Comcast, TOR, and DeepDotWeb – The Truth

Now that the post-Dragon Con buzz has gone, and it’s time to start looking critically at the net, there was a piece that caught my eye when someone posted it.

It was a link to a slashdot article, which says that Comcast is cracking down on TOR because it’s illegal. As I started to write this, Slashdot has updated it with an additional link, saying ‘Comcast denies it’. Yet the story is one with possible legs, so let’s take a quick look at it, eh?

darkdotweb-slashdot

The main source is a site called ‘DeepDotWeb’, a place I’ve never heard of. So I took a quick look at their ‘about‘ page. Not encouraging. The site claims to be mainly organised by non-native English speakers, and focuses on the darkweb and bitcoin. They cite significant knowledge of Silk Road (the first one) and founded the site as a ‘protest’, rather than a serious news source, saying “Our site was established as  a small “revenge” at our local authorities for busting our friend for buying drugs off SR1” – you can just feel the accuracy oozing from them, can’t you.

Let’s take a look at their article.

Comcast Declares War on Tor?

Well, what a start. A Headline Question. Betteridge’s law of headlines says the answer will be ‘no’. I’m inclined to agree.

If you needed another reason to hate Comcast, the most hated company in America, they’ve just given it to you: they’ve declared war on Tor Browser.

TOR, or TOR Browser? If they’re experts, they should probably know the difference. One is a protocol, the other is a piece of software for using that protocol.

Reports have surfaced (The first one was via /r/darknetmarkets and another one submitted to us) that Comcast agents have contacted customers using Tor and instructed them to stop using the browser or risk termination of service. A Comcast agent named Jeremy allegedly called Tor an “illegal service.” The Comcast agent told its customer that such activity is against usage policies.

cc

The Comcast agent then repeatedly asked the customer to tell him what sites he was accessing on the Tor browser. The customer refused to answer.

No, they didn’t. From the reddit ” He kept on repeating himself, asking what was I using Tor for,” is not the same as ‘tell me what sites on there you’re using‘. So already they’re creatively attempting to stretch the single reddit post into more than it is. that’s NOT the sign of someone reporting. That’s someone trying to create news. And secondly, someone submitted the second report to you? And they didn’t submit it to, say, the EFF, who have apparantly had no such reports, going by the tone of their blogpost on the topic.

The next day the customer called Comcast and spoke to another agent named Kelly who reiterated that Comcast does not want its customers using Tor. The Comcast agent then allegedly told the customer:

Users who try to use anonymity, or cover themselves up on the internet, are usually doing things that aren’t so-to-speak legal. We have the right to terminate,   fine, or suspend your account at anytime due to you violating the rules. Do you have any other questions? Thank you for contacting Comcast, have a great day.

How did Comcast know its customers were using Tor in the first place? Because Tor Browser provides online anonymity to its users,  This would mean that Comcast is monitoring the online activities of its users, to (among other things) check if they are following their Acceptable Use Policy.

Comcast has been using Deep Packet Inspection tools for years. They use them as part of  network management system. How this is a surprise to anyone, I don’t know. Remember, it’s been 7 years since we at TorrentFreak caught them using Sandvine to play around with Bittorrent use. These deepweb people clearly don’t pay much attention to what’s going on around them.

Comcast has previously been listed by the Tor project as a Bad ISP. The users of the Tor project listed Comcast as a bad ISP that is not friendly to Tor. The Tor project cited Comcast’s Acceptable Use Policy for its residential customers which claims to not allow servers or proxies under “technical restrictions.”:

use or run dedicated, stand-alone equipment or servers from the Premises that provide network content or any other services to anyone outside of your Premises local area network (“PremisesLAN”), also commonly referred to as public services or servers. Examples of prohibited equipment and servers include, but are not limited to, email, web hosting, file sharing, and proxy services and servers;

In fact, that’s ALL it says. It’s on the bad list because they don’t allow exit nodes, considering them to be servers, which they are. They have no issues with relay nodes however (been there, done that, this past weekend in fact). Most residential ISP’s have similar ‘no server’ terms in their TOS. It’s not nefarious, it’s just how things have always been.

