Reality check: Comcast packet forging proves you can't have Internet freedom with limited government

Reality check: Comcast packet forging proves you can't have Internet freedom with limited government

Summary: OK, class, it is time for yet another civics lesson.According to Electronic Frontier Foundation testing, Comcast is not only forging BitTorrent packets, but Gnutella and even Lotus Notes packets.

TOPICS: Telcos, Browser

OK, class, it is time for yet another civics lesson.

According to Electronic Frontier Foundation testing, Comcast is not only forging BitTorrent packets, but Gnutella and even Lotus Notes packets. And Lotus Notes is a core application, not something you swap copyrighted music or movie files with.

Now I want you to read this report from the EFF and tell me how the hell the free market solves this issue.

Free markets can be fine, but only if everyone behaves. But sometimes companies don't behave, and their competitors who you might wish to run to if you get too ticked won't behave either. Sometimes there isn't a competitor you can jump to.

I'll say it again. Government regulation- as in Net Neutrality- is the only surefire brake against tech monopolists doing whatever they want with your packets and your money. 

So maybe some of you should deprogram your brains from the teachings of big business apologist/wack job Ayn Rand and regulation-hating Ron Paul and wake up to the real threats to your digital freedom.

That'd be, big companies who do whatever they want because they want to please their shareholders more than their customers.

Here's what the EFF's Peter Eckersley wrote Saturday:

Yesterday, we posted about some experiments showing that Comcast is forging packets in order to interfere with its customers' use of BitTorrent. There have been reports of strange things happening with other protocols, and we've been running some tests on two other file transfers protocols in particular — HTTP (which is used by the World Wide Web) and Gnutella. Comcast has also been strenuous in telling us, "we don't target BitTorrent". Perhaps not. Perhaps what they're doing is even worse.

In the limited tests we ran, we didn't see any interference with HTTP traffic. Comcast's network seems to behave correctly when you run a private web server and share a few of your photos or videos over it (we tested files up to about 25MB).

But when you try to run a Gnutella P2P node on your machine, things start getting strange. Gnutella operates in two stages: first of all, your node starts a conversation with other nodes on the network. Once that conversation is happening, nodes can say things to each other to organise searches for and downloads of files. We saw forged TCP reset packets that stop some of the nodes from being able to converse with each other in the first place.

Forged reset packets are normally the kind of thing that would only be present if a hacker was attacking your computer, but in this case, it's the ISP you pay money to each month that is sending them.

Strangely, the packet forgery only occurs when a non-Comcast node is trying to start a conversation with a Comcast customer's Gnutella node. If the Comcast customer starts the conversation, there is no Reset packet. This means that Comcast customers will not see Gnutella fail entirely — the network just doesn't work properly.

It isn't just BitTorrent and Gnutella that are affected. Kevin Kanarski has reported that Lotus Notes (a suite of software that many businesses use for email, calendaring and file sharing) is also being interfered with. We haven't tested this ourselves yet, but Kanarski's packet traces look a lot like the ones we've collected with BitTorrent and Gnutella.

When an ISP starts arbitrarily zapping some of the protocols that its customers use, they instantly endanger the cascade of innovation that the Internet has enabled. Before this kind of traffic jamming, anybody — huge businesses, small start-ups, college students and children in their bedrooms — could build new, innovative protocols on top of the Internet's TCP/IP platform.

If this type of conduct is allowed to continue, many innovators will have to get active assistance from an ISP in order to have their protocols allowed through the ISP's web of spoofing and forgery. Technologies like BitTorrent and Joost, which are used to distribute licensed movies and are in direct competition with Comcast's cable TV services, will be at Comcast's mercy.

It should also be remembered that in many parts of the United States, Comcast is a duopoly or even a monopoly provider of broadband Internet access. Competition might offer some protection against packet-forging ISPs, but under current market conditions, we can't depend on it.

So I say again: who will protect you against the packet forgers?

Those who are forging the packets for whose transit you pay for?

Topics: Telcos, Browser

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • There isn't a shred of evidence ...

    ... in your or the EFF's article to support their and your claim. This is yellow journalism at its worst. An allegation is made by a group with an agenda and you pick it up and repost it as if it were gospel. What's more you didn't even bother to give the accused any chance to rebutt the accusation. Shame on you and the EFF!
    • Actually, the Notes problem is well-documented

      If you follow the links to Kevin Kanarski's blog, you'll see the packet traces that prove out the issue that affects Lotus Notes. Also see my own weblog at
      • Another link to an unsubstantiated story.

        Where is the actual data to support these claims?
        • Is it that hard to click through?

          See the source packet trace at
          • While your post does in fact show ....

            ... resets being sent I see no evidence of where they are coming from. How do you know that it is Comcast and not some other hop along the way?
          • Is there some reason it wouldn't be?

