×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

BitTorrent Devs Introduce Comcast-Proof Encryption

Zonk posted more than 6 years ago | from the crafty-devs dept.

Encryption 334

Dean Garfield writes "An article at TorrentFreak notes that several BitTorrent developers have proposed a new protocol extension with the ability to bypass the BitTorrent interfering techniques used by Comcast and other ISPs. 'This new form of encryption will be implemented in BitTorrent clients including uTorrent, so Comcast subscribers are free to share again. The goal of this new type of encryption (or obfuscation) is to prevent ISPs from blocking or disrupting BitTorrent traffic connections that span between the receiver of a tracker response and any peer IP-port appearing in that tracker response, according to the proposal.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

334 comments

First tits! (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22442914)

Boobs are a myth!

Do arms races ever work? (5, Insightful)

pembo13 (770295) | more than 6 years ago | (#22442916)

Unless one side suddenly blows away the other, I don't see this ending. It may breed innovation, but said innovation only seems useful for this one problem.

Re:Do arms races ever work? (4, Insightful)

webmaster404 (1148909) | more than 6 years ago | (#22442942)

Well, its not an "end-all" solution however it solves the immediate problem. However chances are in 10-15 years we won't even be using Torrents we will have moved on to another form of P2P.

Re:Do arms races ever work? (4, Funny)

Anonymous Coward | more than 6 years ago | (#22443042)

Why wait 10-15 years? Jump on the bandwagon and make impossible predictions about the near future.

In 10-15 years, p2p will stand for Person to Person, as we will have placed the computers inside our heads, we will share thoughts. No more picture based porn, when you "download" the new porn, it will appear as you in it. And you will not only get to see/heard, but also smell, taste, and feel. More importantly, cyber-sex will be much more like real sex, as a virtual world will be just as real as the real world.

Oh, and in 20 years legislation will have been past severely restricting this new technology to anyone under 21 years of age, and in some states, cyber-anal-sex will be a capital offense. In 23 years, Comcast will start 'degrading' this new service for due to 'QoS' concerns. After a few million people have their virtual parters turn into cows during virtual sex, a riot breaks out leaving America as a second world nation.

Re:Do arms races ever work? (3, Funny)

capiCrimm (921029) | more than 6 years ago | (#22443232)

Wouldn't the riots break out as soon as people started spamming goatse in this new brave virtual sex world? Also, how can I prevent virtual herpes from all these virtual whores I'm virtually sleeping with?

Re:Do arms races ever work? (5, Funny)

fyrewulff (702920) | more than 6 years ago | (#22443270)

Yes. Once they actually do make disc based media that can actually take a fall, we'll be using the FDTP (Flying Disc Transfer Protocol) method.

However, the packet drop in windy places would be too much.

Re:Do arms races ever work? (4, Interesting)

linzeal (197905) | more than 6 years ago | (#22443566)

We are still using HTTP and FTP, who is to say that BT will not just slowly mature like those? If there is any standard P2P protocol emerging than BT would be in the top 3 along with Edonkey and DC++.

Re:Do arms races ever work? (2, Interesting)

Ilgaz (86384) | more than 6 years ago | (#22443138)

Unless one side suddenly blows away the other, I don't see this ending. It may breed innovation, but said innovation only seems useful for this one problem.
As far as I followed, most Bittorrent based "inventions" were done because of attacks by dark companies (media defender), fake seeders etc. Comcast is practically DOS attacking their own customers so someone finds a workaround for it. If it is good enough, all those bittorrent clients will adopt it in no time and they will end up with horrible publicity, paranoid customers, FCC investigation for nothing. Technical karma :)

Re:Do arms races ever work? (5, Insightful)

moderatorrater (1095745) | more than 6 years ago | (#22443168)

Do arms races ever work?
Depends on your objective. Generally, arms races preserve the status quo, which, in this instance, is exactly what they're trying to do.

Re:Do arms races ever work? (1, Insightful)

timmarhy (659436) | more than 6 years ago | (#22443310)

yes, whats the point to anything if it's not a 100% bullet proof solution? you may as well crawl back in your hole and not post on /. because whats the point right?

Re:Do arms races ever work? (5, Insightful)

rale, the (659351) | more than 6 years ago | (#22443438)

Comcast's bittorrent filtering has almost certainly cost them money in the form of hardware and software to implement it. If continual updates to the protocol make it more difficult and expensive to filter, then theres always the chance that ISPs could decide it's actually a better investment in the long run to upgrade their networks, rather than upgrade their filtering. That could just be wishful thinking, tho...

