Comcast blocks some subscriber Internet traffic

Comcast blocks some subscriber Internet traffic
Matthew Elvey, Chief Technical Officer for Elvey Partnership, is photographed in San Francisco, Tuesday, Oct. 16, 2007.
NEW YORK (AP) - Comcast Corp. actively interferes with attempts by some of its high-speed Internet subscribers to share files online, a move that runs counter to the tradition of treating all types of Net traffic equally.

The interference, which The Associated Press confirmed through nationwide tests, is the most drastic example yet of data discrimination by a U.S. Internet service provider. It involves company computers masquerading as those of its users.

If widely applied by other ISPs, the technology Comcast is using would be a crippling blow to the BitTorrent, eDonkey and Gnutella file-sharing networks. While these are mainly known as sources of copyright music, software and movies, BitTorrent in particular is emerging as a legitimate tool for quickly disseminating legal content.

The principle of equal treatment of traffic, called "Net Neutrality" by proponents, is not enshrined in law but supported by some regulations. Most of the debate around the issue has centered on tentative plans, now postponed, by large Internet carriers to offer preferential treatment of traffic from certain content providers for a fee.

Comcast's interference, on the other hand, appears to be an aggressive way of managing its network to keep file-sharing traffic from swallowing too much bandwidth and affecting the Internet speeds of other subscribers.

Comcast, the nation's largest cable TV operator and No. 2 Internet provider, would not specifically address the practice, but spokesman Charlie Douglas confirmed that it uses sophisticated methods to keep Net connections running smoothly.

"Comcast does not block access to any applications, including BitTorrent," he said.

Douglas would not specify what the company means by "access" - Comcast subscribers can download BitTorrent files without hindrance. Only uploads of complete files are blocked or delayed by the company, as indicated by AP tests.

But with "peer-to-peer" technology, users exchange files with each other, and one person's upload is another's download. That means Comcast's blocking of certain uploads has repercussions in the global network of file sharers.

Comcast's technology kicks in, though not consistently, when one BitTorrent user attempts to share a complete file with another user.

Each PC gets a message invisible to the user that looks like it comes from the other computer, telling it to stop communicating. But neither message originated from the other computer - it comes from Comcast. If it were a telephone conversation, it would be like the operator breaking into the conversation, telling each talker in the voice of the other: "Sorry, I have to hang up. Good bye."

Matthew Elvey, a Comcast subscriber in the San Francisco area who has noticed BitTorrent uploads being stifled, acknowledged that the company has the right to manage its network, but disapproves of the method, saying it appears to be deceptive.

"There's the wrong way of going about that and the right way," said Elvey, who is a computer consultant.

Comcast's interference affects all types of content, meaning that, for instance, an independent movie producer who wanted to distribute his work using BitTorrent and his Comcast connection could find that difficult or impossible - as would someone pirating music.

Internet service providers have long complained about the vast amounts of traffic generated by a small number of subscribers who are avid users of file-sharing programs. Peer-to-peer applications account for between 50 percent and 90 percent of overall Internet traffic, according to a survey this year by ipoque GmbH, a German vendor of traffic-management equipment.

"We have a responsibility to manage our network to ensure all our customers have the best broadband experience possible," Douglas said. "This means we use the latest technologies to manage our network to provide a quality experience for all Comcast subscribers."

The practice of managing the flow of Internet data is known as "traffic shaping," and is already widespread among Internet service providers. It usually involves slowing down some forms of traffic, like file-sharing, while giving others priority. Other ISPs have attempted to block some file-sharing application by so-called "port filtering," but that method is easily circumvented and now largely ineffective.

Comcast's approach to traffic shaping is different because of the drastic effect it has on one type of traffic - in some cases blocking it rather than slowing it down - and the method used, which is difficult to circumvent and involves the company falsifying network traffic.

The "Net Neutrality" debate erupted in 2005, when AT&T Inc. suggested it would like to charge some Web companies more for preferential treatment of their traffic. Consumer advocates and Web heavyweights like Google Inc. and Amazon Inc. cried foul, saying it's a bedrock principle of the Internet that all traffic be treated equally.

To get its acquisition of BellSouth Corp. approved by the Federal Communications Commission, AT&T agreed in late 2006 not to implement such plans or prioritize traffic based on its origin for two and a half years. However, it did not make any commitments not to prioritize traffic based on its type, which is what Comcast is doing.

The FCC's stance on traffic shaping is not clear. A 2005 policy statement says that "consumers are entitled to run applications and services of their choice," but that principle is "subject to reasonable network management." Spokeswoman Mary Diamond would not elaborate.

Free Press, a Washington-based public interest group that advocates Net Neutrality, opposes the kind of filtering applied by Comcast.

