberately decided it's the best for your needs but because it's the default, it was there) you give up too easily. I bet you can most definitely get around the NTP error, you just aren't serious when you set out to do something and you don't have the discipline to back it up. I have never once set out to do a task and regretted rising to the challenge of overcoming difficulties. You say that getting this EFF tool to work isn't worthwhile? I say anything new that you learn in the process of getting it to work is more than worthwhile, a bargain in fact.

Re:cool, just downloaded it (0)

Anonymous Coward | more than 5 years ago | (#24458683)

You are twitter and I claim my $5.

Re:cool, just downloaded it (0)

Anonymous Coward | more than 5 years ago | (#24450335)

I'm getting some FastCollector error, it can't find it.

Re:cool, just downloaded it (1)

Lunar_Lamp (976812) | more than 5 years ago | (#24450915)

Try installing libpcap - I used the libpcap0.8-dev package on my Ubuntu Hardy install. (I'm getting a handshake error that I can't get around at the moment though - but that appears to be unrelated to FastCollector/libpcap)

Re:cool, just downloaded it (1)

repvik (96666) | more than 5 years ago | (#24451625)

Looks like their server is having problems. I set up one at apollo.kynisk.com, but it would appear that I need *other* clients too, not just myself. Feel free to try it ;)

HA! (0)

Anonymous Coward | more than 5 years ago | (#24450223)

Ha, why did you just ask your ISP is they are blocking packets?

Re:HA! (5, Funny)

Anonymous Coward | more than 5 years ago | (#24450363)

Hey, who let their cat near the keyboard?

Warning to non-tech people (1, Informative)

La Gris (531858) | more than 5 years ago | (#24450263)

This things require root and I am not knoledgable enough to investigate the source code.
As I have not suitable testing environment, I will have to wait trusting Ubuntu or Debian for a pre-packaged version.

I strongly advice you, non-techy, non-programmer to be patient and wait a bit your Linux distribution or vendor to provide a package.

Re:Warning to non-tech people (5, Interesting)

retroStick (1040570) | more than 5 years ago | (#24450301)

But it's from the Electronic Frontier Foundation! If you can't trust them to be non-evil, who can you trust?

Re:Warning to non-tech people (5, Insightful)

urcreepyneighbor (1171755) | more than 5 years ago | (#24450343)

If you can't trust them to be non-evil, who can you trust?

Completely? No one. Not even yourself.

However, it's likely this tool is relatively safe.

Re:Warning to non-tech people (4, Funny)

Adambomb (118938) | more than 5 years ago | (#24450487)

However, it's likely this tool is relatively safe

so, working in the insurance industry too eh?

Re:Warning to non-tech people (1)

morgan_greywolf (835522) | more than 5 years ago | (#24451023)

Either that or he works in the small legal firm IT department freelancer circuit.

Re:Warning to non-tech people (2, Funny)

Anonymous Coward | more than 5 years ago | (#24450357)

you just got trolled

EFF not trustworthy (-1, Flamebait)

Brett Glass (98525) | more than 5 years ago | (#24451645)

Mod the message above as "Funny!" The EFF is most assuredly not trustworthy. Only a few years ago, the EFF had the ability to halt passage of CALEA, a law which allows wiretapping of not only regular telephone calls but also of VoIP and Internet traffic. Guess what? It told the Senator who was holding up the bill -- Malcolm Wallop -- to go ahead and let it pass. And now we're stuck with a law that requires every ISP to be able to tap your Internet connection without you being able to detect it -- not even with tools like the "Swizzlestick" program described in this article.

EFF also pushed for the FCC to implement "network neutrality" rules, which let bandwidth hogs take over ISPs' networks and slow down your service. Those same rules, which were just put into force on Friday, August 1, 2008 (though the FCC has not published them yet), are likely to force ISPs to begin charging by the bit and charging higher prices. They're also likely to put competitive ISPs out of business, leaving you stuck with a choice of at most two providers: the telephone company and cable company.

Way to go, EFF! Tap our communications, raise our prices, and limit our choices! Surely we can trust your software on our machines.... Not!

Re:EFF not trustworthy (0)

Anonymous Coward | more than 5 years ago | (#24451835)

They're also likely to put competitive ISPs out of business, leaving you stuck with a choice of at most two providers: the telephone company and cable company.

haha what

Re:EFF not trustworthy (4, Informative)

DTemp (1086779) | more than 5 years ago | (#24451881)

There are many errors in perspective/context regarding your arguments, and I'll let someone more eloquent than me list all of them. However, the glaring one I want to point out is your reference to the Comcast ruling this past week.

As with anything, there are ups and downs to a ruling... sure, Comcast may start charging by the bit and so forth. However, the big reason the EFF went after them was because they were forging packets, including the RST packets, and otherwise impersonating users on the bittorrent protocol.

The EFF was never saying they can't use traditional QoS on their network... they're saying companies need to reign in "bandwidth hogs" (as you put it) using protocol-agnostic methods, and they certainly shouldn't be forging any traffic.

Full disclosure: I'm a paid, card-carrying member of the EFF. Just gave them another $15 a week ago.

RST packets (1, Troll)

Brett Glass (98525) | more than 5 years ago | (#24452055)

The use of RST packets to administratively terminate connections goes back more than 15 years. I know, because my ISP has been doing it for that long -- as have many, many others. (The WebSense software has also been doing it for nearly that long.) It's a reasonable and in fact common practice. We started doing it back in the days of dialup... specifically to protect dialup users' privacy. When a dialup user hangs up, it's possible for the next caller on the same line to receive packets, containing private information, intended for the previous caller. So, we set our systems up to send RST packets to anything that was communicating with a dialup user at the time of a hangup. We still do it to this day, and the open source software that does it (it's called Slirp, developed at the University of Canberra in Australia) is still popular.

