Comcast Forging Packets To Filter Torrents 413
An anonymous reader writes "It's been widely reported by now that Comcast is throttling BitTorrent traffic. What has escaped attention is the fact that Comcast, like the Great Firewall of China uses forged TCP Reset (RST) packets to do the job. While the Chinese government can do what they want, it turns out that Comcast may actually be violating criminal impersonation statutes in states around the country. Simply put, while it's legal to block traffic on your network, forging data to and from customers is a big no-no."
Re:Can you say "class action" ? (Score:5, Informative)
http://www.publicdomaintorrents.com/ [publicdomaintorrents.com]
http://www.starwreck.com/download.php [starwreck.com]
http://www.zeitgeistmovie.com/ [zeitgeistmovie.com]
Evidence is already out there (Score:5, Informative)
It didn't escape attention on Slashdot! (Score:4, Informative)
Re:Technical merit? (Score:5, Informative)
Re:Suure... legal action is possible... (Score:3, Informative)
It's Not A Crime.... (Score:2, Informative)
This one stands an extremely low probability of actually improving comcast's service from a consumer-geek perspective. Quick and dirty reasons why:
1. Comcast is in up to their necks with municipal politicians. They need campaign contributions from Comcast.
2. Comcast is in up to their necks with state politicians too.
3. What's the penalty here? Certainly not meaningful enough to warrant the expense of a trial.
4. Since when do consumers Comcast's terms of service? They'll spew the usual free-market pablum as a polite way to tell unhappy customers to go elsewhere. Except they know there may be no elsewhere in many cases.... Not their problem.
For everyone that refuses to believe nothing will come of it, who's going to pay the law firm to drag Comcast into court on a state-by-state basis?
It's better than single-packet blocking. (Score:5, Informative)
It's a fairly insidious way to block traffic, which is why the Chinese do it. Frankly it's a fundamental weakness of TCP: it wasn't really designed to cope with hostile intermediate nodes. (Flaky ones, sure, but not hostile ones.) You could configure your computer to reject RST packets, but then you'd end up leaving connections open all over the place and cause all sorts of other problems. It's not something that you can trivially work around.
Re:Why? (Score:1, Informative)
Because they don't want flow control, they want it to stop. If they just drop the packet, the computer sends it again. And again. And again. Sure, it might slow down, but computers have near-infinite patience, and eventually your customer will have transmitted 50 or 60 GB of that 4.5GB pr0n dvdrip right into the bit bucket and somebody's going to have to clean those filthy bits out.
Standard Approach (Score:3, Informative)
Now the other thing is that the IP addresses being used are owned by the ISP. I am not so sure this is really forging something on behalf of the customer that's breaking laws. The customer doesn't own that IP. On top of that (and I am ASS-U-MING HERE) they are probably breaking the acceptable use policy for the ISP. If they don't allow P2P stuff, you're in violation. They could do a lot worse stuff to be a PITA than just reset your connections.
read the rest of that thread (Score:3, Informative)
Re:Can you say "class action" ? (Score:3, Informative)
Re:Can you say "class action" ? (Score:3, Informative)
The Berne Convention [wikipedia.org] is an international treaty that sets standard copyright terms and prohibitions and has been ratified by most of the countries you've heard of.
Re:Evidence is already out there (Score:3, Informative)
Actaul chat session dialog. (Score:5, Informative)
Please provide me with a complete list of TCP/IP ports which Comcast actively blocks/filters/or limits traffic to users??
analyst Tallilee.7304 has entered room
Tallilee.7304(Tue Sep 04 2007 17:54:50 GMT-0400 (Eastern Daylight Time))>
Hello Christopher_, Thank you for contacting Comcast Live Chat Support. My name is Tallilee.7304. Please give me one moment to review your information.
Christopher_(Tue Sep 04 2007 17:55:23 GMT-0400 (Eastern Daylight Time))>
Hi
Tallilee.7304(Tue Sep 04 2007 17:55:18 GMT-0400 (Eastern Daylight Time))>
The only ports that may be actively blocked on the Comcast network are 67, 68, 135, 137, 138, 139, 445, 512, 520, and 1080 at this time. Any ports that are blocked will not be unblocked. If the port you would like to use is on this list, please select another port to use with your software. There are over 10,000 ports available for use. Please be advised that Comcast reserves the entitlement to block any ports on the network without prior notice. We thank you for understanding this security policy.
Christopher_(Tue Sep 04 2007 17:56:14 GMT-0400 (Eastern Daylight Time))>
I have read that Comcast is now actively retarding bittorrent traffic.
Tallilee.7304(Tue Sep 04 2007 17:56:09 GMT-0400 (Eastern Daylight Time))>
That is not a true statement.
Re:Can you say "class action" ? (Score:5, Informative)
See the WP [wikipedia.org] for a list of a few things (including WoW updates) that use BitTorrent.
Both ends (Score:3, Informative)
Then again, if anyone figures out a way to stop it, they could advertise that they're plagued by that curse as part of the BT protocol and only bother conversing with those who can handle it. It should still be obvious that someone is sending data to a connection that should've been reset.
Then again, NATs and things like that in between could go crazy, because the 2nd packet could be lost long before it ever gets to your computer...
Re:Can you say "class action" ? (Score:5, Informative)
I don't think they'd like that choice.
