Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

EFF Releases Software to Spot Net NonNeutrality

kdawson posted more than 6 years ago | from the reset-this dept.

Privacy 73

DanielBoz writes in with word of the EFF's new initiative to help consumers detect if their ISP is spoofing packets. From the press release: "In the wake of the detection and reporting of Comcast Corporation's controversial interference with Internet traffic, the Electronic Frontier Foundation has published a comprehensive account of Comcast's packet-forging activities and has released software and documentation instructing Internet users on how to test for packet forgery or other forms of interference by their own ISPs."

cancel ×

73 comments

Oblig. (1)

morgan_greywolf (835522) | more than 6 years ago | (#21518973)

Candygram!

[pause]

Wireshark!

If it's Comcast... (4, Funny)

Nova Express (100383) | more than 6 years ago | (#21519007)

...how will the software tell the difference between traffic shaping and Comcast's usual crappy service?

Re:If it's Comcast... (4, Interesting)

faloi (738831) | more than 6 years ago | (#21519083)

Because the shaped packets coming from Comcast will get to the application more promptly than regular traffic. Traffic generated outside of Comcast will still take half of forever to arrive, if they arrive at all.

Re:If it's Comcast... (2, Informative)

Discordantus (654486) | more than 6 years ago | (#21520323)

Remember, though: Comcast isn't doing packet shaping. They are sending RST (reset) packets, essentially "hanging up" the connection, pretending to be the server you are talking to.

To detect this, simply scan all the RST packets that come in, and try to detect a pattern of forgery. This is easier, of course, if you can ask the server if the RST packet was real.

Re:If it's Comcast... (3, Informative)

Gerald (9696) | more than 6 years ago | (#21525199)

In the traces I've seen the RSTs come in pairs, with the sequence numbers differing by 12503.

Re:If it's Comcast... (5, Informative)

Raul654 (453029) | more than 6 years ago | (#21519101)

If packets start showing up at one end of the connection that were not send by the other, they had to have been added en-route. This can occur naturally, as a result of IP-level fragmentation in the network, or it can be done deliberately, as Comcast and the great firewall of China do. IP-level fragmentation occurs because a packet is too large and it is being cut into fragments to improve performance; as I understand it, in practice on the real internet, it's actually pretty rare. On the other hand, if those packets that mysteriously show up are TCP-resets, then it's (IMO) an entirely reasonable assumption to make that they were put there by someone wishing to interrupt the traffic stream.

Re:If it's Comcast... (1)

mihalis (28146) | more than 6 years ago | (#21519277)

easy, it only has to look for non-crappy service on any non-ISP-troubling protocol. In that unlikely event the troublesome protocols must be being victimised by something other than usual crappy service.

Re:If it's Comcast... (1, Insightful)

Anonymous Coward | more than 6 years ago | (#21519639)

Leela: "Here is the manual with a list of everthing wrong with the ship."
Bender: "I'm not reading that crap! Sum it up in one word!"
Leela: "Sabotage!"

Important, (5, Interesting)

SlipperHat (1185737) | more than 6 years ago | (#21519049)

Is there a website where we can post these results? Broadband Reports [broadbandreports.com] comes to mind, but maybe the EFF has a place set up?

Do you trust the EFF? (1)

Thanshin (1188877) | more than 6 years ago | (#21519113)

If X tells something is true and then offers an application that proves that what they say is true there are only two options:

1 - You trust X: No need to check for yourself.
2 - You don't trust X: Why would you believe X's software?

Re:Do you trust the EFF? (2, Insightful)

Diss Champ (934796) | more than 6 years ago | (#21519147)

Option 3: You know enough about networking to examine their source, and gain some appreciation as to whether it does what they say it does.

Re:Do you trust the EFF? (1)

Jeff DeMaagd (2015) | more than 6 years ago | (#21519191)

But I don't think this is just about trusting the EFF that this happens. This is a case about discovery. EFF isn't everywhere and can't directly measure this sort of thing from their offices - they need client programs run in as many locations as reasonable to gather.

The thing is, I thought that net neutrality was about being neutral about the source organization of a packet, not being neutral about the type of packet. For example, that the ISP doesn't try to give Google's services a lower priority than their own services.

Re:Do you trust the EFF? (1)

Thanshin (1188877) | more than 6 years ago | (#21519267)

But I don't think this is just about trusting the EFF that this happens. This is a case about discovery. EFF isn't everywhere and can't directly measure this sort of thing from their offices - they need client programs run in as many locations as reasonable to gather.
The application should call home to report the results.

