BitTorrent and End to End Encryption

An anonymous reader writes "As ISPs like Shaw and Rogers throttle their bandwidth to counter the growth of BitTorrent, BitTorrent developers are fighting back with end to end encryption. Oddly enough, Bram Cohen, the original brains behind BitTorrent, doesn't support this direction. Is there really anything he can do about it?"

Encryption isn't the solution we need, or want..

The bigger problem is customers paying their ISPs, many of whom hold a local monopoly, and then the ISPs go around and turn their backs on the customers, leaving them without services like bittorrent that have a clear and growing legal use. Perhaps a boycott of ISPs that do that would be in order... except for that whole monopoly thing.

Re:Encryption isn't the solution we need, or want.

ISPs are happy to lose those customers.

Re:Encryption isn't the solution we need, or want.

No.. No they're not. My ISP, TalkTalk, lied about the service they were providing me - even after I enquiered about p2p (GNUtella, Bittorrent) which they assured were totally unrestricted, they were quite happy to sign me up to a 12 month contract and totally restrict all traffic from the p2p clients. Don't worry, I've complained about a month ago and I'm intending to get out with out paying theur £70 cancellation fee. This is for users like me, who have been screwed over by greedy ISPs. And I welcome our new encripted overlords.

Re:Encryption isn't the solution we need, or want.

Let's imagine a water company which has two types of customers: some who use water when they need it and some who leave the water running all day, the sprinklers on the lawn all night, etc.

Well, except that in this case, you're not paying the ISP for the water but for the capacity of the pipes. The water is coming from sources outside of the ISP and thus isn't a scarce resource. In fact, when you signed up for your pipe-service, you understood that you were paying for the maintenance and capacity of the pipes, which is often claimed to be "unlimited", but upon having them installed, you notice that the same pipe is feeding both your home and your neighbor's home, and their neighbor's home.

you were the first type of customer, wouldn't you be annoyed if you found out you were paying the same as the second type? Wouldn't you expect them to pay more, or perhpas face some restrictions?

If the first type of customer gets upset at the second type of customer, then they should also get upset at buffets that charge the same amount of money to every customer regardless of the amount that they intend to eat. But then, that is the whole concept of a buffet, isn't it? You enter into an agreement with the provider knowing that you are getting a service that you value appropriately enough to pay for. If you think you should be getting a better deal because some people consume more per unit price than you do, then nothing stops you from trying to make your own arrangements, but if the business is not willing to enter into such an agreement with you, then you are free to find another who will. This is the market place at work, and how other people choose to spend their money has no impact on how you should choose to spend yours.

Your buffet example reminds me of a story...

Back in the 60s, my uncle was a poor college student, participating in the "field" portion of "track & field" (discus, hammer, javeline, etc). He needed to eat lots of food, and didn't have much money to pay for it. The solution he and his teammates came up with was going to all-you-can-eat buffets.

Needless to say, the poor restaurant owners were not real prepared for a dozen 250+lb college students to come in and eat many platefuls of food, and the owners were not very happy. They asked them to leave, and when they said "no, it's a buffet, we are just eating 'all-we-can-eat'", the owners called the cops on them.

Well, the cops showed up, and listened to the complaint, and talked to them. And decided against the owner! "If the sign says 'all-you-can-eat', you can't kick them out just because they can eat more than you want them to eat."

Not really applicable to the topic, but just seemed an appropriate anecdote. Not only internet companies want to cut off people who use over the average!

Encryption won't work anyhow

The ISPs will simply throttle anything encrypted unless it pays extra, or something similar. If we accept this situation, or find short-term workarounds it will become worse and worse.

My connection is severly throttled by my pathetic aDSL upload speed, but that's another bitch entirely.

Re:Encryption won't work anyhow

The ISPs will simply throttle anything encrypted unless it pays extra, or something similar.

And how is the ISP supposed to be able to detect the difference between encrypted and non-encrypted binary data? What detection routine do you use to detect between, say, encrypted BitTorrent data, unencrypted VOIP data, an FTP file transfer, and random data?

Traditionally, you can filter the ports -- but nothing prevents software from changing what ports it uses, and there are several applications which can handle a dynamic port exchange. How barring just blocking or filtering on specific ports, how do you detect that data is encrypted, when the purpose of encryption is to make the data appear to be random to an outside adversary?

Yaz.

Re:Encryption won't work anyhow

Traffic analysis systems are available that detect traffic *patterns*. The determining factor for what defines traffic as being VoIP, or Bittorrent, is the patterns flows follow. For instance, a VoIP connection is a very consistent stream of data to one host, where anything file sharing related will be far from smooth, and will be talking to many hosts.

Even in the case of changing ports, this is easily detected. I work for a medium sized broadband ISP, and we extensively use the layer7 module for iptable which detects flow type based off of a "fingerprint" of traffic; a fingerprint simply being made up of several unique characteristics of a particular packet type.

