dot org slash blog

For the past 7 months or so, its been known that my current ISP, Time Warner Cable, was investigating implementation of severe bandwidth caps on the internet services they provide. I’ve kept an eye on such news, as it would likely concern me greatly in the future were it to actually happen.

Here’s the numbers[1]:

“…tiers will range from $29.95 a month for relatively slow service at 768 kilobits per second and a 5-gigabyte monthly cap to $54.90 per month for fast downloads at 15 megabits per second and a 40-gigabyte cap.”

Those numbers are absurd, and they know it. What has interested me, though, is what my own usage was. Until lately, I had no method of measuring this. By extension, asking all subscribers to limit their internet usage to such low levels when they cannot meaningfully quantitate what their usage requirements are is a giant disservice to all subscribers.

Not quite a month ago I updated the firmware on my router, which runs DD-WRT. (Which reminds me, I need to update again to grab that DNS cache poisoning fix). This update included persistent metrics for bandwidth usage. In the span of 26 days, I have received 42.4GB and sent 24.85GB for a grand total of 67.25 GB. Extrapolated to a full 31 day month, I would have overshot the highest cap they mention with a solid 80.19GB, TWO TIMES their highest service level.

In this 26 days I have:

1. Used IRC.
2. Read RSS feeds.
3. Watched youtube videos.
4. Torrented a couple TV shows a week. This has dropped off toward the end of the month, as Doctor Who completed for the year and I finally got caught up on it.
5. Watched a couple TV shows on adultswim.com a week.
6. Purchased 5 albums from amazon.com.
7. Purchased 1 game and two expansion packs from Steam. This alone added 8GB to my total.
8. Browsed the web as usual.
9. Done the email thing.
10. Installed apps on my phone over wifi.
11. Infrequently used VPN for working from home.

I have not:

1. Downloaded any Linux ISOs. This is a common enough activity for me, though, and a 1:1 ratio of a DVD ISO torrent would nail 10GB on to the allowed cap. I did download the ELDK one time, though, so that would contribute 5GB to my total.
2. Updated my linux install(s) as often as I should. Currently 200MB of updates are ready to be installed on my Desktop. Patching all of my computers (3 at the moment) could easily chew through 2 or 3GB of downstream bandwidth.

An interesting data point: Over the course of three days in the month (after I bought that game from Steam), my usage dropped dramatically. I was booted into Windows, and spent all my computer time playing Civ4 with a bit of light web browsing. During this time, my daily usage was around 200MB, being comprised of SSH traffic to my server box (from myself and up to 3 other people), the usual amount of IRC traffic, AIM, and the occasional foray into web browsing. For most purposes I was NOT using the internet at all, but my bandwidth usage would have gone over the cap TWC allows for their $30 a month plan by 1GB if extrapolated to a 31 day month.

It is painfully obvious that the proposed caps are entirely inadequate for the needs of a technically-minded subscriber such as myself, and it seems that the tiers are comprised of ridiculous pairings of speed caps and total usage caps.  The $30 tier allows for 5GB usage with a rate limit that would allow for around 245GB, so you’re allowed to use 2% of its capability without being charged more. That’s about 15 hours in a 31 day month at max download speed, and a $270 ballpark maximum bill for service and bandwidth overage.  For the top tier it gets even weirder. The $55 teir cap is 40GB, and its capable of handling around 4.7TB at maximum usage. That’s a generous 0.8% usage capability without having to pay more money, or a solid 6 hours of pegging the modem. The ballpark maximum bill on this teir is a comical $4919.It would be cheaper at that point for them to just charge you for the bandwidth at $1 a GB and to hell with the 40GB ‘allowance’.

