taint.org: Justin Mason’s Weblog

• eircom advertising on ThePirateBay.org?! : oh dear, someone really screwed up there
  (tags: piracy pirate-bay eircom ads doubleclick google oops funny via:damien)

• Cheney Waits Until Last Minute Again To Buy Sept. 11 Gifts : pure Onion genius
  (tags: cheney 9/11 theonion onion humor us-politics)

• We haven’t changed the name of the conference to ‘Over Quota’ : moral: don’t try hosting anything useful on Google App Engine until it’s ready — which it decidedly isn’t yet
  (tags: app-engine google quota fail bandwidth hosting via:simonw)

Tags: 9/11, ads, app-engine, bandwidth, cheney, doubleclick, eircom, fail, funny, google, hosting, humor, onion, oops, piracy, pirate-bay, quota, theonion, us-politics, via:damien, via:simonw

As I noted on Monday, the Irish branches of several major record companies have brought a case against Eircom, demanding in part that the ISP install Audible Magic’s Copysense anti-filesharing appliances on their network infrastructure.

I thought I’d do a quick bit of research online into how they do their filtering. Here’s what the EFF had to say:

Audible Magic’s technology can easily be defeated by using one-time session key encryption (e.g., SSL) or by modifying the behavior of the network stack to ignore RST packets.

It’s interesting to see that they used RST packets — this is the same mechanism used by the “Great Firewall of China” to censor the internet:

the keyword detection is not actually being done in large routers on the borders of the Chinese networks, but in nearby subsidiary machines. When these machines detect the keyword, they do not actually prevent the packet containing the keyword from passing through the main router (this would be horribly complicated to achieve and still allow the router to run at the necessary speed). Instead, these subsiduary machines generate a series of TCP reset packets, which are sent to each end of the connection. When the resets arrive, the end-points assume they are genuine requests from the other end to close the connection — and obey. Hence the censorship occurs.

But there’s a very easy way to avoid this, according to that blog post:

However, because the original packets are passed through the firewall unscathed, if both of the endpoints were to completely ignore the firewall’s reset packets, then the connection will proceed unhindered! We’ve done some real experiments on this — and it works just fine!! Think of it as the Harry Potter approach to the Great Firewall — just shut your eyes and walk onto Platform 9¾.

Clayton, Murdoch, and Watson’s paper on this technique provides the Linux and FreeBSD firewall commands they used to do this. Here’s Linux:

   iptables -A INPUT -p tcp --tcp-flags RST RST -j DROP

For FreeBSD, the command is:

   ipfw add 1000 drop tcp from any to me tcpflags rst in

So assuming Copysense haven’t changed their approach yet, it’s trivial to block Copysense’s filtering, if both ends are running Linux or BSD. I predict if Copysense becomes widespread, someone will patch Windows TCP to do the same.

I love Audible Magic’s response:

The current appliance happens to use the TCP Reset to accomplish this today. There are many other technical methods of blocking transfers. Again, we have strategies to deal with them should they ever prove necessary. This is why we recommend our customers purchase a software support agreement which provides for these enhancements that keep their purchase up-to-date and protect their investment.

in other words, “hey customers! if you don’t have a support contract, you’re shit out of luck when the p2p guys get around our filters!” Nice. ;)

Tags: audible-magic, censorship, copysense, eircom, filtering, internet, ireland, p2p, rst, tcp

RTE reports that 4 record companies, EMI, Sony BMG, Universal Music and Warner Music, have brought a High Court action to compel Eircom — Ireland’s largest ISP — to prevent its networks being used for the illegal downloading of music:

Willie Kavanagh, Managing Director of EMI Ireland and chairman of IRMA, said because of illegal downloading and other factors, the Irish music industry was experiencing a “dramatic and accelerating decline” in income. He said sales in the Irish market dropped 30% in the six years up to 2007.

EMI and the other companies are challenging Eircom’s refusal to use filtering technology or other measures to voluntarily block or filter illegally downloaded material. Last October Eircom told the companies it was not in a position to use the filtering software.