Re:Do arms races ever work? (1)

Xtravar (725372) | more than 6 years ago | (#22443514)

They could always just limit the maximum connections of a particular client to, say, 100.
"100 simultaneous connections are reasonable for all legal uses of the Interweb."

Then all p2p would be fucked, not just BT.

Re:Do arms races ever work? (5, Interesting)

MightyMartian (840721) | more than 6 years ago | (#22443580)

Or they could just do the sensible thing, cut out all the bullshit "unlimited" advertising (which should be against the law anyways) and start selling customers a set block of gigabytes, with an over-limit charge per gig, just like the dialup ISPs did with time online in the olden days. That's what I did at the small ISP I worked for. I wrote and maintained the billing software, and just sucked in usage stats off our Radius servers once an hour. The system was even set up to send out an email when a user was close to his gigabyte limit letting him know that the meter was going to start running and what the charge per gig was.

We tried shaping P2P traffic, and it just annoyed customers, and annoying customers is not exactly a long-term strategy for success.

Re:Do arms races ever work? (4, Interesting)

CodeBuster (516420) | more than 6 years ago | (#22443454)

The bittorent devs have the upper hand, at least for the forseable future, because of strong crypto like AES, Serpent, and Twofish for symmetric session traffic and strong public key crypto like RSA to handle the handshakes and symmetric key exchanges. The only response of the ISP is to try and automate Man in the Middle (MITM), but that will be extremely difficult and expensive to implement in practice. Remember that Comcast was throttling bandwidth to cut costs on network upgrades so why would they spend exponentially more on new specialized crypto hardware and software to MITM the handshakes on bittorent sessions if they are too cheap to even upgrade their network? Unless and until there are substantial advances in cryptanalyis (as far as I know there have been no substantial improvements on known attacks in recent years, minor optimizations here and there but not enough to really put a dent in the crypto) or quantum computers become cheap and practical, encryption will provide a very strong defense against network filtering, particularly when it is combined with port randomization. That is why it is in the best Interests of Comcast and other ISPs NOT to escalate by engaging in packet filtering. They will only hasten the development of bittorent clients with strong crypto, as they are doing here, AND draw attention to these new "super" clients that are not "slow".

Traffic Analysis (5, Informative)

gaika (975356) | more than 6 years ago | (#22442920)

Most blocking systems use traffic analysis to block encrypted protocols, even the ones pretending to be something else. There's no way you can confuse p2p sharing with normal browsing if you look at the pattern of data flows.

Re:Traffic Analysis (5, Insightful)

Azh Nazg (826118) | more than 6 years ago | (#22442954)

That's nice, except that blocking encrypted protocols blocks quite a bit more than BitTorrent. . . Secure banking over SSL, SSH, VPNs, and a whole plethora of other protocols. Unless an ISP is willing to go from Internet Service Provider to Web Browsing Service Provider, it would be foolish to block encrypted protocols.

Re:Traffic Analysis (4, Insightful)

budgenator (254554) | more than 6 years ago | (#22443034)

that's what the cableco's really want, they can easily oversubscribe the system when all you can do is browse the web and Email.

Re:Traffic Analysis (2, Insightful)

Anonymous Coward | more than 6 years ago | (#22443044)

Secure banking still isn't going to look like BitTorrent under traffic analysis.

Re:Traffic Analysis (2, Insightful)

Vectronic (1221470) | more than 6 years ago | (#22443108)

Why not? Sure the connection between client and bank wouldnt, but what about between banks? thats a hell of a lot more data being transfered back and forth... not to mention that its sort of the same concept, a bunch of peers all sharing data, some already contain the same data, some dont...

But that doesnt mean I dont agree with you, with only banks specifically though, im sure they would have re-created the banks networks to avoid this dilemma... only that by traffic analysis alone, I could easily see it failing...

Re:Traffic Analysis (4, Insightful)

jonwil (467024) | more than 6 years ago | (#22443132)

Banks dont use consumer grade internet connections to talk to each other.