I can’t help but think that this is a move to keep TWC’s additional services, being cable TV and telephone service, competitive.  If this was not the case, and their problem was actually congestion, one would expect to see caps that are closer to being in line with bandwidth costs. $1/GB minus some margin for profit would mean that TWC would be hemorrhaging cash with their current ‘all you can eat’ plans now. They aren’t ($1.2B net earnings in 2007).  If you assume its to discourage use of the internet as replacements for traditional media and communications to protect their other sources of income, though. It makes more sense. Caps this low make internet media useless, and free-or-inexpensive 3rd party VOIP a costly choice. This will likely become a problem for TWC, though, as protectionist business measures are inferior to trying to innovate to maintain a bottom line. Screw the customer, and the customer will buy from someone who sees that screwing as an opportunity to make a dollar. Ask IBM about this.

The worst portion of this whole idea is that it asks non-technical people to measure something that they do not have the skills to quantify, under penalty of unexpected fees. This more than anything degrades the quality of the service provided by TWC, as it’s a return to the days of time-metered dial-up accounts, only substitute willful internet connection with bandwidth usage that the average subscriber does not and likely cannot understand. “Oh, windows tells me there’s a new security update! I don’t have the bandwidth left this month to download it, though, so I’ll just wait until next month.” Meanwhile, the unpatched but now known exploit is used to compromise their machine with some spam virus, making the internet suck more for everyone else and more importantly costing the subscriber additional money.

The only way you solve the patch download issue has rather large ramifications. Like emergency services, the ISP could not track OS patching traffic. Its pretty simple, just don’t count the bytes when they come from Microsoft, right? Well, no. This drives would drive the ISP into the arena of being a content-arbiter, as:

1. There are a number of operating systems by a number of vendors. Some ISPs try to claim they only support Windows or OSX. Support, however, is a far cry from ‘blessing’ MS and Apple update traffic and charging for Ubuntu, Suse, FreeBSD, and the functionally infinite number of OS vendors that exist. Right now using Linux on any ISP is both possible and easy. They just refuse to fix problems with your random choice of OS. This is a reasonable, though somewhat annoying, practice.  Blessing patch traffic on a functionally arbitrary basis is at least a violation of net neutrality (which the FCC has recently had favorable opinions on while slapping Comcast on the wrist), and at worst has the drippings of activity that would raise anti-trust concerns. (I’m the last person who asks the government for intervention into civil matters like this, but for all the negative government activity surrounding business regulation at least there’s the occasional possibly favorable outcome.)
2. Not all security patches are from OS vendors. In fact, it’s more common to get upstream patches from vendors on Windows than Linux, so this problem is already a giant issue when you ignore the geeks. Another, larger, functionally infinite set of sources for ‘blessed’ traffic.
3. Due to the two previous concerns, white-listing this activity is a difficult, perhaps unsolvable, problem without requiring massive investment into quantifying and ‘partnering’ with blessed vendors. Nobody wants this.
4. Content arbitration like this makes your service useless to the sort of user who will pay for $55 a month internet.

The other issue with having to measure traffic as the uninformed user is that they do not have enough understanding about what goes on with their computer that comprises the amount of bandwidth they use. They don’t understand how much traffic is sent from a machine doing odd things like synchronizing the system’s clock, checking for updates, doing DNS lookups, pinging their mail server to see if mail is there, keeping connections open with IM service providers, etc., let alone how to reduce bandwidth usage from active internet use. I can’t see it being a good idea to ask these (currently profitable) subscribers to take the time to monitor and adjust this activity when its constraints are unknown to them under penalty of a larger bill.

All of this means that if my ISP expands this practice, I will not subscribe to their service any longer. I can take my $550/year to a number of other telecoms, and I’m sure they’d be glad to have it.

This entry has gotten to be gigantic so I think I’ll cap it (:D) here, just in case someone reading this only has 5GB to play with a month in the future.

1: Quoted from the AP who quoted a TWC representative. The AP are idiots who are trying to scam fair use in citations, and thus I will not link back to them. I don’t care for their reporting or their incorrect view of copyright law. The facts, however, are useful.

I went to grab autotools so I could play in the source tree of a rather popular open source project. From their “Write Code” page:

Building is straight forward and familiar if you’ve ever built software on Linux before. We use the standard autotools suite for our build environment.

“So hey, I’ll go just apt-get install autotools! That’ll work!”

