Re: What I Just Learned About BT Encryption
Quote:
Originally Posted by
pro267
I believe the security implemented in most clients uses RC4.
I've never heard of a secure stream cipher, and RC4 is no exception.
This is completely false.
RC4 isn't broken -- its implementation in WEP was (if thats what you are referring to)
TLS commonly uses RC4, and I haven't seen any recent attacks on it. If so, kiss your online banking goodbye.
AES in CTR mode functions like a stream cipher, and (i think) is used in WPA
Please tell me why you think stream ciphers are insecure.
Quote:
Originally Posted by
grimms
I worked at Comcast.
(snip)
Encrytion will not stop your isp from knowing that your hogging up bandwidth from BT downloads. they still know your downloading BT content they just don't know what your downloading. Use a proxy to be almost entirely safe. Even though you'll never be entirely safe. VPN tunnels are the most safe proof though.
How can they tell my encrpyted traffic is BT? My only guess is that the Protocol Encryption used in bt clients has some estblishment messages sent in the clear, which the isp could 'grep'. Although I havent looked at the protocol so I cant say for sure.
In any case, tunneling your traffic via any method sucks -- be it a vpn tunnel, socks proxy, etc. It doubles my bandwidth usage(now traffic has to go from my home network to the proxy network, and from the proxy network to my destination) and often requires me to pay MORE to get the speeds my ISP is advertising in the first place (no one uses public proxies for bt I hope, we have to PAY for a seedbox or proxy, or some dedicated hardaware or know someone who will let us use their box as a stepping stone).
In other words, leave comcast.
Re: What I Just Learned About BT Encryption
they 'grep' for an ip or url from such en such address. like oink.cd. then from there they see multiple IP addresses connect that are reported in the data from such en such url. i'm not 100% sure on every detail of the process of how they identify the protocol, but I am 100% sure that if you turn off tracker announces in your bt client settings and manually add the IP addresses for that torrent then you will not be throttled, so the throttling is highly dependent on the tracker announce host name.
Re: What I Just Learned About BT Encryption
Quote:
Originally Posted by
DanielleD87
they 'grep' for an ip or url from such en such address. like oink.cd. then from there they see multiple IP addresses connect that are reported in the data from such en such url. i'm not 100% sure on every detail of the process of how they identify the protocol, but I am 100% sure that if you turn off tracker announces in your bt client settings and manually add the IP addresses for that torrent then you will not be throttled, so the throttling is highly dependent on the tracker announce host name.
I like that idea.
alas, even if we do that _and_ use protocol encryption the ISP's can still do fingerprinting on the protocol encryption negotiation our clients use, and throttle based on that.
Re: What I Just Learned About BT Encryption
yep. that is why comcrap is being sued ^_^
Re: What I Just Learned About BT Encryption
Good stuff in here...thanks to all.
Re: What I Just Learned About BT Encryption
i think comcast is using something more basic, than grepping for URLs and all that(which won't scale very well and will need more processor cycles => n/w lag + money). they can use some AI stuff(neural networks) to identify traffic patterns of BT users. although it should be possible to completely encrypt all the BT traffic in a secure way. you still exhibit traffic patterns to your ISP as you and the internet is connected through your ISP. so he can do traffic shaping on that traffic. i don't think that they need to snoop into your packets for this.... generally snoopping in and reading traffic is a big overhead and i don't think comcast need that. because that would roast there routers, and create huge lags. the easiest way for them to control traffic would be to track patters. and once these neural n/w's are trained well they should identify BT usage/traffic pretty easily....
this also should be able to passed through, if your client can stimulate random patterns or something like that... but IMHO you should go to a ISP who lets you use BT... then your life and the programmer's life will be much easier...
cheers!
Re: What I Just Learned About BT Encryption
Quote:
Originally Posted by
arkiebrian
Good stuff in here...thanks to all.
Yup.. very interesting, thanks.
Re: What I Just Learned About BT Encryption
what are the cons of encryption? does it slow down pc?
Re: What I Just Learned About BT Encryption
it would use a liitle more of the cpu I suppose.
Here's another thought:
If a user (you) that has enabled the encryption initiates the connection into a client that has encryption disabled, then the transfer would be encrypted, irrespective of when I have enabled or disabled encryption but if my client with disabled encryption initiates the connection to the client with the enabled encryption then the transfer would not be encrypted and therefore would also be shaped.
Re: What I Just Learned About BT Encryption
Quote:
Originally Posted by
jayz707
i think comcast is using something more basic, than grepping for URLs and all that(which won't scale very well and will need more processor cycles => n/w lag + money).
packet inspection is actually not that expensive. Its when you need to modify the packet contents things get expensive (modifying the packet structure and calculating the checksums)
Quote:
Originally Posted by
jayz707
they can use some AI stuff(neural networks) to identify traffic patterns of BT users.
I don't know anything about neural networks or AI, but I doubt that ISP's would employ such mechanisms (please explain to me why/how they would utilize these academic oriented (research) technologies.
Quote:
Originally Posted by
jayz707
although it should be possible to completely encrypt all the BT traffic in a secure way.
There _must_ be some negotiation messages our clients send in the clear to establish encryption.
Quote:
Originally Posted by
jayz707
you still exhibit traffic patterns to your ISP as you and the internet is connected through your ISP. so he can do traffic shaping on that traffic. i don't think that they need to snoop into your packets for this.... generally snoopping in and reading traffic is a big overhead and i don't think comcast need that. because that would roast there routers, and create huge lags.
No way man, enterprise intrusion detection devices do this kind of work all day, without breaking a sweat (albeit a hefty price tag)
Quote:
Originally Posted by
jayz707
the easiest way for them to control traffic would be to track patters. and once these neural n/w's are trained well they should identify BT usage/traffic pretty easily....
THis would take a lot of training data, and I don't think I have seen an academic paper or commercial product out that can use 'neural networks' to identify usage patterns on a specific protocol given a set of users. Please prove me wrong here though, would be interesting.
Quote:
Originally Posted by
jayz707
this also should be able to passed through, if your client can stimulate random patterns or something like that...
hmmm
Quote:
Originally Posted by
jayz707
but IMHO you should go to a ISP who lets you use BT... then your life and the programmer's life will be much easier...
exactly :)
