AT&T, 4chan, and Net Neutrality


Last night, allegations that AT&T was blocking access to parts of 4chan began to surface, and were quickly confirmed by users across the country.

Now, 4chan isn't something I read, as it has the (well-deserved) reputation as a cesspool of the internet, filled with fully anonymous juvenile humor and definitely NSFW shock-postings. Still, if AT&T is selectively blocking ANY site, it sets a disturbing precedent that violates long agreed-upon standards of net neutrality. If ISPs can block any site they feel like, we become no better than China. Even worse, what if they decide to start charging you for access to your favorite site. Want to use google and wikipedia? That's 10 bucks a month. Facebook will cost you another 5. Given that a free and unrestricted internet is the most democratizing technology to ever come along, net neutrality is pretty damn important.

Now that the dust from last night is starting to settle, it appears that the situation is not as bad as many feared. It appears that AT&T blacklisted 4chan, not because of content, but because they noticed unusual traffic patterns coming from the server that were degrading quality-of-service for some of their customers. In this case, 4chan is someone innocent, though, and was actually under attack by unknown third parties (which isn't unusual. /b/-tards like to stir up trouble).

This sort of attack is easy to explain using cell phones as an example. Suppose Alice calls Bob, lets it ring once, then hangs up. Bob gets a notification that he has a missed call from Alice, and then calls her back. But what if Alice could spoof her callback address, so that the calls appeared to be coming from a third party? So Alice calls Bob, hangs up, and Chuck's number shows up on Bob's screen. Naturally, Bob calls Chuck back, and Chuck gets angry at Bob for prank-calling him.

This may be what happened with 4chan, only instead of phone calls, SYN-ACK requests were used. SYN-ACK requests are part of the TCP protocol, and are essentially just a way for two servers to say "Hey, are you listening?" (SYN) and "Yes, I'm listening" (ACK). If an attacker (Alice) spoofs their IP address when sending a SYN to a server (Bob), then the server will try to reply to whoever's IP address is in the packets (Chuck). If this happens many times, it looks as though Bob is sending suspicious traffic to Chuck, possibly as some sort of denial-of-service attack.

AT&T seems to have picked up on this unusual traffic and temporarily blocked img.4chan.org, which was the server being attacked in this case.

What AT&T did wasn't completely unreasonable, from a technical standpoint. However, it was handled very poorly. If you're going to shut down someone's site such that 15% of the US can't reach it, both the site owner and people trying to access it deserve some warning and a full explanation. Instead, there was no notification until reports filtered in from around the US that AT&T was selectively blocking 4chan. AT&T then further clouded the issue by failing to alert its support staff, so that customer concerns could be adequately addressed.

So, to wrap things up, this doesn't seem to be the first shot fired in a war on net neutrality. It is, however, a chilling reminder that our ISPs are currently under no legal obligation to provide us with unfettered internet access. Should AT&T or Comcast want to start bundling up parts of the internet and selling them at different prices, or restricting access to site that they don't like, there's little we could do to stop them.

With this in mind, please write your congresscritter and tell them that you support The Internet Freedom Preservation Act of 2008. As far as I can tell, it's still languishing in House committee while congress's attention is elsewhere.

Americans likes to say that we live in the "freest country on earth". Let's make sure it stays that way.

"Eternal vigilance is the price of liberty." -- Wendell Phillips

Comments

Written by ace -

And once again, it NEVER fails with the incessant lying, as lying is a way of life for these hacker creeps. I salute AT&T for blocking viruses, trojans and nasty spider scripts, as that is what the REAL truth is as to WHY AT&T has flashed the middle finger [blocked] to 4 Chan. Why should AT&T waste time and energy in dealing with viruses, trojans and uncontrollable script programs emanating from the 4 Chan site? I don't condone censorship and I certainly don't condone lies "in the name of lulz". The only thing 4 Chan has proven again and again, is that they are infantile and violent. A bunch of two year olds who go on tirades. And just like an out of control two year old, they need some REAL hard slaps from the school of hard knocks. Any consequences or denial of internet access to AT&T customers due to NAZI actions emanating from 4 Chan [or any other hacker creeps for that matter], I pray that they are caught, rounded up, prosecuted beyond the extent of the law, thrown in a windowless cell and locked up forever until the day they die. I commend AT&T for taking the step forward and I sincerely hope that other ISP'S follow suit ASAP. ENOUGH IS ENOUGH. Hackers cause destruction, chaos, waste everyones time and energy. Normal people on the net are SICK AND TIRED of these two year old tantrum antics that 4 Chan displays on a daily basis. These hacker creeps really and truly need to GROW THE F*** UP.

Written by Chris -

a) your URL was removed because you're running a sleazy pyramid scheme. Having the nerve to criticize others for lying and being infantile while participating in something like that - well, it takes a certain amount of self-delusion. b) 4chan is filled with crap. NSFW crap, disturbing crap, occasionally funny crap (LOLcats and rick-rolling originated there). It isn't, however, filled with "NAZI actions" or "hacker creeps". There are a few script kiddies here and there, but that's true of any site where computer-literate 13 year olds hang out. To characterize them as hackers does a disservice to real computer coders and security professionals everywhere. c) The evidence is pretty solid that this was a QoS issue, not a content issue.

Written by Greg -

Chris, I had no idea you knew software engineering and web security to that extent. I, for one, commend and applaud the article. What the first poster doesn't realize is that this article really isn't about AT&T and 4chan, but about the possibilities that could evolve from a completely unregulated market. Pure privatization could take the form of totalitarianism, given that ISPs are rather large companies and few in numbers. I say keep it a free market, but also a fair market. Net Neutrality is essential to keeping the Internet free.

comments powered by Disqus