Re:Encryption won't work anyhow

Answer: Easy.

As TFA notes: encrypted or not, you're still pushing a massive amount of upload and download traffic. That in itself is enough to get noticed.

Second, the more data there is to analyze, the easier it becomes to distinguish noise from data.

Third, Again as TFA notes, if a lot of connections are being made, they can analyze the first chunk of data sent by both sides. If it's an unencrypted connection, you'll see a roughly consistent set of data being sent across at the beginning. If even the headers are encrypted, and you use BitTorrent a lot, eventually it will be pretty obvious.

Re:Encryption won't work anyhow

I am sorry to say that the growing trend to throttle bittorrent is not based entirely on issues of piracy (although it is somewhat to blame). Many ISP's main reason for this is quality of service. While you may not intend to suck up all of the bandwidth that your ISP has, Bit torrent is notorious for sucking up bandwidth. Bit torrent has a rather poorly designed (for packet efficiency) protocol. It is terrific for other things, but not packet efficiency.

Bit torrent has the problem of opening a lot of connections (the larger the torrent storm, the more connections). While each of these connections to other seeders/leechers may only be passing small amounts of information, they tend to take up a lot of the routers memory (especially for very slow connections that stay open even though they don't pass much if not any information). This kills a router. You might not ever notice it at your own home but having a lot of people on torrents can take drop a router, and make the internet slow for all of the other users using your ISP.

While I don't agree with the actions of these ISPs I thought others might want to know other reasons for throttling this type of bandwidth. As for breaking this throttling your options is very limited. Most ISPs use a layer2 packet shaper, which has the ability to determine the actual content of a packet regardless of port. This is quite common these days.

As far as I know the only real option to get around it requires that you have a server outside of your ISP's network. If you have such a server or a friend somewhere with a nice fast connection (up and down), you would need to set up a tunnel. On top of that you would most likely need to setup a secure tunnel to avoid the packet shaper from understanding the packet data. You can do this using an SSH tunnel, or you can try to setup a site to site VPN tunnel (both of which you would want encrypted). Doing these things is not easy tasks and requires a fair amount of knowledge concerning the way networks works. There are several how-to's discussing how to setup a VPN tunnel and/or SSH tunnel.

Like I said these are not for the novice. It would however be a great opportunity to learn quite a bit more about networks than even the more network savvy people. Chances are most people are just going to have to live without torrent, or switch to a provider that doesn't throttle torrent activity.

To answer "anonymous reader"'s tag question...

No.

Wrong Solution

The proper solution when your ISP is deliberately crippling your service is to get another ISP. You paid for that torrent traffic, and if they don't carry it that's as good as stealing. Let your ISP know how you feel, and don't do business with crooks.

Re:Wrong Solution

Most people have only one or two choices for ISPs, and MAYBE three if they're lucky. In my area, I have one cable provider, one telco providing DSL, and I think there's some satellite company that is expensive and has extremely horrid bandwidth. Basically, your cute idea that everyone should just up and switch ISPs is a pipe dream at best.

Lots of DSL ISPs (Was: Re:Wrong Solution)

Most people have only one or two choices for ISPs, and MAYBE three if they're lucky. In my area, I have one cable provider, one telco providing DSL, and I think there's some satellite company that is expensive and has extremely horrid bandwidth.

Keep in mind that in many areas, there are lots of ISPs that can provide you with DSL service. This service is provided by either 1) using the telco's DSLAMs and ATM networks to connect your home to the ISP (the most common method), or 2) using ISP-owned DSLAM equipment co-located at the central office (Speakeasy/Covad, various local ISPs). If you're just using the telco to move your bits across town to the ISP, I doubt the telco is going to bother traffic shaping your data.

I mention this because I think a lot of people don't realize there are more DSL options than just the local telco's internet service. When you go to the telco's home page, they certainly don't go out of their way to let you know about this. There are lots of small and regional ISPs that would love to have your business.

The biggest problem you might encounter with DSL is that many telcos require you to subscribe to phone service before they'll allow you to subscribe to DSL. I know this is definitely the case in BellSouth territory. I've heard that you used to be able to get a "dry copper" (i.e. "alarm circuit") DSL line to an ISP in BellSouth territory (a friend of mine used to have this sort of hookup in Oxford, Miss.), but they've since put an end to that. Where I live (Denver, Colorado), the telco (Qwest) does offer "Naked DSL" so you don't have to bother with a landline if you don't want one.

I have DSL with a local ISP who runs their own DSLAMs in my neighborhood, and it works out well.

David

Re:Wrong Solution

Good thinking. Except there are two companies that run the high-speed lines here, Rogers and Bell. Ignoring the fact that Bell Sympatico DSL is quite slower than my tier of cable for a moment, what happens if Bell also filters Bittorrent? Are you suggesting that the appropriate course of action then would be to move?

