Changing The Internet's Architecture Isn't So Easy
from the network-neutrality dept
Last week, Larry Lessig gave a talk at an FCC event at Stanford that makes a good jumping-off point for my ongoing series on network neutrality. In my previous installment, I made the point that both sides of the network neutrality debate have a tendency to over-estimate the ability of network owners to exert control over how their networks are used. Lessig certainly makes this assumption. He claims that "owners have the power to change [the Internet's architecture], using it as a tool, not to facilitate competition but to weaken competition." Do they? He doesn't spend any time explaining how networks would do this, or what kind of architectural changes he has in mind. But he does give an example that I think is quite illuminating, although not quite in the way he had in mind.
Lessig imagines a world of proprietary power outlets, in which the electricity grid determines the make and model of an appliance before deciding whether to supply it with power. So your power company might charge you one price for a Sony TV, another price for a Hitachi TV, and it might refuse to work at all with an RCA TV. Lessig is certainly right that that would be a bad way for the electricity grid to work, and it would certainly be a headache for everybody if things had been set up that way from the beginning. But the really interesting question is what a power company would have to do if it wanted to switch an existing electricity grid over to a discriminatory model. Because the AT&Ts and Comcasts of the world wouldn't be starting from scratch; they'd be changing an existing, open network.
Our hypothetical power company would need to develop some kind of handshaking protocol, so an appliance could prove to the grid that it was manufactured by "approved" manufacturers. This would require an elaborate and expensive transition process during which appliance makers re-designed their entire product lines to comply with the new standard. The handshaking protocol would have to be complicated enough that unapproved manufacturers couldn't fake it. And once the new appliances had hit the market, consumers would have to throw out all of their existing appliances and get new ones. It wouldn't be possible to allow old appliances to keep working, because in that case non-approved manufacturers could just camouflage their appliances to appear to the grid like "legacy" appliances. A transition to a proprietary electricity grid would, in short, be a multi-billion dollar effort that would require the close cooperation of the world's major appliance manufacturers, would take many years, and would probably still cause a ton of problems for customers when they discover they can no longer use older equipment.
Turning to the technology world, we don't actually have to speculate about what a high-tech architectural transition looks like. I've written before about the uphill struggle to get people to switch from IPv4 to IPv6. Nobody disputes that IPv6 has a lot of nice features that IPv4 doesn't. But the sheer amount of work needed to switch the world's networks over to the new architecture has so far proven an insurmountable barrier. The same was true of Intel's failed transition from x86 to Itanium; plenty of people liked the new architecture, they just weren't willing to spend the money required to re-develop all their software to run on it. Even successful platform transitions, such as Apple's shift from Mac OS 9 to Mac OS X, tend to be long, messy processes that require close cooperation between the platform owner and key developers.
A network owner wanting to change the Internet's architecture would have to go through a similar process, but it would have to do it largely without the help of application developers. There are thousands of applications and millions of websites that are built on open Internet standards. A change in the Internet's architecture would require changing those applications and websites to conform to the new requirements. This could easily involve billions of dollars of tedious work. And the companies that would have to do the bulk of the work—firms like Google, Microsoft, and Apple—would have no interest in participating in such a project. To the contrary, most of them are on record as supporters of network neutrality. It's just not conceivable that AT&T, Comcast, or another network owner could just flip a switch and "change the architecture" of the Internet. The Internet has become much larger than any one network owner.
There's certainly plenty to criticize when ISPs block specific protocols. We've certainly given Comcast a hard time for screwing around with BitTorrent. But it's totally misleading to look at such incidents as a change in the architecture of the Internet. Comcast's network still operates on the same open architecture it always had. New applications still work by default unless Comcast specifically configures its firewall to block them. The Internet's open architecture doesn't completely prevent Comcast from interfering with customers' traffic, but because the company doesn't control the software stack, it can't do much more than clumsily block protocols it doesn't like. And after a lot of bad publicity, customer anger, and legal pressure, Comcast appears to be backing away from that strategy too. It looks to me like Lessig is dramatically underestimating how hard it would be for even a major broadband provider to change its network's architecture in any significant way.
Other posts in this series:
- Censoring The 'Net Is Hard
- Ownership Doesn't Always Mean Control
- Changing The Internet's Architecture Isn't So Easy
- Revolving Door Undermines FCC's Watchdog Role
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: architecture, larry lessig, net neutrality
Reader Comments
Subscribe: RSS
View by: Time | Thread
Really?