<chris@zwei> ~$ sudo apt-get install autotools
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package autotools

“That’s not great. However, I can just open up Synaptic and search for “autotools”, and it’ll point me at the packages I want!”

Searching brings up autotools-dev, and a few other packages, which aren’t what I want. Crap.

*google*

Oh, so I need libtool, automake, and autoconf to install Autotools?

*install*

Oh, look, I still need intltoolize. I bet Synaptic can find the package name if I search for that!

No?

Okay, I’ll try running intltoolize in a shell and the magic stuff ubuntu has will find it for me!

$ intltoolize
The program 'intltoolize' is currently not installed. You can install it by typing:
sudo apt-get install intltool
bash: intltoolize: command not found

Amazing!

Of course I have something called intltool-debian installed, but that’s obviously useless for what I want to do. I’ll install intltool.

Hey, it actually runs now! Not entirely, as there’s still some autoconf voodoo I need to deal with.

Conclusions:

• Synaptic is both useless, in that it can’t find what package an executable name is in,  and annoying, because it grabs the dpkg lock the second it starts up so I can’t search with it and use apt-get to actually install things. This wouldn’t be a problem if Synaptic didn’t clear my search results every single time I install something.
• Ubuntu’s package repositories are both comprehensive and uselessly grouped around the smallest packages imaginable. This makes task-oriented software installation much harder than it should be.
• Whatever magic powers my shell telling me what package to install in order to get an app I don’t have when I try and run it is way more useful than Synaptic ever was.
• Autotools might just be evil.
• This needs to be much clearer and easier than it is now.

Someone build me a (Debian | Ubuntu) that doesn’t do the following:

1. Split packages into libfoo and libfoo-dev
2. Not install manpages when gcc is installed
3. Append absolutely absurd version strings to packages (nvidia-glx-new 169.12+2.6.24.13-18.41)

If this crap keeps up, I’m going back to Slackware.

Unrelatedly, I filed a bug today.

EDIT: Alternatively, give me a giant checkbox at install time that says “YES I AM A DEVELOPER INSTALL DEVELOPMENT THINGS ON MY SYSTEM.” I’d forgive the version string sin for that.

Today I needed to rent a trailer. I went to U-Haul, because they have trailers. There I was told that they don’t rent to my kind (people who drive Explorer and Explorer Sport-Trac vehicles) because our vehicles are ‘unsafe’. Now I don’t patronize U-Haul.

From their FAQ:

Ford Explorer owners: U-Haul has chosen not to rent behind this tow vehicle based on our history of excessive costs in defending lawsuits involving Ford Explorer towing combinations. This policy is not related to safety issues. This is an unusual circumstance for U-Haul – we have built our success for over 59 years by saying “yes” to our customers, and do not like saying “no” instead. We apologize for any inconvenience this may cause and are committed to working with our customers to find alternative options to help with their move. Please contact 1-800-GO-UHAUL (1-800-468-4285) for assistance with alternative options.

From Wikipedia

On December 22, 2003, U-Haul, the largest North American equipment rental company, announced that they would forbid their outlets from renting trailers to persons planning to tow behind Ford Explorers due to liability concerns.[3] This however was completely baseless by that time as the problem had been corrected with the tire recall, and the corrected inflation recommendation.

If you would turn down guaranteed business today because of an assumed outside shot at being sued tomorrow, you are stupid and I will not give you my money.

The best part of it is that they will rent to owners of rebadged Explorers, such as the Mercury Mountaineer, Lincoln Aviator and Mazda Navajo variants.

Applications of Computer Science problems/topics in real life are always amusing.  They really hammer home the need for good discipline in software development, but work slow enough that the software engineer can easily identify the problem and a solution to negate it in the future.  This week I was lucky enough to be on the receiving end of the consequences of a concurrency problem/timing attack caused by poor system design.

I recently moved into a new apartment and had my utilities transfered over.  My move-in date was fairly close to the previous occupants move-out date – I believe there was a week between the two events. They were subscribers to Time Warner cable, as am I. This led to a minor but harmless locking issue, as I could not schedule my service to transfer to the new apartment until they had scheduled theirs to be disconnected. I like to get such things taken care of early, so this was a small pain, but eventually the lock was released and my install was scheduled.