On a more practical note, use port 1720 (used by Rogers' own VoIP digital phone service, so they can't and don't deep packet filter it) and if that doesn't work (remember to restart your client and forward ports accordingly) try BitComet [bitcomet.com] with the encrypted header option. Worked fine for me after a bit of fiddling.

Also because

If Bittorrent goes out of it's way to become unthrottleable and hard to detect, it will lead to it being outright banned in many places, and the ban enforced through more draconian means.

Like here on campus, we would prefer not to tell people what they can and can't do, however bandwidth is finite. We cannot afford to buy gigs and gigs of bandwidth just to allow people to P2P all the time, at least not without a tuition hike. The solution is to use a packet shaper, which puts P2P at a lower priority than other traffic. Usually, the line isn't maxed so P2P works as normal, however if the connection is slammed, non P2P traffic gets prefernce.

Works very well, P2P works and is generally very fast, and other traffic doesn't get bogged.

However, if it starts hiding from the packet shaper, things may be made a bit more compulsory like "You will make no use of Bittorrent unless it is for an approved research project. Failure to comply will result in a referal to the dean of students and possibly expulsion." Now I'd hate to see it go that way, but it will if it there's no reasonable way to keep P2P from clogging the network.

WRONG assumptions.

If you have a _residential_ contract, you are distinctly _NOT_ being given an unlimited, dedicated 4.5Mb/s connection for $49. If you want to run a 24/7 hog like Bittorrent, purchase a business plan with guaranteed bandwidth and uptime, no port blocking and no QoS throttling--all stated clearly in the contract and available from all major ISPs.

They are well within their rights to ensure that everyone paying a certain price is given the same level of service. They're rolling out FIOS here. It can handle 622Mb/s and at $50/month, you get, basically, 1% of that. To not have to implement some kind of QoS throttling on your bandwidth-hogging butt, they'd have to run a separate backbone to every 100 houses and, guess what, that would cost a ton of money. So, voila, tiered pricing.

Deal with it.

The Goodness of Open Source

Bram said he suspects that some developer has gotten rate limited by his ISP, and is more interested in trying to hack around his ISP's limitations than in the performance of the internet as a whole.

Isn't this what Open Source is about? The ability to make changes to a software to suit one's need? And if there are enough users, followers, developers and contributors (see Ubuntu from Debian), the new branch because a thing of its own.

So the day Bram opened his code, BT is subject to the same kind of treatment and only users can decide which way it will go.

Aren't there cases where someone compiled a BT client to act like a seeder with high ratio but is an ultimate leecher?

when asked about this, Brahm said,

"Well, I'm not sure it's such a good idea. Cheeseburgers are delicious, let's go get some."

Re:What does this even mean?

Just because he doesn't have ADHD doesn't mean the man can't appreciate a cheeseburger now and then. What are you, some kind of racist?

"Is there really anything he can do about it?"

A) no. B) Even if he's really for it, he can't come out and say so, because he's jumped into bed with Hollywood with both feet.

Sniffing shape-able streams

FTA:

"...a wire protocol which transfers a lot of data bidirectionally and consistently looks like line noise with no header is only marginally more difficult to identify then one which uses fixed ports."

Sounds like a call to camoflage the traffic as several pipes between peers. Not just one tcp/ip connection, but several, with a jitter function to pick which pipe is used at the moment so it does not look consistant

Here's my take on the whole Bram Cohen thingy...

Bram may not like it, but one of the best things about sharing the source code, is that the 'market' so to speak will determine now where this protocol goes. If Bram doesn't like it, that's his right, but I expect the masses are going to use the program that best offers the features they want. And uTorrent and Azureus are the two 'big boys' on the block right now. And if someone can improve it further on down the road, the whole bittorrent history has shown that users will try it, especially if they aren't happy with the 'old' program they use.

BitTorrent and Who?

BitTorrent and End to End Encryption

Who is "End", and why are they partnering with BitTorrent to end encryption?

What are ISPs selling?

So when I buy an internet connection from an ISP, who says the connection is 4mb down and 256K up, and then I actually want to use all of the bandwidth I have been sold - then the ISP wants to crack down and limit my usage?

Someone should sue [insert favorite ISP here] for bait and switch. If what they're providing is 4mb/256K burst speed, with lower rates for continuous, then that's what they should say in their advertising. This is hardly a far cry from the shady camera outfits online (i.e. PriceRitePhoto). You pay every month for a service, and the service you're actually provided differs greatly from what you thought you purchased.

Asymmetric connections

Don't forget part of the problem is that our connections are assymetric. 100+ kb/sec for downloads, but ~10 kb/sec for *any* uploading is the best you can hope for.

Who are "Shaw" and "Rogers"?

The article mentions some ISPs called "Shaw" and "Rogers".

Is this in the USA? I'm used to things like Comacst, MSN, Time Warner, Qwest, Pacbell, SBC, etc.

What regions do Shaw and Rogers serve? Does this BitTorrent discrimination affect many people?

Re:Who are "Shaw" and "Rogers"?