As for being "protocol-agnostic:" As I have mentioned in another posting, the word "agnostic" means "without knowledge" -- or, to put it another way, "dumb." The more intelligent your bandwidth control mechanism, the better it can handle certain bad actors -- including BitTorrent, which tries to exploit a vulnerability in TCP to seize priority over other applications, including time critical ones.

Apparently, the reason why the EFF got involved in this affair is that its Chairman, one Brad Templeton, happens to be on the Board of Directors of BitTorrent, Inc. IMHO, it is embarrassing and a direct conflict of interest for Brad to make the EFF act in his personal financial interest. They should fire him as Chairman. If they do not, it again shows their lack of ethics in that they are willing to tolerate this direct and blatant conflict of interest.

Re:RST packets (1)

plasmacutter (901737) | more than 5 years ago | (#24452917)

I happen to agree with him, though.

You should not be targetting specific protocols or applications.

Also, i've had, and continue to have, RST forgeries on my comcrap account on time-sensitive, legitimate traffic to blizzard's servers.. usually when im about to heal the tank in an instance.

It's time to find a new QOS solution, because this one has gone from necessary to abused.

Re:RST packets (1)

Brett Glass (98525) | more than 5 years ago | (#24453883)

If an application abuses the network, it is reasonable to target it. P2P, in particular, is used to shift the costs of distributing content from the content provider to an ISP. And because bandwidth is more expensive at the edge of the network than at a server farm, the cost is not only shifted but multiplied. ISPs have the right to stop costs from being dumped upon them, and therefore have the right to throttle, block, and/or prohibit P2P. If they can't, your bill will have to go up, because the ISP has to at least break even to keep providing you with service.

Re:RST packets (1)

Peaker (72084) | more than 5 years ago | (#24456711)

If the ISPs cannot handle P2P users, then they should explicitly make this known when they give the service.

They shouldn't promise a service they cannot actually give.

Also, their problem is the bandwidth used, not the protocol - so why don't they just place bandwidth limits on users, or sell bandwidth?

ISPs and P2P (1)

Brett Glass (98525) | more than 5 years ago | (#24457643)

It's not true that ISPs "can't handle" P2P; it's just that it dumps huge costs on them. They have to prohibit it and/or charge more if it's done.

Re:RST packets (1)

alexgieg (948359) | more than 5 years ago | (#24457267)

ISPs have the right to stop costs from being dumped upon them, and therefore have the right to throttle, block, and/or prohibit P2P.

They have the right to stop costs from being dumped upon them, yes. They don't have the right to block an user from using the connection whatever way he wants. That right coupled to this non-right means they have in fact the right to pass costs to the user. And that's it. Don't block him, just charge him for his actual usage. Result: those using P2P pay more, those not using P2P pay less. Simple and perfectly fair for all parts involved.

Paying more to use P2P (1)

Brett Glass (98525) | more than 5 years ago | (#24457623)

You can bet that the same lobbyists who went after Comcast at the FCC would be all over them -- again -- if they charged P2P users more, even though that's a fair thing to do. But if one does charge P2P users more, there's the matter of how to do this. Should all connections be metered by the bit? Users overwhelmingly do not want this, and it seems unfair to do it just because a few other folks are bandwidth hogs. The other alternative is to have two rates: one for a connection on which P2P is prohibited and blocked and a higher one for a connection which allows P2P. This is what my own ISP does, in fact. We prohibit P2P on residential class connections but not on business class connections. The rate we charge for business class connections allows for the possibility that it will be saturated 100% of the time, and is sufficient to let us break even if that happens. But will the lobbyists come after us next?

Re:Paying more to use P2P (1)

alexgieg (948359) | more than 5 years ago | (#24458729)

My preference is for metering by the bit. This would lead ISPs to provide as much bandwidth to their users, and to as many users, as materially possible, instead of the layered system we have nowadays. After all, more bandwidth = a more enjoyable online experience = more time spent in front of computer downloading and uploading = more profits.

There's no reason to treat bits differently from, say, electricity, gas or plumbing. It's a commodity. Use more, pay more. Short on money? Use less, pay less. REALLY short on money? Unplug your computer, use zero, pay zero.

Re:Paying more to use P2P (1)

plasmacutter (901737) | more than 5 years ago | (#24461089)

My preference is for metering by the bit. This would lead ISPs to provide as much bandwidth to their users, and to as many users, as materially possible, instead of the layered system we have nowadays. After all, more bandwidth = a more enjoyable online experience = more time spent in front of computer downloading and uploading = more profits.

what a crock.

If they charged by the bit you bet your life they'll charge a lot more than they do now. For an example of metering applied to a service which, unlike your examples, are NOT utilities whose prices are heavily regulated by the government, see: american cellular providers.

Only the wealthy will have "free access" to the internet under such a regime. Those who actually have to budget monthly will avoid places like youtube, MMORPGs, xbox live, netflix, etc...

You want to say "but they do it abroad", no they dont. the lighter service packages have bandwidth limits, but they're pretty high, then they throttle the connection. This is different from "charging by the bit". The bill stays the same when they go over.

Re:Paying more to use P2P (2, Insightful)

alexgieg (948359) | more than 5 years ago | (#24464603)

If they charged by the bit you bet your life they'll charge a lot more than they do now.