Re:Traffic Analysis (1)

Ultimatt (1240410) | more than 6 years ago | (#22443416)

But they do (sometimes) need to get on to the same wire as other common traffic. Limiting a portal's bandwidth would only elongate the need for more upload speed/width

Re:Traffic Analysis (5, Informative)

gaika (975356) | more than 6 years ago | (#22443096)

Nobody is going to block all encrypted protocols, that's stupid. They identify the application that is using encryption by looking at the shape of the traffic flows. p2p apps open tons of connections, exchange about equal amount of data both ways, and have a distinct negotiation phase.

Re:Traffic Analysis (1)

0123456789 (467085) | more than 6 years ago | (#22443364)

Now, I don't know for sure, but it would seem as though that description would fit a VPN connection quite well too?

Re:Traffic Analysis (1)

gaika (975356) | more than 6 years ago | (#22443476)

vpn is a single connection, p2p is opening and closing connections all the time

Re:Traffic Analysis (4, Insightful)

Not_Wiggins (686627) | more than 6 years ago | (#22443314)

I think you may have missed the point of the GP post.
The point wasn't to block encrypted traffic just because it is encrypted. It would be to do traffic shaping, so that a connection generating dozens or hundreds of simultaneous encrypted connections to different destination IP's might be targeted; it is a traffic pattern would most likely be generated by a P2P program and not by normal internet use by a family.

Re:Traffic Analysis (2, Insightful)

timmarhy (659436) | more than 6 years ago | (#22443586)

i would argument there is no such thing as "normal" internet use. it's a very personal thing that no 2 people are likely to do the same.

Re:Traffic Analysis (2, Informative)

Runefox (905204) | more than 6 years ago | (#22443554)

AFAIK, Rogers in Canada is actually doing that. I'm a subscriber... Encrypted traffic causes slowdown everywhere on the net, including the torrents. If I do a torrent/unencrypted, it gets caught by the torrent filter, and my connection slows down again. Some tweaking makes it a little better, but it's difficult to deal with such a massive blow to my net speed (cut down to roughly 1/8th of its normal speed).

Re:Traffic Analysis (4, Interesting)

ookabooka (731013) | more than 6 years ago | (#22442960)

I think the idea here is to stop Comcast from injecting their own RST packets into the stream, effectively killing the connection from both sides. Every time an ISP implements a harsh countermeasure, they force the evolution of the protocol. I see this simple as the next logical step in the constant pull and tug of P2P and ISP's. Still, kudos for these guys doing this stuff. I'm sure Blizzard will like hearing that their updates are hindered on Comcast's networks while P2P data has an easier time.

Re:Traffic Analysis (1)

BootNinja (743040) | more than 6 years ago | (#22443030)

what's to stop blizzard from rolling this into their next update?

Re:Traffic Analysis (0)

Anonymous Coward | more than 6 years ago | (#22443368)

The fact that they ship their updates through bittorrent?

A bit of a bootstrapping problem, that one.

Re:Traffic Analysis (0)

Anonymous Coward | more than 6 years ago | (#22443500)

How do we find the index file? Of course, if we had an index file, we could look it up in the index file under "index file".

--Tegan, Doctor Who

Fortunately torrent isn't built in. Each time the client learns it needs a new build, it fetches a distinct 800 KB downloader app from Blizzard and just runs it. So far each downloader app has been a skinned torrent client that fetches the corresponding patcher app from peers and/or Blizzard, but in principle it could do anything.

Re:Traffic Analysis (1)

Have Blue (616) | more than 6 years ago | (#22443080)

That doesn't sound possible. The actual RST flag is in the packet header, the payload is the only part that can be encrypted. You can't make a a connection selectively obey different parts of the TCP protocol. An ISP can kill any connection made over its network; making it difficult for them to identify torrent traffic is the only way to resist this.

Re:Traffic Analysis (5, Informative)

Anonymous Coward | more than 6 years ago | (#22443220)

Actually, IPSec will prevent the ISP from being able to reset the flow. If a packet comes in that is not signed/encrypted (depending on the mode) with the credentials of the other end-point, it is discarded as an attack. It's a pain to set up IPSec security associations in many conditions, but IKEv2 has made it somewhat better.

The fact that you are buying service from the attacker doesn't make them not an attacker. The counter measures developed to fight attackers may have limits, but they are there and are useful in this context.