Shaw [www.shaw.ca] and Rogers [www.shaw.ca] are the two major cable providers in Canada.

Does it affect a lot of people? You bet.

Of course he can't do anything...directly.

He released it as an open source project. He can't do anything about people modding it any more than Linus Torvalds could do anything about someone modding the Linux kernel--not that he would.

However, also like LT and most other major project figureheads, he holds a certain amount of political sway. His disapproval may be enough to keep some developers from pursuing certain paths. Of course, not everyone will care about what he thinks, but he does have SOME power.

BitTorrent's image

BitTorrent's saving grace is its popular use for legal activities. It had a strong Good Thing quotient. Toss in encryption and you lose that "plausable deniability" veneer that the program is not intended for shady use. People on the outside take a What do you have to hide? response to encryption. If BT's image changes like this, it'll only lead to more throttling and blocking.

Re:BitTorrent's image

Nonsense. Is using ssh guarenteeing illegal activity? Not at all. If I want to use my ISP to download the latest Ubuntu (and I will soon), I damn well want it via BitTorrents. And if I encrypt it, that's my business too!

--LWM
 

As a Rogers customer...

I would like to say I am totally fucking furious that Rogers feels it can do this.

I appriciate that Bitorrent constitutes a gargantuan proportion of network traffic. I appriciate this is a problem.

However, the reason that I feel this is unfair, which nobody seems to have mentioned yet, is that Rogers customers are limited to 60 GB of transfer total, both ways, each month. (Unless, of course, you upgrade to the $50 account + modem rental which is 100 GB). If you exceed this limit, it's not just a matter of waiting until next month -- it is a matter of having your account shut down.

I think it is fair to do one or the other, but not both. I once wasted three days trying to figure out why Bittorrent wasn't working, only to find out it was thanks to Rogers. This was just as they had started shaping network traffic so I had no furious posts on message boards to turn to for the origin of the problem.

Sadly, there is no alternative to Rogers for high speed access in my area. It's Rogers or dial up.

statistics

>Most ISPs don't do such shaping

I wonder if he just pulled this out of his ass or something. Not only does my ISP traffic shape BT, they also block all the common ports that trackers use (you can change your client's ports easily, but the tracker owner has to change in this case).

There have been actual studies showing P2P traffic represents over 50% of consumer ISP traffic. An ISP would have to be stupid not to shape P2P.

Why not just use IPSEC?

Why don't the clients create a simple IPSEC connection between clients and tracker (Or client-client in a trackerless version). Granted, I'm not an IPSEC expert, but wouldn't this better accomplish their goals?

This would keep the connection and communication private, and they could run the standard BT protocol on top of IPSEC. On top of that, ISPs won't shape IPSEC down like Bit torrent traffic - because they would anger corporate VPN users.

ebob

Oddly?

Oddly enough, Bram Cohen, the original brains behind BitTorrent, doesn't support this direction. .../i>

Oddly? As a submitter you ought to at least RTF you link to. Mr. Cohen gives rational reasons why he thinks it is a bad idea to try obfuscate BitTorrent traffic, namely that it is unlikely to avoid traffic shaping, just because you use encryption.
If you don't like that your ISP is traffic shaping, try another ISP. (yeah I know, some people only have one ISP in their area)

--
Regards
Peter H.S.

Cohen is naieve

Fourth, when it comes to dealing with ISPs, obfuscation is some combination of hostile, unprofessional, and harmful. Software projects which value quality over featuritis generally steer clear of such things, especially when their potential effectiveness level is the equivalent of spitting in one's face than actual utility.

Of course, the ISPs that do traffic shaping where bittorrent is treated like something akin to a medieval plague ship are cooperative, professional, and beneficial?

Individuals pay ISPs to carry data. While I'm sympathetic to ISPs that limit the quantity of data that an individual can receive or transmit per period of time (face it, pay-for-use is not unfair), I'm not sympathetic to ISPs that decide what type of data that individual can receive or transmit (excluding clearly malicious traffic).

Cohen ignores that many of these ISPs have localized or regionalized monopolies and that they don't want to accommodate P2P users. The users are probably in the top 5% of traffic usage, so there's no incentive to accommodate their desires, but there's the obvious desire to keep their monthly ISP payments, hence draconian shaping policies.

Cohen also ignores that encrypting the traffic has merit. "[A] wire protocol which transfers a lot of data bidirectionally and consistently looks like line noise with no header is only marginally more difficult to identify then one which uses fixed ports. I can think of at least a few applications that look like this. It's called a remote desktop (whatever the protocol, but especially if it's not X Windows based) or remote office over VPN. People use it to telecommute. People would be VERY ANNOYED if that traffic was shaped like bittorrent traffic. Companies use it to connect branch offices. Companies would be VERY ANNOYED if that traffic was shaped like bittorrent traffic. Unless the shaping software is distributed widely enough and close enough to the end user to "see" that they have 20-40 VPN-like connections to the network, I fail to see how you definitively differentiate between the two.