Nope. In fact, anywhere I can find a service under a "pay as you go" system, I subscribe to it instead of to the seemingly "cheaper" layered system provided by other companies. And guess what? In all cases I invariably end up paying less monthly than in the cheapest "fixed price" service provided by a competitor, all coupled to an absolutely outstanding service, since it's in the interested of a pay-as-you-go service provider that you use more of its services, not less, so they keep their customer service top notch.

For an example of metering applied to a service which, unlike your examples, are NOT utilities whose prices are heavily regulated by the government, see: american cellular providers.

A bad example. Cellular providers are a regulated market. A company bids for monopolistic rights at a frequency band, wins, and gets to do whatever the hell he wants. Bands are limited in number, thus you can only have a fixed amount of service provider. End result: a cartel, and mafia-level prices.

If anyone could build cellular antennas and tap into a frequency to provide unregulated services, do you really think a situation like this would have developed? It would be trivial to develop a protocol to make such a shared setup work, then open the frequencies to any application. Government got greedy though ("What? To let people use RF without artificial impediments? Without big-friendly-corpTM paying us billions for the privilege? ARE YOU CRAZY?!?"), and the result is what you see.

Re:RST packets (1)

threat_or_menace (746325) | more than 5 years ago | (#24473477)

> ISPs have the right to stop costs from being dumped upon them, and therefore have the right to throttle, block,
> and/or prohibit P2P. If they can't, your bill will have to go up, because the ISP has to at least break even to
> keep providing you with service.

My ISP has a contract with me. They promised a service for a length of time, and are obliged to provide it. We can renegotiate when the contract is up.

I'm currently guaranteed service at 1500 inbound / 384 outbound which is unlimited, good 24/7/30 days. I actually doublechecked when I signed up: unlimited, sez I, you're not going to get twitchy around torrent traffic? If my ISP at the office started bitching because I was using my T1 both up and downstream, I'd laugh at them. If they tried to change the contract terms early, again, I'd laugh at them.

If Comcast or whoever have a contract with you, they are obliged to honor it. Or be liable for class-action damages. If they made a bad contract, that does not give them the right to change their terms partway through. If it did, no one would worry about signing a mortgage, would they?

Meanwhile, if you find your ISP is a cable co, and they're fucking with you, I highly recommend you look into the tools outlined here if for some reason you must stay with them (no other service available?)

Otherwise, based on the abstract below and the generally abysmal security performance of cable as a secure delivery system for anything, I would recommend you cancel your contract with them. This talk will be being given at Defcon this week, but the tools and some of the how-to are already out in the universe.

Sniffing Cable Modems

Guy Martin

Cable modems are widely used these days for internet connections or other applications. This talk gives a detailed overview of this mean of communication with a focus on its security.

DOCSIS (Data Over Cable Service Interface Specification) is currently the most used protocol around the world for providing internet over TV coaxial cable. Due to its nature, this protocol can easily be sniffed by taping onto the TV cable using a digital TV card. By doing this, you can not only sniff your own connection but all the connections of the entire neighborhood. With my tool packet-o-matic and an inexpensive DVB-C card, countless things are possible ranging from dumping people's email into maildir to removing firewall rules and quota limitation on your connection or even a DoS of all HTTP communications by injecting TCP reset packets.

Re:RST packets (1)

burdock (1251938) | more than 5 years ago | (#24456759)

I was hoping Comcast would make BitTorrent the killer app for popular adaptation of IPsec. There is a solution to the problem of TCP packet forgery. We should be using it. With BitTorrent there is even a suitable trusted central authority for key exchange; everyone trusts the tracker. Keys could be transitory (per swarm) or permanent (if desired) for registered users.

Re:EFF not trustworthy (1)

Anonymous Coward | more than 5 years ago | (#24451923)

Network neutrality just means that they can only block bandwidth hogs by the bandwidth they use, not the type of traffic they use.

If you happen to use live linux cds and have comcast, you can see exactly why they need network neutrality. The only way to get them close to release time is via bittorrent since the ftp/http mirrors are either out of date or user capped.

Behavior is as important as bandwidth (1, Interesting)

Brett Glass (98525) | more than 5 years ago | (#24451995)

OK, this is somewhat of a network techie/geeky thing, but you can hog the network even if your bandwidth is capped. This is due to a flaw in TCP, which does very weak, per-flow congestion avoidance. Suppose one user is running a single download at X bits per second. A second has 100 streams going, each with 1/100th of the bandwidth (or X/100). Which one gets priority if the network gets congested? The second -- by a factor of 100! BitTorrent, which is used for downloads that are not time critical, seizes priority over other traffic such as VoIP, which really needs real time performance. What's more, the streams for which it seizes priority use large packets because they are downloads. The large packets, in turn, create jitter, which really messes up VoIP. The same is true for gaming. So, ISPs are doing the right thing when they throttle BitTorrent and keep it from opening up too many streams. And if they recognize that the thing that's hogging the bandwidth is BitTorrent, they can do so gracefully. They can undo the attempt to seize priority and mete out the bandwidth appropriately. If they are forced to be "protocol agnostic" (the word "agnostic" means "without knowledge;" in other words, their bandwidth limiter is not able to recognize exactly what's causing the problem), they can't use a strategy that's carefully tailored to the problem. So, the networking management can't be as good, and all users suffer. That's what the Sandvine appliance does. It "prunes" the number of streams started by BitTorrent down to a manageable level. It doesn't stop it altogether, but it keeps it from interfering with others by exploiting a vulnerability in the protocol.