Re:Traffic Analysis (1)

complete loony (663508) | more than 6 years ago | (#22443230)

This proposal does nothing to stop reset attacks. All it does is stop middle men capturing the peer list returned from the tracker. I don't believe comcast are snooping and using this information to identify torrent traffic. I say this because I have heard that applications like lotus notes are also affected by the injected reset packets. The only way to really defeat these injected resets is to use an IP protocol that is immune to forged packets. I believe SCTP encrypted and tunnelled over UDP packets would fit the bill, but it would be a fairly major change to the protocol.

Re:Traffic Analysis (1)

corsec67 (627446) | more than 6 years ago | (#22443366)

What about a version of TCP that doesn't have any reset packets?
And then instead of a FIN packet, rely on the timeout.

That isn't too big of a change, just comment out some code. It would mess with some routers, but the connections couldn't be stopped by a MitM attack.

Or something like TCP over UDP with those changes. SCTP sounds close, but that isn't encrypted at the transport layer, and is probably vulnerable to the same type of attack. It is different, so the Comcast forgery-throttling software doesn't attack it now, but it wouldn't be hard to attack SCTP, since there are the same kinds of flags in a SCTP packet [wikipedia.org] . (It is Stream Control Transport Protocol, not Secure Transport Control Protocol.)

IPsec [wikipedia.org] would be the best option that is currently implemented right now, right? The main trick would be key distribution to prevent a MitM attack. The problem with what Comcast is doing is that it is before the application layer, in the TCP connections, so you can't use TCP or anything above TCP.

FTP. (2, Informative)

Organic Brain Damage (863655) | more than 6 years ago | (#22443200)

I agree that normal browsing and P2P are going to look obviously different so hiding P2P within HTTP is not going to be too difficult to detect. However, P2P could look a lot like an FTP download. How's traffic analysis going to be able to tell the difference between a P2P movie download that looks like FTP from real and legit FTP?

Re:FTP. (2, Insightful)

RedWizzard (192002) | more than 6 years ago | (#22443348)

I agree that normal browsing and P2P are going to look obviously different so hiding P2P within HTTP is not going to be too difficult to detect. However, P2P could look a lot like an FTP download. How's traffic analysis going to be able to tell the difference between a P2P movie download that looks like FTP from real and legit FTP?
In one case you have one or two connections to a single server. Traffic during a download will be in one direction only. In the other case you have connections to multiple destinations. There is significant traffic in both directions to each destination. Do those sound similar at all?

Re:FTP. (1)

AaxelB (1034884) | more than 6 years ago | (#22443396)

I don't necessarily know what I'm talking about, but wouldn't a single P2P download look similar to a ton of small FTP downloads and uploads to and from various locations?

Re:FTP. (2, Interesting)

slaker (53818) | more than 6 years ago | (#22443488)

On my home Comcast segment, FTP uploads are filtered and shaped to hell, too. So are SSH and PPTP VPNs. And NNTP. I've got a big set of iptables rules to deal with what I can detect, but essentially if I'm doing anything but HTTP(S) or some kind of mail protocol, I can watch network latencies for all the traffic on my cable modem go up 500% and my bandwidth drop to about 20% of the real-world amount I normally have. I stop VPN-ing or NNTPing or torrenting and my connection goes back a few minutes later.

Re:Traffic Analysis (1)

linuxwebadmin (694411) | more than 6 years ago | (#22443254)

There are a number of countermeasures you can take to make traffic analysis difficult. Data flows can be manipulated easily to make pattern analysis very difficult.

Re:Traffic Analysis (1)

linuxwebadmin (694411) | more than 6 years ago | (#22443288)

Depending on the encryption approach, the ISP may only see the IP headers, which won't tell them squat about the payload. The destination IP might give them a hint, though.

Another volley herd in The Pirate Bay (5, Insightful)

corsec67 (627446) | more than 6 years ago | (#22442938)

Too bad we even have to fight this forgery by Comcast, but a technical option has its advantages, since a legislative option might get watered down by lobbyists and congress.

Encryption is always a good thing. The more people that use encryption, the less eavesdropping there will be.

How about, "if you have nothing to hide, hide it anyways"?

Re:Another volley herd in The Pirate Bay (4, Insightful)

webmaster404 (1148909) | more than 6 years ago | (#22442964)

How about, "if you have nothing to hide, hide it anyways"?


How about, if you have nothing to hide, someone either the government, your boss, Etc. will twist it to either sell your info or make you look like a criminal, so hide it.

