BitTorrent and End to End Encryption

An anonymous reader writes "As ISPs like Shaw and Rogers throttle their bandwidth to counter the growth of BitTorrent, BitTorrent developers are fighting back with end to end encryption. Oddly enough, Bram Cohen, the original brains behind BitTorrent, doesn't support this direction. Is there really anything he can do about it?"

Encryption isn't the solution we need, or want..

The bigger problem is customers paying their ISPs, many of whom hold a local monopoly, and then the ISPs go around and turn their backs on the customers, leaving them without services like bittorrent that have a clear and growing legal use. Perhaps a boycott of ISPs that do that would be in order... except for that whole monopoly thing.

Re:Encryption isn't the solution we need, or want.

ISPs are happy to lose those customers.

Re:Encryption isn't the solution we need, or want.

No.. No they're not. My ISP, TalkTalk, lied about the service they were providing me - even after I enquiered about p2p (GNUtella, Bittorrent) which they assured were totally unrestricted, they were quite happy to sign me up to a 12 month contract and totally restrict all traffic from the p2p clients. Don't worry, I've complained about a month ago and I'm intending to get out with out paying theur £70 cancellation fee. This is for users like me, who have been screwed over by greedy ISPs. And I welcome our new encripted overlords.

Re:Encryption isn't the solution we need, or want.

Let's imagine a water company which has two types of customers: some who use water when they need it and some who leave the water running all day, the sprinklers on the lawn all night, etc.

Well, except that in this case, you're not paying the ISP for the water but for the capacity of the pipes. The water is coming from sources outside of the ISP and thus isn't a scarce resource. In fact, when you signed up for your pipe-service, you understood that you were paying for the maintenance and capacity of the pipes, which is often claimed to be "unlimited", but upon having them installed, you notice that the same pipe is feeding both your home and your neighbor's home, and their neighbor's home.

you were the first type of customer, wouldn't you be annoyed if you found out you were paying the same as the second type? Wouldn't you expect them to pay more, or perhpas face some restrictions?

If the first type of customer gets upset at the second type of customer, then they should also get upset at buffets that charge the same amount of money to every customer regardless of the amount that they intend to eat. But then, that is the whole concept of a buffet, isn't it? You enter into an agreement with the provider knowing that you are getting a service that you value appropriately enough to pay for. If you think you should be getting a better deal because some people consume more per unit price than you do, then nothing stops you from trying to make your own arrangements, but if the business is not willing to enter into such an agreement with you, then you are free to find another who will. This is the market place at work, and how other people choose to spend their money has no impact on how you should choose to spend yours.

Your buffet example reminds me of a story...

Back in the 60s, my uncle was a poor college student, participating in the "field" portion of "track & field" (discus, hammer, javeline, etc). He needed to eat lots of food, and didn't have much money to pay for it. The solution he and his teammates came up with was going to all-you-can-eat buffets.

Needless to say, the poor restaurant owners were not real prepared for a dozen 250+lb college students to come in and eat many platefuls of food, and the owners were not very happy. They asked them to leave, and when they said "no, it's a buffet, we are just eating 'all-we-can-eat'", the owners called the cops on them.

Well, the cops showed up, and listened to the complaint, and talked to them. And decided against the owner! "If the sign says 'all-you-can-eat', you can't kick them out just because they can eat more than you want them to eat."

Not really applicable to the topic, but just seemed an appropriate anecdote. Not only internet companies want to cut off people who use over the average!

Encryption won't work anyhow

The ISPs will simply throttle anything encrypted unless it pays extra, or something similar. If we accept this situation, or find short-term workarounds it will become worse and worse.

My connection is severly throttled by my pathetic aDSL upload speed, but that's another bitch entirely.

Re:Encryption won't work anyhow

The ISPs will simply throttle anything encrypted unless it pays extra, or something similar.

And how is the ISP supposed to be able to detect the difference between encrypted and non-encrypted binary data? What detection routine do you use to detect between, say, encrypted BitTorrent data, unencrypted VOIP data, an FTP file transfer, and random data?