Re:Behavior is as important as bandwidth (4, Insightful)

causality (777677) | more than 5 years ago | (#24452353)

OK, this is somewhat of a network techie/geeky thing, but you can hog the network even if your bandwidth is capped. This is due to a flaw in TCP, which does very weak, per-flow congestion avoidance. Suppose one user is running a single download at X bits per second. A second has 100 streams going, each with 1/100th of the bandwidth (or X/100). Which one gets priority if the network gets congested? The second -- by a factor of 100! BitTorrent, which is used for downloads that are not time critical, seizes priority over other traffic such as VoIP, which really needs real time performance. What's more, the streams for which it seizes priority use large packets because they are downloads. The large packets, in turn, create jitter, which really messes up VoIP. The same is true for gaming. So, ISPs are doing the right thing when they throttle BitTorrent and keep it from opening up too many streams. And if they recognize that the thing that's hogging the bandwidth is BitTorrent, they can do so gracefully. They can undo the attempt to seize priority and mete out the bandwidth appropriately. If they are forced to be "protocol agnostic" (the word "agnostic" means "without knowledge;" in other words, their bandwidth limiter is not able to recognize exactly what's causing the problem), they can't use a strategy that's carefully tailored to the problem. So, the networking management can't be as good, and all users suffer. That's what the Sandvine appliance does. It "prunes" the number of streams started by BitTorrent down to a manageable level. It doesn't stop it altogether, but it keeps it from interfering with others by exploiting a vulnerability in the protocol.

There is a very simple, non-technical argument against all of this. I pay my ISP for a certain amount of bandwidth. This connection is not metered in any way, other than having a limit to the total amount of bandwidth available at any one time. It is an "unlimited" plan. It suited my ISP to offer this deal, and it suited my needs to accept and purchase it. Other users of this ISP have similar if not identitcal arrangements. Whether it's BitTorrent, running an FTP server, real-time video, or whatever, the principle here is that if anything that another unrelated user does can reduce the quality of my connection, then my ISP has failed because they have oversold their capacity. Everything you said about how multiple BitTorrent streams greatly increase the latency of applications like VoIP is quite reasonable, if you are talking about MY bittorrent client causing latency for MY VoIP client, but that is not what we were discussing.

Now, if ISPs decide they want to meter their connections (say, by the megabyte or gigabyte), or that they won't carry certain types of traffic, then let them announce this to their customers. If their customers decide they want to continue paying for this, great. If they don't, too bad. But what is happening right now, where ISPs want to sell "unlimited" connections and then surreptitiously place limits on them and screw around with my traffic to conceal the fact that they are overselling their capacity (and/or refuse to upgrade their equipment) is unacceptable. This is unacceptable whether TCP fails to manage this type of network congestion, whether BitTorrent really is a bandwidth hog, whether an RST is a good way to deal with that, blah blah -- you're getting caught up in minutia and missing the real point. Saying "you're free to use this connection as you please ... oh, unless you use an application we don't like, then we'll sanction you" is hypocritical the same way that saying "you have the right to free speech ... oh, unless you say something we don't like" is hypocritical.

Re:Behavior is as important as bandwidth (0, Troll)

Brett Glass (98525) | more than 5 years ago | (#24452419)

This is not only a non-technical argument, but a fallacious one. No ISP offers "unlimited" bandwidth or throughput, and all have terms of service which limit what you can do with it. And this is a good thing. You shouldn't be allowed to degrade others' service or hog bandwidth. If your ISP does so, then it's being negligent.

Re:Behavior is as important as bandwidth (1)

causality (777677) | more than 5 years ago | (#24458037)

This is not only a non-technical argument, but a fallacious one. No ISP offers "unlimited" bandwidth or throughput, and all have terms of service which limit what you can do with it. And this is a good thing.

I said it was unmetered. That's not the same thing as unlimited bandwidth/throughput, which is why I don't get 10,000,000 gigabytes per second. There is a reason why I put "unlimited" in quote marks in my previous post; the term has a well-known meaning within this industry (particularly for someone who has worked in it as you alluded to in your discussion of Slirp), and trying to act right now like you didn't/couldn't have known my meaning is a sorry excuse for a real line of reasoning. There are indeed terms of service; this allows my ISP to cut my connection if I ever became a spammer or any crap like that which I have no intention of ever doing. Nowhere in the ToS does it say I cannot use BitTorrent or any other protocols for that matter. That's what I mean when I say that if they want to throttle or forbid certain traffic types, let them do so openly and not covertly by forging packets. Doing it covertly says to me that they know it's not a perfectly valid practice, that they are afraid of everyone knowing that they do it.

You shouldn't be allowed to degrade others' service or hog bandwidth.

I have a certain amount of bandwidth. Let's say it's 10 mbit/sec downstream, 2 mbit/sec upstream. Those aren't the actual numbers, but they'll work for our purposes here. That means my ISP has agreed to let me use up to 10 mbit/sec to download data. Guess what? I'm going to use it. If using the 10 mbit/sec they have agreed to provide to me can possibly degrade the server of another, unrelated user, that would mean that my ISP has oversold their capacity, or that they need to upgrade their equipment, or have otherwise failed to do a good job. None of these things are my fault, so resolving them by screwing with my connection is unjust. The particular zeroes and ones I am receiving at the 10 mbit/sec I paid for are completely irrelevant and I suspect that you know this. This is all so childishly simple I really can't understand the basis of your argument. You seem like you have decided to be an ISP apologist first and to worry about the actual facts and reasoning second. You'd do well in the PR arena, but trying to distract me from a very simple principle by bringing up irrelevant details is simply not going to work, whether you yourself actually believe what you are saying or not.