Re:Another volley herd in The Pirate Bay (1)

neonmonk (467567) | more than 6 years ago | (#22443064)

Hmm. That's too long. Not catchy at all. I think I'll stick to:

Don't ask. Don't Tell. Don't Let Privacy Pirates Sell My Mundane Life To Advertisers.

Hrm. Wait.

Re:Another volley herd in The Pirate Bay (5, Funny)

Sir_Lewk (967686) | more than 6 years ago | (#22443120)

How about, "Since I have nothing to hide, you shouldn't mind not reading it"

Re:Another volley herd in The Pirate Bay (3, Insightful)

mdmkolbe (944892) | more than 6 years ago | (#22443252)

If I have nothing to hide, you have no good reason to read it.

Re:Another volley herd in The Pirate Bay (1)

corsec67 (627446) | more than 6 years ago | (#22443294)

"If I have nothing to hide, you have no reason to search me"

Beautiful. New signature.

Re:Another volley herd in The Pirate Bay (1)

calebt3 (1098475) | more than 6 years ago | (#22443444)

How would one determine whether or not you have something to hide?

Re:Another volley herd in The Pirate Bay (1)

corsec67 (627446) | more than 6 years ago | (#22443470)

And that is the entirety of the problem.

How do you know who has anything to hide, unless you search everyone?
How do you know who is a terrorist, unless you search everyone?

You know after the fact, but it is impossible to preserve privacy and to know for sure "who has anything to hide". The people who wrote the constitution chose to err on the side of privacy. Now, we are choosing to err on the side of... no liberty.

Re:Another volley herd in The Pirate Bay (1)

JustOK (667959) | more than 6 years ago | (#22443560)

I think you want to watch me because you are some sort of pervert. Prove to me that you're not a pervert by establishing 24x7 monitoring of your life first. Then I'll think about.

Re:Another volley herd in The Pirate Bay (1)

novakyu (636495) | more than 6 years ago | (#22443472)

How about, "if you have nothing to hide, hide it anyways"?
Indeed. This also helps with when you do have something to hide—if you only hide it when you have a reason to hide, then the act of hiding itself becomes a sign of guilt. But if you always hide it regardless of the reason (and the general populus does it also), then it allows due process to work as it always has: innocent until proven guilty.

I wonder... (1)

Nero Nimbus (1104415) | more than 6 years ago | (#22442952)

I wonder how long it will take Comcast to figure out a way to thwart this new method. The blocking and obfuscation methods are only going to get more and more complicated from here.

Re:I wonder... (4, Insightful)

Kadin2048 (468275) | more than 6 years ago | (#22443024)

Well currently the state of the art is in favor of encryption, rather than cryptanalysis, so I don't think that the advantage is automatically Comcast's. They could probably do some fairly sophisticated traffic analysis, but at the end of the day, they're not actually going to break the encryption and get at the contents, and they can't block all encrypted traffic because it's too critical for other purposes.

They can force the BitTorrent devs to produce a new version every few months, but in the long run I think they're on the losing end of the war -- if they want to stay in the data-transportation business, and assuming there aren't any major breakthroughs in cryptanalysis that render modern public-key technologies useless.

Re:I wonder... (1)

ZWithaPGGB (608529) | more than 6 years ago | (#22443358)

They control the connection. Unless you are using a Diffie-Hellman key exchange or other form of Perfect Forward Security, they can run a Man In the Middle attack. From my reading of this spec, it's still susceptible to MIM, ergo, you're still at the mercy of your carrier.

Re:I wonder... (4, Informative)

budgenator (254554) | more than 6 years ago | (#22443050)

there is also a UDP Tracker Protocol for BitTorrent [bittorrent.org] , UDP doesn't even hear the RST packet. Comcast will have to figure out a way to turn off something that doesn't have an off switch.

Re:I wonder... (0)

Anonymous Coward | more than 6 years ago | (#22443272)

Super. Now they have more motivation to block UDP, exempting only than to their own bundled VoIP service.

Re:I wonder... (4, Informative)

Mr2001 (90979) | more than 6 years ago | (#22443284)

Nope. It's the TCP connection between two peers that Comcast is attacking, not the connection between the peer and the tracker. Using UDP for the latter doesn't solve anything.

