Richard J Green

ISP’s and Peer-to-Peer

The Baby-Green Blog has been something has has passed me by since Jessica’s birth, and I really need to get around to catching up with some things I’ve missed to date, but something in the news today really got my attention.

I heard about a month ago about plans in France for French ISP’s to monitor Peer-to-Peer traffic and to block the service to offending illegal downloaders. This didn’t bother me because it was them and not us, and I almost did actually feel sorry for a minute when I heard a planned black list would be introduced to prevent offenders from getting service from other ISP’s within a time period.

Today though, it did actually bother me when I heard the British government has similar plans for this country and that if the ISP’s do not do this at the governments request, then they will introduce it as law. For the normal user this poses no problem, and to me as far as Peer-to-Peer goes it poses to issues either. Any Peer-to-Peer usage that I see coming or going is so low in it’s volume that I wouldn’t been set a single alarm bell ringing as they will only be interested in the big fish for frying at this stage.

What does bother me however is the security aspect of this because lets for a minute take a look at the way Peer-to-Peer services work like BitTorrent or LimeWire or whatever your favourite flavour may be: Here I will go the BitTorrent route. You find yourself a nice looking tracker – Loads of seeders and not many leechers – Perfect. Now here comes the technical bit. Your client software is configured to use x port number: Most likely a TCP one for example, and everyone elses client uses an outgoing port number to send you the data which is a randomly generated number is a particular port range.

For the ISP’s to see who is downloading stuff they are going to have to monitor for packets of data in these port ranges coming to you – Well that’s not a problem because our ISP PlusNet already do that to show me my usage statistics on how were using up our monthly data allownace which is quite a cool little designed feature. But now you have a problem: It is believe it or not possible to legal data from Peer-to-Peer services such as unsigned bands songs or maybe royalty free pictures, or maybe you play some kind of game (WoW for me and Nicky for example) which when it requires updating using a P2P client to download the patches. Now PlusNet or any other ISP know this, so they are in actual fact going to have to read the packets of data to determine what’s legal and what’s not, otherwise you will get threatening letters for downloading your WoW patches – Yeah right!

The problem here is that the information they need – The information regarding the legality of the data in those packets won’t be in the packet header the bit that looks after the data itself so that it knows where to go etc, but in the data portion itself. So this means that for them to see if your legal or not they actually have to look at the information that’s headed your way? Correct it does – Scary isn’t it? Well in actual fact, it’s even scarier because now lets look at the most worrying part.

Some protocols use a predetermined port number for generating a request, for example HTTP on TCP 80 or POP3 on TCP 110, however some of these protocols will not return from the request on this port. What actually will happen is that the request will be responded to on a dynamically generated port number at the time of transmission. If that data was returned over a port that was within the ranges monitored by the ISP for P2P activity? Well that means they might be able to read what web page you just requested your PC serve up, or they could maybe read an email of yours you just recieved from your mail account somewhere.

Whilst the chances of any of this actually occuring are probably slim as most ISP’s will configure any catching rules to read the header first and ignore anything that is say using the DNS or SMTP protocol, but what if they don’t or if your with some cheap backdoor ISP who can’t afford hardware or software that’s that clever? Well in that case you’ve gone halfway to the US Carnivore Project and that is not a nice place to be. For anyone who doesn’t know of the Carnivore Project, I suggest you follow the link to it and read the Wikipedia article as it will certainly enlighten some people!

The only good thing to come from this is an article on the Register reporting that the ISPA are stating that ISP’s will only comply with this if the IPAA and MPAA fund the projects as it will cost the ISP’s time and money for the work, and they are the one’s who will gain from it all at the end of the day so fair play to them I say.

Exit mobile version