Opera and BitTorrent

In semi-related news, BitTorrent Inc. and Opera announced today that Opera 9 will offer BT capabilities. I do remember that a beta of Opera 8 had BitTorrent built in, but that hasn't been present in versions released since (i.e. since it went freeware).

http://www.opera.com/pressreleases/en/2006/02/06/ [opera.com]

That's the wrong question

It doesn't matter whether Brahm can do anything about people trying to work around their ISP.

What matters is, is he right in that, at best, it won't make any difference, and at worst, it'll harm torrents overall? From the article:

..the ISP traffic shaping tools are already quite sophisticated, and a wire protocol which transfers a lot of data bidirectionally and consistently looks like line noise with no header is only marginally more difficult to identify than one which uses fixed ports. Obfuscating the protocol doesn't even claim to make it difficult to find out who's downloading a particular file.

His third point is that it'll screw ISP's that cache bittorrent packets to boost overall performance.

I don't take much truck with his 4th point but his other points sound like sensible objections.

ISPs

Can't you just go with a different ISP then send a polite letter back to the person who was messing with you connection why you left. If it isn't possible to get a different one, then I think that this may be a serious problem. I wonder if I could start my own ISP...

I'm a Shaw BT user

I use Shaw so aparently I'm a "victim" of this traffic shaping. I can't figure out what everyone is so up in arms about his for. I'm not a heavy BT user but I use it to grab a couple TV shows evey week, it works fine, usually takes me a few hours to ge a BSG episode tops. I got the entire second season of the OC for my g/f in 2 days. It's not like BT doesn't work anymore, if nobody told me about this I wouldn't have noticed.

With cable you still share a certain ammount of bandwidth with the people on your trunk, espescially on the upstream. Unfortunately some people are bandwith hogs. I see this as protecting me from the guy down the street with the warez fetish more than anything else.

Has anyone found themselves unable to use BT because of this?

Encryption or obfuscation?

People seem to be confusing the 2 issues.

Encryption here is just a mean, they don't care if the ISP sees WHAT they're sharing, they only care that the ISP recognizes that they ARE sharing (and throttling their connection accordingly).

I find the argument agains the tracker taking care of it quite silly. The guy from uTorrent says that the ISP would simpy find or modify the packet saying that obfuscation is wanted.

I would guess the ISP would just throttle all encrypted traffic going to random ports before it starts identfiying specific packets. They're as justified to limit it to BT as they are to do it with all unrecognized traffic.

BT is costing them a large amount of money so they start to throttle it. That means that they're not going to sit idly and not respond if it becomes obfuscated/encrypted.

I don't think it's an arms race that BT can win at all. If the ISP wants to limit the amount of bandwidth you're using, they will limit it, one way or another. For example, the ISP might throttle everything after a threshold per month is exceeded.

That's the main point that Bram is making, and I find it difficult to disagree with him.

traffic shaping my ass

cox.net straight up won't let you seed
once you get 100% of the torrent all incoming connections are closed

WTF on shared secrets?

I don't know much about the bittorent protocol, but I can't imagine that the 'infohash' would be that secret, couldn't anyone find out the infohash if they could snoop trafic?

Unless the infohash was sent over an already encrypted connection, it could be snooped, and if used for an encryption key could be found.

I don't know what the guy thinks about DH key exchange, but once per connection is not a very big deal. (Although I guess with BT you connect to a lot of different machines, hmm... Also I suppose if all you want to do is obfuscate the protocol.)

Finally, I disagree that it's easy to block 'stuff that looks like line nose'. The ISP will have no idea what it is, and there's lots of encrypted information out there, like SSH/SCP, etc. If they just put what they couldn't figure out at the lowest priority, it would piss a lot of people off.

Finally, why not mask the traffic as gziped HTTP, which probably gets the highest priority.

Closed source! :(

Why did muTorrent have to be closed source [utorrent.com]? :-(

What are the options?

Do we want somethinkg like Ants (p2p) or KDX (multi-OS "BBS"-style (Bulletin Board System) encrypted internet communications)

http://en.wikipedia.org/wiki/ANts_P2P [wikipedia.org]

http://www.haxial.com/products/kdx/encryption.html [haxial.com]

You can have safe, smart and easy to use options.
My only fear is that isp's will change from a "pipe" to the outside world to a sub set of http, ftp, news ect.
ie no more networking for end users at home.

inevitable

Sooner or later, pretty much all Internet traffic will be encrypted end-to-end--it's pretty much inevitable.

Eircon are a bunch of bastards

Just thought i'd mention, the 3 main irish ISP's (Esat BT, UTV Internet and Eircom) are also capping bittorrent traffic. The only way around it is to use BitComet. I'm severely pissed off at their move, but yet again there is no bloody alternative.

Encryption is overkill

If your only concern is the traffic being noticeable as BitTorrent, then perhaps you only need to scramble the content. Encryption is going altogether too far, and FFS, Azureus already eats way too much CPU time without performing crypto at 50kB/s.