Re:Do you trust the EFF? (0)

Anonymous Coward | more than 6 years ago | (#21522395)

This has got to be one of the dumbest suggestions by a slashdot poster, ever. No way is eff going to release open source code that deliberately "calls-home".

Who do you think EFF is...Sony? There is going to be a massive problem in compiling this database of people suffering from spoofed TCP RST packets. No doubt there will be many false positives, as well. EFF is just in the beginning stages of this. I'm sure they'll figure out a way to compile the data. Assuming, of course, that millions of people download their program and use it. Honestly, I don't see this taking off, except on Slashdot or Ars.

Then again, I'm super pessimistic. Like the Man, Seymour Skinner (or Arman Tanzarian) said, "Prove me wrong, children. Prove me wrong."

Re:Do you trust the EFF? (2, Insightful)

ScrappyLaptop (733753) | more than 6 years ago | (#21523623)

Fantastic idea; a seti-at-home app that anyone can download (not just the Linux savy) and run on their Win32/64 boxes that sends results to a central location, just like Seti. Unfortunately, the EFF got a lot of press today with PR that says, "EFF releases tool for users". My wife emailed me with, "this isn't for users, it's for you network and Linux people". We need lots of automated samples that are effortless for the users to submit -THAT would be a tool for users".

Not tesing is not science (4, Insightful)

l2718 (514756) | more than 6 years ago | (#21519219)

First of all, the EFF may has not tested your ISP. You may trust them that in general ISPs are sending spoofed packets, but still want to know whether your ISP is using the tactic. Beyond that, however, just because you trust them doesn't mean independent verification has no value. Results mean something different if you obtained them yourself. Also, as in regular science, independent confirmation of results gives more than that: more people conducting tests will also give better data.

Re:Do you trust the EFF? (2, Interesting)

Aladrin (926209) | more than 6 years ago | (#21519241)

If you were talking about a single person trusting a single entity, that is correct. We are talking about the internet and a ton of geeks. If there's anything hinky with EFF's program, it'll be found. And if there's not, even those who don't trust the EFF itself can trust the app with a fair amount of confidence.

I'm leaving out any geeky reasons such as viewing the source code (which I don't see if they provide or not) or how simple the process is.

Re:Do you trust the EFF? (1)

h4rr4r (612664) | more than 6 years ago | (#21519311)

Because it is python, you can read it yourself.

No trust needed.

Re:Do you trust the EFF? (0)

Anonymous Coward | more than 6 years ago | (#21519355)

I'm not a regular slashdot poster and can never remember my nick/pass, so my apologies on the AC. The tool the EFF suggests you use is Wireshark. You can get the source [wireshark.org] . If you don't trust the EFF but want to verify yourself you can make an independent inspection of the tool they recommend and draw your own conclusions about the results.

Re:Do you trust the EFF? (0)

Anonymous Coward | more than 6 years ago | (#21519453)

That's not quite the issue though.

The EFF aren't saying, "Here, check comcast, see we're telling the truth", they're saying "Here, have a look and see if your own provider is doing something similar".

Basically, they're outsourcing the hunt for other 'offenders'. :)

Re:Do you trust the EFF? (1)

xouumalperxe (815707) | more than 6 years ago | (#21519533)

There's at least one more option: They said that some ISPs are doing it, time to check if yours is one of them.

Re:Do you trust the EFF? (2, Insightful)

Conspiracy_Of_Doves (236787) | more than 6 years ago | (#21519569)

I don't know if I trust EFF completely, but I trust them far more than I trust Comcast.

Re:Do you trust the EFF? (1)

dozr (70892) | more than 6 years ago | (#21519609)

3 - ??????
4 - PROFIT!

Re:Do you trust the EFF? (0)

Anonymous Coward | more than 6 years ago | (#21519633)

Uhh... Wireshark has been around far longer than this spate between Comcast and P2P users has been, so its not like they created it just to give Comcast a black eye, and its implementation is open source, so its source can be reviewed (and it can be downloaded from independent 3rd parties who have no interest in mucking the software up to attack Comcast).

All the EFF did was publish instructions on how to use Wireshark to get their results. The only thing you need to do is check to see if the steps have any biasing in the results they would provide.

Re:Do you trust the EFF? (1)

Fex303 (557896) | more than 6 years ago | (#21519965)

If X tells something is true and then offers an application that proves that what they say is true there are only two options:

1 - You trust X: No need to check for yourself.
2 - You don't trust X: Why would you believe X's software?