Re:Behavior is as important as bandwidth (1)

Meski (774546) | more than 5 years ago | (#24461891)

You agreed to your AUP. If that says you can't do that, and you do, you've got to accept the consequences[1]. It doesn't have *anything* to do with free speech. BitTorrent shouldn't try and download that copy of BayWatch you absolutely *must* have using all of the ISP that it can grab. It should accept that it is low priority that this download happens.

[1] bandwidth shaping, account cancellation, whatever.

Re:Behavior is as important as bandwidth (1)

causality (777677) | more than 5 years ago | (#24475333)

You agreed to your AUP. If that says you can't do that, and you do, you've got to accept the consequences[1]. It doesn't have *anything* to do with free speech. BitTorrent shouldn't try and download that copy of BayWatch you absolutely *must* have using all of the ISP that it can grab. It should accept that it is low priority that this download happens.

I mentioned free speech at all only as an analogy. I said that saying "you have the right to free speech ... oh, unless you say something we don't like" is hypocritical, which is true. I likened that to an ISP that has a user agreement which does not forbid any protocols or any forms of traffic, and then having that ISP covertly forge packets in order to forbid protocols or forms of traffic that they don't like, which is also hypocritical. The correct, non-hypocritical way for an ISP to proceed is either to keep the user agreement the same and never screw with users' traffic, or, openly spell out in the user agreement what they will and will not allow and follow it to the letter.

Whether I enjoy it or not, and I don't, I am forced to conclude that either you're dense and you sincerely believe that I was claiming that this is a free speech issue or you are deliberately using a straw man argument. Unfortunately, I've yet to see anyone in this thread try to contend against my reasoning who can do so without either misrepresenting what I say or succumbing to straw man-type fallacies. That's too bad.

Re:Behavior is as important as bandwidth (1)

Meski (774546) | more than 5 years ago | (#24476075)

I mentioned free speech at all only as an analogy. I said that saying "you have the right to free speech ... oh, unless you say something we don't like" is hypocritical, which is true. I likened that to an ISP that has a user agreement which does not forbid any protocols or any forms of traffic,

Hmmm, let's call them Strawman Data ISP Inc. I've never seen an ISP that doesn't forbid some protocols or forms of traffic.

and then having that ISP covertly forge packets in order to forbid protocols or forms of traffic that they don't like, which is also hypocritical. The correct, non-hypocritical way for an ISP to proceed is either to keep the user agreement the same and never screw with users' traffic, or, openly spell out in the user agreement what they will and will not allow and follow it to the letter.

Or, perhaps, to ignore requests by bitTorrent for increased priority.

Whether I enjoy it or not, and I don't, I am forced to conclude that either you're dense and you sincerely believe that I was claiming that this is a free speech issue or you are deliberately using a straw man argument.

Me using a strawman? I wasn't the one drawing the analogy.

Re:Behavior is as important as bandwidth (1)

causality (777677) | more than 5 years ago | (#24476481)

I mentioned free speech at all only as an analogy. I said that saying "you have the right to free speech ... oh, unless you say something we don't like" is hypocritical, which is true. I likened that to an ISP that has a user agreement which does not forbid any protocols or any forms of traffic,

Hmmm, let's call them Strawman Data ISP Inc. I've never seen an ISP that doesn't forbid some protocols or forms of traffic.

I never made the claim that there was something wrong with forbitting some protocols or forms of traffic. I said that if the ISP is going to do this, let them do it openly. If they are going to do this openly, there is no need to forge anything. Forging packets to conduct a man-in-the-middle attack to reset connections covertly, when the user agreement does not mention this, is what I have a problem with. So, pointing out that an ISP might forbid traffic is silly and proves nothing; the entire discussion is about the method by which this is done and why more honest methods aren't being used.

Whether I enjoy it or not, and I don't, I am forced to conclude that either you're dense and you sincerely believe that I was claiming that this is a free speech issue or you are deliberately using a straw man argument.

Me using a strawman? I wasn't the one drawing the analogy.

Using an analogy does not automatically make something a straw man; in fact that's not even part of the definition [wikipedia.org] . Misunderstanding my use of an analogy so that you can misrepresent my argument makes it a straw man. Continuing to do so after I have clarified my meaning only strenghtens my conclusion that either you're dense or you're doing this deliberately. It's not like my original analogy was ambiguous to begin with.

Wait, I called you dense. I suppose now you're going to respond to me and say "but ratio of mass to volume has NOTHING to do with Internet service providers!" It would make about as much sense as the way you interpreted my analogy.

Re:Behavior is as important as bandwidth (1, Informative)

Anonymous Coward | more than 5 years ago | (#24452723)

OK, this is somewhat of a network techie/geeky thing, but you can hog the network even if your bandwidth is capped.

This issue isn't about capping, it's about fair-queuing.

This is due to a flaw in TCP, which does very weak, per-flow congestion avoidance.

No, this is due to a limitation in TCP. But that isn't the point. You are presenting a strawman argument, namely that "neutrality" means relying upon users to play nice (i.e. no fair-queuing). While using such a strawman would probably gain traction in a non-technical forum, it isn't going to get you very far here.

BitTorrent, which is used for downloads that are not time critical, seizes priority over other traffic such as VoIP, which really needs real time performance.

That's what the IPTOS_* bits in the IP header are for. Of course, you need to provide some incentive for users not to automatically request improved ToS just for the sake of it, and to request minimize-cost for bulk transfers, but that's easy enough to build into the fair-queuing weights.

What's more, the streams for which it seizes priority use large packets because they are downloads. The large packets, in turn, create jitter, which really messes up VoIP.