A Comcast spokesperson told DeepDotWeb that:

We respect customer privacy and security and would only investigate the specifics of a customer’s account with a valid court order. And if we’re asked by a court to provide customer information, then we ask for a reasonable amount of time to notify the customer so they can decide if they would like to hire a lawyer and if they do, then we turn the case over to them and they proceed with the judge directly and we step away.

I’ve actually had experience of this. Anyone who’s been following the Patel Prenda case knows this is true. in fact, it’s been most of the focus of that case’s litigation for the past year.

However, this statement appears to be at odds with Comcast’s treatment of Ross Ulbricht, alleged Dread Pirate Roberts.

Comcast previously corroborated with the FBI by providing information on alleged Silk Road mastermind Ross Ulbricht’s internet usage. Ulbricht’s legal defense without a warrant. Ulbricht was most certainly never given a warning by Comcast or given time to contact a lawyer before he was arrested in a San Francisco library last October.

There’s a lot going on here. The main thing is misdirection. Comcast is referring to civil issues, such as with copyright issues, Ross Ulbricht’s case is not a civil one, it’s a Criminal one. Notice how DeepDotWeb didn’t specify what they asked Comcast. The reason is, it would undermine the point they’re trying to make. I think the point is made clear when Comcast says ”we ask for a reasonable amount of time to notify the customer so they can decide if they want to hire a lawyer’. That’s not how criminal prosecutions work.

Instead, this is DDW trying to spin something to make a point. Remember, Ulbricht is accused of being behind Silk Road, and as I’ve already pointed out, the ‘about’ page clearly shows their significant bias when it comes to that topic.

Comcast already monitors its customers internet usage to prevent them from downloading pirated media in violation of copyright laws. Under the “Six Strikes” plan, Comcast customers who are caught by Comcast pirating copy-written material are emailed by Comcast and told to cease the activity. Comcast will continue monitoring them, and if they violate the “Six Strikes” plan five more times, their internet service will be terminated.

Oh boy. I don’t know quite how to explain just how wrong this is. I’ve written previously about how Comcast is not monitoring your connection for copyright violations. Seriously, anyone that thinks they are is so poorly informed that I have to automatically put anything else they say in doubt.

I’m not one to stand up for Comcast (in fact, I’ve been VERY critical of them in the past) but I hate misinformation, and I hate people who DELIBERATELY spread misinformation.

EDIT 14.9.14: Removed a sentence that was wrong. Added link.

EDIT2 15.9.14:  Comcast released a post Setting the Record Straight on Tor denying the above and stating: “The anecdotal chat room evidence described in these reports is not accurate.”  Without explaining what is the “accurate” explanation?

Er, You guys made the claim, one without any evidence, except two ‘claims’. When we got the initial Sandvine claim, you know what we did? It wasn’t ‘run an article repeating it’, it was ‘start 6 weeks of tests nationwide’. Then and only then did we publish that Comcast Throttles BitTorrent Traffic, Seeding Impossible. There’s also this piece of law called ‘Libel’. It’s when you make claims that are not truthful. It’s difficult for people claiming to report the news to be prosecuted under it, but not impossible. However, it’s more likely if a company were to say something like “DeepDotWeb just made it up to finally get some pageviews, they’re a bunch of liars.” that they could be at least sued for Libel (even if Comacst prevails, the announcement of the suit is itself damaging). And notice they’ve already removed at least one wrong thing.

So I decided to do something about it, and posted a comment (and sent an email to their contact us link) Both saying the same thing. And unlike DDW, I’m not shy on sharing it with you.

darkdotweb-commentThe response, via email, was both baffling and made no sense at all.