Traditionally, you can filter the ports -- but nothing prevents software from changing what ports it uses, and there are several applications which can handle a dynamic port exchange. How barring just blocking or filtering on specific ports, how do you detect that data is encrypted, when the purpose of encryption is to make the data appear to be random to an outside adversary?

Yaz.

Re:Encryption won't work anyhow

Traffic analysis systems are available that detect traffic *patterns*. The determining factor for what defines traffic as being VoIP, or Bittorrent, is the patterns flows follow. For instance, a VoIP connection is a very consistent stream of data to one host, where anything file sharing related will be far from smooth, and will be talking to many hosts.

Even in the case of changing ports, this is easily detected. I work for a medium sized broadband ISP, and we extensively use the layer7 module for iptable which detects flow type based off of a "fingerprint" of traffic; a fingerprint simply being made up of several unique characteristics of a particular packet type.

Re:Encryption won't work anyhow

Answer: Easy.

As TFA notes: encrypted or not, you're still pushing a massive amount of upload and download traffic. That in itself is enough to get noticed.

Second, the more data there is to analyze, the easier it becomes to distinguish noise from data.

Third, Again as TFA notes, if a lot of connections are being made, they can analyze the first chunk of data sent by both sides. If it's an unencrypted connection, you'll see a roughly consistent set of data being sent across at the beginning. If even the headers are encrypted, and you use BitTorrent a lot, eventually it will be pretty obvious.

Re:Encryption won't work anyhow

I am sorry to say that the growing trend to throttle bittorrent is not based entirely on issues of piracy (although it is somewhat to blame). Many ISP's main reason for this is quality of service. While you may not intend to suck up all of the bandwidth that your ISP has, Bit torrent is notorious for sucking up bandwidth. Bit torrent has a rather poorly designed (for packet efficiency) protocol. It is terrific for other things, but not packet efficiency.

Bit torrent has the problem of opening a lot of connections (the larger the torrent storm, the more connections). While each of these connections to other seeders/leechers may only be passing small amounts of information, they tend to take up a lot of the routers memory (especially for very slow connections that stay open even though they don't pass much if not any information). This kills a router. You might not ever notice it at your own home but having a lot of people on torrents can take drop a router, and make the internet slow for all of the other users using your ISP.

While I don't agree with the actions of these ISPs I thought others might want to know other reasons for throttling this type of bandwidth. As for breaking this throttling your options is very limited. Most ISPs use a layer2 packet shaper, which has the ability to determine the actual content of a packet regardless of port. This is quite common these days.

As far as I know the only real option to get around it requires that you have a server outside of your ISP's network. If you have such a server or a friend somewhere with a nice fast connection (up and down), you would need to set up a tunnel. On top of that you would most likely need to setup a secure tunnel to avoid the packet shaper from understanding the packet data. You can do this using an SSH tunnel, or you can try to setup a site to site VPN tunnel (both of which you would want encrypted). Doing these things is not easy tasks and requires a fair amount of knowledge concerning the way networks works. There are several how-to's discussing how to setup a VPN tunnel and/or SSH tunnel.

Like I said these are not for the novice. It would however be a great opportunity to learn quite a bit more about networks than even the more network savvy people. Chances are most people are just going to have to live without torrent, or switch to a provider that doesn't throttle torrent activity.

To answer "anonymous reader"'s tag question...

No.

Wrong Solution

The proper solution when your ISP is deliberately crippling your service is to get another ISP. You paid for that torrent traffic, and if they don't carry it that's as good as stealing. Let your ISP know how you feel, and don't do business with crooks.

Re:Wrong Solution

Most people have only one or two choices for ISPs, and MAYBE three if they're lucky. In my area, I have one cable provider, one telco providing DSL, and I think there's some satellite company that is expensive and has extremely horrid bandwidth. Basically, your cute idea that everyone should just up and switch ISPs is a pipe dream at best.