(I wonder if those dropping sales in the Irish market comprise only CDs sold by Irish shops? 2001 to 2007 is also the time period when physical sales have given way to online shopping on a gigantic scale, especially for music.)

The Irish Times coverage includes another interesting factoid, which appears in a lot of press regarding this case:

Latest figures available, for 2006, indicate that 20 billion music files were illegally downloaded worldwide that year. The music industry estimates that for every single legal download, there are 20 illegal ones.

A little research reveals that that figure comes from the IFPI Digital Music Report 2008. I’d have a totally different take on it, however. In my opinion, the figure is probably correct, but not for the reasons the IFPI want them to be. There are a number of factors:

• it’s bloody hard to buy legit MP3s online. You can buy all sorts of shitty DRM-laden formats, or rent access to files that “expire”, or buy MP3s in certain jurisdictions but not in others, or on certain platforms. So this is the main reason, in my opinion, why legit music downloads are a lot lower than they could be – because it’s tricky to get a legit download!

  By contrast it’s a lot easier to log in to a filesharing service and download high-quality, DRM-free MP3s. Consumers have indicated that DRM frustrations drive them to filesharing sites, and no less than the Executive Vice President of the MPAA recognises this. (It looks like the IFPI dispute this, however.)

• people, given the opportunity, tend to download free music, whether or not they plan to listen to it. It could be called the “radio effect”; they might listen to it, or they might not, there’s no pressure. If they have to pay for it, however, they’ll only download the stuff they really want. I definitely noticed this when the legal download site EMusic switched from an “all you can eat” model to a certain number of files per month; I immediately stopped downloading tunes speculatively, and restricted myself just to the ones I had already decided I wanted.

• on BitTorrent filesharing sites, downloaders need to maintain high sharing ratios — so they download files just in order to re-upload them, regardless of whether they want them or not. (so I’m told. ;)

There’s more commentary on the 20-to-1 figure here.

The IFPI Digital Music Report 2008 also notes:

“2007 was the year ISP responsibility started to become an accepted principle. 2008 must be the year it becomes reality”

Governments are starting to accept that Internet Service Providers (ISPs) should take a far bigger role in protecting music on the internet, but urgent action is needed to translate this into reality, a new report from the international music industry says today.

ISP cooperation, via systematic disconnection of infringers and the use of filtering technologies, is the most effective way copyright theft can be controlled. Independent estimates say up to 80 per cent of ISP traffic comprises distribution of copyright-infringing files.

The IFPI Digital Music Report 2008 points to French President Sarkozy’s November 2007 plan for ISP cooperation in fighting piracy as a groundbreaking example internationally. Momentum is also gathering in the UK, Sweden and Belgium. The report calls for legislative action by the European Union and other governments where existing discussions between the music industry and record companies fail to progress.

So it seems Ireland is the vanguard of an international effort by IFPI members to force ISPs to install filtering, worldwide. It seems the same happened in Belgium last year — and I reckon there’ll be similar cases elsewhere soon.

Either way, I doubt this will be good for Irish internet users.

(PS: while I’m talking about buying MP3s online — a quick plug for 7digital. Last time I used them, I had a pretty crappy experience, but the situation is a lot better nowadays. They now have a great website that works perfectly in Firefox on Linux; they sell brand new releases like the Hercules and Love Affair album as 320kbps DRM-free MP3s; they support PayPal payments; and downloads are fast and simple — right click, “Save As”. hooray!)

Some other blog coverage: Lex Ferenda with some details about the legal situation, and Jim Carroll.

Update: EMI Ireland seem to be singing from a different hymn-sheet than their head office… interesting.

Update 2: I’ve taken a look at the Copysense filtering technology, and how it can be evaded.

Tags: eircom, filesharing, ifpi, ireland, isps, law, mp3, music

Over the weekend, this really hit the Irish blogosphere — several Irish guys have apparently figured out the algorithm used by Eircom to generate WEP keys.

