In May 2007, Comcast began engaging in protocol-specific interference with the activities of its subscribers. When confronted by users and by EFF,
Comcast responded with denials and answers that told less than the whole story. In October 2007, however, after
independent testing by the Associated Press and EFF, it became clear that Comcast was, in fact, interfering with BitTorrent, Gnutella, and
potentially other common file sharing protocols employed by millions of Internet users. In specific, Comcast was injecting forged RST packets into TCP communications, in an effort to disrupt certain protocols commonly used for file-sharing. The interference efforts were triggered by the protocol that the subscriber used, not by the number of connections made or amount of bandwidth used by the subscriber.
After a wave of public outcry, lawsuits, and an FCC proceeding, Comcast eventually anounced that it was planning to
phase out discrimination against P2P protocols. We look forward to seeing them do that.
Meanwhile, the Comcast affair inspired us to launch our Test Your ISP project. Our aim is to ensure that the Internet community has the tools and organization to quickly recognize when ISPs engage in interference or protocol discrimination in the future.
At a minimum,
consumers deserve a complete description of what they are getting when they buy "unlimited Internet access" from an ISP. Only if they know what is going on and who is to blame for deliberate interference can consumes make informed choices about which ISP to prefer (to the extent they have choices among residential broadband providers) or what counter-measures they might employ. Policy-makers, as well, need to understand what is actually being done by ISPs in order to pierce the evasive and ambiguous rhetoric employed by some ISPs to describe their interference activities.
Accordingly, EFF is developing information and software tools intended to help subscribers test their own broadband connections. We are also collecting information about software and tests being developed by other groups around the world. While these tests initially will require a relatively high degree of technical knowledge, we hope that we will be able to develop tools that will bring these testing efforts within reach of more subscribers.
This web page will collect EFF's white papers, software tools, blog entries, and other materials relating to this ongoing project. We are also maintaining a list of known ISP testing projects:
Known ISP Testing Software
Tool | Active / Passive | # Participants per Test | Platform | Protocols | Notes |
Gemini | Active(?) | Bilateral | Bootable CD | ? | Uses pcapdiff |
Glasnost | Active | 1.5 sided | Java applet | BitTorrent | |
ICSI Netalyzr | Active | 1.5 sided | Java applet + some javascript | Firewall characteristics, HTTP proxies, DNS environment | |
ICSI IDS | Passive | 0 sided (on the network) | IDS | Forged RSTs | Not code users can run |
Google/New AmericaMeasurementLab | Active | 2 sided | PlanetLab (server), Any (client) | Any | A server platform for others' active testing software |
NDT | Active | 1.5 sided | Java applet / native app | TCP performance | A sophisticated speed test |
Network Neutrality Check | Active | 1.5 sided | Java applet | No real tests yet | Real tests forthcoming here ;discussion here |
NNMA | Passive | Unilateral | (currently) Windows app | Any | |
pcapdiff / tpcat | Either | Bilateral | Python app | Any | A tool to make manual tests easier. EFF is no longer working on pcapdiff, but development continues with the tpcat project. |
Switzerland | Passive | Multilateral | Portable Python app | Any | Sneak preview release just spots forged/modified packets |
Web Tripwires | Passive | 1.5 sided | Javascript embed | HTTP | Must be deployed by webmasters
|
EFF's Test Your ISP Software
EFF has released Version Zero of Switzerland, our sophisticated ISP testing software. Switzerland uses a semi-P2P, server-and-many-clients architecture to detect modified or spoofed traffic between multiple clients. You can learn more about Switzerland here.
The Test Your ISP project previously released a much simpler piece of software called pcapdiff. Pcapdiff is a simple command line tool that lets you compare "pcap" packet captures from either end of an Internet communication; it reports when packets are dropped and spoofed between the endpoints ("pcap" packet captures can be recorded with standard packet sniffing tools like tcpdump and wireshark). Running tests with pcapdiff is a technically involved process; we have a whitepaper outlining the steps involved.
https://www.eff.org/testyourisp