What if Comcast signs a deal with Blockbuster Downloads or Amazon Unbox and all of a sudden Netflix downloads quit working? Since a lot of people have no other choice but Comcast, they will simply switch to Blockbuster or Amazon. Netflix' business, which relies on an open internet, is halted. And don't say, "Too bad, they chose a poor business model", because they are still sending discs and are not allowed to lay cable in every neighborhood. BTW, Xbox and PS3 downloads quit working this morning as well. But Blockbuster works, because they have a(n exclusive) deal with Comcast.
Regardless of how "open" an architecture the web is, the fact remains that if AT&T, Verizon, Time Warner and Comcast all got together (read as were bribed/pressured by big media when signing their cable TV contracts) and were forced to block P2P torrents, P2P as we know it would cease to exist, even if it still "technically" was out there working. If 90% of America can't access it, it will cease to exist.
Government-regulated network neutrality is a requirement on the internet. And I distrust government-regulated anything.
[ link to this | view in chronology ]
Re: Really?
Come on, man -- I live inside the Beltway and even I'm not that foolishly ethnocentric! Oh, and there's the fact that, as Tim's noted in the past, it's nye on impossible to block encrypted torrents -- SSL may be weak, but not so weak that they could break and sniff all those packets just to traffic shape. So there's that whole technical limitation -- no need to fear.
Of course, I agree with inc -- those kinds of practices should be illegal (thought it's hard to tell these days) and should be trust-busted fairly quickly (hopefully) -- of course, it's not hard to imagine a public outcry so deafening someone like Lessig could end up in charge.
[ link to this | view in chronology ]
Re: Really?
Really? If you were a Netflix customer, is that how you'd react? If it were me, I'd go back to getting my Netflix DVDs through the mail before I'd give in to that kind of blackmail.
Moreover, I think there's a reasonable chance that Netflix could set things up to evade such tactics. They can distribute their files via encrypted BitTorrent as well as the pirates can. And given the kind of media outrage that a such a move by Comcast would likely generate, I bet most customers would be willing to go to the extra trouble of downloading the new, encrypted version of Netflix to stick it to Comcast.
On top of that, while many customers don't have an alternative to Comcast, certainly some of them do. And it's hard to think of a tactic more calculated to drive their customers into the waiting arms of AT&T or Verizon.
[ link to this | view in chronology ]
Re: Re: Really?
[ link to this | view in chronology ]
Re: Re: Re: Really?
If Comcast were stupid enough to try such a stunt, I think this kind of pressure would make them back down pretty quickly. So I wouldn't have to "do without" for very long. Just long enough to convince Comcast that it had made a horrible business mistake.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
This analogy is off base
[ link to this | view in chronology ]
Re: This analogy is off base
But today if I want a reserved 10mbps MPLS from Chicago to Seattle on AT&T, AT&T will have no problem with me reserving that 10mbps just for me (slowing down anyone else who would have used that on an unreserved basis...this of course assuming that they don't reserve that space for future customers which they actually do.)
It wouldn't be too far fetched for JoeMassiveCompany to pay AT&T to guarantee that downloads anywhere on AT&T's network are treated as a high priority (yes that would probably cost a lot but...).
Now JoeMassiveCompany might also do the same with Qwest, and all AT&T & Qwest interlinks. Would every ISP respect this same priority, nope...but it does help Qwest and AT&T customers buy stuff from Joe.
So technically they are interfering with everyone who is not going to JoeMassiveCompany's site/services.
Has this been done before? You bet, just on smaller scales.
[ link to this | view in chronology ]
Re: This analogy is off base
More to the point, Google would have a strong incentive not to give into that kind of bullying, because once it agreed to pay Comcast, it would know all the other ISPs would follow suit. So it would be willing to accept a blockage from Comcast's network for a few weeks until Comcast backed down rather than inviting all the other ISPs to try the same stunt.
Comcast doesn't get anything from blocking Google. It only gets something if it can get Google to pay it protection money. And so if Google stands its ground, Comcast will eventually give up, because they're going to be able to charge their customers less money if their Internet access doesn't include access to Google.