Encryption

This should have been part of the protocol from the beginning anyway.

Not due to some 'lets hide our traffic' thing, but just out of common sense in todays world. Nothing should be 'open' at this point.

I remember...

...way back when the monthly b/w limit on Roger's was 1gb.

That's right, 1, as in uno.

Now people are whining about 60-100?

How much warez are you fools downloading anyway?

The fact is that at the end of the day ISPs pay for bandwidtch per byte. I say charge people that 'need' >100gb per byte more then the rest of us.

This isn't a new problem. As long there's been broadband there's been people that absolutely, positively, MUST saturate their entire bandwidth 24/7/365, and these people cry bloody murder when someone tells them they can't.

Bittorrent just happens to be the way that warez junkies do this today. Think about it. If you're shaw/rogers, and you see that 90% of your bandwidth usage is bitttorrent packets being sent by 1% of your customers, what would you do?

Re:I remember...

The proper reaction is to make the price something like $20/month + $1/GB downloaded. So if you just check your email you pay $20. If you download 5 or 6 movies you pay $26. If you have your system downloading 24/7 you would end up paying something like $80 per month.

They can't have it both ways. If they advertise it as a flat rate / unlimited, people are going to use it that way. If some people are using more bandwidth than others, then have your price reflect that. Then people will be a little more frugal in their downloading.

Just keeping the flat rate and prohibiting people from using their connection for what they want just makes people angry and is just stupid.

olde europe

Well thankfully here in europe we have no monopolistic companies trying to throtle torrents or have plans for to tier up the internet [com.com] (yes im aware of the pun)

Here in ireland im currently on 3mbit NTL cable (soon to be upgraded to 10) with 40GB cap which is not enforced, i download over 100gb monthly

so pack ur bags and move back to the old world!

Sign of things to come...

Isn't this a sign of things to come if ISP's decide to go with a tiered Internet structure? Do you think we will be encrypting (or at least tunneling) more and more in the future?

Not the first time...

Bram Cohen was also originally against having an upload limiter in BT clients...but when everyone else had one, lo and behold, the official client gets one.

I wonder if this will turn out the same.

The problem when the ISP is a Content Provider

When I signed up for Rogers it was pretty wide open after all I had the 'Unlimited' Package - decent throughput, no blocked ports, no DL limits. They started blocking certain ports (HTTP, SMTP) a while ago, and now with packet shaping to strangle what services are left.
The problem with Rogers is that they are primarily a content provider - they offer cable television, pay per view tv, a chain of video rental stores, plus cell phone services, and now, VOIP. They also own the coax coming into your house and provide broadband access on it. Technology like BT, which is used primarily to traffic in movies and television shows impacts the demand for their traditional services while cutting into the profitability of their ISP services. Clearly the media monopoly side of the business is going to win out against the concept of providing unfettered Internet access.
 

I don't like the look of this brewing arms race.

Encryption is the wrong tool for the job.

To get around ISPs throttling bt, the program should adapt it's ports and protocol negotiation so that it looks like other services (html, VOIP, etc).

Making bt fully protocol-adaptive would be take away all traffic shaping control from ISPs. Their response to this would likely be to look for high upload traffic from users and firewall off the users to stop all incoming connections.

There are counter-moves to this (client-mode bt), but an arms race between users and their service providers is going to be messy and one-sided (they write the T&Cs).

I think it's better that users should vote with their wallets.

Supplier of the infamous traffic shaper

For those who are interested, the people who supply Shaw (who happens to be my ISP) their traffic shaping software (or is it an appliance?) is Ellacoya Networks [ellacoya.com]. This bit of info was from some forum that I found when I first noticed that my maximum BT upstream got cut by about 60%.

FWIW, for those who aren't traffic shaped yet, don't be surprised if you are next if you are on a cable ISP -- the nature of the shared network means that the throughput gets choked for everyone when the upstream traffic gets too high (and ACKs get delayed). DSL providers don't really care about upstream as much, they worry more about total traffic which they can throttle in other, cheaper, ways.

BitComet

Yet another feature that BitComet already has [bitcomet.com]. Sadly, I expect Azureus and uTorrent to ignore this fact and implement their own standard. BitComet version 0.62 or 0.63 will probably conform to it. My point is, why doesn't anyone ever seem to know about BitComet's basic feature set? It's obviously a well known client. In fact, the last swarm I was in it was about equal in popularity to Azureus and BitTornado (only a couple people were using uTorrent, and someone was using the official client). If some feature has a possible exploit (like adding the DHT network as a backup in case the private tracker goes down) then everyone is up in arms about it. The useful features seem to go without notice, like UDP NAT bypass (great if you can't recieve incomming connections), an Intellegent Disk Cache (I WANT my torrent client to use more RAM so hard drive writing frequency is kept reasonable), Packet Header Encryption (the feature in question), the ability to share peer information even if the tracker goes down (implemented long before Azureus added DHT networks), sharing peer information between tracker updates (causes faster downloading), chatting with other BitComet users in the swarm, and others.

