BitTorrent Developers Working on Ways to Get Around Sandvine > Will just slow them down

Will just slow them down

Actually, they could throttle everything, encrypted or otherwise, but that will cost them lots of customers : those that use bit torrent as well as those who do not.

Personally, if I had to bet on who gets ahead of this changing technology, I'd put my money on the pirates. They are doing it out of a belief of what is right, not because they are getting a fat corporate paycheck. They'll work endlessly to thwart attempts by greedy corporations to control the pipe.

Whenever you can pick a winner in a cause, those that do it with heart will beat those that do it for a paycheck everytime.

reply to fAcEtIOUs
Umm, I'm sure they HAVEN'T. Sandvine was looking at the traffic, and sending a forged RST packet. However, the new client doesn't present any traffic that they can IDENTIFY as bittorrent. It's ALL encrypted now, so unless sandvine wants to disable ALL encrytped traffic, it won't work.
--
The happiest countries are the most secular. The struggle AGAINST corporations is the struggle FOR humanity!

reply to Selenia
Is there an update available that in order for this encryption thing to work?

reply to karlmarx
What?!
Anyhow.. I'm assuming that new protocols will simply ignore any resets that aren't immediately precluded by some sort of privately signed 'pre-hangup'.
This way, Sandvine can send bunches of rst's and the clients will simply ignore them and continue.
I wonder if it's possible to create false positives and have comcast start resetting random innocent user's connections.
Imagine entire neighborhoods DOS'd because some content filtering decided the entire network was illegitimate.

THAT would surely cause some reconsideration of their policies.

reply to fAcEtIOUs

reply to fAcEtIOUs
Yea.. it's called billing by the byte.

reply to karlmarx
Wrong, you can do traffic analysis. There are 3 things encryption can NEVER get around. How filled a packet is. Frequency (bursty, streamy, best effort). Time between packets. Are connections started in bunches then no new ones are started, then another bunch or steady rate? How long do those connections last for? are the connections to the same IP, or 1 connection per IP or a mix? What kind of IP are those packets heading towards (your ISP's other customers, another residential ISP, a govt, a datacenter)? Once a connection is dropped with a particular IP, is it reestablished and when? How many connections simultaniously? What is the speed and how does it change in each connection over the life of the connection? How often does a connection fail/suceed? How often does a connection work, then time out?

P2P is really easy to detect. Many many simultaneous connections on high ports. Long continual uploading. IPs belong to other residential broadband ISPs. Many connection attempts time out. Extremely unstable traffic patterns inside each connection. Connections may get paused (no data) but still kept open. High ping times to the IPs your talking to (they are uploading too). Too much encrypted traffic compared to the typical non-p2p using broadband user.

Or you can start a whitelist, port 80 gets highest priority, etc. Or just deQOS all encrypted traffic. HTTPS is rare compared to HTTP traffic, not everyone continuously is checking out at 5-10 different online stores every second.

Even if every woman is walking in a burqa, you can still see how many there are, what speed they are walking at, how tall they are, you can track where each one goes, what buildings she goes to, when she goes back home, if and how much is she carrying, does she limp, does she stop to rest, does she have kids?

Edit, the only reason why the sandvine sends RST packets vs packet loss, is because Comcast is too cheap to buy a machine that can process at line speed (1 gigabit, 10 gigabits, whatever speeds ATM/SONET has). A sandvine is implemented as a "T" configuration, the box gets a copy of everything that goes across the wire (mirrored), then it sends back RSTs a few seconds/minutes later, sometimes the load on the line is too great, and it doesn't analyze all traffic (Comcast bought a slow model), but even if the Sandvine's CPU is at 100%, it will still be killing SOME BT traffic. Comcast could by a traffic shaper that all the traffic PASSES THROUGH. 2 ports on it. IN (customers) and OUT (backbone). And instead of "RST" packets, it drops packets on a connection (and only on that connection) that it identifies as BT, to 1-3 Kilobytes per second. Try getting around that. Heck, they can make their PowerBoost even more aggressive, or reverse it. If you upload floored for 15-30 minutes, all your upload traffic is put on PowerBoost, only the first couple seconds/minutes of the connection's uploading goes through at line speed (IDK, 2mbit/s), then the upload speed for that particular connection drops to dialup. If you try to get around it by dropping and restarting connections, you'll eat through a bucket, and then for 5-10 minutes as punishment all new connection's upload will be at 1-3kbyte/s from the moment they start, plus any existing connections that are still uploading. This can be blamed on "best effort" internet, and that Comcast's backbone is congested. If you try to get around it by having hundreds or thousands of connections (remember each is limited down to 1-3kbyte/s) to build up 10s or 100s of Kbyte/s of upload speed, your whole connection's upload slows down to 1-3Kbyte/s for 5-30 minutes. The cyclical nature of these slow downs will make it impossible to show the slowdowns to any service tech, or prove there is a problem to customer service. The risk of collateral damage is slow, since if an "innocent" person trips it, the slowdown will go away in 5-45 minutes, and the "innocent" person will be none the wiser, or blame it on a virus or the hamster that runs on the wheel inside their computer tower.