I blogged that page in the link-blog this morning, but it’s worth writing about a little more. WEP is apparently easy to crack nowadays, so in a way all those wifi users were insecure anyway — but this is interesting as a case study of how not to write a key generator:

• Compiled code != secret: the first mistake Eircom made was to generate the WEP key entirely from a little “secret” text, some “secret” shuffles, and the serial number of the hardware. There should always be some randomness in there. Compiled code running on a user’s desktop, is not secret.

• Don’t share secrets: Secondly, it’s a good demo of why you don’t generate two separate key values from the same source data. In this case, both the WEP key and the SSID are generated from the Netopia router’s serial number — and sufficient bits are accidentally exposed in the SSID to enable computation of the WEP key. (This is kind of moot in many cases, since the serial number is also exposed in the MAC address, in even more detail.)

As far as I can tell — although it’s not quite clear who did what — that guy Kevin Devine did a pretty great job of reversing this code. Nice one.

I’m impressed that there’s now an app which detects the static tables (S-boxes, constants etc.) used in crypto algorithms — that idea seems very clever in retrospect, hadn’t occurred to me.

Here’s a boards.ie thread where this exploit was discussed; there are plenty more details there, if you’re curious. It seems this has been quietly floating around back-channels since the start of September.

(By the way, am I missing something, or did Eircom ship unstripped binaries for the key generator library? I could swear that when I looked at the Boards thread earlier today, there was a cut-and-paste from IDA Pro listing a function prototype. Oh dear; if so, add that to the ‘case study’ list above. ;)

It seems Eircom are now recommending all customers switch to WPA — good luck with that, since it’ll break all those Nintendo DSes. That won’t be popular!

Tags: eircom, ireland, reverse-engineering, security, wep, wifi, wpa

Argh, it’s never easy.

After this post, the consensus was that nowadays, Eircom have a pretty good quality of service for their DSL offerings, taking both price and service into account. I was happy enough to go with that, so I ordered their “Eircom broadband always on 2MB and Eircom talktime anytime bundle”, back around the middle of April.

I had a great call with the sales agent, Hazel. Everything went swimmingly, we were all set for the modem to be delivered and the service to be up and running in 10 working days — by May 1st April 30th. I asked for an order reference number and she said I didn’t need one, it was all handled in their system. Great!

Unfortunately it seems the call centre staff never got that quality-of-service memo.

Come May 1st, there was no sign of the modem, so I rang Eircom’s order line to see how things were going. To my horror, the staff I talked to told me that there was no record of my previous order, or call… it was as if that call had never taken place at all. No part of the order had even started.

As a result, I’ve had to reorder from scratch. The previous 10 working days we’ve waited counts for nothing. (The agents lie through their teeth about this, though — one agent says they’ll send it out in the “next 3-5 days”, the next agent insists that we have to wait the full 10 days, and the next says somewhere in between — anything to get us off the line within 4 minutes.)

This is bad news, since we’re waiting on the broadband to move in — since I work from home, we can’t move in until we have a good ‘net connection.

We can’t even make a complaint to Eircom about this fuckup, because they refuse to take complaints without the original order number to reference — the one that “Hazel” told me wasn’t needed anymore. Now that’s bureaucracy. Attempts at escalation just wound up with a dead end, where supervisors had no names and had left the office at 10am anyway. >:(

Best of all, their online complaints system now takes a maximum message length of 400 characters, so you can’t even provide a detailed written complaint online anymore. (That is, not unless you submit the complaint in 15 separate parts…)

What a fiasco.

So we now have to wait until May the 15th. We’ve submitted the complaint via the aforementioned 15 parts, and postally; if they don’t take action on those, we’ll complain to Comreg (and let’s see what that’s worth).

But here’s a question — assuming they fail to deliver the second order within time this time around, can we cancel at that stage? There’s a minimum contract length of 6 months, but since the service hasn’t been delivered, I would hope that hasn’t started yet. The terms and conditions document says:

“Ready for Service date” (otherwise “RFS date”) means the date on which eircom establishes the Facility for the Customer.

3.1 This Agreement shall commence on the Ready for Service date and shall be for the Initial Period. Provided that this Agreement has not been terminated in accordance with its terms or in accordance with the Regulations, this Agreement shall thereafter automatically renew for successive six-month periods. For the purposes of this clause 3, a six-month period will be calculated from the anniversary of the RFS date.