The same is true for most TCP traffic, including HTTP (and, in fact, just about everything except interactive telnet or ssh). This isn't specific to BitTorrent. If the server is trying to send a chunk of data larger than the MTU, it's going to try to use MTU-sized packets.

So, ISPs are doing the right thing when they throttle BitTorrent and keep it from opening up too many streams.

No they aren't. They're either just being lazy (can't be bothered to implement fair-queuing), or they're discriminating against BitTorrent for other reasons. E.g. because although they advertise a 100GB/mo quota, anyone who tries to actually use it is treated like a cheat.

In the event of contention, the "right thing" is to simply share bandwidth fairly. When there is more than one packet in the queue, you give higher priority to packets belonging to users with lower recent bandwidth usage. The end result is that users who don't ask for much get everything they ask for while those who ask for a lot get whatever you can manage.

The bottom line is that my money is as good as anyone else's, and I expect to get the same amount of bandwidth as anyone else who is paying the same rates. Whether I want to use that bandwidth for BitTorrent, web browsing, gaming or VoiP is my business, and not yours. 1Mbit/s is 1Mbit/s, whether it's over a single 1Mbit/s TCP connection, 100x 10Kbit/s connections or, for that matter, a continuous barrage of UDP packets. The bandwidth is the same, the jitter is the same (667 packets/sec @ 1500 bytes/packet is the same whether it's on one connection or many).

Message above modded down because it was TRUE (-1, Offtopic)

Brett Glass (98525) | more than 5 years ago | (#24462079)

Interesting how the message above was moderated into invisibility because it mentioned some inconvenient truths.

Re:Warning to non-tech people (1)

JuggleGeek (665620) | more than 5 years ago | (#24453345)

The EFF is opposed to laws against spam, opposed to black lists to avoid spam, etc. They claim spam is free speech. They are on the spammers side. They are evil.

Damn straight.... (0)

Anonymous Coward | more than 5 years ago | (#24450461)

Definitely! We all know that they fight for stupid, commy, hippy, un-American things like he First and Forth Amendment, curbing Government and corporate power, etc.....

I wouldn't want them anywhere near my God fearing American machine!

Re:Damn straight.... (2, Funny)

digitig (1056110) | more than 5 years ago | (#24450821)

Forth Amendment

I thought the code was Python...

Easy peasy (1)

HalAtWork (926717) | more than 5 years ago | (#24450511)

Just use it from a LiveCD (with HDDs unplugged or controllers disabled) or run it in Qemu :)

Re:Warning to non-tech people (5, Informative)

interiot (50685) | more than 5 years ago | (#24450691)

Yeah, all tools that do tcpdump/Wireshark-style packet inspection require root (you don't want normal user programs sniffing everything). It's true that it's alpha quality code that does TCP communications, so it's a good idea to not leave it running all the time, and/or wait until a beta version has been released.

A bigger issue is that some of your sniffed packets are sent in the clear to EFF, so 1) it's possible that a third party could sniff those few packets (but it's only a handful of packets, but it could still cause problems, and 2) if you use EFF's server, you have to trust EFF with the handful of sniffed packets you send them (but you can run your own server). It's too complicated to summarize in a few sentences, see the README.txt in the package.

They do say they'll fix the issue that third parties could sniff your packets though (by doing the obvious thing and encrypting them between endpoints), so again, waiting for a later version might be a good idea.

Debian (1)

KwKSilver (857599) | more than 5 years ago | (#24451419)

Not in debian unstable ... or experimental, yet.

Re:Warning to non-tech people (0)

Anonymous Coward | more than 5 years ago | (#24451511)

Thanks for proving to me again that women are stupid and have no idea what they talk about most times. Thanks! (A comma killed my parents)

Re:Warning to non-tech people (1)

kv9 (697238) | more than 5 years ago | (#24451529)

This things require root and I am not knoledgable enough to investigate the source code.

paranoid much?

As I have not suitable testing environment, I will have to wait trusting Ubuntu or Debian for a pre-packaged version.

install it in a VM. why do you trust the noobuntuan devs more than EFF? do you even know what EFF is?

I strongly advice you, non-techy, non-programmer to be patient and wait a bit your Linux distribution or vendor to provide a package.

thanks.

Re:Warning to non-tech people (3, Insightful)

irc.goatse.cx troll (593289) | more than 5 years ago | (#24451877)

Debian's not exactly the most trustable team considering they INTRODUCED a bug into what I'd consider the most important to security package there is(OpenSSL).

When the people who are responsible for verifying the security of a package add their own exploit, and nobody finds it for many months of heavy use.. you sort of just tore down your web of trust.

What? (4, Funny)

gparent (1242548) | more than 5 years ago | (#24450427)

I thought Switzerland was a country!

Re:What? (3, Funny)

mixmatch (957776) | more than 5 years ago | (#24450453)

And I thought windows were holes in walls.

close... (5, Funny)

Anonymous Coward | more than 5 years ago | (#24450499)

Windows are holes in walls or computers.

Re:close... (1)

AceofSpades19 (1107875) | more than 5 years ago | (#24450543)

windows aren't computers either computer != os

Re:close... (0)

Anonymous Coward | more than 5 years ago | (#24450547)

woosh

Re:close... (1)

Chris Acheson (263308) | more than 5 years ago | (#24451393)

holes in (walls or computers)

not:

(holes in walls) or computers

Re:close... (0)

Anonymous Coward | more than 5 years ago | (#24452059)

holes in (walls or computers)

not:

(holes in walls) or computers

Fuck you faggot.

Re:close... (1)

RealGrouchy (943109) | more than 5 years ago | (#24453201)

In Switzerland, does the cheese have windows?

