Comcast blocking p2p uploads

Its not that they are not permitted to control network
traffic,  but they
are impersonating the other server and I have a feeling
there are a few laws
that could fall under.  Like fraud for one.

Clinton Popovich
Systems Administrator
Nauticom Internet Services - An NPSI Company
2591 Wexford-Bayne Road, Suite 400
Sewickley, PA 15143
Tel: 724-933-9540
Fax: 724-933-9888
Email: crpopovinauticom.net
Web: http://www.nauticom.net


-----Original Message-----
From: owner-nanogmerit.edu [mailto:owner-nanogmerit.edu] On Behalf Of John
C. A. Bambenek
Sent: Friday, October 19, 2007 3:42 PM
To: Mark Owen
Cc: Steven M. Bellovin; nanognanog.org
Subject: Re: Comcast blocking p2p uploads


Since when did private companies no longer have the right to
regulate
their own property?

I must have missed the Amendment...

(Yeah, ok, I exaggerated the 99%)

On 10/19/07, Mark Owen <mr.markowengmail.com> wrote:
> On 10/19/07, John C. A. Bambenek <bambenekgmail.com> wrote:
> >
> > I love how the framed it as "data
discrimination".  Let's just be
> > honest... 99% of it was illegal traffic taking up
far more than their
> > fair share of bandwidth.
>
> And 84% of statistics are made up on site.  If it is
illegal it is not
your
> right to judge and punish.  We have courts for that. 
As for limiting my
> bandwidth, if you have a problem with my usage you
should state it in a
> policy and not discreetly forge RST packets.
>
> --
> Mark Owen

On Oct 19, 2007, at 3:42 PM, John C. A. Bambenek wrote:

>
> Since when did private companies no longer have the
right to regulate
> their own property?
>
> I must have missed the Amendment...

If you want to make a property argument, how do you explain
them  
denying me my right to enjoy my rental of their property?

If Comcast were a landlord, they would be interfering with
my quiet  
enjoyment and my rights in possession.

Interfering with my traffic rather than blocking it, could
lose them  
common carrier protection.  They are exerting editorial
control, in a  
fashion, over what I transmit and receive.

--Patrick

On Fri, 19 Oct 2007, John C. A. Bambenek wrote:

> Since when did private companies no longer have the
right to regulate
> their own property?

I don't know that anyone would disagree with their right to
do so, but if 
there are usage limits, those limits should be made known to
the user 
community.  I'm sure Comcast has ways to communicate TOS
updates to their 
user base - mass email, stuff a letter in peoples' cable
bills, etc...

How would you react if you were pulled over for speeding on
a road that 
had no posted speed limit?

jms

At 03:10 PM 10/19/2007, John C. A. Bambenek wrote:


>I love how the framed it as "data
discrimination".  Let's just be
>honest... 99% of it was illegal traffic taking up far
more than their
>fair share of bandwidth.

Let's be honest. The US ISPs have been advertising
"unlimited" 
service, but heavily oversubscribe to limit costs. The
expectation is 
that users will only use the bandwidth rarely and in short
bursts. We 
all know all about over subscription, but it is now
problematic due 
to distributed applications.

Blocking heavy users (or terminating them, as at least one 
cellular/wireless Internet service provider does to heavy
users of 
its "unlimited" service) is false advertising. but
it seems to be 
accepted all around, without so much as an asterisk and
footnote.

So it all comes down to what the definition of
"unlimited" is. Truth 
in advertising and all that. There seems to be a great
unwillingness 
to tell the truth in our society. 

Mark Owen wrote:
> 
> On 10/19/07, *Mike Lewinski* <mikerockynet.com 
> <mailto:mikerockynet.com>> wrote:
> 
>     With the remaining 1% being Linux ISOs.
> 
>     I wonder what happens to these network police
appliances (Sandvine,
>     Packeteer etc) when the P2Ps implement encryption
and tunnel it all over
>     443/tcp?
> 
> 
> They'll just monitor for streams that utilize large
portions of 
> bandwidth for extended amounts of time and throttle
all. 

Which seems completely fair and reasonable to me, and likely
won't 
require very expensive layer 4-7 packet shapers either. Plus
they can 
just state that flat limit in their contract and NANOG will
issue a 
collective yawn.

It just seems to me that the more Sandvine type applications
are 
deployed, the sooner we will burn that bridge out from under
us.

