Saturday, August 6, 2011
While it is not clear yet what Net Neutrality means, there is already a way to know if your ISP breaks it:
This comes from Dan "I write code" Kaminsky (pictured), who presented n00ter during Black Hat security conference. See slides below (the relvant part starts at slide 66).
See also "Who Shapes Traffic in the US?" - here.
"Start with a VPN, that creates an encrypted link from a Client to a broker/concentrator. An IP at the Broker talks plaintext with Google and Bing, who replies to the Broker. The Broker now encrypts the traffic back to the Client. Policy can’t differentiate Bing traffic from Google traffic, it’s all encrypted.
Now, lets change things up — let’s have the Broker push the response traffic from Google and Bing, completely in the open. In fact, lets have it go so far as to spoof traffic from the original sources, making it look like there isn’t even a Broker in place. There’s just nice clean streams from Google and Bing. If traffic from the same host, being sent over the same network path, but looking like Google, arrives faster (or slower) than traffic that looks like it came from Bing, then there’s policy differentiating Google from Bing".
See "Black Ops of TCP/IP 2011" - here.