Re:I wonder... (1)

shadowmatter (734276) | more than 6 years ago | (#22443424)

Comcast is killing the TCP/IP connection when talking to another peer, so that blocks cannot be exchanged. The connection to the tracker isn't overly important anyway, as you only rarely connect to it to get a random selection of new peers to connect to when needed. (And there are already ways to get these peers over UDP, most notably over the trackerless DHT extensions.)

- shadowmatter

Re:I wonder... (0)

Anonymous Coward | more than 6 years ago | (#22443430)

The UDP tracker protocol is exactly that: a protocol for peer/tracker handshakes. Comcast's system interferes with the peer-to-peer traffic, which is always over TCP.

Re:I wonder... (1)

Secret Rabbit (914973) | more than 6 years ago | (#22443572)

In UDP, there also isn't a way for the "client" to tell the "server" that the data has arrived safely. So, Comcast could just drop the packet.

So uTorrent supports it, big whoop. (0)

dosius (230542) | more than 6 years ago | (#22442968)

What about BitTornado? Will it be patched to support this method? How about any other Linux-compatible BT clients?

-uso.

Re:So uTorrent supports it, big whoop. (1)

Idiot with a gun (1081749) | more than 6 years ago | (#22443018)

You can use uTorrent in Linux, it was designed to be very Wine friendly. I myself found it to be more reliable than Azureus, my old client.

Besides, I thought certain trackers didn't allow in various clients, due to past problems. I can't recall if BitTornado was one of the commonly accepted ones or not though.

Re:So uTorrent supports it, big whoop. (0, Troll)

dosius (230542) | more than 6 years ago | (#22443148)

Yeah, but uTorrent 1.7.x phones home. I use 1.6.1 if I *have* to use uTorrent.

-uso.

Re:So uTorrent supports it, big whoop. (2, Informative)

Anonymous Coward | more than 6 years ago | (#22443538)

There's been not a shred of proof that uTorrent "phones home," just lots of FUD. Plus, 1.6.1 was the release right after the buyout, so you really want 1.6.0 if you're going to be paranoid.

Re:So uTorrent supports it, big whoop. (0)

Anonymous Coward | more than 6 years ago | (#22443054)

Umm, duh? People wrote those clients. I'm fairly sure they'll update them.

Re:So uTorrent supports it, big whoop. (1)

tepples (727027) | more than 6 years ago | (#22443144)

Umm, duh? People wrote those clients. I'm fairly sure they'll update them.
Not if development of your favorite client has been discontinued, and either the client is non-free or you don't have the money to fund new development of the client.

doesn't work (4, Insightful)

nguy (1207026) | more than 6 years ago | (#22442970)

Comcast will now probably simply impose soft traffic caps and soft caps on the number of connections users can make.

Re:doesn't work (2, Interesting)

Idiot with a gun (1081749) | more than 6 years ago | (#22443090)

And hopefully people will stop using Comcast if they do that. I think most users who don't use any p2p technology assume that Comcast isn't lying when they say they're throttling pirates, but if they start throttling everyone, they'll find most users will have a very negative response.

Re:doesn't work (1)

calebt3 (1098475) | more than 6 years ago | (#22443458)

but if they start throttling everyone, they'll find most users will have a very negative response.
Speaking of which... How are WoW users handling all this?

Re:doesn't work (1)

JeanBaptiste (537955) | more than 6 years ago | (#22443190)

... they, and everyone else already do. seriously, try it. i've done connection/load tests on many different systems and if you start acting suspiciously (lots of connects/disconnects, burst traffic (like p2p)), you get throttled down. DDOS prevention would be my guess.

Comcast makes $$$$$ disrupting seeds (4, Informative)

colinmcnamara (1152427) | more than 6 years ago | (#22443032)

Comcast is trying to spin their actions as promoting fair use of the their networks. The truth is that ISP's profit from having data dumped INTO their network and have to pay hard cash for data LEAVING their network. By injecting RST's into the peers seeding traffic, they promote an asymmetric data flow that brings more data (and therefore money) into their network, while minimizing the money they have to pay other ISP's for data going out. This proposal provides protection against the throttling of their upstream Bittorrent traffic only if the ISP is not aware of the info_hash of the torrent. Once this data is known it is possible to apply common data tagging and congestion control techniques to squelch this traffic. All the service provider (or application developers like SandVine) has to do is monitor the common torrent sites, and dynamically update this hashes into the network filters. This is sure to deny a majority of the torrent traffic out there (movies, linux distro's, etc). Colin McNamara CCIE #18233

Holy crap, a CCIE! (5, Funny)

Anonymous Coward | more than 6 years ago | (#22443048)

I am just a measly CCNA.