3 - You want to gather evidence proving you have personally been affected by that something in order to further your chances in a class action lawsuit.

Just a thought.

RTFA (3, Informative)

hal9000(jr) (316943) | more than 6 years ago | (#21520067)

Your post demonstrates unequivocally that you did not read the article or if you did, you didn't understand it.

Take two packet traces, one from you your computer one from a friend while your two computers are talking. Then compare the TCP sessions captured by each for differences. Differences that don't matter are fragmentation and re-ordering, for example. Difference that do matter are TCP resets, ICMP unreachables, TCP FIN's that are received by one side and not sent by the other.

Sheesh, I can forgive not knowing how networking works, but to post inflammatory comments when you are obviously ignorant is, well, ignorant.

Re:RTFA (2, Interesting)

Thanshin (1188877) | more than 6 years ago | (#21520725)

Your post demonstrates unequivocally that you did not read the article or if you did, you didn't understand it.
I read the article. What I didn't see was that there was a second linked article that described the software.

Sheesh, I can forgive not knowing how networking works, but to post inflammatory comments when you are obviously ignorant is, well, ignorant.
I didn't make the post to be inflammatory. I just wanted to express that giving an application to prove something you're saying is not logical. And no, I didn't know the software existed previously.

Obviously it was inflammatory, judging by the number of replies, but I think it's because from the title, readers were already expecting an offensive post before reading the content.

And, btw, my point was not "don't trust the EFF because they are tricking you with an app" but "As we already trust the EFF, there's no need to double check their results."

Thanks!!! (0)

Anonymous Coward | more than 6 years ago | (#21519487)

>> Pcapdiff 0.1 is written in Python, is run from the command line, and requires the pcapy Python library.

That point and click interface should save me a lot of time.

And why the fuck is it in Python? (-1, Troll)

Anonymous Coward | more than 6 years ago | (#21519613)

Fucking python fanboys are everywhere these days. Stop writing shit in python, dickweeds. Installing pyshitty pyesoteric pylibraries is pyfucking pyannoying. It's a shitty language, and you're all gay for using it.

Re:And why the fuck is it in Python? (0)

Anonymous Coward | more than 6 years ago | (#21520051)

"Stop writing shit in python, dickweeds.

And what fanboy are you of? Though there are alternatives to Python that could be use here, it is one language that works well in this instance. Namely, it provides multi platform support for this tool. You did not mention what the "better" alternative *should* be. Should they have used the more "multi platform friendly" C# or VB?

Re:And why the fuck is it in Python? (1)

fbjon (692006) | more than 6 years ago | (#21521539)

I'm under the impression that Java is more common than Python, but no matter, this software is still pretty rudimentary.

Re:And why the fuck is it in Python? (1)

Dan Ost (415913) | more than 6 years ago | (#21522581)

Some people believe that Java is silly and find Python to be a more elegant way of doing the same or similar things.

Stop misusing "Network Neutrality" (5, Insightful)

bconway (63464) | more than 6 years ago | (#21519555)

Network Neutrality refers to ISPs double dipping on charging/extorting fees for both users paying for their connections and web sites paying for prioritization of traffic according to origination and destination. It does not refer to protocol-based QoS. It does not mean a flat, unmanaged, unQoS-ed Internet. By repeatedly and deliberately misusing this phrase, its importance is being weakened.

Mod Parent Up! (1)

RandoX (828285) | more than 6 years ago | (#21519755)

Thanks for putting that into concrete terms.

Re:Stop misusing "Network Neutrality" (0)

Anonymous Coward | more than 6 years ago | (#21519813)

I don't know who died and made you a dictionary, but I've looked it up and there are many definitions of "Network Neutrality" and yours is only one.

Re:Stop misusing "Network Neutrality" (4, Interesting)

kebes (861706) | more than 6 years ago | (#21519915)

Network Neutrality refers to ISPs double dipping on charging/extorting fees ... It does not refer to protocol-based QoS.
Unfortunately when it comes to the definition of Net Neutrality, there isn't yet consensus (e.g. see various definitions offered here [wikipedia.org] , and associated references). Maybe we need to come up with new terms, like "Strict Net Neutrality" versus "General Net Neutrality" to distinguish between various implications of the term. As usual, though, it's very hard to get people to agree on definitions.

And, of course, the definitions vary in part because people have different opinions on what is "important." Supporters of net neutrality agree that data carriers should at a minimum be source/destination neutral (the version of neutrality you are referring to). However some people do indeed believe that carriers should also be neutral with respect to the devices allowed to connect to the network, and the types of traffic sent over the network.*

So, in short, there is a diversity of opinion about what the term means (or "should" mean, I guess).