3.2 The Customer may cancel its order for the Facility at any time prior to the RFS date. In the event of such cancellation by the Customer it shall be obliged to return any Kit, which may have been provided to it by eircom. Any Kit shall be returned to eircom by posting it to the freepost address detailed in the welcome pack. In the event of any Kit not being returned to eircom within fourteen (14) days of the cancellation of the Order for the Facility, the Customer shall be charged by eircom and shall pay to eircom such sum as is set out in the Regulations as being the charge payable in respect of the non-return of any Kit.

So I guess as long as the facility — the ADSL line — is not up and running, I’m clear to cancel, right? It’s a little worrying that the “facility” doesn’t include the “kit” — ie. the broadband modem, though; if they fuck up sending out the modem, but the line is up, am I liable for 200 Euros?

In terms of who are viable options to switch to — in my opinion it’s got to be fixed wireless, since everyone else now would have to go via Eircom’s exchanges anyway, and be delayed there. So — Irish Broadband. I know they had some pretty massive problems 2 or 3 years ago, but recently I’ve been hearing good things about them, Boards.ie has some reasonably good-sounding recent experiences, and half of my new neighbours (srsly!) are using them with great results. Anyone got recent news about how useful they are with service quality and install speed for their Breeze product in the D9/D11 area?

Alternatively, Ripwave might make a reasonable stop-gap option? 120 euros is the minimum fee (6 months at 18.95 per month), which is better than the money I’m paying now to live in two houses…

Alternatively anyone know an Eircom engineer in D9/D11 that can nip over to the exchange and plug in my connection on the DSLAM? ;)

Tags: broadband, bureaucracy, comreg, eircom, home, ibb, incompetence, ireland, irish-broadband, ripwave

I’m moving house. Naturally, first priority after getting the keys is getting the broadband set up ;)

Current broadband: BT DSL. Supposedly “up to” 3Mbps — however, as with most DSL connections in Ireland, it’s rate-adaptive RADSL, which means it trades off connection speed against distance to exchange and line quality.

Sadly, this has really deteriorated since the last time I checked! A “bing” test between the BT-supplied DSL router and the far end looks like this:

BING    10.18.72.1 (10.18.72.1) and 193.95.142.243 (193.95.142.243)
        44 and 108 data bytes (1024 bits)
193.95.142.243: minimum delay difference is zero, can't estimate link throughput
193.95.142.243:  6.966Mbps 0.147ms 0.143555us/bit
193.95.142.243: minimum delay difference is zero, can't estimate link throughput
193.95.142.243: 19.692Mbps 0.052ms 0.050781us/bit
193.95.142.243:  4.697Mbps 0.218ms 0.212891us/bit
193.95.142.243:  3.261Mbps 0.314ms 0.306641us/bit
193.95.142.243:  3.170Mbps 0.323ms 0.315430us/bit
193.95.142.243:  2.479Mbps 0.413ms 0.403320us/bit
193.95.142.243:  2.723Mbps 0.376ms 0.367187us/bit
193.95.142.243:  2.688Mbps 0.381ms 0.372070us/bit
193.95.142.243:  2.716Mbps 0.377ms 0.368164us/bit
193.95.142.243:  2.065Mbps 0.496ms 0.484375us/bit
193.95.142.243:  1.984Mbps 0.516ms 0.503906us/bit
193.95.142.243:  1.270Mbps 0.806ms 0.787109us/bit
193.95.142.243:  1.017Mbps 1.007ms 0.983398us/bit
193.95.142.243:  1.002Mbps 1.022ms 0.998047us/bit
193.95.142.243:  1.008Mbps 1.016ms 0.992187us/bit
193.95.142.243: 983.670Kbps 1.041ms 1.016602us/bit
193.95.142.243: 993.210Kbps 1.031ms 1.006836us/bit
193.95.142.243: 987.464Kbps 1.037ms 1.012695us/bit

