Comcast Spews False Information

If you have been living in a cave for the past few months you may not be aware of Comcasts recent practice of “shaping” bit-torrent traffic.

Specifically they insert RST packets into, what they believe to be, bit-torrent sessions and forge them to look like they came from the host at the other end of the session. For those of you not familiar with hot TCP/IP works, a RST packet is normally sent to tear down an established session. If this is erroneously sent in the course of a communication (as is the case with Comcast) your computer will get confused, drop and have to re-establish a connection.

The primary issues with this are…

  1. In order to associate the RST packet with your bit-torrent session they have to forge it to make it appear as if its from the other host you are communicating with. This violates a number of U.S. computer crime laws.
  2. They do a pretty crappy job in determining what bit-torrent traffic is. A number of reports have surfaced indicating the Lotus Notes and a number of other protocols are being improperly “shaped” as a result of this.
  3. A large number of legitimate software packages are distributed ONLY via bit-torrent. This is often the case with open source and free software as the developers are usually unable to afford the bandwidth required to distribute their works.
  4. I have yet to receive an sort of “Terms of Use” update informing me that this traffic is being mangled.

Another things that irks me regarding Comcast’s media handling of this is a position often stated by their PR and Executives.

Cohen also reiterated Comcast’s position that it doesn’t block traffic. “Comcast does not, has not, and will not block any websites or online applications, including peer-to-peer services,” he said, pledging to work with the FCC to “bring more transparency for consumers regarding broadband network management.”

They don’t seem to understand that inserting a RST packet is “blocking” traffic. A number of hardware Intrusion Protection Systems use that method to block intrusion attempts when they are not configured “inline” and have the ability to kill a session normally.