[*] As an aside, my mind isn't made up, but I understand the logic for saying that traffic neutrality may be ultimately a good thing. Yes, it prevents certain QoS strategies on shared carrier networks (but not on closed private networks, of course)... but then again, do you trust your ISP (which has its own interests) to pick the QoS strategy that actually works best for you? (Or even for most customers?) Also, any QoS strategy inherently makes a judgment call about what is "important" and what isn't. So, it inherently limits new technologies/protocols we haven't yet dreamed of. And, it would seem inefficient because any QoS which degrades protocols that customers are interested in will be circumvented (e.g. by masking your traffic as a type of traffic that is "approved" for high-speed delivery). Certainly we wouldn't let other carriers discriminate based on the content (e.g. postal service that delivers boxes that contain videotapes slower than boxes that contain paper; phone carrier that delays voice calls to prioritize fax calls...).

Re:Stop misusing "Network Neutrality" (1)

foobsr (693224) | more than 6 years ago | (#21520291)

If anyone cares:

Special Section on Net Neutrality, The International Journal of Communication, http://ijoc.org/ojs/index.php/ijoc [ijoc.org]

Pages and pages, opinions, pros&cons, etc.

CC.

Re:Stop misusing "Network Neutrality" (3, Insightful)

porpnorber (851345) | more than 6 years ago | (#21520865)

I think how consumers are supposed to select their QoS strategy is with QoS labels. The question is not 'should we have QoS' (I don't know about you, but I would rather have my videoconference packets queued ahead of my ftp packets), it's should the ISP be overriding our choices to satisfy their own policies. This is the same issue as randomly dropped connections: a mechanism to drop connections should exist because the endpoints need it. The carrier should not be invoking it 'on your behalf' and in the face of your desires, or it simply isn't doing what it was paid to do.

There's a secondary issue of whether your operating system provides a good mechanism for QoS policy management at the endpoints (hint: no, it doesn't). But that's something to take up with the O/S vendor, or perhaps—an easier nut to crack—the router in your home. But in any case, it seems reasonably clear that QoS should be honoured or ignored end-to-end, and not randomly messed with in transit to the benefit of third parties.

...Unless I've misunderstood the technical situation completely....

Re:Stop misusing "Network Neutrality" (1)

dogs4ar (1072988) | more than 6 years ago | (#21522501)

Yeah, the title should have been "EFF releases new software (actually a Python script, but whatever) in bid to show that ISP's spoof packets" That would have been much more of an attention grabber.

Ya gotta admit, using "Net Neutrality" however wrongfully, is an attention grabber. It got you talking, didn't it?

Re:Stop misusing "Network Neutrality" (1)

Cairnarvon (901868) | more than 6 years ago | (#21524505)

Python scripts aren't software now?

Err... (0)

Anonymous Coward | more than 6 years ago | (#21522931)

There WAS a consensus. People said "we don't want our ISPs degrading our connection to particular sites to gain a competitive advantage."

Then folks came around and started claiming it was anti-QoS and all kinds of nonsense, trying to make it out to be "problematic" so that the telcos could argue against something that popular. See the nice anti-NN ads they started running.

I guess that confused people, but I have NEVER seen someone pro-NN arguing against QoS. NEVER. They're always anti-NN people asking if I've considered it... Yes. I have no trouble with QoS. I think it should be the customer's choice of what QoS to run, but if the ISP needs to set aside some bandwidth just for VoIP (and ALL VoIP, no hindering your competitors), I don't see the problem.

Damn debate gene (1)

Nakarti (572310) | more than 6 years ago | (#21528031)

I favor core neutrality(source/destination), but not to the point of QoS neutrality(by the way QoS is NOT what this article is about; it's about the source and destination being regular users and Comcast interfering with that.)
The postal service in fact does prioritize mail, that's why media mail(boxes of paper as it were) costs less by weight; they don't want to put more effort into heavy, time-insensitive mail, but won't charge as much, for keeping it out of the air.

The phone company does prioritize as well. With limited connections, data calls(fax, modems, and, as it happens, cell phones) get "All Circuits Are Busy Now" more than plain voice calls. And that's good, assuming they're honestly charging relative to their expenses. I'd rather not pay another $10 a month for the added capacity needed to avoid the semi-annual failed cell call or delayed fax.
Given that, why wouldn't I want my ISP give more effort to my occasional, but primary-purpose, web browsing, than to my while-I-sleep-or-work torrent up/downloading. If I want to run a serious server instead of the poor hack I have now, I can pay the carrier rate($300/mo last check) for a dedicated T1 line, no restrictions allowed.