On the Monday after I moved in, the cable fellow came to my door, and delivered to me sweet, sweet internet. Previous to this the cable worked (extended basic cable, to be specific), which I thought was odd, but I dismissed it. I carry on with my life, no longer relying on unsecured wireless access to communicate with the outside world.

On the Friday after I moved in, at around 11:30 AM,  my  connection to the world was severed abruptly.   Additionally, though it was not the same heartbreaking loss, I no longer had cable TV.  I got on the horn with Time Warner and requested that a tech be sent out again as soon as possible to remedy this. After some brow beating, the customer service representative “scheduled” a tech to come out the following morning between 8 and 11. Finding this acceptable, I went on with my life.

The next morning, no tech shows up and I have a lovely four hours sitting in my living room in my PJs getting stood up by my cable company. Time Warner’s customer service line rings again, and I have a long, drawn out conversation with another CSR about the situation. I was informed my appointment was canceled and that I have a new one for 1 to 4 PM the following Tuesday.  After I finished having blood shoot out of my eyes and was transferred to Customer Retention Department (while I was very serious about wanting to cancel my account, the CSR I was talking to was not the most skilled worker bee they have and Retention people are much more effective), investigation revealed that the CSR previous scheduled my appointment for Tuesday and then backdated an “Incomplete Install” ticket to get the Saturday appointment. Dispatch was less than pleased, and just disregarded the order without notifying me.  The Retentions fellow was helpful (though a liar), and promised to try and expedite the tech visit while giving me a free month of service. Whatever. My appointment still happened on Tuesday, at around 1 PM, and I had to miss some work for it. I’m still angry, but I have internet now and this isn’t really the focus of the story.

While the Tech was here removing the filter that had suddenly found itself on my cable line, I asked him about the situation. He said that it is very likely there was a disconnect order from the previous subscriber that was fulfilled a little late, and that problems like this are very common in multiple occupancy residences such as an apartment complex.

It seems to me that a small change in their operating procedure can easily eliminate this problem entirely. They obviously have ability to ‘lock down’ changes to service to a unit based upon the existence of a previous subscriber. The issue here is that they lock on the wrong part of the transaction (or at least incompletely acquire the lock for the transaction) for adding tasks to their scheduling mechanism.  The lock allows only an authorized subscriber to schedule a task for a unit, but the lock is not rechecked for when the task runs at a later time, and can run at a later time when the subscriber no longer holds the lock. This means you can craft a very slow timing attack against another Time Warner subscriber after you move out and disconnect their service to annoy them for a good four days, since local monopoly cable companies don’t really give a crap when a customer has a complete loss of service.

How to not issue a passport: an instructional example provided by the U.S. Dept. of State

On Sun, 2007-05-27 at 21:42 -0500, Homer Montgomery wrote:
> A passport? Do we have to smuggle you? It might get chilly in the baggage hold. I’ll bring a blanket.

I’m really trying to avoid having to take an extra day off of work and haul ass to Houston to deal with the passport agency directly, but if it comes down to it that may likely be how I spend my Wednesday. They’ve been jerking me around on how long this would take and even whether or not I’d need an appointment if it came down to seeing the agency in Houston.

I’m so amazingly irritated about this right now. 13+ weeks for a passport when I was told 6 when I applied, the people answering the phones when you call the help line are useless, having to call 20+ times to even get to talk to a useless person (rather than put you on hold, they just drop your call if load’s too high), etc.

• T minus 14 days, it’s “Lets send a message to get this expedited. Call back in 3 business days.”
• T minus 9 days, it’s “They just responded to that email three hours ago, you should have your passport around Thursday.”
• T minus 8 days, it’s “You should be able to call and at least get your number by Friday”
• T minus 7 days, it’s “You still have until Thursday next week. Don’t worry. There are people who are leaving tomorrow who don’t have theirs yet.” at which I pointed out I do NOT have until next Thursday if they’re wanting to overnight the damn thing to me.
• T minus 6 days, it’s “They shouldn’t have told you things would be ready by today. Call back on Tuesday and go to Houston if it’s not ready then.” I think I nearly lost it after this phone call.