From: DeepDotWeb Web <[email protected]>
Date: Mon, Sep 15, 2014 at 1:52 PM
Subject: Re: significant errors on “Comcast Declares War on Tor?” article
To: Andrew K`Tetch Norton <[email protected]>

Thanks!  And thanks for commenting as well.  this will be forwarded to the writer who wrote this article.

But anyway i might take the chance and ask you,  if there is no monitoring whatsoever than how would you explain this for example?

[quote]
Today I received a phone call from an agent from Comcast telling me that I need to stop using the illegal service Tor; as it is against the contract I have with CC, and it promotes illegal activities with such services as ‘The Silk Road, an underground market, used to distribute drugs and contraband, which is against state and federal law.’

I am quoting this fucker directly.
[/quote]

And i tend to disagree that this is “technologically unfeasible”,  since such monitoring is a pretty common thing in certain countries.

“Comcast is not doing the monitoring”  –  So its someone in their behalf, same thing.

Same for this one:  “anyone with a basis in copyright law would tell you it’s literally unfeasible” .  Totally wrong.  and i can tell you as someone who is heavily experienced with DMCA issues and the implications for service providers.

First, note the originating email – a regular old gmail account. Then, for a site about cryptography and where a PGP key is given at the top of the site, no signing of the email (if they’re unsure how secure it is,perhaps they can try my challenge). Good to know it’ll be forwarded, sure, but what about some sort of editorial oversight. Then whoever it is re-quotes the reddit post, and says ‘how do you explain this?’ Well, for a start, could we start with ‘perhaps he made it up‘ and go on with ‘where is your corroborating evidence?

Then we get to some contention, over monitoring. Sure, it’s not that hard to monitor for Tor, but its hard to see WHAT people are doing on TOR. Of course, my comment on technological feasibility was, as you can see above, about Comcast’s proactive copyright enforcement. Yes, once again they’ve taken a statement on one thing, to talk about something else.

Same with the next line, ‘someone in[sic] their behalf, same thing‘ – no it’s not. Not even close, nor is that characterization even remotely close to reality. finally they end with a boast about their ‘experience‘ in ‘DMCA issues and implications for service providers’. This is a straight up lie. Anyone who knows a lot about the DMCA would know how the 6 strike program works. Plus, it’s a US law, yet remember the ‘about’ page – they’re non-native English language speakers. They’ve got no chance negotiating their way through Legalese when most regular, native english speakers have problems with it.

So I replied, and unlike them, I digitally signed (because I sign ALL emails – I’ve cut the sig because it includes the first one, and becomes long, but I can produce it if needed), and sure I’m a little aggressive, but they spouted bullshit in their article, and now they’re trying to bullshit me via email.

From: Andrew Norton <[email protected]>
Date: Mon, Sep 15, 2014 at 2:12 PM
Subject: Re: significant errors on “Comcast Declares War on Tor?” article
To: DeepDotWeb Web <[email protected]>

Hash: SHA1

On 9/15/2014 1:52 PM, DeepDotWeb Web wrote:
> Thanks!  And thanks for commenting as well.  this will be forwarded to
> the writer who wrote this article.
>
> But anyway i might take the chance and ask you,  if there is no
> monitoring whatsoever than how would you explain this for example?
>
> [quote]
> Today I received a phone call from an agent from Comcast telling me that
> I need to stop using the illegal service Tor; as it is against the
> contract I have with CC, and it promotes illegal activities with such
> services as ‘/The Silk Road, an underground market, used to distribute
> drugs and contraband, which is against state and federal law./’
>
> I am quoting this fucker directly.
> [/quote]
>
> And i tend to disagree that this is “technologically unfeasible”,  since
> such monitoring is a pretty common thing in certain countries.

With TOR, sure. The packet’s are fairly unique in appearance, so the USAGE of TOR is visible. I am, however, talking about the 6-strikes stuff.
>
> “Comcast is not doing the monitoring”  –  So its someone in their
> behalf, same thing.