Charging Google for *MY* Youtube viewing is _baaad_. If you can't afford the bandwidth you're selling, drop the rates, raise the prices, or do a daily threshold(you slow down after 100-200MB in a day) like every(sorry, both) satellite provider does for their customers.

Re:Stop misusing "Network Neutrality" (2, Insightful)

Anonymous Coward | more than 6 years ago | (#21519941)

I don't think that it weakens the term "network neutrality" to use it when referring to QoS which extends beyond latency-vs-throughput tradeoffs.

It is completely acceptable for an ISP to shape traffic based on the customers' requested packet priorities, on a zero-sum basis; some types of packets are very time-dependent, and thus can be sent in a manner that ensures they'll arrive more quickly (in exchange, of course, for losing some overall bandwidth).

However, when an ISP begins prioritizing these things itself, against the wish of the customer (who believes he/she is paying for a generic "Internet connection"), this is a type of fraud. The ISP has no right to call it an "Internet connection" unless they explicity describe, when making the sale, that it is a specially limited type of Internet connection.

It isn't really full Internet connectivity. True internet connectivity necessarily entails packets routed to their destinations, regardless of their content (including port destination content, which is only the business of the sender and receiver). True internet connectivity necessarily entails a neutral carrier, who does not care about anything but routing a packet from one point to another.

The type of "QoS" being performed by these ISPs to limit types of communications they dislike thus goes beyond the acceptable. If they are concerned about certain users taking up more bandwidth than a fair share, then the ISPs should be honest about it: either charge per amount of bandwidth used, or implement bandwidth limits. But to pursue the matter as they are is at least fraudulent, and when performed by quasi-monopolies as cable ISPs are in the US, it has the flavor of an extortionate business practice.

Re:Stop misusing "Network Neutrality" (0)

Anonymous Coward | more than 6 years ago | (#21520009)

While I like your definition the best, I'm not sure where you're getting the idea that forging RST packets has something to do with "QoS". Traffic shaping is done by either dropping or just delaying some of the packets, not by cutting the traffic off completely.

Re:Stop misusing "Network Neutrality" (1)

0xABADC0DA (867955) | more than 6 years ago | (#21520211)

Network Neutrality is just a term coined to mean "the ISP doesn't mess with the traffic". As a consumer when a packet gets dropped you have no idea whether it was because of the destination or because of the protocol, so these are both covered under net neutrality. That's why we need legislation that makes all messing with packets regulated.

What comcast is doing is stupid for controlling bandwidth because the user can actually tell what happened. They are doing a favor for net neutrality advocates by being so clumsy since they could just silently drops ACKs and/or drop random packets for the targeted protocols and this would slow down connections without anybody being the wiser.

Re:Stop misusing "Network Neutrality" (1)

pyrr (1170465) | more than 6 years ago | (#21520525)

This is a very good distinction to make, since dilution and misuse of the term stands to weaken the more important issue. The primary difference here is that of what amounts to an information toll-road, versus QoS traffic shaping. I can understand where Comcast is coming from (I don't necessarily agree with the way they went about their traffic shaping, but I understand why they did it), the latter is primarily a decision that the ISP is making in the majority of its users' best interests, while the former is an ISP or backbone-maintainer decision that is in its own best interests to the detriment of everyone from service providers to consumers.

The largest part of the problem in the traffic shaping issue seems to be that ISPs are cheap and unwilling to buy the appropriate amount of bandwidth they need for peak usage times. To compensate, they feel it's acceptable just to crack-down on the heaviest downloaders...but not only those downloaders, but anyone who has the misfortune to be trying to use the same protocols as the worst offenders. But in their view, they're keeping costs down and ensuring that the "average" user won't suffer a severe service degradation (well, substantially worse than the normal service typically is).

What's wrong with the whole Network Neutrality situation is that the internet will lose a lot of its value for everyone if content is marginalized or access is restricted arbitrarily simply because corporate greed shapes the traffic rather than bandwidth consumption. At least from my perspective, the limited anarchy of the bulk of the internet is what makes it the important resource that it's become. Censorship of content, based only on how much money a consumer or service provider is willing to cough-up for access, is abhorrent.