[ link to this | view in chronology ]
Re: Re: This analogy is off base
I think it's more likely that the vast majority of Netflix and Google users absolutely will not understand what's causing a slowdown in the service. Those users will be far more likely to decide to move to Blockbuster or Yahoo or whatever competitor isn't being slowed down. So it becomes a battle of our outrage versus the apathy of the general public.
[ link to this | view in chronology ]
Re: Re: Re: This analogy is off base
[ link to this | view in chronology ]
Re: Re: Re: Re: This analogy is off base
I think the issue here is many geeks see this kind of behavior as an attack on the freedom of the internet. To us the implications are far wider than Netflix suddenly having poor performance; it reaches across a platform many of us know and trust.
For non-geeks those other issues don't matter. Non-geeks aren't going to care if Netflix pays a protection fee or not. They just want it to work. And if Netflix starts slowing down, and Blockbuster remains quick as ever, people will switch.
I cannot envision the day (as nice a day as it may be) that the general public examines the Netflix situation closely enough to determine Comcast is at fault. Most people will not make that connection. They'll just go to what works.
Just as Techdirt received many complaints over the Amazon Prime $79 dollar charge, I doubt very many customers will take the time to determine where the real fault actually lies.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: This analogy is off base
Incidentally, this is one of the reasons I'm glad there's a network neutrality movement, even thought I don't agree with their legislative agenda. They've raised the public profile of network neutrality and made people a lot more concerned about it. This makes it much more likely that if ISPs start screwing around with applications that normal people use, it will get a significant amount of press coverage.
[ link to this | view in chronology ]
And, No, I Don't Have a Brown Cat
This piece makes several assumptions. I'll pick on two.
First, you rail against Prof. Lessig and talk about how difficult it is to change "architecture". Yet your own quote from Prof. Lessig has the reference to "architecture" in brackets, which typically means "well, he didn't say 'architecture' in the exact quote, so I'll fill it in". While generally such brackets in quotes aren't a big deal, since the focus of your piece is on that specific term, it would be a really good idea for you to either provide the complete quote or something to prove that Prof. Lessig really did talk about "architecture" there. That's just good journalism.
Second, you make a logical fallacy in your analysis, akin to "my cat is brown, therefore, all cats are brown". You are correct that there are facets of the Internet architecture that are difficult to change (e.g., IPv4 vs. IPv6). That does not imply that all facets of the Internet architecture are difficult to change.
The Comcast "toss-a-RST-packet-at-the-BitTorrent-problem", forging packet headers, publishing invalid BGP routes, and the like are all attempts to change the architecture of the Internet. One ISP doing them does not change the architecture; many ISPs doing them does. Remember that the architecture of the Internet is not set down by physical laws, nor by international statute, but only by standards and peer pressure to adhere to those standards. If enough players with power decide to, in effect, alter the standard for data passing through them, that does alter the architecture, simply because it means the standards and peer pressure have broken down in some area.
@Mr. Landolt:
Bear in mind that the Comcast screwing up BitTorrent scenario is a new kid on the block with respect to the net neutrality debate. You're right, encrypted torrents cannot readily be blocked.
However, the "classic" net neutrality scenario has focused on middlemen changing Internet behavior based upon data origins -- YouTube being put in the "slow lane" unless YouTube pays protection money, sites espousing certain politics being blocked by ISPs owned by folk espousing other politics, etc. Determining the endpoints of a data connection is comparatively trivial compared to real-time decoding an SSL stream, at least until the whole of the Web is hosted on encrypted BitTorrent, which seems unlikely.
[ link to this | view in chronology ]
Re: And, No, I Don't Have a Brown Cat
The full lecture is available at the link above, so I figured that anyone who cared would be able to watch the video and see for themselves. The expanded quote (At around 5:05) is "in a concentrated market, owners have the power to change that thing. The power to change the architecture. Using it now as a tool, not to facilitate competition but to weaken competition." I think the use of square brackets was justified.
As for the Comcast reset business, I don't think it really makes sense to talk about what Comcast did as a change in the Internet's architecture. Comcast installed a traffic shaping tool that interfered with a specific protocol under specific circumstances. For most other protocols and in most other circumstances, it continues to be a vanilla TCP/IP network. And there's no sign that other ISPs are planning to begin using the same BitTorrent-reset strategy Comcast is.
