Sorry, optimists. If the net neutrality law working its way through Washington ends up getting approved, that doesn't necessarily mean that ISPs will stop traffic-shaping on their networks. Even the government realizes that; the FCC chairman created the "Open Internet Challenge" earlier this year with the sole purpose of creating apps that detect naughty neutrality-hating ISPs red-handed. That competition's been a bust, but researcher Dan Kaminsky's announced a free new app at the Black Hat conference in Vegas that promises to dothe same thing. He calls it N00ter, and that makes us smile.
The software can determine when an ISP artificially alters traffic speed to a website,
. How's it work? We're glad you asked. Nooter acts like a proxy VPN. When you connect to a website, N00ter can spoof the incoming data to look like it's coming from another website entirely. You can then turn off N00ter, then connect to the same site and measure its download time. If there's a mismatch, the ISP is shaping traffic to one of the websites.
In other words, you connect to Google, but N00ter tells the ISP you're getting data from Bing, instead. The Google data that the ISP thinks is Bing data is downloaded and timed. You then connect to Google normally, with N00ter turned off, and time how long it takes to download the page. The exact same data is downloaded from the exact same server both times – only the first time around, your ISP thinks you're connecting to Bing. That's the key to N00ter, and to detecting traffic shaping.
“All the other sources of change disappear and we’re left with the one cause, the ISP,” Kaminsky said.
And in case nefarious ISPs try to get tricky and work around Nooter by filtering upstream traffic only, Kaminsky's throwing together a N00ter companion program – the awesomely named Roto-N00ter – which spoofs traffic headed upstream to websites, rather than the data coming in from them.
Kaminsky plans on releasing N00ter for free within a couple of weeks.