--- 10.18.72.1 statistics ---
bytes   out    in   dup  loss   rtt (ms): min       avg       max   std dev
   44   762   758          0%           2.524     3.858    19.083     2.194
  108   762   762          0%           2.639     4.187    58.273     3.079

--- 193.95.142.243 statistics ---
bytes   out    in   dup  loss   rtt (ms): min       avg       max   std dev
   44   762   761          0%          13.061    20.025    78.689     8.226
  108   762   760          0%          14.213    17.954    61.137     4.697

--- estimated link characteristics ---
host                              bandwidth       ms
193.95.142.243                      987.464Kbps      10.536

987Kbps is not 3Mbps any more, not by a long shot. I’d say I now have a lot of new friends adding contention at the ol’ DSLAM. I’m paying way too much money for what I’m getting :(

(Update: actually, it may not be contention. Judging by boards.ie traffic, high-contention situations in Ireland are usually faster in the mornings and daytime, then slower from 4pm-9pm as the commuters and kids get home — however, this slowdown is pretty consistent across all times of day.)

(Update 2: as of right now, late afternoon on Apr 12, it’s the worst I’ve seen it — packet rates of 600Kbps, and packet loss of 5%-20%.)

On top of this, they have the really annoying daily disconnection policy, which I have hacked around with IPv6 and a VPN, but which still manages to waste my time and cause aggravation, even after frickin’ months of pissing about.

For this, and the packaged phone service, I’m paying just under EUR 60 per month, including all call charges and VAT.

At that price, Eircom are offering a pretty good bundle — free connection, free modem, 2Mbps downstream, 256Kbps upstream, unlimited free local and national calls at all times, 5% off calls to mobiles, 10c/min calls to the UK and US.

Now, a drop to 2Mbps may seem a lot, but bear in mind I’m getting just under 1 right now! I’m pretty sure the new gaff will have similar-quality lines and exchanges. Also, if I get the 2Mbps line, and the attenuation and S/N statistics indicate that it can support 3Mbps, I can always upgrade pretty easily.

The only problem now is getting over my revulsion at buying from Eircom, ugh…

Am I missing something? Does that Eircom bundle not include line rental maybe?

Tags: broadband, bt, dublin, eircom, esat, esat-bt, home, ireland, lazyweb.ie

In this article by Salam Pax, about how he got into weblogging, he says:

While the world was moving on to high-speed internet, we were being told it was overrated.

Heh, sounds like an Eircom quote ;)

Tags: article, eircom, heh, internet, pax, quote, salam, world

No, not the supposedly politically-motivated nul points for the UK, the much more scandalous way that RTE ignored democracy and the popular vote in favour of their own autocratic ‘Star Chamber’ jury. Outrage! Boo!

‘Voters had a five-minute slot in which to register their selections after all of the songs had been performed. Because Ireland was third of the entries to disclose its voting, the phone lines could not be kept open for any longer than the five-minute slot. Eircom, which operated the phone lines, had agreed with RTE’ that it would collate all of the votes within nine to 10 minutes of lines closing. While the company fulfilled its obligation, RTE’ decided to use a jury verdict rather than phone votes. …

(My emphasis.) Hmm… methinks the journo doth protest too much.

Eircom said its decision not to charge voters for their calls was a goodwill gesture and should not be interpreted as an admission of failure on its part regarding its role in the voting. ‘The system and the technology on our part worked as it should have on the night,’ a spokeswoman said.’

Aaaaah. I get the picture.

Tags: democracy, eircom, jury, nul, part, phone, rte, slot, voting, way

‘It’s the Latency, Stupid!’, a fantastic article explaining why latency is sometimes more important than simple bandwidth.

This was found via Karl Jeacle’s comments on eircom’s DSL, which are very illuminating in themselves – although probably not too interesting for non-Irish folks ;). But the relevant part is the explanation of why they enabled interleaving on eircom’s DSL network (summary: to get more reach, as far as I can see).