I am not worthy.

m(_ _)m

Re:Holy crap, a CCIE! (0)

colinmcnamara (1152427) | more than 6 years ago | (#22443212)

Every journey starts with a single step. (and all us CCIE's started as CCNA's). You are sooo worthy :)

Re:Holy crap, a CCIE! (5, Insightful)

Anonymous Coward | more than 6 years ago | (#22443282)

I for one find anyone flaunting certification X to be an annoying twat

Re:Holy crap, a CCIE! (0)

Anonymous Coward | more than 6 years ago | (#22443426)

Let them have it. Since they couldn't get real degrees this is all they have.

Re:Holy crap, a CCIE! (1)

Plutonite (999141) | more than 6 years ago | (#22443456)

And I for one, love it when Anonymous Cowards fight/call each other annoying little twats. I dunno, it just has this special feel to it. Like 2 invisible dudes throwing stuff at each other. Highly entertaining.

Re:Comcast makes $$$$$ disrupting seeds (1)

HackNack (853020) | more than 6 years ago | (#22443296)

And all the common torrent sites have to do is block the IPs which seem to be hellbent on downloading every single torrent. Better yet, the common torrent sites can feed the ISPs bad data or salt their torrents.

And the battle continues...

HackNack,
Network+

ROLL OUT FIOS IN MY AREA! (-1, Troll)

Anonymous Coward | more than 6 years ago | (#22443036)

This is an illustration of my penis using ASCII.

(_)(_)lllllllllllllllllllllllllllllllllllllllllllD

(not to scale)

Re:ROLL OUT FIOS IN MY AREA! (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#22443536)

This is an illustration of my penis using ASCII.

(_)(_)lllllllllllllllllllllllllllllllllllllllllllD

(not to scale)
Ah, yes. Below is a to scale version of your tiny pecker:

(_)(_)lllllllD

Loser.

Ha! Ha! (3, Insightful)

stox (131684) | more than 6 years ago | (#22443074)

Now Comacast will need to keep a list of connections in order to guess that a torrent is running, instead of just looking at the packet. Good luck on that without a massive infrastructure upgrade.

I'm glad this is all happening (2, Interesting)

bogie (31020) | more than 6 years ago | (#22443188)

It had to come to a head at some point. ISPs have been bitching about P2P for a while now. Let's get those secret docs on "unlimited" usage out in the open. Let's define what is acceptable and let's give users the ability to meter their usage. My prediction is 95-99% of us won't be affected by these new open bandwidth policies and ISPs can go back into the business of providing dumb pipes.

Throttling encryption (3, Interesting)

diamondmagic (877411) | more than 6 years ago | (#22443234)

How long is it until they start throttling encrypted traffic too?

Marijuana: Its Time for a Conversation (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22443322)

http://www.marijuanaconversation.org/ [marijuanac...sation.org]

Marijuana: Its Time for a Conversation invites viewers to consider whether these laws are working for us or against us.
What does marijuana law enforcement cost us in tax dollars?
How effective is prohibition at controlling marijuana use and availability?
What are the social consequences of marijuana prohibition?
Are the consequences of marijuana arrests and convictions fair? Are the laws applied fairly to all Americans?
How did we end up with these laws in the first place?
Is marijuana prohibition doing more harm than good?

  Sponsored by the American Civil Liberties Union and featuring noted travel writer and television host Rick Steves, Marijuana: Its Time for a Conversation begins a long-overdue public discussion about marijuana and marijuana prohibition.

Marijuana: Its Time for a Conversation currently is available to more than 650,000 Comcast subscribers in the Western Washington region. Subscribers can view the program free of charge, 24/7, by selecting Channel 888, going to Community, and choosing Marijuana: Lets Talk.

Won't work: They clamp on traffic per flow (4, Informative)

ZWithaPGGB (608529) | more than 6 years ago | (#22443328)

They don't care about any protocol analysis. Any sufficiently long-lived, high volume, traffic flow between two IP addresses gets hit. I've had IPSEC VPN connections behave strangely and opened tickets, where the techs have admitted I had "accidentally" been flagged (IE, the IPSEC endpoints weren't on the whitelist, even though I have business class service).

