p2pnet news | P2P:- Despite its strong denials to the contrary, Comcast is deliberately and knowingly impeding attempts by some of its high-speed Internet customers to share files online, says Associated Press, continuing:

The interference, which The Associated Press confirmed through nationwide tests, is the most drastic example yet of data discrimination by a U.S. Internet service provider. It involves company computers masquerading as those of its users.

If widely applied by other ISPs, the technology Comcast is using would be a crippling blow to the BitTorrent, eDonkey and Gnutella file-sharing networks. While these are mainly known as sources of copyright music, software and movies, BitTorrent in particular is emerging as a legitimate tool for quickly disseminating legal content.

But in September, “we spoke with Comcast to try to find out what was going on in this case,” posted the EFF’s (Electronic Frontier Foundation) Seth Schoen (right) and, “Comcast assured us that, while it does do some kinds of network management on its residential network, it isn’t deliberately blocking, degrading, interfering with, or discriminating against particular protocols or kinds of traffic. (This is consistent with what Comcast told the press in August when these allegations were widely raised.)

“The company said that it isn’t using network management techniques that are designed to disrupt anyone’s use of BitTorrent (or any other application).”

Now Schoen says following the AP revelations, “we’ve been running our own tests” and Lo! – “Comcast is forging TCP RST packets which cause connections to drop (a technique also used by Internet censorship systems in China).

“These packets cause software at both ends to believe, mistakenly, that the software on the other side doesn’t want to continue communicating.

He goes on >>>

The TCP RST packet forging seems to be protocol-specific: as AP reported, it at least sometimes happens directly in response to specific BitTorrent protocol events. This contradicts Comcast’s statement to us that their network management does not target or discriminate against particular protocols. The timing of the injected packets suggests that something on Comcast’s network understands the BitTorrent protocol and treats it differently from other protocols.

We confirmed this by trying to download files from Comcast subscribers using BitTorrent. We disabled any firewall or NAT software and connected the machines at both ends directly to the Internet, and ran Wireshark, a packet capture tool. This allows us to see exactly what packets each end sent and exactly what packets each end receives. If ISPs between both points were not forging packets, no packets should have been received by one end that bear the other end’s IP address but were not sent by it(*). (This is comparable to recording a telephone conversation at both ends and then comparing the recordings to see whether the phone company sent the conversation through faithfully and unmodified.)

Unfortunately, the resulting packet traces look drastically different from one another: each user routinely receives huge numbers of TCP RST packets that appear to have been sent by the other user. But the packet trace at the other end confirms that these packets were never transmitted; they must have been generated and injected by an ISP along the way.

How do we know that Comcast is responsible? Apart from the large number of reports accusing Comcast, increasingly accompanied by packet traces showing suspicious RST packets, we repeated the experiment with two different Comcast connections (one in San Francisco, and one in Oregon) and saw the RST packets appear in both cases. When the Comcast user in Oregon — Robb Topolski, a source for the AP story and one of the first to carefully document the RST forging phenomenon — switched on a VPN connection that caused his communications to be encrypted and routed through a different ISP, the RST packets completely disappeared.

Comcast keeps telling its users that the problems they’re seeing are not its fault. It’s time for Comcast to come clean about what it’s doing and take its users’ reports seriously.

(*) Note to network experts: IP fragmentation does allow for the possibility that a single packet sent by one end could arrive in multiple fragments, none of which was originally sent in fragmented form. However, we did not observe any fragmentation at all during our experiments and, in particular, the forged RST packets are clearly not fragments of packets sent by the other end.

(Thanks, Phil)

Slashdot it!

Also See:

Associated Press – Comcast blocks some Internet traffic, October 19, 2007

Seth Schoen – Comcast and BitTorrent, September 13, 2007

AP revelations – EFF tests agree with AP: Comcast is forging packets to interfere with user traffic, October 19, 2007

---

Use free p2pnet newsfeeds for your site. It’s really easy!

Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php

---

Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details. Download here.

This entry was posted on Saturday, October 20th, 2007 at 7:24 am and is filed under P2P. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

HOME

Viewed 8112 times