BitTorrent Developers Introduce Comcast Busting Encryption
Written by Ernesto on February 15, 2008Several BitTorrent developers have joined forces to propose a new protocol extension with the ability to bypass the BitTorrent interfering techniques used by Comcast and other ISPs. This new form of encryption will be implemented in BitTorrent clients including uTorrent, so Comcast subscribers are free to share again.
BitTorrent throttling is not a new phenomenon, ISPs have been doing it for years. When the first ISPs started to throttle BitTorrent traffic most BitTorrent clients introduced a countermeasure, namely, protocol header encryption. This was the beginning of an ongoing cat and mouse game between ISPs and BitTorrent client developers, which is about to enter new level.
Unfortunately, protocol header encryption doesn’t help against more aggressive forms of BitTorrent interference, like the Sandvine application used by Comcast. A new extension to the BitTorrent protocol is needed to stay ahead of the ISPs, and that is exactly what is happening right now.
Back in August we were the first to report that Comcast was actively disconnecting BitTorrent seeds. Comcast of course denied our allegations, and ever since there has been a lot of debate about the rights and wrongs of Comcast’s actions. On Wednesday, Comcast explained their BitTorrent interference to the FCC in a 57-page filing. Unfortunately they haven’t stopped lying yet, since they now argue that they only delay BitTorrent traffic, while in fact they disconnect people, making it impossible for them to share files with non-Comcast users.
In short, the Comcast interference works like this: A few seconds after you connect to someone in a BitTorrent swarm, a peer reset message (RST flag) is sent by Comcast and the upload immediately stops. Most vulnerable are users in a relatively small swarm where you only have a couple of peers you can upload the file to.
For the networking savvy people among us, here’s an example of real RST interference (video) on a regular BitTorrent connection. In this case, the reset happens immediately after the bitfields are exchanged. Evil? Yes - but there is hope.
The goal of this new type of encryption (or obfuscation) is to prevent ISPs from blocking or disrupting BitTorrent traffic connections that span between the receiver of a tracker response and any peer IP-port appearing in that tracker response, according to the proposal.
“This extension directly addresses a known attack on the BitTorrent protocol performed by some deployed network hardware. By obscuring the ip-port pairs network hardware can no longer easily identify ip-port pairs that are running BitTorrent by observing peer-to-tracker communications. This deployed hardware under some conditions disrupts BitTorrent connections by injecting forged TCP reset packets. Once a BitTorrent connection has been identified, other attacks could be performed such as severely rate limiting or blocking these connections.”
So, the new tracker peer obfuscation technique is especially designed to be a workaround for throttling devices, such as the Sandvine application that Comcast uses. More details on the proposal can be found at BitTorrent.org, which aims to become a coordination platform for BitTorrent developers.
TorrentFreak talked to Ashwin Navin, president and co-founder of BitTorrent Inc. who has some of his employees working on the new extension. He told us: “There are some ISPs who would like people to believe that “slowing down” BitTorrent or “metering” bandwidth consumption serves the greater good. Consumers should be very weary of this claim.”
“In recent months, consumers enjoyed unprecedented participation in the political process thanks to the ability to upload opinions and feedback in the YouTube presidential debates. Musicians, filmmakers and artists are finding ways to connect with their audiences across the world thanks to MySpace and BitTorrent. Students are engaging with interactive learning tools in their schools. Which bandwidth intensive application will banned or shaped or metered next by these ISPs? The creative spirit of millions has been ignited, and our need to participate, to communicate will not be silenced.”
“The US government should encourage ISPs to innovate and invest in their networks,” Ashwin said. “Permitting them to interfere or interrupt in the communications of consumers, to protect ISP profit margins, would be a tremendous set back for our country and economy, when we are already slipping behind the first world (UK, EU, Japan, Korea, Singapore, etc) in its broadband capacity.”
We wholeheartedly agree with Ashwin on this one, as we’ve said before. The Internet is only a few years old, if the plan is to keep using it in the future, ISPs need to upgrade their networks. So, invest in more Internet gateway capacity, 10Gbps interconnect ports, and peering agreements. BitTorrent users are not the problem, they only signal that the ISPs need to upgrade their capacity, because customers will only get more demanding in the future. The Internet is not only about sending email, and browsing on text based websites anymore.
The new protocol extension is still under development, but the goal is of course, to get it out as soon as possible.
Hang on…
Previously: Village People Hire Web Sheriff for Assault on The Pirate Bay, ABBA on Standby
Next: PRQ Fire Takes Down Several Torrent Sites
113 Responses (Add yours or TrackBack)
Pages: [1] 2 3 4 5 » Show All
Victory!
About time, thought it would never happen.
Damn straight. Get to it guys!
New counter-measures are always welcome :) Good work from the developers of this new technology, many people will benefit.
much respect to the dev team
note for the uninformed: this is just bouncing around ideas, nothing final, nothing even tested for effctiveness
opportunistic encryption using ipsec or l2tp .. then an ISP won’t be able to tell it apart from a vpn connection.
note that ipsec and l2tp are IP protocols, just like tcp. RST is a tcp concept, not an ip one.
Lovely…
hats off to the devs for stepping up on this one. looking forward to see this feature implemented in transmission / azureus.
Hopefully they add the encryption routine as an upgradeable module that the user will be prompted to upgrade. Afterall we all know this is nothing more than a cat and mouse game between Cisco (makers of the DPI P-Cube crap), and the people trying to bypass their throttling products (BT client developers). Cisco will always be releasing newer firmware to throttle these new encryption routines.
“weary” or “wary” of the claim?
Old Stuff I busted through Comcast with a modem fix that my daughters boyfriend done for me. Anyway Congrats!
Comcast is like a shotgun, one cock and it blows.
What hardware will this work against? Sandvine? It seems that trackerless (i.e. DHT) would have bypassed this method of packet resets, no?
FINALLY. I knew it was just a matter of time.
But now I’ll have to switch clients..
Did I read this wrong? …more reliance on trackers instead of less? …not the way I would have gone.
Why not just use public-key cryptography? Every user generates a public-private key pair, and gives the public key to any other user who asks. To encrypt, generate a random key, use that to encrypt the message, encrypt the random key using the recipient’s public key, then send the recipient the encrypted key and message. RSA and RC4 would probably work, because RSA is secure and RC4 is fast.
BitTorrent applications could make this very, very easy, and practically transparent to the end-user. They could just have a screen during the first start that says “Configuring *App* for Optimum Performance…” to generate the public-private key pair.
Does it matter that Comcast knows?
Not to sound like that *awesome* president… we don’t want the enemy to adjust.
Think about those wanting to share on priv trackers as well ;-)
Claps His Hands good job mate this is step in right direction.
@18 - From the detail on that link, apparently not, that site (and it’s goal) has obviously been in the works for sometime.
Its really fine if they rely more on trackers, the truth of the matter is that P2P will be shifting from torrents just like everything else faded into the past due to the fact its security becomes too compromised.
Oh, well. I just dropped Comcast’s service over this last month to pick up DSL. I get far better speeds overall (up AND down), and my torrents fly. Oh, plus it’s about 20$ cheaper, and I still get unlimited long distance (contrary to Comcast’s numerous commercials claiming only they provide such services).
@17 - They’re doing something simiar but using the infohash instead.
@22 - Not really. Less trackers would mean that torrents live longer (in the DDB)… for this new scheme to work, trackers will be an even more vital lynch-pin… if they go down, so does the network… unless of course, each client becomes a tracker.
[quote]before. The Internet is only a few years old[/quote]
No it’s not.
Pages: [1] 2 3 4 5 » Show All
Add your response