Rogers...

As a Rogers customer I'm really ticked off at this as well. They continue to cut news services and block P2P. The result? We're forced to use VoIP ports in order to get around traffic shapers, and it's only a matter of time until those are closed.

The statement in the article couldn't be more right about how they shape. A 100MB torrent with 800 odd seeders and 100 leechers and a good swarm speed starts to trickle in at 1-2KB/s off and on... If it works at all. Isn't that a bit excessive? Fine- throttle down to 40KB/s. Fine, make a pool of a few tens of Mbit and share that amoungst all BitTorrent. Do something reasonable rather than cut people off entirely.

They would have never even been noticed if they brought the 385KB/s or so that I normally get on their basic service down to 150-200KB/s. Even 50KB/s... but they took it to the extreme and have no interest in fixing it.

Not only that, they LIE to customers. They tell customers nothing is wrong. No shaping is being done (meanwhile inside sources say that a nice order of those Cisco traffic shapers was purchased 8mo ago or so). With good PR, admiting what's happening and why, and maybe peopel wouldn't be pissed off.

-M

Transfer limits per month?

Wasn't the appeal of 'broadband' advertised to be 'always on, high speed, and unlimited transfers'?

It sure seems like all you folks in North America are getting a seriousl wallet raping by the telcos/cablecos.

Here in Japan (and I'm sure it's the same in S. Korea), we don't have any such tranfer caps. Bandwidth is also a non-issue here with 50MB ADSL and 100MB (up and down) FTTH. Also, the pricing is quite reasonable and ususally comes bundled with VOIP services. Some providers even offer TV over IP (Softbank BB).

Japan and S.Korea are living the broadband pipedream that North America had dangled in front of it but never got (until GoogleNet shows up, seeing as they are buying all the remnants of that pipe dream - unused dark fiber).

The fundamental problem with protocols...

...is that there has to be *some* identifiable way for two end points to set up communication, a way for one side to understand what the other side is saying. And technology already exists to identify the protocols, regardless of how complex the protocol is, at multi-gigabit speeds. From what I've seen so far, the encrypted protocol referenced here isn't going to do squat against that. The traffic is still identifiable as bittorrent, and therefore can be filtered/shaped/whatever.

It's Crap!

My ISP is Shaw, and I pay for a 7 down 1 up service with 50 gigs down and 10 gigs up a month. I should get that with no shaping or other crap. If I exceed my limits, I can be charged extra. This throttling is crap. It is like buying a Ferrari with a governor on the engine. If I don't get that service I am being ripped off.

They have recourse other than throttling the user who pays for that bandwidth - and I do pay for it. That is what my bill says. Frankly it has more to do with the fact they are rolling out phone service over the same infrastructure and they are asking me to subsidise it by throttling my bandwidth.

So, yes, I will use encryption and guilt-free until they give me the premium back I pay over regular service.

What the ISP Wants...

is happy customers, and a good profit.

And customers want to do P2P.

But... traffic flowing OUTSIDE of the ISP costs the ISP more money. Even if a file is available WITHIN the ISP, the P2P application may well decide to do something silly -- like download it from Russia. Which ends up costing the ISP a LOT more money.

The problem is current P2P applications. They do not (generally) discriminate peers based on IP network addresses. Just "ping time" or somesuch measure. The ISP then uses a shaping appliance: NOT to "throttle" P2P traffic, but to connect up P2P users and keep them INSIDE the ISP network as much as possible.

This has the result of (1) possibly improving the users speed, and (2) saving the ISP money.

"Encrypting" the connection would be a very BAD idea, as the traffic can no longer be controlled this way. A better approach would be to create a "P2P Mesh Discovery Protocol" as an official RFC.

As long as the ISP doesn't have to look at the data, they will be happy to provide such "P2P" acceleration services.

(As usual, I may be completely full of it, and YMMV, etc.)

Ratboy

PS. Rogers didn't block BitTorrent -- not for me, anyway. And eMule also works just fine.

Use Speakeasy!

I pay a lot of extra money ($99/month) for my Speakeasy 6Mbit/768Kbit DSL - but they offer a fast connection and specifically state - "you can what ever you want". I like that. They allow sharing of the connection, servers, whatever.

They have never throttled BitTorrent or blocked ANY ports. Their support staff are local and well-trained. I've had one unplanned outage in 2.5 years and it lasted 15 minutes.

Rogers

My ISP is rogers and I specifically payed for Extreme edition for 500KB/sec down and 80KB/sec down with 100gigs of monthly transfer but it really became anoying when they limited downloads to 1-2KB/sec. Since I payed for the bandwidth and speed I should be able to use it, if I go over then they can disconnect me.