Re:Stop misusing "Network Neutrality" (1)

dpilot (134227) | more than 6 years ago | (#21520711)

When I think of QoS I think of prioritization and such. I don't think of filtering or forging RST packets. An ISP can put it into their Terms Of Service to reserve the right to filter packets, even forge RST packets. But that's all "filtering", not QoS.

Re:Stop misusing "Network Neutrality" (0)

Anonymous Coward | more than 6 years ago | (#21521629)

Understood. But where is the line drawn? If, for instance, Comcast deliberately slows certain types network traffic without notifying their customers then how is it not double dipping? The customer paid for their service plan yet certain traffic of theirs gets throttled at Comcast's discretion? That sounds like the first rung on the Net Neutrality ladder to me. If you provide a service that is managed then you should be required to sell your service with the disclosure of ALL managed limitations. Maybe the topic is not in its entirety Net Neutrality but saying it has nothing to do with it smells like crap to me. If you're a Net Neutrality supporter then this wouldn't be something to just turn a blind eye to.

Instead of denying what they are doing... (1)

fourohfour (1056594) | more than 6 years ago | (#21519713)

...why don't they just charge a nominal fee for heavy p2p users?

Because that would require accounting (1)

Kludge (13653) | more than 6 years ago | (#21520059)

And accounting costs money.

Re:Instead of denying what they are doing... (0)

Anonymous Coward | more than 6 years ago | (#21520181)

I say charge by the megabyte, to all users of the internet.

Re:Instead of denying what they are doing... (2)

hal9000(jr) (316943) | more than 6 years ago | (#21520199)

I hate this idea. If you subscribe to a service that quotes bandwidth, you should be able to consume that bandwidth, 24x7x365. Period. All the ISP's are marketing unlimted, highspeed access. The fact is, they over subscribe the pipes on purpose and some users, like file sharers, consume more of the aggregate pipe degrading the performance of others and forcing the ISP to deal with complaints or upgrade capacity.

I have a FiOS 20MB down/5MB up pipe. If I and my neighbors started consuming all that bandwdith 24x7x365, we would easily over run the uplink capacity and you can bet VZ would come knocking. ISP's will continue to punish bandwidth hogs until the ISP are sued for unfair business practices or the press gets bad enough. For example, Verizon Wireless just recently started telling their EVDO customers that there was a 5GB/mo limit where they used to market unlimited access. My original contract said nohting out a bandwidth limit.

If they are going to limit bandwidth usage, they should state such up front and in no uncertain terms. But they don't.

Re:Instead of denying what they are doing... (3, Interesting)

cdrguru (88047) | more than 6 years ago | (#21520909)

Why when you buy a 100GB hard drive does it only have about 96GB available on it? How come my car has a speedometer that is calibrated to 180 but I can't drive at 180MPH? How come when you go to a "all-you-can-eat" restaurant they don't let you stay there for a week and keep eating?

All of this assumes that you are swayed by the advertising and don't really check up on the claims being advertised. Or, it states things in common everyday language that are backed up by the fine print saying something quite different.

There clearly are two kinds of people - those that understand what is being advertised isn't exactly what is being sold and those that have managed to get through life until their 16th birthday without realizing this. Sorry, time to grow up.

I still want to ask the car salesman about the speedometer. And ask if we can check if the car will really go that fast on the test drive.

Re:Instead of denying what they are doing... (1)

Shakrai (717556) | more than 6 years ago | (#21522599)

How come my car has a speedometer that is calibrated to 180 but I can't drive at 180MPH?

That's a stupid fucking analogy. You'd have a better case if you were bitching about the engine governor that's installed in most consumer vehicles. Bitching because a meter goes higher then the vehicle can is stupid. Would you prefer if you could bury the speedometer and not know how fast you were actually going? Do I have the right to bitch if my car doesn't survive to 999,999 miles because that's how high the odometer goes?

ow come when you go to a "all-you-can-eat" restaurant they don't let you stay there for a week and keep eating?

Actually, if they were open 24/7 and you could manage to stay there for a week without falling asleep, then yes, I think you'd have the right to bitch. If they are advertising it as "all-you-can-eat" then they don't have the right to ask me to leave for the sole reason that they think I'm eating too much and if they did ask me to leave then I'd probably refuse to pay my bill.

Re:Instead of denying what they are doing... (1)

d34thm0nk3y (653414) | more than 6 years ago | (#21523267)

Why when you buy a 100GB hard drive does it only have about 96GB available on it?

Great example. You were listing examples of fraud correct?