No, not on their behalf. Comcast are the target of the notices. You really don’t understand what’s going on, do you?
>
> Same for this one:  “anyone with a basis in copyright law would tell you
> it’s literally unfeasible” .  Totally wrong.  and i can tell you as
> someone who is heavily experienced with DMCA issues and the implications
> for service providers.

That’s nice. Except your previous paragraph shows you’ve not read the MOU behind the 6-strikes program, or have any understanding of the law in regards to copyright. And I say that as someone who is not only ‘heavily experienced’ in DMCA issues, but has appeared in Federal court on these kinds of issues as an expert witness, and as someone who put in a bid to do the independent evaluation of these methods for the 6-strikes program, and whose research into the LAST time Comcast tried screwing with bittorrent and copyright turned into a bit of a bigger deal (you might have heard of it – the ‘Network Neutrality’ fight.)

My bona-fides in this area are fairly well established, yours, not so much. So forgive me for not putting much weight behind your claims of knowledge.

Andrew “K`Tetch” Norton

Their response?

From: DeepDotWeb Web <[email protected]>
Date: Mon, Sep 15, 2014 at 2:41 PM
Subject: Re: significant errors on “Comcast Declares War on Tor?” article
To: Andrew Norton <[email protected]>

–  With TOR, sure. The packet’s are fairly unique in appearance, so the
USAGE of TOR is visible. I am, however, talking about the 6-strikes stuff.

Thanks for the confirmation.

About the 6 Strikes –  Sorry i mis-read your mail and did not fully understand you are referring to monitoring in that specific regard.
Not going to argue about that of course as i have little to no understanding about this program myself. And i can only forward this info to the writer or add you comment about this matter if you think some fix is needed to the statement.

About the DMCA issues –  As i have no real idea who you are i rather not go into my experience in this field and the similar situations to the above ones i had to deal with.

Needless to say that i highly appreciate you taking the time to comment on this matter.

That’s it. They ‘mis-read’ my email. In a week or two, they’ll admit they mis-read other things too? They also claim they’ve actually got no clue about the 6-strikes program (despite having called themselves an expert on most of it previously, since it’s somewhat related to the DMCA, understand one and you understand the other). But then we get to the kicker, the person behind it is ‘so super secret’ that they can’t reveal anything, because ‘secret!’, and they don’t know ‘who I am’. Dude, google is your friend. I’m not exactly an underground pseudonym only reachable via the dark-web.

It’s as if they’re afraid I’ll check up on that claim, and find it crap as well. And it probably is. If anyone was going to get a report about it, it would have been the EFF, their posts and twitter comments indicate they haven’t.

— Jeremy Gillula (@the_zeroth_law) September 15, 2014

Even their main source for this, the reddit post, strains credulity. He was contacted by Comcast and told something – ok, I can kinda see that might have happened, but to then call back, and speak to someone on this topic, and not make a recording of it – after we’ve had so many other similar Comcast calls that turned out to be outragous, and Comcast fessed up only after the recording. It didn’t even have to be complex either, the simplest of all is to put the phone on speaker, and then use the video recording feature to film the phone. Significant claims require significant evidence behind it, and there is none, not even a sausage. Just a reddit post, and a direct contact that may, or may not exist or be the same person.

 

There’s gaping holes in this whole piece, and in the entire claim. Does it hold up to scrutiny, I have to say No.

 

DeepDotWeb has no evidence, no consistency, no credibility, no research, and no story, except what they’ve spun into existence themselves.

 

Meanwhile, everyone has now been trolled by a group of know-nothings, trying to get traffic to their website.

UPDATE: 9/15/14 20:00. Seems the EFF hasn’t had any reports about TOR censorship. Since they’re perhaps the biggest org around on the topic, they’re the ones people would go-to first.

  • John

    Excellent, thoroughly executed dismantling. Thank you.