Then again, I saw the first Packeteer in action nearly 3
years ago and 
predicted it would only take 6-9 months before encryption
became widespread.

Patrick W. Gilmore wrote:
> 
> On Oct 19, 2007, at 2:50 PM, Steven M. Bellovin wrote:
> 
>> http://www.nytimes.com/aponline/te
chnology/AP-Comcast-Data-Discrimination.html
>>
>> http://www.nytimes.com/aponl
ine/technology/AP-Comcast-Data-Discrimination-Tests.html

>>
>>
>> Not a lot more I can say, other than argghhh!
> 
> "Argghhh" that they are doing it?
> 
> Or "argghhh" that people are just now
figuring it out?
> 
> And did you "arrgghhh" when rate limiting
became commonplace about, oh,
> 1865? 

It's one thing to traffic shape someone... It's quite
another to meddle
in the packets that they send. people are willing to
tolerate
transparent http proxies because they got good enough that
their use was
non-invasive. As a comcast customer I am aware that I am
purchasing an
asymetric service, there are is however a reason I got 8/768
and not 6/384.

What happens when they decide my non-comcast voice or video
conferencing
service needs to be asymmetric instead of symmetric as
well?

> --TTFN,
> patrick
> 

On 10/19/07, Patrick Giagnocavo <patrickzill.net> wrote:
>
>
> On Oct 19, 2007, at 3:42 PM, John C. A. Bambenek
wrote:
>
> >
> > Since when did private companies no longer have
the right to regulate
> > their own property?
> >
> > I must have missed the Amendment...
>
> If you want to make a property argument, how do you
explain them
> denying me my right to enjoy my rental of their
property?
>
> If Comcast were a landlord, they would be interfering
with my quiet
> enjoyment and my rights in possession.

I'm finding the thread interesting with respect to the
devices, how
they work, how we might be able to identify them, and why
this is a
bad idea as related to the engineering and/or operation;
capex, opex,
O&M, etc. We already know that the givens are that it's
generally
socially unacceptable to filter, but without Comcast's
motivation
being know, it's hard to speculate as to the "why"
they did it. Let's
not.

If we can drop the politics and legalities, I think we have
a winner.


Best Regards,

Martin Hannigan
NANOG MLC Member

On Fri, Oct 19, 2007 at 04:38:11PM -0400, Clinton Popovich
wrote:
> Its not that they are not permitted to control network
traffic,  but they
> are impersonating the other server and I have a feeling
there are a few laws
> that could fall under.  Like fraud for one.

Not to defend Comcast, but I think that this is a pretty
far-fetched
idea.  Firewalls that send RSTs, nearly every IDP device,
SYN-proxy
DDoS mitigation are just a few of the widely deployed
technologies
that depend on the exact same forgeries.

It's all more-or-less the same principle of doing just
enough forgery
to be able to interrupt a flow.  If you really want around
that, IPSec
is always there for ya.

-- 
Ross Vandegrift
rosskallisti.us

"The good Christian should beware of mathematicians,
and all those who
make empty prophecies. The danger already exists that the
mathematicians
have made a covenant with the devil to darken the spirit and
to confine
man in the bonds of Hell."
	--St. Augustine, De Genesi ad Litteram, Book II, xviii, 37

Eric Spaeth wrote:

> It's worth noting that the traffic Comcast is filtering
is called out in 
> their Terms of Use in the "PROHIBITED USES AND
ACTIVITIES" section, 
> paragraph xiv.  http://www.comca
st.net/terms/use.jsp

That section could be applied to every application that you
would run on 
your computer that access the Internet.  The "program,
equipment or 
servers... that provide network content or any other
services" clause is 
really quite laughable.  Clearly, this would apply to every
p2p 
application out there, but it would also apply to many
other, such as 
video conference, net meeting, online games, remote access
to your PC 
(VNC/RDP/goto-my-pc), AIM, IRC, etc.  I'm sure it probably
could be 
applied to every possible IP aware application.

Eric Spaeth wrote:

 > With rate-shaping they would need to have the P2P
identification widget
 > in-line with the data path to be able to classify and
mark traffic so
 > that it can be queued/throttled appropriately.

The Sandvine, in particular, is designed to be placed
in-line like this. 
  It does, however, deploy a technology to shunt the traffic
through the 
device in the event that the server craters.  Many network
devices do 
this now.

  -Sean

(Please respond only to the list)