BitTorrent Devs Introduce Comcast-Proof Encryption

Dean Garfield writes "An article at TorrentFreak notes that several BitTorrent developers have proposed a new protocol extension with the ability to bypass the BitTorrent interfering techniques used by Comcast and other ISPs. 'This new form of encryption will be implemented in BitTorrent clients including uTorrent, so Comcast subscribers are free to share again. The goal of this new type of encryption (or obfuscation) is to prevent ISPs from blocking or disrupting BitTorrent traffic connections that span between the receiver of a tracker response and any peer IP-port appearing in that tracker response, according to the proposal.'"

Re:Traffic Analysis

[ookabooka]

I think the idea here is to stop Comcast from injecting their own RST packets into the stream, effectively killing the connection from both sides. Every time an ISP implements a harsh countermeasure, they force the evolution of the protocol. I see this simple as the next logical step in the constant pull and tug of P2P and ISP's. Still, kudos for these guys doing this stuff. I'm sure Blizzard will like hearing that their updates are hindered on Comcast's networks while P2P data has an easier time.

Re:doesn't work

[Idiot with a gun]

And hopefully people will stop using Comcast if they do that. I think most users who don't use any p2p technology assume that Comcast isn't lying when they say they're throttling pirates, but if they start throttling everyone, they'll find most users will have a very negative response.

Re:Do arms races ever work?

[Ilgaz]

Unless one side suddenly blows away the other, I don't see this ending. It may breed innovation, but said innovation only seems useful for this one problem.

As far as I followed, most Bittorrent based "inventions" were done because of attacks by dark companies (media defender), fake seeders etc. Comcast is practically DOS attacking their own customers so someone finds a workaround for it. If it is good enough, all those bittorrent clients will adopt it in no time and they will end up with horrible publicity, paranoid customers, FCC investigation for nothing. Technical karma :)

I'm glad this is all happening

[bogie]

It had to come to a head at some point. ISPs have been bitching about P2P for a while now. Let's get those secret docs on "unlimited" usage out in the open. Let's define what is acceptable and let's give users the ability to meter their usage. My prediction is 95-99% of us won't be affected by these new open bandwidth policies and ISPs can go back into the business of providing dumb pipes.

Throttling encryption

[diamondmagic]

How long is it until they start throttling encrypted traffic too?

Re:Do arms races ever work?

[CodeBuster]

The bittorent devs have the upper hand, at least for the forseable future, because of strong crypto like AES, Serpent, and Twofish for symmetric session traffic and strong public key crypto like RSA to handle the handshakes and symmetric key exchanges. The only response of the ISP is to try and automate Man in the Middle (MITM), but that will be extremely difficult and expensive to implement in practice. Remember that Comcast was throttling bandwidth to cut costs on network upgrades so why would they spend exponentially more on new specialized crypto hardware and software to MITM the handshakes on bittorent sessions if they are too cheap to even upgrade their network? Unless and until there are substantial advances in cryptanalyis (as far as I know there have been no substantial improvements on known attacks in recent years, minor optimizations here and there but not enough to really put a dent in the crypto) or quantum computers become cheap and practical, encryption will provide a very strong defense against network filtering, particularly when it is combined with port randomization. That is why it is in the best Interests of Comcast and other ISPs NOT to escalate by engaging in packet filtering. They will only hasten the development of bittorent clients with strong crypto, as they are doing here, AND draw attention to these new "super" clients that are not "slow".

Re:FTP.

[slaker]

On my home Comcast segment, FTP uploads are filtered and shaped to hell, too. So are SSH and PPTP VPNs. And NNTP. I've got a big set of iptables rules to deal with what I can detect, but essentially if I'm doing anything but HTTP(S) or some kind of mail protocol, I can watch network latencies for all the traffic on my cable modem go up 500% and my bandwidth drop to about 20% of the real-world amount I normally have. I stop VPN-ing or NNTPing or torrenting and my connection goes back a few minutes later.

Re:Do arms races ever work?

[linzeal]

We are still using HTTP and FTP, who is to say that BT will not just slowly mature like those? If there is any standard P2P protocol emerging than BT would be in the top 3 along with Edonkey and DC++.

Re:Do arms races ever work?

[MightyMartian]

Or they could just do the sensible thing, cut out all the bullshit "unlimited" advertising (which should be against the law anyways) and start selling customers a set block of gigabytes, with an over-limit charge per gig, just like the dialup ISPs did with time online in the olden days. That's what I did at the small ISP I worked for. I wrote and maintained the billing software, and just sucked in usage stats off our Radius servers once an hour. The system was even set up to send out an email when a user was close to his gigabyte limit letting him know that the meter was going to start running and what the charge per gig was.

We tried shaping P2P traffic, and it just annoyed customers, and annoying customers is not exactly a long-term strategy for success.