Because Western Digital just settled a lawsuit over this. [gizmodo.com]

Re:Instead of denying what they are doing... (1)

rastos1 (601318) | more than 6 years ago | (#21529879)

> Why when you buy a 100GB hard drive does it only have about 96GB available on it?
Actually ... no. If it is a Seagate [zdnet.co.uk] ;-)

Re:Instead of denying what they are doing... (1)

bskin (35954) | more than 6 years ago | (#21523331)

I think the applicable question is whether any of these would pass a "Reasonable Person" test. In the case of bandwidth, I think the answer is truly going to depend on what was advertised. If they truly advertised it as "unlimited" then I think that a reasonable person would assume that means they could use as much as they want. I suspect if you went back and looked at the ads, however, you'd see a lot of asterisks and weasel words.

Re:Instead of denying what they are doing... (1)

u-235-sentinel (594077) | more than 6 years ago | (#21521651)

I have a FiOS 20MB down/5MB up pipe. If I and my neighbors started consuming all that bandwdith 24x7x365, we would easily over run the uplink capacity and you can bet VZ would come knocking. ISP's will continue to punish bandwidth hogs until the ISP are sued for unfair business practices or the press gets bad enough. For example, Verizon Wireless just recently started telling their EVDO customers that there was a 5GB/mo limit where they used to market unlimited access. My original contract said nohting out a bandwidth limit.

If they are going to limit bandwidth usage, they should state such up front and in no uncertain terms. But they don't.


I had that experience with . I still don't know what their bandwidth limit it and they won't tell you either. I've spoken with reporter after report. they called and couldn't find out either Comcast's PR department worked for their money this year :-) [comcastiss...comcomcast]

I used P2P, Internet Radio and TV, downloaded movies from various services including Amazon and Wallmart.com and so on. Whatever their limit is, I'm sure I'm not the only one hitting it. I've spoken with people from all over including friends down the street who have been been terminated (like me) by Concast for using the Internet too much.

But there is no limit.

Of course. We understand.

Re:Instead of denying what they are doing... (1)

Constantine XVI (880691) | more than 6 years ago | (#21520253)

Like with their current throttling, who says they're going to distinguish between P2P users and, say, Lotus Notes/Exchange, Joost, or Skype? (the last two being blatant competitors to Comcast)

EFF- thanks, it's the thought that counts (2, Interesting)

jayp00001 (267507) | more than 6 years ago | (#21520643)

It's nice of the EFF to spend time and money developing software that can detect what we know Comcast (and maybe others) are doing but without some sort of centralized data gathering operation to put together some sort of class action lawsuit what good is it? Knowing your packets are getting pummeled by Comcast allows you to... complain? I can't even get them to give me a clean cable tv signal- does anyone think they would listen to our complaints about packet loss? (does anyone think the average Comcast support rep would know what a packet is?) While others might be able to switch to another provider I think far too many of us (myself inculded)are stuck in monopohell with broadband providers. I'd prefer to see the EFF working on forcing Verizon (et al.) to drop fiber to the premises (after all we've been paying billions in infrastruture taxes for how long now??)

Re:EFF- thanks, it's the thought that counts (1)

nametaken (610866) | more than 6 years ago | (#21527207)

Here's where the software becomes a useful tool...

I use WOW as my cable and internet provider, where my options were Satellite + DSL, Comcast Bundle, AT&T Bundle, or WOW. I regularly talk about WOW and their fantastic customer service, support, and quality product at a relatively low price. I know that if I test my connection and find that they're up to the same dirty tricks, making a stink about it will go further with them. They're always trying hard to convince people to switch away from Comcast, so it's in their best interest to do everything better than their competition.

In the meantime, the only way to scare Comcast is to threaten their dominance with competition, which becomes more viable as other companies invade their territory with better products and service at a lower price. Here's to hoping that I find WOW leaves my traffic alone so I have one more reason to promote them... if even so they can grow and eventually dent Comcast's influence in my region. Best case scenario, we see a genuinely competitive situation evolve between all the providers of TV, phone and internet service, where right now Comcast is often the only option.

Re:EFF- thanks, it's the thought that counts (1)

jayp00001 (267507) | more than 6 years ago | (#21528507)

I think you're agreeing with me. When there is competition you can complain and it means something. When they have the monopoly you're cooked. BTW check your TOS before you go checking your connection. I'm not sure if the EFF tool fits the description but...

from http://www1.wowway.com/wow/wow.aspx?ConIdent=28&RCView=False&TermID=2 [wowway.com]

N. Customer will not use or distribute tools designed or used for compromising security, such as password guessing programs, decoders, password gatherers, analyzers, cracking tools, packet sniffers, encryption circumvention devices, or Trojan Horse programs. Network probing or port scanning tools are only permitted when used in conjunction with a residential home network, or if explicitly authorized by the destination host and/or network. Unauthorized port scanning, for any reason, is strictly prohibited.