            Similar tests have been done with non-Comcast end-points, no resets. I suppose there are infinite possibilities, but really, given the mass of information out there now, few other likely conclusions.
          • The possibilities are endless and what ...

            ... you and others have provided does not demonstrate that the problem is with Comcast. I'm not saying it doesn't but where I come from your innocent until proven guilty. You talk about all the mass of information out there but suppose for a minute it all is based on results like yours that neither proves or disproves Comcast is behind the problem.

            If you Google convicted monopolist you will find 1,000's of references to Microsoft when in fact they have never been convicted of anything. The US DOJ versus Microsoft and the EU action were both civil matters. Convictens only happen during criminal actions. Again, just because there is a lot of stories on the Internet about a subject doesn't make it true.
          • So Shadee , in effect you are stating that Microsoft is not a MONOPOLY .

            A predatorial type of monopoly . You must be the devils advocate , why else would
            you always be defending the corporate crooks .
    • So....

      Are you just a faithful long-term Comcast employee? Or are we talking to the CIO or CIO here? Wasn't there a story about a supermarket CEO (Wild Harvest or something similar) going into the blogosphere and acting like someone else? Cuz you're certainly acting like you could be a Comcast lackey.
      • Typo

        [i]Or are we talking to the CIO or CIO here?[/i]
        Should have read "Or are we talking to the [b]CIO or CEO[/b] here?"
      • Exactly

        This is a common method large companies use to mitigate bad news on web blogs. Comcast needs a whole department of folks since their reputation for customer service is so bad. Fiddling with the e-mail banned lists is another way they persecute folks.
        That kind of conduct is why I switched to Verizon.
        • So just because this guy accuses me of it I ....

          ... must be guilty? You are as bad as this author.
      • I am not a comcast employee, stockholder or ...

        ... customer. My objection is that in the blogosphere accusations substitute for fact and take on a life of their own. Just because you read it on the net doesn't mean it is true. It doesn't mean it is false either. I have seen nothing that establishes that it is Comcast doing the filtering only the accusations. You should be just as discerning.
        • You're right Shadee. You're a BUTT SNIFFER . <NT>

    • Shut up you fool !

      The Senior Vice President of Comcast already admitted to BROADBAND Throttling .
      This just goes to show how much you are filled with hot air .
  • RE: Reality check: Comcast packet forging proves you can't have Internet freedom with limited government

    Let me ask a question: if Ron Paul is such an "apologist" for big business, why hasn't he received a dime in contributions (according to the survey by Forbes) in contributions from the Fortune 500? By contrast, Hillary, Obama, and Edwards each have several such contributors. Hillary, of course, also has more money from defense contractors than not only Ron Paul but any other candidates while Paul has more from ordinary soldiers.

    The answer is clear: Big business prefers Hillary, Obama, and Edwards to Ron Paul because big business loves big government, including the Military-Industrial Complex, and hate unsubsidized free markets.
  • Another possibility...

    Perhaps big business doesn't see Ron Paul as a contender yet. In that case, no sense for them to support him, as opposed to trying to convince an existing player to...reconsider their stance.
    • (NT) parent was meant to be reply to adodsworth

  • RE: Reality check: Comcast packet forging proves you can't have Internet fr

    You think it is bad with COMCAST, you should try living with COX. I have been unable to use SKYPE because of what I can only attribute to COX interference with calls.
  • RE: Reality check: Comcast packet forging proves you can't have Internet fr

    How can somebody this stupid get his own column? Have you not paid ANY attention to how government has on regulating telecommunications? Comcast is regulating traffic because they don't have the bandwidth to handle people uploading gigs and gigs worth of torrent traffic and sending out spam e-mails. Why the limited bandwidth? Why with their bundles of cash can't they add more? Maybe because of the host of regulatory hurdles at the local, state, and federal levels that are needed to replace cables in the ground, or add fiber to the home, or get carriage agreements.

    It's so funny how people can get mad about the failures of FEMA, Social Security, Medicare/Medicaid, the disregard for the constitution, the policies on torture, and call on the same government to "protect us" from companies that provide internet service...Yes, please. Let's have the same totalitarian bureaucrats have complete control of all internet traffic, as if they are going to honestly make sure that traffic is treated equally. You're living in a Marxist dreamland. WAKE UP! Haven't you seen the corporatism that's taken over lately. If you think the net is not fair now, just wait until the government is controlling the WHOLE THING (this will happen once you let them in) and only those who lobby hardest get any bandwidth at all.

    It amazes me how so many American's who consider themselves "liberal" and criticize the abuses of our current government (rightfully so) can be asking to hand our last bastion of free expression over to the same government.

    Mr. Shaw, please use logic, study more, and get a clue.