Lots of DSL ISPs (Was: Re:Wrong Solution)

Most people have only one or two choices for ISPs, and MAYBE three if they're lucky. In my area, I have one cable provider, one telco providing DSL, and I think there's some satellite company that is expensive and has extremely horrid bandwidth.

Keep in mind that in many areas, there are lots of ISPs that can provide you with DSL service. This service is provided by either 1) using the telco's DSLAMs and ATM networks to connect your home to the ISP (the most common method), or 2) using ISP-owned DSLAM equipment co-located at the central office (Speakeasy/Covad, various local ISPs). If you're just using the telco to move your bits across town to the ISP, I doubt the telco is going to bother traffic shaping your data.

I mention this because I think a lot of people don't realize there are more DSL options than just the local telco's internet service. When you go to the telco's home page, they certainly don't go out of their way to let you know about this. There are lots of small and regional ISPs that would love to have your business.

The biggest problem you might encounter with DSL is that many telcos require you to subscribe to phone service before they'll allow you to subscribe to DSL. I know this is definitely the case in BellSouth territory. I've heard that you used to be able to get a "dry copper" (i.e. "alarm circuit") DSL line to an ISP in BellSouth territory (a friend of mine used to have this sort of hookup in Oxford, Miss.), but they've since put an end to that. Where I live (Denver, Colorado), the telco (Qwest) does offer "Naked DSL" so you don't have to bother with a landline if you don't want one.

I have DSL with a local ISP who runs their own DSLAMs in my neighborhood, and it works out well.

David

Re:Wrong Solution

Good thinking. Except there are two companies that run the high-speed lines here, Rogers and Bell. Ignoring the fact that Bell Sympatico DSL is quite slower than my tier of cable for a moment, what happens if Bell also filters Bittorrent? Are you suggesting that the appropriate course of action then would be to move?

On a more practical note, use port 1720 (used by Rogers' own VoIP digital phone service, so they can't and don't deep packet filter it) and if that doesn't work (remember to restart your client and forward ports accordingly) try BitComet [bitcomet.com] with the encrypted header option. Worked fine for me after a bit of fiddling.

Also because

If Bittorrent goes out of it's way to become unthrottleable and hard to detect, it will lead to it being outright banned in many places, and the ban enforced through more draconian means.

Like here on campus, we would prefer not to tell people what they can and can't do, however bandwidth is finite. We cannot afford to buy gigs and gigs of bandwidth just to allow people to P2P all the time, at least not without a tuition hike. The solution is to use a packet shaper, which puts P2P at a lower priority than other traffic. Usually, the line isn't maxed so P2P works as normal, however if the connection is slammed, non P2P traffic gets prefernce.

Works very well, P2P works and is generally very fast, and other traffic doesn't get bogged.

However, if it starts hiding from the packet shaper, things may be made a bit more compulsory like "You will make no use of Bittorrent unless it is for an approved research project. Failure to comply will result in a referal to the dean of students and possibly expulsion." Now I'd hate to see it go that way, but it will if it there's no reasonable way to keep P2P from clogging the network.

WRONG assumptions.

If you have a _residential_ contract, you are distinctly _NOT_ being given an unlimited, dedicated 4.5Mb/s connection for $49. If you want to run a 24/7 hog like Bittorrent, purchase a business plan with guaranteed bandwidth and uptime, no port blocking and no QoS throttling--all stated clearly in the contract and available from all major ISPs.

They are well within their rights to ensure that everyone paying a certain price is given the same level of service. They're rolling out FIOS here. It can handle 622Mb/s and at $50/month, you get, basically, 1% of that. To not have to implement some kind of QoS throttling on your bandwidth-hogging butt, they'd have to run a separate backbone to every 100 houses and, guess what, that would cost a ton of money. So, voila, tiered pricing.

Deal with it.

The Goodness of Open Source

Bram said he suspects that some developer has gotten rate limited by his ISP, and is more interested in trying to hack around his ISP's limitations than in the performance of the internet as a whole.