Comcast releases new modem setup diagram (3, Funny)

noidentity (188756) | more than 6 years ago | (#21520899)

Comcast posted a new cable modem wiring diagram [ripway.com] in response.

Just how does the EFF *define* neutral? (0)

Anonymous Coward | more than 6 years ago | (#21521781)

And are they correct?

Who says so?

Will There Be Fasle Positives? (2, Informative)

AK Marc (707885) | more than 6 years ago | (#21521853)

I work for an ISP. We purposefully craft spoofed packets and send them to our customers. Will we be reported as offenders? Does it matter that we provide service to rural locations that are only accessible through satellite and the "spoofers" are called "accelerators" by the people that sell them, and the spoofed packets are added to correct for windowing issues to increase the speed of Internet connections? If I get a number of customers that complain about our "non-neutrality" I'll be more than happy to turn off TCP acceleration and see how they like the new neutral Internet.

It isn't only for nefarious purposes where providers spoof packets. Will this software be able to identify the good from the bad? Or will it just assume that all are bad, even in the face of legitimate uses?

Re:Will There Be Fasle Positives? (1)

Dan Ost (415913) | more than 6 years ago | (#21522665)

Sounds like you should try the software out yourself. If you really need to know, you shouldn't trust slashdot to give you reliable info.

Re:Will There Be Fasle Positives? (1)

thatblackguy (1132805) | more than 6 years ago | (#21522731)

If you read TFA you'd know that yes it will be able to identify RST packets from whatever the heck else you're doing. An informed person doing the test would be able to tell at least Comcast brand messing up apart from your accelerators.

We will buy our convenience with innovation, not by sacrificing our freedom.

Replace 'convenience' with 'safety' and it works too :)

Re:Will There Be Fasle Positives? (1)

fnord_uk (842775) | more than 6 years ago | (#21525013)

Well, I would say, based on the following recommendation from the PILC working group, "Performance Enhancing Proxies Intended to Mitigate Link-Related Degradations"- RFC 3135, that they should all be aware of what you are doing, at least if they're technically minded enough to run pcapdiff.

      In any environment where
      one might consider employing a PEP for improved performance, an end
      user (or, in some cases, the responsible network administrator)
      should be aware of the PEP and the choice of employing PEP
      functionality should be under the control of the end user, especially
      if employing the PEP would interfere with end-to-end usage of IP
      layer security mechanisms or otherwise have undesirable implications
      in some circumstances. This would allow the user to choose end-to-
      end IP at all times but, of course, without the performance
      enhancements that employing the PEP may yield.

Re:Will There Be Fasle Positives? (1)

SameBrian (945591) | more than 6 years ago | (#21528623)

Your customers should be able to understand the difference should this situation come up. Others have pointed out that the article addresses this issue, but regardless, should someone confront you about spoofing packets, you should feel confident (morally as well as legally) that after explaining the situation your customers will be satisfied. As you stated, should they express a problem with this, by all means turn it off. If they now complain about their connection you can re-iterate your previous point.

Test instructions for the few (1)

tgrigsby (164308) | more than 6 years ago | (#21536343)

Having RTFA, I found this:

  • Each party participating in the experiment must have all of the following:
    * a computer capable of running Wireshark, with appropriate privileges to install and run it;
    * the ability to connect this computer directly to the Internet, with a public IP address, outside of any firewalls (for example, not via a typical home wireless router);
    * the ability to determine the computer's public IP address;
    * the ability to disable any firewall software running on the computer itself;
    * some application to test, and the ability to configure that application to communicate directly with the other party (by IP address).


So you're going to set up a honeypot on the 'net while you're trying to figure out if Comcast is jacking with your packets. How are you going to tell the difference between your system getting hijacked and Comcast slowing your connection?

Pardon my ignorance, but... (0)

Anonymous Coward | more than 6 years ago | (#21560777)

Isn't sending spoofed reset packets essentially a denial of service attack? Seems to me that's against federal regulations, and could result in ComCast getting, not sued, but indicted...

Re:Pardon my ignorance, but... (1)

znerk (1162519) | more than 6 years ago | (#21560915)

An interesting point. Anyone have any hard info on this?
--
Ask not what your country is doing to you...
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...