Internet Service Providers in British Columbia will begin charging users who go over their monthly data limit, according to a story in the January 27, 2011 edition of the Vancouver Sun.
The story states that Shaw, one of BC’s largest ISPs, will give users two warnings before it starts charging them between $1 and $2 a gigabyte for however much they go over their monthly limits.
Similarly, Telus, Shaw’s main competitor, will also warn users before charging them $2 per GB for however much they go over their monthly limits.
Before charging the extra fees, both ISPs will offer offending users the option of upgrading to a plan that has higher data limits.
The story’s author, Chad Skelton, states that of all the various types of online activities a user can engage in, the only one that is likely to put you over your monthly data limit is watching (or downloading) video, especially high-def video.
For the most part, I agree with Mr. Skelton. For example, if you are a Netflix Canada user, you can use up a lot of data in a short time, as I discussed in my Netflix Canada review a few weeks ago.
In theory, this new “user pay” system is fairer than the status quo because heavy internet users will pay more than light internet users. However, I would like to see more details about how Shaw and Telus will implement their usage tracking systems so that I can determine whether the systems are truly “fair”. I can foresee some practical problems that could result in you paying for traffic that you don’t want and that you didn’t initiate.
For example, a rogue user could flood ping your IP address, quickly generating “junk” traffic that would probably count towards your monthly limit. In Linux, it’s extremely easy to do a flood ping. Just run the following command, replacing <some-IP-address> with the IP address you want to ping:
sudo ping -f <some-IP-address>
Flood pings are relatively easy for a smart firewall to detect so hopefully Shaw and Telus already protect you from that.
Another source of junk traffic is a UDP flood. I won’t show you exactly how to do it but it’s a trivial task to implement a UDP flood tool. For example, you could run the
nc command (also known as netcat) in UDP mode in an endless loop. Furthermore, if the rogue user’s ISP does not carefully monitor outgoing traffic, the source IP address of the UDP flood can be easily forged (i.e. spoofed) to hide the source of the junk traffic.
To make matters worse, a UDP flood could actually cost you twice the amount of junk traffic as what the rogue user sent because your firewall will likely reply to the rogue user’s IP address with an ICMP destination unreachable response containing a copy of the junk data that was sent to you. This is illustrated by the following two examples from the rogue user’s point of view and the victim user’s point of view.
Rogue-user@bad-computer:~$ echo “some junk data” | nc -u 172.16.1.27 50000
Victim@good-computer:~$ sudo tcpdump -n -A dst 172.16.1.25 and icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
14:40:58.783055 IP 172.16.1.27 > 172.16.1.25: ICMP 172.16.1.27 udp port 50000 unreachable, length 51
E..G.?..@..b……….Wz….E..+.?@.@..-………..P..[.some junk data
In the above example, Rogue-user sends “some junk data” to Victim and Victim sends it back to Rogue-user, thereby exacerbating the junk traffic problem.
Another source of junk traffic is spam. For home users, this is not a major problem because your email provider (typically your ISP or a service like Gmail) has already filtered out most of your junk mail before it arrives at your computer. However, for companies that host their own mail server, this can be a huge source of traffic. For example, I have seen some corporate mail servers where the vast majority (90% or more) of mail traffic is from spam or attempts to send spam. Companies can mitigate this traffic, to a certain extent, by firewalling out known spammer IP addresses but, in practice, this is always a “moving target” and is easier said than done. Tarpits can also help too but you’ll never prevent all spam traffic.
Time will tell whether this new over-limit charging system is good for consumers. Meanwhile the debate will rage on.