I don't want to blow my own trumpet but...

[kaos07]

http://it.slashdot.org/comments.pl?sid=450792&cid=22391864

Happened a little later than I expected, but it still happened! Good work.

Ok so we have Britain proposing the monitoring of the entire internet, Australia is proposing an ISP-level filter, US cable companies are doing their own selective torrent throttling and various countries such as China already have expansive firewalls and filters in place. Even if this proposal falls through, or is modified somehow, I think we're going to have to accept that governments are in the pockets of the media companies and service providers will target users of p2p because, in their opinion, they aren't making as big a profit as they might like.

The next step is to ask what we, as the science, engineering and computer-loving community who have been using BitTorrent and various other protocols for legitimate uses before all the kids figured out they could score Amy Winehouse albums for free, can do to either circumvent the policies initiated by the above various groups or to bypass them completely.

Napster, Limewire and the first generation p2p clients collapsed so BitTorrent was designed and users flocked to it. Now it appears that BitTorrent is going to suffer the same fate (if not now than definitely in the near future - the increasing pressure put on ISP's and governments around the world by copyright holders is going to see to that).

We can't afford to fight fire with fire. Invasive laws and techniques used by companies such as Comcast may be un-Constitutional, or against the terms of service but the average p2p-user can't afford to launch a civil case against one of the biggest corporations in the USA. My suggestion is for a new protocol to be established, with the emphasis on sharing legitimate files such as patches, Linux ISO's, videos, game demo's etc. Inevitably the first people to jump onto the new system will be the true geeks (By this I mean your average Slashdotter) and by doing so, they can utilise it to its full extent (Something like the early days of BitTorrent) whilst the MPAA/RIAA flog a dead horse.

Of course it's only a matter of time before pirates jump onto the new protocol and then we watch the whole show unfold again. However p2p-users have proven resourceful and it's only a matter of time before yet another protocol is developed and the cycle continues. But the advantage lies with us. The cost to the developer of something like BitTorrent is minutely small when compared to the hundreds of millions of dollars MAFIAA throws away in its attempt to stop piracy. If we keep it up long enough we might finally get the message across that p2p != piracy, or we might simply bleed them dry.

Re:Won't work: They clamp on traffic per flow

[ZWithaPGGB]

Hey, don't shoot the messenger! I'm PAYING FOR BUSINESS CABLE. IE, my TOS says I CAN run servers, and I'm STILL Getting joe-jobbed.

We all need to band together and find a way to send a giant FU to these guys. How about a mass switch, at the end of the next quarter, to Verizon? Make them show a huge "surprise" to Wall Street and have to explain it in the context of their "net neutrality" position?

Re:Another volley herd in The Pirate Bay

[Anonymous Coward]

"If you're not a virgin then you won't mind being raped."

Re:Another volley herd in The Pirate Bay

[INSSOMNIAK]

You are Judge Pickles [wikipedia.org] and I claim my five pounds.

What does strong crypto have to do with it?

[Joce640k]

Anything stronger than rot-13 will do.

Even if it only takes an ISP 0.1 seconds to "crack" a packet then there's no way he can crack the millions of packets per second flowing through his routers.

Source of the unsolicited traffic

[Lonewolf666]

Reportedly most of it comes from botnets:
Insecure machines that were taken over by hackers and whose clueless owners did not notice anything. Or even don't care.

Now if ISPs start selling traffic by the gigabyte (again - it was not uncommon a few years ago), the owner of those spam-slaves would notice it on their internet bills. At that point, I think securing one's machine would become a lot more popular and the botnets would shrink. Overall result:
less spam and DDOS attacks.

Considering the inbound hacking attempts, my father still has a 2 GByte/month plan and so far I've heard no complaints about suddenly increasing bills. So it seems to be not that much.

Re:What about the collateral damage?

[ben there...]

Up until the last month or two, I've had Comcast with no BT filtering and everything was running fine. Up to 400KB/s down on good torrents. Poor upload, but exactly what the agreement stated at 6Mb/384Kb. Kept the upload from being saturated at 48 KB/s by capping it at 35-40 KB/s and web browsing still worked fine with it. Pinged at 35-50 ms while running BT.

The past couple months, web browsing is unbearable while running BT with Comcast. As soon as I start it up, even at 15 KB/s upload, websites take 5-10 seconds to start displaying. Yet I still ping comcast.net and google.com at 35 ms. Strange. BT seems much slower at 100KB down max and sometimes dropping to 15 KB/s up. Same thing, every time. Completely different situation than before.

So, is this what their filtering looks like? Does it affect the whole connection, or just the bittorrent connections? I don't know much about network tools other than ping. Anyone got any pointers on how to check for the RST packets or whatever they're doing?

Re:I wonder...

[MrShaggy]

Wouldn't breaking the encryption be a violation of the dmca?? I think that would be sweet.