- RG>

Re:What? (0)

Anonymous Coward | more than 5 years ago | (#24450467)

I thought Switzerland was a country!

It is. But I think the name here is a reference to the cheese from that country. Because there's lots of holes. And it's a security tool. So it's attempting to detect those holes. Or something. It's obviously a very clever play on words by the EFF.

Or it might have something to do with that whole 'neutrality' thing. But I'm betting on the cheese...

and privacy (0)

Anonymous Coward | more than 5 years ago | (#24451553)

Switzerland is known for neutrality and *privacy*.

Re:What? (1)

gparent (1242548) | more than 5 years ago | (#24451581)

Yeah, I bet it's related to neutrality of Switzerland myself.

Re:What? (1)

pjt33 (739471) | more than 5 years ago | (#24450881)

It is. So it's a stupid name for the project, because it makes it harder to search for it. When will people learn that unique names make you easier to find?

Re:What? (1)

Jeff DeMaagd (2015) | more than 5 years ago | (#24451085)

It is. So it's a stupid name for the project, because it makes it harder to search for it. When will people learn that unique names make you easier to find?

It may be a lame name, but I don't think for that reason. I don't think your reason is a problem.

It is item #2 in a search for "switzerland ISP", #1 for "switzerland packet", #1 "switzerland interference", #1 for "switzerland software". The keyword phrases are entered into Google without the quotes.

Re:What? (1)

gparent (1242548) | more than 5 years ago | (#24453339)

It is.

Yes... I know. It was a joke, thus why it was rated funny.

Re:What? (1)

pjt33 (739471) | more than 5 years ago | (#24454143)

You must be new here. When you have a comment, you search for the highest post you can sensibly reply to, to maximise visibility. As in so many aspects of /., cynicism rules.

Re:What? (1)

gparent (1242548) | more than 5 years ago | (#24454457)

Sadly I'm not new here. So your comment fails. :)

Re:What? (0)

Anonymous Coward | more than 5 years ago | (#24454869)

Must be because the program was released on our national holiday (1st of August).

Cf. http://en.wikipedia.org/wiki/National_Day#S [wikipedia.org]

"1291 - The Swiss Confederation is formed with the signature of the Federal Charter." on http://en.wikipedia.org/wiki/August_1 [wikipedia.org] is just a myth, though.

The download link (5, Informative)

Exanon (1277926) | more than 5 years ago | (#24450451)

Re:The download link (2, Funny)

BlueCollarCamel (884092) | more than 5 years ago | (#24450689)

Hey, that's me!

Re:The download link (2, Funny)

neokushan (932374) | more than 5 years ago | (#24452921)

If I wasn't so lazy, I'd flame you.

Re:The download link (4, Informative)

geirt (55254) | more than 5 years ago | (#24450777)

This is going to change fast so it might be a good idea to download directly from the repository:

svn co https://switzerland.svn.sourceforge.net/svnroot/switzerland [sourceforge.net] switzerland

Enjoy!

Re:The download link (0)

Anonymous Coward | more than 5 years ago | (#24451221)

Or if you use git (bidirectional):

git-svn clone https://switzerland.svn.sourceforge.net/svnroot/switzerland [sourceforge.net] -T trunk -b branches -t tags

Meta? (1)

Mateo_LeFou (859634) | more than 5 years ago | (#24455321)

hm... my svn co reported host not found
Is the repos /.ed?
Or is my ISP helpfully filtering -- ahem -- suspicious traffic for me?

From the Install ReadMe (4, Informative)

cwtrex (912286) | more than 5 years ago | (#24450539)

Switzerland is alpha software. Remarkably, it runs on lots of different operating systems (we've seen it work on Linux, OS X, BSD and Windows XP), but because it's alpha software we can't promise that it's easy to install on all of these operating systems. We're looking for volunteers to help with a Windows installer!

So for those looking for an easy install in Windows, you won't find it yet. Seems like cgywin under Windows XP is indeed the way to go.

Re:From the Install ReadMe (1)

neuron2neuron (1080375) | more than 5 years ago | (#24452049)

So... the fact I had it running in windows, fairly easily, yesterday morning (and then i wrote an article about it here [torrentfreak.com] ) despite not exactly being a code monkey (to be honest, I find those that have the time for all that, should find a proper use for their time) and yet it works great.

Re:From the Install ReadMe (1)

cwtrex (912286) | more than 5 years ago | (#24452167)

Nice article, but it doesn't explain how to get the program up and running in a few minutes like a Windows installer and an icon on the desktop would do. I'm assuming what you did to get it up and running took more than 5 minutes?

Also, after reading a few of the posts with those that DID have difficulty, those that used cgywin as I stated earlier did not have issues with it. Those that tried to follow the directions for windows without using cgywin DID encounter issues such as this guy. [slashdot.org]

Kudos for the article and getting it to work under windows yourself though. :)

Re:From the Install ReadMe (1)

Spamalope (91802) | more than 5 years ago | (#24453611)

Still trying to get it going under Cygwin. You'll need a libcap, WinPcap seems to be the ticket. This is a wiki describing the install [carbou.free.fr] Download WinPcap here. [winpcap.org]

More free days as not in beer... (0)

Anonymous Coward | more than 5 years ago | (#24450713)

Yeah and this on the 2. August. Maybe now we will get 2 days off one for Switzerland's birthday and the other for Switzerland's birthday. I am all for less work.

Testing (0)

Anonymous Coward | more than 5 years ago | (#24450771)

Running fine for me on a Debian VM however im getting lots of spam and nothing seems to be happening!