The kind of architectural change Lessig is alluding to would be a change that gave Comcast significant control over who was using its network and what protocols they were using. For example, if Comcast changed things so that endpoints had to authenticate themselves and their protocols with Comcast before they were allowed onto the network, that would be an architectural change. That would allow Comcast to easily block applications it didn't like and easily charge third parties for the privilege of connecting to the network. But clumsily interfering with one (or even several) particular protocol doesn't change the fact that the underlying architecture is open.
And the rise of BitTorrent header encryption is a good example of this. Because Comcast's network architecture is still fundamentally open, it doesn't have any good way to block the use of encrypted protocols. Doing that would require some fundamental changes to the network architecture (Adding some additional authentication requirements, for example) and my claim is that they'd find it extremely difficult to do that.
[ link to this | view in chronology ]
Re: Re: And, No, I Don't Have a Brown Cat
Yes, now that you provided the offset to the quote. Asking people to "watch the video and see for themselves" is akin to quoting from a book and expecting people to read the whole book, rather than provide a page number for the quotation. It's one thing if you're linking to the Web page containing the textual quote that one could search on using their Web browser.
According to Azureus, 47 ISPs worldwide are flagged as "limits BitTorrent bandwidth". It may be they don't all use the RST trick; the site doesn't say, and their roster may or may not be accurate.
But, I stand by my assertion that, if a significant percentage of the ISP community elects to employ any change that materially violates the IETF RFCs, such as the RST trick, that represents a change in the de facto architecture of the Internet, particularly since there is no de jure architecture.
Bollocks. Just apply the RST trick to all SSL traffic coming from consumer endpoints and destined for ports other than 443. Unless SMTP servers are shipping email between each other using SSL -- and I don't think they are -- normal SSL traffic is a drop in the bucket compared to any encrypted torrenting, so if they see a large uptick in SSL traffic, it's probably BitTorrent. Do you really think Comcast will care if a few unauthorized SSL VPNs break?
Does the Internet architecture limit the scope of what Comcast (or any ISP) can do to subvert the way things are supposed to work? Yes. That's still a mighty big playground though, and worse if there's collusion between ISPs on how to do the subversion.
Truth be told, I'm actually not that worried about the Comcast-BitTorrent scenario. To me, they're just implementing a crude form of QoS, and I don't have a problem with QoS strategies so long as they treat all parties the same. However, the Comcast-BitTorrrent situation demonstrates that ISPs are willing to do whatever they like with the packets flowing through their network, which means we have to be vigilant before more serious net neutrality violations become the norm.
[ link to this | view in chronology ]
Re: Re: Re: And, No, I Don't Have a Brown Cat
It's not necessarily possible to determine which traffic is encrypted, especially if the BitTorrent designers are trying to camouflage it, (which they're already starting to do) so the rule would have to be "block all traffic I don't recognize," which would sweep up a lot more than a few VPN connections. Also, what's to stop them from using port 443?
The fundamentally open character of TCP/IP means that no matter what filters Comcast puts in place, a sufficiently determined hacker will be able to camouflage BitTorrent traffic so it looks like one of the categories of traffic Comcast allows. At the extreme, they could use make-believe HTTP sessions on port 80. The result is going to be a cat and mouse game that neither side will ultimately win. Only more fundamental architectural changes, in which endpoints have to prove they're legit before they're allowed to transmit information, would give Comcast the ability to permanently block traffic it doesn't like from its network.
[ link to this | view in chronology ]
Re: Re: Re: Re: And, No, I Don't Have a Brown Cat
This provides a temporary advantage. Like you say, it's an arms race: if the torrent encryption scheme is documented well enough for anyone to create a compatible client, then it'll be documented well enough for somebody to figure out how to sniff for it. I'll admit that in an arms race of pure software, the "barbarians" (i.e., general public) always win.
Most TOS I've seen from ISPs say that consumer connections can't host Web sites. That basically means they have right to block inbound 443 with impunity. If sufficient ISPs do this -- whether as an anti-BitTorrent measure or merely as a technical enforcement of their existing TOS -- then 443 won't be viable.
In the abstract, I agree with you. In the concrete...I'm not so sure. BitTorrent is fairly bi-directional, and there are few protocols in wide consumer use that are bi-directional, involve significant volumes of data transfer, and aren't something the Comcasts of the world wouldn't want to squash, anyway. Videoconferencing, maybe.