Things like throteling is their plan to cut costs, they recently disabled access to new groups and now this. Fortunetly there are easy ways around it like used reserved ports like 1090 and bitcomets encryption.

Traffic shaping can be a good thing

If done responsibly by the ISP.

I'm fortunate to have a 10MBit symmetrical connection from my ISP, soon to be beefed to 100Mbit. I also know that the ISP is shaping some P2P protocol traffic of which bittorrent is one. However this ISP realizes who it's customers are and that someone ordering 10MBit internet access is probably going to use it to some extent since they didn't go with another provider offering less capacity. So, the ISP has a pretty good infrastructure in place with good peer agreements with other ISPs. Now, even though they have a fairly well developed infrastructure they will run into extreme peaks and must be able to manage dataflows so that the main internet services are available to their customers (telnet, SMTP, VOIP, HTTP/S, SSH etc.). So they use traffic shaping to simply assign lower priority to P2P traffic.

This behavior is totally OK with me and I wouldn't have it any other way. Certain services are more time critical than others and I wouldn't like them to be affected by the huge P2P clogs in the network. On the other hand, since they just re-prioritize the packets I know that my P2P transfer rate will be good enough (the remaining capacity of the network when the essential services are cared for).
This solution works great when you have an ISP which continually beefs up their backbone, but would pose a problem if you have a cheap *ss ISP which models their backbone capacity only for the (by them considered) essential services.

So, in short, if you have an ISP which do cater for your specific customer type, then traffic shaping can be a good thing for you as well as your fellow ISP customers. Traffic shaping isn't all evil, that's all.

Beg to differ with Bram

Open letter to Bram (this would have gone in his Livejournal comments but Anonymous postings are disabled).

Ignoring the encryption issue for the moment, the primary problem with your argument is that you're assuming a rationality and a level of technical expertise from the ISPs that simply doesn't exist.
1) The simple fact is that "end-users" cannot work with ISPs, period. Rogers & Shaw are both shaping bittorrent traffic, they've received many complaints about this, lost clients & gotten lots of bad press but their stance has not changed. The shaping is there to stay & this means that for users of their networks your protocol is useless for ANY purpose. Bittorrent is dead, deceased, pushing up the daisies. If this spreads then any and all bittorrent-related technologies are useless so you'd best find another line of work.
2) These traffic shapers are stand-alone hardware boxes the the ISPs purchase from Cisco & stick into their network configurations. They're not simple tech & they aren't easily configured, if at all, by the ISPs themselves. They're also buggy as hell. Rogers' collection of shaping-boxes decided that iTunes Music Store traffic was peer-to-peer and as such killed it. So to presume that the ISPs will be able to analyze 'random traffic' and shape it dynamically is a little far-fetched.

My point is simply that though you may now think that encryption and & obfuscating packets is pointless, you have yet to provide a functional alternative other then 'work with the ISPs'. The death knell of bittorrent has sounded & you might want to worry about that a little bit.

cjm

does this mean bittorrent has failed?

I thought the idea behind it was to cut down on bandwidth...

Re:On the other hand...

My kneejerk reaction was extremely critical of the ISP's actions. Upon further consideration however, the position of being asked to violate your clients confidentiality and hand over IPs to the RIAA or whoever certainly wouldn't be an appealing one.

False dichotomy.

Re:North Continent

You forgot "No $40/month broadband".

I work at an ISP. We pay $50 per meg per month measured at the 95th-percentile of our monthly usage. We can use our bandwidth in essentially any legal way, and we get a pretty rock-solid SLA for our money.On the flipside, our providers should not go bankrupt supporting the service we buy.

I buy cable broadband at home. I pay $40/month flat rate and I agreed to a pretty restrictive AUP that allows no servers or P2P applications on my end of the connection. I could violate the AUP, like I'm sure many do. But if I did, I would not whine and complain when my ISP addresses the issue. Oh yeah, if I paid at home what I pay at work, I would be paying about $120/month for internet access. But then I could use P2P...whoop-dee-do!

Networks are very, very expensive. If my broadband provider doesn't stay in business, I won't be able to use P2P--or any other 'net application.

Re:Argh

what the?!? mod: troll?!? crazyness..

I think Sloppy's making some valid points. If users piss off their ISPs (eg. by making it harder for them to cache bittorrent), then why should the ISPs help them? Realistically, it's a small group of people using a large amount of bandwidth. No doubt the ISPs would be happy to lose heavy bittorrent users..

Re:Argh

Bandwidth is cheap, and getting cheaper all the time. ISP's providing caching (using a HTTP proxy) used to be a big deal in like the 1990's, these days nobody cares. Besides, BitTorrent probably by its very nature favours peers nearer to you, simply because peers nearer to you will be more responsive and will be able to exchange data at faster rates.

Re:I love these "ISP pay per byte"

All non-tier-1 ISPs pay the big boys for transit of their traffic based on 95/5 metering. Rogers and Shaw are not Tier-1 ISPs [internetpulse.net].