Listening for traffic with peers: 24.24.94.110*
Peer 82.5.36.143 has disconnected
Peer 24.24.94.110 has disconnected
Listening for traffic with peers: 68.149.183.24*
Listening for traffic with peers: 74.95.113.201*
Peer 74.95.113.201 has disconnected
Peer 76.10.186.206 has disconnected
Listening for traffic with peers: 24.24.94.110*
Peer 24.24.94.110 has disconnected
Listening for traffic with peers: 76.172.207.233*
Peer 76.172.207.233 has disconnected
Listening for traffic with peers: 76.172.207.233*
Listening for traffic with peers: 208.65.90.32*
Peer 208.65.90.32 has disconnected
Listening for traffic with peers: 82.158.26.94*
Peer 68.145.182.69 has disconnected
Peer 82.158.26.94 has disconnected
Peer 96.13.233.235 has disconnected
Listening for traffic with peers: 24.24.94.110*
Peer 24.24.94.110 has disconnected
Peer 74.245.115.130 has disconnected
Listening for traffic with peers: 79.2.240.120*
Peer 79.2.240.120 has disconnected
Listening for traffic with peers: 82.158.26.94*
Peer 82.158.26.94 has disconnected
Listening for traffic with peers: 24.24.94.110*
Listening for traffic with peers: 74.95.113.201*
Listening for traffic with peers: 24.91.53.178*

mehh (4, Funny)

binarybum (468664) | more than 5 years ago | (#24450863)

I'm working on a much more straightforward app that will be nearly as accurate on a large scale - it just scans your ip address and matches it against a list of known comcast ip classes - a hit means you're being throttled!

Re:mehh (0, Redundant)

v1 (525388) | more than 5 years ago | (#24450919)

does this deal with throttling, (delaying packets) or with modifying traffic? (forging RST etc) From what I read it doesn't care about how long your packets take to get there.

Re:mehh (2)

aztektum (170569) | more than 5 years ago | (#24451961)

Sadly I can't really laugh at this. I live in Portland, OR. I use to not have a problem, when Ubuntu 8.04 was out, my torrent for that was blazing. I tried to download the updated disc image (mostly to see if Comcast had started to pull their shenanigans) and it starts out blazing then begins to peter out to 10-15k/s

Dicks

Dictionary words make bad project names (3, Insightful)

puusism (136657) | more than 5 years ago | (#24451103)

It is often a bad idea to select a project name that is a common dictionary word. It makes the project almost ungooglable and also dilutes the original meaning of the name -- I wonder if the nation of Switzerland wants to be associated with this piece of software. The global English dictionary namespace isn't running out yet, so we don't need to start reusing words.

Re:Dictionary words make bad project names (1, Insightful)

Anonymous Coward | more than 5 years ago | (#24451287)

I keep hearing people say this but yet no one ever suggests an alternative name, or fails completely at seeing the overwhelming number of projects/products with common names. And of course names like Snargleblad or some other BS are oh so easy to remember.

Ever think maybe that Switzerland was chosen for a reason? Perhaps because it is NEUTRAL??? As should be the internet, and this tool helps to determine if you ISP is in fact neutral regarding traffic management.

Re:Dictionary words make bad project names (2, Funny)

Anonymous Coward | more than 5 years ago | (#24451469)

Alright. How about the "Comcastrator"?

Re:Dictionary words make bad project names (0)

Anonymous Coward | more than 5 years ago | (#24452635)

I prefer "ComCastro". Just my opinion though.

Re:Dictionary words make bad project names (1)

Opportunist (166417) | more than 5 years ago | (#24454557)

Ohhhhh, I really, really like that one. Snappy, witty and most of all easy to google!

Re:Dictionary words make bad project names (1)

Ash-Fox (726320) | more than 5 years ago | (#24451765)

I keep hearing people say this but yet no one ever suggests an alternative name

Britney Spears secret sex scene.WMV.exe

Re:Dictionary words make bad project names (1)

Peter Eckersley (66542) | more than 5 years ago | (#24456863)

It is often a bad idea to select a project name that is a common dictionary word. It makes the project almost ungooglable and also dilutes the original meaning of the name -- I wonder if the nation of Switzerland wants to be associated with this piece of software. The global English dictionary namespace isn't running out yet, so we don't need to start reusing words.

Yes, this is a fair point and we talked about changing the name before launch for this reason. But despite a lot of brainstorming, we couldn't think of a better name. If you want to search for Switzerland, add a word like "eff" or "isp" or "packet" or "network" to your google search. Maybe if we're successful enough we'll end up on the first page of results for a simple "switzerland" search at some point.

In Soviet Russia... (0)

Anonymous Coward | more than 5 years ago | (#24451131)

DNS requests forge themselves.

Nice name for a tool actually.

Disclaimer: I'm swiss

will they catch me?? (1)

BrentRJones (68067) | more than 5 years ago | (#24451497)

I have been ordering stuff from Red China over the Internet and paying with $ dollars.

Along the same lines... (4, Informative)

NewbieV (568310) | more than 5 years ago | (#24451785)

There are a few packages available on the Network Neutrality Squad's website [nnsquad.org] :

(These were mentioned on Slashdot a little while back)

ttestx01 - spoon feed on ubuntu (1)

slack_prad (942084) | more than 5 years ago | (#24456883)

svn co https://switzerland.svn.sourceforge.net/svnroot/switzerland switzerland
cd switzerland
<run everything below as root>
python setup.py install
apt-get install python-scapy
apt-get install python-psyco
apt-get install ntp
/etc/init.d/ntp stop
ntpdate-debian
reboot
switzerland-client

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>