Perhaps you’ve heard that Cox Cable is blocking Craig’s List; the Net Neutrality militias tout this as an example of the kind of discriminatory behavior they’re going to protect us from. Their leader, the self-described know-nothing Matt Stoller says:
There’s a pervasive myth that there has been no discrimination on the internet against content companies. That is simply untrue. For one, Craigslist has been blocked for three months from Cox customers because of security software malfunctions.
Back on February 23rd Authentium acknowledged that their software is blocking Craigslist but it still hasn’t fixed the problem, more than three months later. That’s a heck of long time to delete some text from their blacklist. And this company also supplies security software to other large ISPs.
Without net neutrality protections, cable and telecom companies will have no incentive to fix these kinds of problems. Already, it’s quite difficult to even know that this is happening because they are quite easy to disguise.
The telcos are of course lying about this, claiming that no web sites have been blocked. And gullible reporters are falling for the lies.
But the real story is that Craig Newmark’s administrators don’t know how to set up their system. Here’s a comment I found on Save the Internet that will probably be deleted pretty soon:
Has anyone here actually read the response from Authentium? Far from “opaque,” it pretty clearly (if technically) explains the problem and why this has nothing to do with blacklists:
“The network packets coming from the Craigslist.org web site were unusual in that they contained a zero-length TCP window that usually indicates a server is too busy to handle more data. The Authentium firewall driver responded by sending data only one byte at a time. This slowed down the web request and made the Craigslist.org web page load very slowly or not at all.”
From RFC 793 (which defines TCP/IP):
” Flow Control:
TCP provides a means for the receiver to govern the amount of data sent by the sender. This is achieved by returning a “window” with every ACK indicating a range of acceptable sequence numbers beyond the last segment successfully received. The window indicates an allowed number of octets that the sender may transmit before receiving further permission.”
Returning a 0 means “please talk to me very slowly.” Literally it means “don’t talk to me at all” but because that’s nonsense, sites generally interpret it as “I’m overloaded; slow down.”
I’ve verified this response myself by connecting to craigslist:
15:52:00.751836 IP www.craigslist.org.http > lemming.ranjan.org.47734: S 1639327951:1639327951(0) ack 3799817961 win 0
Note the final “win 0? that confirms exactly the problem that Authentium claims.
Summary: craigslist told Cox to please speak to it very slowly. Cox did, but for longer than craigslist explicitly requested. Fixing this for craigslist could break other sites, so some caution in shipping a fix is justified.
The fact that SaveTheInternet posted this as an “opaque” response without further comment raises a question of how much STI actually knows about how the Internet works.
Somebody’s lying here, and it’s not Cox Cable or Authentium.
PS: I did my own inspection of Craig’s List’s TCP packets and found the same thing: their initial ACK advertises a Window Size of 0. By comparison, my blog advertises one of 5792, and so does Technorati.
Craig Newmark’s site is screwed up and he’s blaming Cox for it – and seeking a new law. That’s taking Internet retardation to a whole new level.
UPDATE: See Jim Lippard’s blog for a fuller explanation.
UPDATE 3: It’s worth noting that Matt Stoller blogs on myDD.com, half of the Kosola pay-to-blog scandal. Read more about that here or here. Some people will say anything for money. Net neutrality advocate Glenn Reynolds says blogs are a “low trust environment.” He doesn’t speak for this one.
UPDATE 4: Welcome Instapundit readers. Tom Foremski and Save the Internet refuse to own up to misrepresentation of the story.
Here are the facts:
1. Craig’s List isn’t blacklisted by Cox Cable and never has been.
2. Craig’s List puts out an improper TCP window size; other sites don’t.
3. Improper TCP causes some personal firewalls grief, and Cox used to distribute one, from Authentium.
4. As soon as the Craig’s List bug came to Authentium’s attention they created a patch, which you can get from Cox today. This patch probably ignores the initial window size Craig requests.
5. Craig’s List still puts out an improper TCP window size.
So how about a little honesty, Craig, Matt, Tim, and Tom?
UPDATE 5: Craig Newmark still refuses to acknowledge his bug. All he has to do is correct his TCP settings and the whole problem goes away. Why won’t he?
UPDATE 6: Go look at the system status page at Craig’s List and you’ll see some interesting problems with all sorts of other firewalls, including their own. And you’ll also see that their problem with the personal firewall Cox Cable gives away has had a known workabound since Feb. 23th. Why all the misdirection from Craig, Save the Internet, and Matt Stoller?
Incidentally, eBay is a minority shareholder in Craig’s List, and the sole owner of Skype. Is Craig doing his master’s bidding?
UPDATE 7: Authentium responds to Craig’s lying post. Their story is verifiable, Craig’s is fabricated.