The only way around this is to open multiple connections to different addresses, transfer small amounts per connection, and then shut it down, opening the next connection to a different endpoint. It requires a total reengineering of P2P, although the BitTorrent mechanism is closest to what would work.

Re:Won't work: They clamp on traffic per flow (1)

greg1104 (461138) | more than 6 years ago | (#22443480)

What he said. I've also seen my IPSEC VPN connections get trashed. As for other encryption not helping, when I start an scp session uploading a file to my office I get 190KB/s. After a minute or two that rate is down to 40-45KB/s, and the entire network is punished. Other people here using the Internet can tell when I'm uploading something because the entire Internet connection is flogged to a crawl the same way we are when there's a torrent active.

Re:Won't work: They clamp on traffic per flow (1)

Esc7 (996317) | more than 6 years ago | (#22443522)

So basically large data transfers aren't ok anymore? Even if you pay for the damn bandwidth? Can we get a class action already?

You pay for bandwidth, you get bandwidth. Lord knows we went long enough without broadband, now they want to destroy and hamstring it? What a waste.

Uping the forward traffic (1)

Ultimatt (1240410) | more than 6 years ago | (#22443390)

I think the real trouble is the limit of forward data in general. Comcast along with ever other limiting provider needs to realize the needs of its users and open up a few more forward channels.

Ultimatly it wont stop comcast (3, Insightful)

jonwil (467024) | more than 6 years ago | (#22443394)

If they aren't already doing it (I dont know the exact technical details of what they are doing), ISPs like Comcast will simply start looking for anyone uploading large amounts of data (especially if they are uploading to a bunch of different people at once) and block that.

First Blood? (4, Insightful)

EdIII (1114411) | more than 6 years ago | (#22443404)

I'm surprised it took this long for the Bittorrent Devs to respond. Encryption is not a complete solution, as I have stated before, but it is a beginning. That is for certain .

It's going to get a lot more interesting from here on out. In the end, it will only benefit the consumers since they will receive technology that allows them to communicate a little more privately, and perhaps with a little luck, more anonymously too. One could only hope that TOR/Freenet technologies become as ubiquitous in their use as email. Perhaps a hybrid system with elements of Freenet, TOR, and Bittorrent all wrapped up into one would do the trick. I certainly think so.

I think, actually I know, that Comcast has fired the first shot in a losing battle.

I also just can't help pointing out the similarities to the Drug War. A million or so people in prison, and yet there are still plenty of users and suppliers. I would almost say it has effectively made no difference in the amount of people using drugs, or selling them. Especially, since the amount of drugs being sold and used in prisons is even higher then on the street.

So what is the point? If history has taught us anything, it is that governments (corporations even more so) will consistently fail at their attempts to limit/eliminate popular behavior. The elements may change from time to time, but the end result is always the same. The people will find a way to continue their behavior .

"Greetings, Professor Falken. Strange game. The only winning move is not to play."

Re:First Blood? (1)

Ultimatt (1240410) | more than 6 years ago | (#22443486)

Wow, Thats some hugely in depth drug related similarity. It does however simulate the synonymous . People are going to continue to file share regardless of it's connotations that it needs to overcome.

Re:First Blood? (1)

budword (680846) | more than 6 years ago | (#22443552)

The drug war has been costly to the people involved, but there is no doubt that it's made a difference. As the cost for any drug goes up, it's use goes down. Without hassling suppliers, and disrupting supply to some extent, the price would continue to go down, and there is no doubt that it's use would go up. Does it stop drug use ? Nope, never will. Prohibition doesn't work either, never has, never will. I'd rather see it legalized and taxed, and the proceeds used for voluntary treatment. But don't claim the "drug war" hasn't made a difference. Look at the Economics of it. It has, it's just hard to see if you know people, users, who have been imprisoned for it. Making users the enemy has no benefits, to society, or the users themselves.

What about the collateral damage? (3, Insightful)

blake182 (619410) | more than 6 years ago | (#22443576)

One of the things I'm curious about is what kind of collateral damage this kind of thing does to legitimate traffic. Oddly enough, I couldn't get to expedia.com, transformers.com (hey, I have an eight-year-old), and store.apple.com when I first got Comcast. A couple of months later, when the news first broke that they were screwing with the traffic, those sites suddenly started working. Nothing changed at my house, and all of them started working at once.

Possibly coincidence. Possibly not.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...