If they are common carriers, then they are supposed to be indifferent to WHAT they are carrying, like the mail or the phones. If an extortion threat is transmitted by mail, you can't sue the post office. Not just because it's acting as an agent of the govt, but because it's a common carrier. (UPS is just as protected.) They aren't supposed to know or care what they're carrying. If they did, and demonstrated the capability of filtering it by filtering some of it, then they would lose their common carrier status, and become liable as accessories to extortion, e.g.
OTOH, I don't want them pretending to be me. Not at all. That should be grounds for a suit. It should also be grounds for criminal prosecution not only of those who implemented it, but of all of their supervisors, managers, etc. also. Including the boards of directors. It shouldn't have a particular onerous penalty...say 10 days for each separate offense. Cumulative. I'll be generous, and say 1 day per instance. I.e., 1 day per false packet.
Re:Can you say "class action" ? (Score:3, Informative)
Re:Can you say "class action" ? (Score:3, Informative)
Re:Check this out... (Score:2, Informative)
White paper on the subject (Score:1, Informative)
Comcast is in violation of Internet standards as well as United States Federal law in its use of devices which send "specially crafted packets" to its own users in order to disrupt those users' Internet Communications.
Executive Summary
Comcast's use of the Sandvine devices to prohibit its clients point-to-point Internet traffic is in violation of Internet standards as well as Federal law. Comcast's Terms of Service ("ToS") do not trump Federal Law. Further, Comcast's methods for blocking this traffic negate its claim that it offers "an Internet connection."
Press - Technical Summary
Comcast uses devices manufactured by Sandvine Incorporated ("http://www.sandvine.com"). These devices inject specially crafted RST packets purportedly from upsteam P2P peers to Comcast customers, which destroy existing legitimate TCP connections. By doing so Comcast not only violates the TCP standard, but also the Host Requirements standards, and by crafting the packet to appear as if it came from the remote upstream peer is violating Federal Law.
ROADMAP
This memo will address the following:
1. What makes one "part of the Internet" or "connected to the Internet"
2. What standards and specifications spell out what is allowed and disallowed on the Internet.
3. What laws exist that govern these in the United States
4. What Comcast does which violates these standards and specification.
BEING CONNECTED TO THE INTERNET
Connection to the Internet in 2007's "Broadband America" is a simple matter of three items:
1. Get a carrier to provide a connection
2. Have a piece of hardware (typically a PC, a Mac, or a Router) which can connect to that connection
3. Make sure that hardware has the right software (Windows, MacOS, or embedded IP) to speak the right protocols.
Getting a Carrier
In most areas, the dominant carrier for "broadband access" is the local cable company, most of which have their own dedicated coaxial and fiber infrastructure, and a franchise agreement or otherwise similarly codified effective monopoly. Alternate access may exist in the form of lower-speed via the telephone company's Digital Subscriber Loop ("DSL") or a wireless Internet Service Providers ("wISP"). These latter two offer speeds that rival 1/10th the Cable Companies advertised speeds* to 1/2 at best. Thus definitionally the only true "broad" band coverage is that provided only by the cable company. Getting the cable company to install a circuit is a simple matter usually handled by one telephone call, requiring no special contract or signature, and in most cases not even requiring a supervised site visit. (An unsupervised site visit by a technician to remove a high-pass or low-pass filter is sometimes required depending on the cable company's network.)
* Based on advertised speeds available in Tucson AZ, June-August 2007
Having a piece of hardware
A Personal Computer (PC) is available ubiquitously, and complete systems are sold throughout the Internet (e.g. eBay, Dell.com, etc.) and in stores (e.g. Best Buy, Circuit City, Walmart, etc.)
Having a piece of software
Most PCs come preloaded with a form of the Windows operating system. Mac systems come preloaded with MacOS. Either can be converted to running the popular and free open-source operating system Linux. Embedded routing devices run their own embedded operating system, often based on Linux.
INTERNET STANDARDS AND SPECIFICATIONS
1. There are standards all hosts on the Internet must adhere to. This includes all routers and end users' systems. (End-Systems and Intermediate Systems in ISO-speak.)
2. These are protocol standards that specify how a protocol is to be implemented
Hosts Requirement RFCs
RFC 1123 is the Host Requirements RFC. It is an official specification which "...supplements the primary protocol standards relating to hosts."[RFC-1123, para 1 "Status of This Memo"]. The "primary protocol standards relati
Re:Can you say "class action" ? (Score:3, Informative)
Two different issues, actually. The ToS terms are very "fluid" - it's not that the company revises them secretly, but more like the terms are so wide that doing *anything* is probably violating some term or another. Even just browsing a web site probably violates some term. (Heck, most ToS' have a "no servers" clause, and if you're using FTP..., and most have rules against downloading copyrighted content... which most content on the web is! Sure you have permission to download said content, but it can be considered a ToS violation).
Most ToS' are a CYA so they have carte blanche to do anything they want. If you ask them why they're cutting you off, they can cite the ToS knowing you've violated some clause or another (because the only way not to is unplug the modem).
One word: (Score:3, Informative)
Re:Can you say "class action" ? (Score:2, Informative)
It was mostly intended to cover the AOL issue. AOL wanted to offer some moderation of its forums to create more child-friendly forums. But they were worried that if they tried to moderate the forums, they might become liable for anything that slipped through.
The law has recently covered identifying programs as spyware or malware. Apparently, so long as you do this in good faith, you are not liable for false positives or false negatives.
So this should cover most filtering an ISP might do. Whether it will cover *forging* packets for traffic level management, I don't know. That's quite a stretch. But the myth "you're a common carrier unless you filter" is false for many reasons.