At this point, 2 words for you VPN/Steganography. Attacking those is much more risky, since if someone is uploading a 300MB video to a website, thats alot worse collateral damage, although at a certain length of uploading, 90% of people won't EVER upload something that big as an attachment, so at that point you can temporarily slow down their upload to high speed dialup (4-10 Kbyte/s) until they are done with their upload, and 10-45 mins passes after the end of that upload. Cablevision has a 150Kbit/s global upload cap for "abusers", Im sure Comcast can make that cap come and go on the fly with the right equipment. Just put a global cap on your cable modem's upload until X number of mins have passed since your stopped flooring your connection your now changed to 150Kbit/s cable modem.

Next solution, since P2P is against the TOS/AUP of Comcast. Comcast has every right to wall garden you, like other cable ISPs do when you become a SPAM relay. The moment you send a single packet from a banned P2P protocol you get null routed/routed/web browser redirected on any page it trys to access, and the Comcast walled garden page says "You have violated your TOS/AUP. You can not P2P on this connection. Please turn off any P2P programs you may have running or use these tools to remove any P2P programs, then click here to reset your connection. If you still have any P2P programs running you will be returned to this screen." If a consumer calls to complain, Comcast can put him on a 256K/128K $100 a month "P2P plan" with no restrictions on P2P. Hey its faster than ISDN, and no FAP like on satellite, or proxy problems. Yes, P2Pers will flee to DSL if its available, but why should Comcast care, those customers were a financial loss to Comcast (oversubscribtion), and them leaving improves the network? Grandma will still pay $60 a month and get her daily cooking recipe.

Something tells me that the future of P2P will be people putting/renting/colocating servers/seedboxes/torrentboxes in datacenters, and doing all their p2p from there, then downloading the results through HTTP/FTP. An ISP can't touch that without affect the lifeblood of the average user, a web browser downloading something. Also rather than argue over theoretical damages caused by no NN, now we will have actual damages. If a subscribtion movie service, where you download 700MB movies (DRMed of course), from their server through normal HTTP, and you get throttled to dialup, and then leave their service. Now they have actual damages and they lost a paying subscriber. This is a clear cut lawsuit. Now the question will be, did Comcast intentionally target them, and does Comcast sell a competing service? can someone say anti-trust/collusion/unfair market practices/amalice/anti-competive behaviour? A supeona will very quickly get the configuration of a sandvine, heck, you can just show up to a comcast head end with a supeona and grab the whole sandvine machine out of the rack and take it with you. If the sandvine has a blacklist with any IP ranges/corporate names on it, INSTAWIN, because they activly decided to degrade your service, it was NOT accidental, it WAS INTENTIONAL, and premeditated, aren't we having fun running down the legal checklist for a conviction? And for a jury trial, you can parade 10s of formers members that discontinued your service because it was too slow compared to Comcast VOD, instant win. Comcast's defense will be that the reason it was slow was because you didn't want to pay for bandwidth (which might be true), but nobody will listen to them because of the wall of witnesses you have. Also you can play a conspiracy angle, since Comcast does have VOD service. Guilty until proven innocent in the USA remember folks;). Also, if you involve cold hard cash (legal subscribtion movie download service that was throttled on HTTP), you can easily prove damages, since there is now a $ amount to your losses. Something courts have had experience with for 100s of years. The technology aspect of it has very little to do with the case now, except it being used as a surpression against your business. It would be as if UPS owns all the interstates in the USA and operated a package delivery service, and for FedEx trucks, UPS would force them to drive on the gravel breakdown lane rather than on the asphalt.