Isn't this what Open Source is about? The ability to make changes to a software to suit one's need? And if there are enough users, followers, developers and contributors (see Ubuntu from Debian), the new branch because a thing of its own.

So the day Bram opened his code, BT is subject to the same kind of treatment and only users can decide which way it will go.

Aren't there cases where someone compiled a BT client to act like a seeder with high ratio but is an ultimate leecher?

when asked about this, Brahm said,

"Well, I'm not sure it's such a good idea. Cheeseburgers are delicious, let's go get some."

Re:What does this even mean?

Just because he doesn't have ADHD doesn't mean the man can't appreciate a cheeseburger now and then. What are you, some kind of racist?

"Is there really anything he can do about it?"

A) no. B) Even if he's really for it, he can't come out and say so, because he's jumped into bed with Hollywood with both feet.

Sniffing shape-able streams

FTA:

"...a wire protocol which transfers a lot of data bidirectionally and consistently looks like line noise with no header is only marginally more difficult to identify then one which uses fixed ports."

Sounds like a call to camoflage the traffic as several pipes between peers. Not just one tcp/ip connection, but several, with a jitter function to pick which pipe is used at the moment so it does not look consistant

Here's my take on the whole Bram Cohen thingy...

Bram may not like it, but one of the best things about sharing the source code, is that the 'market' so to speak will determine now where this protocol goes. If Bram doesn't like it, that's his right, but I expect the masses are going to use the program that best offers the features they want. And uTorrent and Azureus are the two 'big boys' on the block right now. And if someone can improve it further on down the road, the whole bittorrent history has shown that users will try it, especially if they aren't happy with the 'old' program they use.

BitTorrent and Who?

BitTorrent and End to End Encryption

Who is "End", and why are they partnering with BitTorrent to end encryption?

What are ISPs selling?

So when I buy an internet connection from an ISP, who says the connection is 4mb down and 256K up, and then I actually want to use all of the bandwidth I have been sold - then the ISP wants to crack down and limit my usage?

Someone should sue [insert favorite ISP here] for bait and switch. If what they're providing is 4mb/256K burst speed, with lower rates for continuous, then that's what they should say in their advertising. This is hardly a far cry from the shady camera outfits online (i.e. PriceRitePhoto). You pay every month for a service, and the service you're actually provided differs greatly from what you thought you purchased.

Asymmetric connections

Don't forget part of the problem is that our connections are assymetric. 100+ kb/sec for downloads, but ~10 kb/sec for *any* uploading is the best you can hope for.

Who are "Shaw" and "Rogers"?

The article mentions some ISPs called "Shaw" and "Rogers".

Is this in the USA? I'm used to things like Comacst, MSN, Time Warner, Qwest, Pacbell, SBC, etc.

What regions do Shaw and Rogers serve? Does this BitTorrent discrimination affect many people?

Re:Who are "Shaw" and "Rogers"?

Shaw [www.shaw.ca] and Rogers [www.shaw.ca] are the two major cable providers in Canada.

Does it affect a lot of people? You bet.

Of course he can't do anything...directly.

He released it as an open source project. He can't do anything about people modding it any more than Linus Torvalds could do anything about someone modding the Linux kernel--not that he would.

However, also like LT and most other major project figureheads, he holds a certain amount of political sway. His disapproval may be enough to keep some developers from pursuing certain paths. Of course, not everyone will care about what he thinks, but he does have SOME power.

BitTorrent's image

BitTorrent's saving grace is its popular use for legal activities. It had a strong Good Thing quotient. Toss in encryption and you lose that "plausable deniability" veneer that the program is not intended for shady use. People on the outside take a What do you have to hide? response to encryption. If BT's image changes like this, it'll only lead to more throttling and blocking.

Re:BitTorrent's image

Nonsense. Is using ssh guarenteeing illegal activity? Not at all. If I want to use my ISP to download the latest Ubuntu (and I will soon), I damn well want it via BitTorrents. And if I encrypt it, that's my business too!

--LWM