If you can’t tell, I’m intensely frustrated at this bureaucratic nonsense. I think it’s gonna take a fair bit of Ouzo to fix that once the government actually decides to let me leave.

I was going to save this entry for after I received my passport, but it’s increasingly looking like by the time that happens I’ll be trying to not go stir crazy on a trans-Atlantic flight or trying to figure out how to fix my travel plans so I can meet up with everyone in Greece because the U.S. Congress stupid policy and stupiderly the U.S. State Department could not handle the entirely expected increase in passport demand.

Lets take a second to think about this. For some reason which I can’t even begin to find justification for the US government thought it wise to require passports for everybody flying around North America, and in the near future everybody engaged in sea and land travel. Whatever the reason the policy was put in place (Supposedly the WHTI is a reaction to the 9/11 Commission report, but requiring passports of US citizens doesn’t fit the bill of useful anti-terrorism legislation [if there is such a thing]. That’s another tangent all together, and I’m lacking the tin foil hat to really ramble off on that.), this is a manufactured problem. The one entity who in all likely hood has travel statistics for all the NAFTA nations controls the production of U.S. passports. The WHTI was passed in 2004. This is 2007. Even with, at minimum, all of 2005 and 2006, the State Department failed to add appropriate facilities to handle the demand they knew was coming. Their new passport facility came on line two months ago, one month after the first of the regulations started affecting travel, and thus far has made an 80k dent in the backlog. Fantastic. Why wasn’t it up and running before the new requirements went into effect? I can understand entirely an entity having trouble reacting to an unexpected surge of activity, but to prefix your customer service line with “due to an unprecedented demand for U.S. passports…” pretending that this is something which could not have been anticipated when they created the demand themselves is just absurd.

Just as amazingly shocking is the ‘customer’ service system itself. This is the first I’ve experienced such an amazingly useless system enacted under the guise of service for something. The online tracking system does nothing but provide the requester with a mysterious number four weeks (!) after submitting an application. I have yet to find a use for that number in any other passport related activities. There’s also the help line, which is apparently the busiest customer service line in the history of telecommunications. I’ve never dealt with a phone answering system which had a five minute (!) three choice menu that would disconnect you at the end because “all representatives are busy.” While I quickly realized I should remember the menu choices I need to dive through the menu in around six seconds, that’s still pretty shocking. With that going, on average I was able to complete an attempted call in 17 seconds. Each time, it told me to stay on the line twice before disconnecting. Over the past week I’ve used something around 170 minutes on my cell phone plan trying to talk to a real person, in a (fairly pointless) attempt at getting my passport going. Each 17 second attempt pegged me for a minute, thanks Cingular! Anyway, after dialing my thumbs raw and holding for what seemed like an eternity, each time I got to speak with a friendly and useless person who would (pretend?) to send a message to the passport creation wizards to get this going, and we’d have a conversation about why this is happening, why the government is failing so much at hadling this properly, what I did wrong (which was always nothing, according to the useless customer service person), and what I could do to correct the situation (this ranged from wait and it’ll magically get sent to you to “get thyself to Houston, good sir!”). Then I’d hang up, re-plan the remaining time I have in my head, and the cycle would begin anew.

Now, all that remains is Monday (a federal holiday, which is possibly the worst timing for me in the history of holidays I’ve experienced), Tuesday (talk to my boss and beg forgiveness day if I have to take some time off Wednesday to drive to Houston), and Wednesday (possibly drive to Houston day).

Where’s that ouzo when you need it.

Edit: While brain-dumping this worthless rant, Homer replied:

On Mon, 2007-05-28 at 00:19 -0500, Homer Montgomery wrote:

What a heck of a government we have, eh?
I am confident that somehow this will work out.
We will ply you with the necessary treatments.