BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Researcher Announces N00ter, A Tool For Catching Net Neutrality Cheats

This article is more than 10 years old.
 

Internet service providers who quietly play favorites, beware. If Dan Kaminsky has his way, your days of sneaky filtering are numbered.

At the Black Hat security conference in Las Vegas Wednesday, Kaminsky released a free software tool for detecting when an Internet service provider (ISP) is artificially slowing down or speeding up traffic to and from a website, a program the well-known security researcher is calling N00ter, or "neutral router."

"How do you detect subtle violations in network neutrality? How do you detect biased networks?" Kaminksy asks. "I'm here as an engineer to tell you that we will find you out. And we will find out in a way that's incontrovertible."

For advocates of network neutrality--the idea that Internet service providers shouldn't privilege one service over another--the most disturbing possibility may not be that net neutrality dies outright. It may be that the principle crumbles imperceptibly: Sites that are customers or partners of the carriers sites might load slightly faster than their less favored competitors, and the difference is blamed on the someone else's hardware.

"It's the subtle changes that concern me. Bing is fifty milliseconds slower than Google. Is this the ISP or the million other things that could be slowing the site down?" Kaminsky asks rhetorically.

N00ter, a tool that Kaminsky plans to release in coming weeks, checks for those marginal traffic cheats. N00ter functions like a VPN, routing traffic through a proxy and disguising its source and destination.

But instead of encrypting the traffic in both directions, it instead spoofs the traffic from a Web site to a user to make it seem to be coming from any Web site that the user wants to test. That traffic can be compared with a normal connection to the site to spot any artificial changes in speed.

"All the other sources of change disappear and we're left with the one cause, the ISP," says Kaminsky.

Kaminsky, who rose to prominence in the security field by revealing a fundamental flaw in the Internet's DNS system at Black Hat in 2008, has designed that oversight to be tough to escape. Accounting for the possibility that an ISP might try to trick N00ter by filtering traffic that only goes through the tool in one direction, he's also built a complementary tool called Roto-N00ter that spoofs traffic in the other direction as well to catch the ISP filtering two-way traffic.

"The endgame here is that it's impossible to make a filter N00ter can't detect," says Kaminsky.

Kaminsky isn't the only one trying to create a watchdog program for detecting sneaky violations of net neutrality. Earlier this year FCC Chairman Julius Genachowski announced a competition called the Open Internet Challenge, aimed at fostering the creation of apps to detect net neutrality violators, though it has yet to produce a public program. "Our goal is to foster user-developed applications that shine light on any practice that might be inconsistent with the free and open Internet," Genachowski said at the time. "Empowering consumers with information about their own connections will promote a vibrant, innovative, world-leading broadband ecosystem."

So which ISPs has Kaminsky caught in the act with N00ter? He says he's not trying to catch anyone. "I would never embarass my firends the ISPs," he says dryly. "I'm just warning them now not to do anything you wouldn't want to see on the front page of a newspaper."

In fact, Kaminsky claims he has nothing against ISPs that do want to throttle bandwidth to certain sites, nor does he support or oppose network neutrality. "Whatever changes we have, they might as well be transparent," he says.

"People need data," Kaminsky adds. "My hope is that we can give people economy-promoting data at the network level. I just provide the data."