Tags: article, bandwidth, dsl, eircom, explanation, latency, network, non, part, stupid

Eircom have halved the price of their DSL offering to 54 euros (including VAT). It still has a cap at 4Gb. Still, getting there. I wonder what the competition will do…

Tags: cap, competition, dsl, eircom, offering, price, vat, wonder

man, this is sweet! BBC front page coverage for Ireland Offline…

“Eircom has cited congestion of the network and not enough demand as the arguments against unmetered (internet access),” said Mr (Dave) Long (IO chairman).

BT-owned ESAT is just one of the telecom operators challenging Eircom to offer a wholesale unmetered product.

“There is huge pent-up demand and our ears are sore from listening to our own customers. For Eircom to say there is no demand is condescending and naive,” said (Una) McGirr (of ESAT BT).

Maybe what Eircom mean, is that there’s not enough demand to outweigh the unfeasibly large revenues they make from metered internet calls…

Tags: bbc, coverage, demand, eircom, esat, internet, ireland, man, offline, page

A bit of black humour for you, from the IrelandOffline forums. This is a true story.

“This chap explained to my Dad that one of the main reasons for the slowness of technologies like ADSL getting rolled out in Ireland was because of (hinderances) like the weather … My dad went on to tell him about Canada. …”

“Yer man of course had no answer to this and eventually he gave in and admitted that Eircom are failing in so many areas that he’s actively seeking employment elsewhere. He’s had his fill of being managed by so many different managers and being told different things from different people every day and and (every) time he’s tried to be helpful to a customer by bringing the matter up with someone senior he gets fobbed off to some other manager and so on and so forth until in the end he has no option but to give up and just tell the customer there is nothing he can do even though he can do it but not without permission and this permission is impossible to get.”

There’s plenty more like this. “The bad weather in Ireland prevents Eircom from rolling out DSL”. You can only laugh. The best bit is, of course, that DSL is basically a modem and a few DSLAMs installed in the exchange.

Maybe that’s why it’s a problem? Could be Eircom forgot to install a roof on their exchanges — and telco equipment typically is not at its best when fully exposed to the elements. sounds likely enough to me…

Tags: bit, course, customer, dad, dsl, eircom, humour, irelandoffline, permission, weather

Eircom gets beaten up by regulator. Check out this quote: “As eircom has failed to supply all the relevant information, I have set interim prices [...] Eircom’s approach with respect to costing and the level of response and co-operation on this issue is not acceptable.”

MEDIA RELEASE For Immediate Release April 30th 2001 Telecoms Regulator sets prices for Local Loop Unbundling.

Etain Doyle, Telecoms Regulator today (Monday 30th April 2001) cleared the way for implementation of local loop unbundling. In a Decision Notice today the regulator set prices for access and directed changes to eircom’s Reference Access Offer. Monthly line rental is fixed at €13.53, or £10.66.

According to the Regulator ” while there has been an LLU reference offer available from Eircom since the due date of 31 December 2000, this was incomplete and non compliant in several respects. In order to ensure that consumers are in a position to derive the benefits that Local Loop Unbundling can bring I have decided to intervene and set prices.”

Local Loop unbundling has to potential to increase significantly the range of competitive services available to businesses and consumers. It requires the network owner to provide access to the copper pair connecting an individual telephone subscriber to the nearest point of interconnection with the main telephone network at the local exchange. This allows new entrants to offer a full range of broadband services directly to the customer.

The regulator continued “As eircom has failed to supply all the relevant information, I have set interim prices based on the information available to me. Despite repeated requests and the clear direction that the 30th April was the final date for the determination, there are still very substantial gaps in the material provided to me by eircom. Eircom’s approach with respect to costing and the level of response and co-operation this issue is not acceptable.” These charges set are based on data from eircom, benchmarking and other reviews and analyses by the ODTR of efficient operator costs. They are within the range of pricing in other EU countries. The line rental at €13.53 is within the EU range from €8.23 to €19.51, and connection at €119.73 compared with €47 to €221.69.

The setting of these prices does not relieve eircom of its responsibility to address the deficiencies in its pricing proposals and to make a comprehensive re-submission to the ODTR on all matters.

Tags: access, april, eircom, information, local, loop, regulator, release, respect, response