I think it's too early in the game to be able to declare a draw.
Only in the case of P2P, where they're trying to block arbitrary endpoints based on the content of the traffic, where the traffic keeps shifting ports and is encrypted.
In the case of well-known endpoints, they can do what they want with ease. VOIP-selling ISP want to make Vonage seem lousy? Just heave a bunch of RST packets on connections to Vonage's servers. Cat-hating ISP want to foul up access to LOLCATS? Just heave a bunch of RST packets on connections to major LOLCATS sites.
In the narrow case of Comcast trying to spark a revolution against the existing Internet architecture by RST-ing BitTorrent, odds are they wouldn't be able to pull it off. That doesn't mean the RST-what-you-want pattern won't become popular in other areas (IIRC, it's believed to be how the Great Firewall of China works), and, as I keep saying, if enough ISPs decide to change the rules, they're changing the architecture of the Internet, like it or not.
The nature of the Internet limits how ISPs can easily mess with it, outside of collusion. However, it's far from impossible, and I feel that's how you're portraying it. Remember, the Titanic was unsinkable, the Maginot Line was impregnable, etc.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: And, No, I Don't Have a Brown Cat
Where we seem disagree is about how much power the ability to (mostly) block certain protocols gives to Comcast. My contention is that it will be effective at pissing off its own customers, but will be of limited value in getting third parties to cough up extra money. You disagree. Which is reasonable enough. I just think that Lessig's framing of the issue significantly overstates Comcast's omnipotence.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Don't be naive.
All an electric power provider would have to do is to raise their base price and then offer "discounts" for approved device usage. Approved devices could send encrypted usage reports back over the power line to the meter which would keep track of total usage and approved device usage. Any usage in excess of approved device usage would be considered unapproved usage and charged at a higher rate. No rewiring of the customer's premises would be required at all. Device manufacturers would probably enthusiastically support such a plan because it would promote the early replacement of existing devices with the latest "approved" ones. Everybody would make money but the end user who wouldn't have much choice because of the power company's natural monopoly.
Now before you trot out that old line about how "nobody would ever put up with something that" (famous last words) I'd like to point out that, in a way, they already are. The power company in my area already has a scheme in place that doesn't even require a new meter. Basically, if you buy and install a major appliance from their "approved" list they will give you a rebate on your electric bill. So in effect they have have found a way to charge people more for using unapproved appliances without even having to change a thing electrically. What kinds of deals have they worked out with the "approved" appliance makers? I don't know but people certainly are putting up with it. I guess no one wants to do without electricity.
[ link to this | view in chronology ]
Re: Don't be naive.
Second, I am hoping that this "approved list" is simply anything with an Energy Star (or similar 3rd-party) rating. This is for the purpose of saving energy, not lining pockets. Or at least it's partly for saving energy. :-) If they really have a list of appliances that you can get a discount for, with no transparency about how that list came to be, then that is a serious problem. Inappropriate opacity at best, more likely corruption.
[ link to this | view in chronology ]
Re: Re: Don't be naive.
They prefer to call it "innovation".
[ link to this | view in chronology ]
Re: Re: Don't be naive.
They can charge whatever they want (or the market will bear) in many places. It's called deregulation. You should go look it up.
[ link to this | view in chronology ]
Wow this is kinda scary
[ link to this | view in chronology ]
Re: Wow this is kinda scary
That means you DO like the idea of net neutrality. Net neutrality means the carriers treat all traffic the same, regardless of who sent it. Note that this is a different issue than treating traffic differently based on what kind of traffic it is.
[ link to this | view in chronology ]
Neutrality vs. startups/small biz/innovation
If possible, this strikes me as the real problem...where boring, incumbent companies with lots of capital become harder to compete with. Artificially [i.e. through lawyering] raising the cost of doing technology businesses...not good.
[ link to this | view in chronology ]
Re: Neutrality vs. startups/small biz/innovation
If you're talking about trying to extort money from the customers of other ISPs with the threat of blocking access, I think ISPs would find that difficult to accomplish. I talk about that scenario in some detail in my forthcoming network neutrality paper, and I may get to it in a future installment of this series, but it's not something I can easily get into in a Techdirt comment. :-)
[ link to this | view in chronology ]
[ link to this | view in chronology ]