"We don't believe that any Internet provider should be able to discriminate, block or impair their consumers ability to send or receive legal content over the Internet," said Free Press spokeswoman Jen Howard.

Paul "Tony" Watson, a network security engineer at Google Inc. who has previously studied ways hackers could disrupt Internet traffic in manner similar to the method Comcast is using, said the cable company was probably acting within its legal rights.

"It's their network and they can do what they want," said Watson. "My concern is the precedent. In the past, when people got an ISP connection, they were getting a connection to the Internet. The only determination was price and bandwidth. Now they're going to have to make much more complicated decisions such as price, bandwidth, and what services I can get over the Internet."

Several companies have sprung up that rely on peer-to-peer technology, including BitTorrent Inc., founded by the creator of the BitTorrent software (which exists in several versions freely distributed by different groups and companies).

Ashwin Navin, the company's president and co-founder, confirmed that it has noticed interference from Comcast, in addition to some Canadian Internet service providers.

"They're using sophisticated technology to degrade service, which probably costs them a lot of money. It would be better to see them use that money to improve service," Navin said, noting that BitTorrent and other peer-to-peer applications are a major reason consumers sign up for broadband.

BitTorrent Inc. announced Oct. 9 that it was teaming up with online video companies to use its technology to distribute legal content.

Other companies that rely on peer-to-peer technology, and could be affected if Comcast decides to expand the range of applications it filters, include Internet TV service Joost, eBay Inc.'s Skype video-conferencing program and movie download appliance Vudu. There is no sign that Comcast is hampering those services.

Comcast subscriber Robb Topolski, a former software quality engineer at Intel Corp., started noticing the interference when trying to upload with file-sharing programs Gnutella and eDonkey early this year.

In August, Topolski began to see reports on Internet forum DSLreports.com from other Comcast users with the same problem. He now believes that his home town of Hillsboro, Ore., was a test market for the technology that was later widely applied in other Comcast service areas.

Topolski agrees that Comcast has a right to manage its network and slow down traffic that affects other subscribers, but disapproves of their method.

"By Comcast not acknowledging that they do this at all, there's no way to report any problems with it," Topolski said.

How the test was done

To test claims by users that Comcast Corp. was blocking some forms of file-sharing traffic, The Associated Press went to the Bible.

An AP reporter attempted to download, using file-sharing program BitTorrent, a copy of the King James Bible from two computers in the Philadelphia and San Francisco areas, both of which were connected to the Internet through Comcast cable modems.

We picked the Bible for the test because it's not protected by copyright and the file is a convenient size.

In two out of three tries, the transfer was blocked. In the third, the transfer started only after a 10-minute delay. When we tried to upload files that were in demand by a wider number of BitTorrent users, those connections were also blocked.

Not all Comcast-connected computers appear to be affected, however. In a test with a third Comcast-connected computer in the Boston area, we were unable to test with the Bible, apparently due to an unrelated error. When we attempted to upload a more widely disseminated file, there was no evidence of blocking.

The Bible test was conducted with three other Internet connections. One was provided by Time Warner Inc.'s Time Warner Cable, and the other came from Cablevision Systems Corp. The third was the business-class connection to the AP's headquarters, provided by AT&T Inc. and Cogent Communications Group Inc.

No signs of interference with file-sharing were detected in those tests.

Further analysis of the transfer attempt from the Comcast-connected computer in the San Francisco area revealed that the failure was due to "reset" packets that the two computers received, carrying the return address of the other computer.

Those packets tell the receiving computer to stop communicating with the sender. However, the traffic analyzer software running on each computer showed that neither computer actually sent the packets. That means they originated somewhere in between, with faked return addresses.

In tests analyzing the traffic received by a computer on Time Warner Cable that was trying to download a file from a large "swarm" of BitTorrent users, more than half of the reset packets received carried the return addresses of Comcast subscribers, even though Comcast's 12.4 million residential customers make up only about 20 percent of U.S. broadband subscribers. It was the only U.S. Internet service provider whose subscribers consistently appeared to send reset packets (which are occasionally generated legitimately).

Comcast subscriber Robb Topolski, who discovered the blocking earlier this year and traced it to reset packets, pointed out that a Canadian company called Sandvine Inc. sells equipment that promises to save bandwidth for Internet service providers by managing and redirecting file-sharing traffic.

BitTorrent Inc. President Ashwin Navin said that the interference method on Comcast's network is consistent with Sandvine's technology. Sandvine did not respond to a request for comment.

Comcast spokesman Charlie Douglas would not confirm that the company uses Sandvine equipment.

"We rarely disclose our vendors or our processes for operating our network for competitive reasons and to protect against network abuse," he said.