Study Shows: P2P Filters Can Be Easily Circumvented

Hollywood has been stepping up its demands for ISP-based P2P filters in recent weeks, with the MPAA suggesting that such filters would help unclog the Internet’s tubes. But how well do P2P-filtering appliances really work? The French music industry association SNEP recently teamed up with Internet Evolution to find out. The idea was to run an extensive test with products from dozens of vendors and publish the results online so that ISPs could make informed decisions.

Well that was the idea. Most of the device manufactures balked at this degree this transparency — 28 vendors were invited to take part in the six-month test; 24 of them declined. And three of the remaining five decided that they didn’t agree with the test results and refused to have them published. So what’s the filtering industry so scared of? Maybe it’s the fact that its products just don’t work that well.

In the end, only U.S.-based Arbor Networks and Germany’s Ipoque agreed with the publication of their appliance’s test results. Unsurprisingly, the two companies declared the test results a complete success. The data show why: Both appliances were able to detect and regulate BitTorrent as well as other common P2P protocols in real time, with detection rates for unencrypted traffic as high as 97 percent.

There’s still hope for pirates and P2P startups, though: Both vendors’ devices showed much weaker results with encrypted P2P traffic. The Arbor appliance wasn’t able to detect BitTorrent traffic with strong RC4 encryption at all, and Ipoque was only able to get it right in about 50 percent of all cases of encrypted BitTorrent traffic.

And neither candidate was able to detect any encrypted Emule traffic. This is particularly embarrassing for Ipoque, because the company’s own data shows that Emule accounts for almost a third of all P2P traffic in Ipoque’s home country of Germany.

Devices like the ones tested for the Internet Evolution study are increasingly used by ISPs for Comcast-style P2P-throttling. P2P vendors have described these efforts as a cat-and-mouse game that forces them to constantly tweak their clients in order to avoid detection and interference. It looks like the mice are winning, at least for now — why else, when asked, would the majority of companies shy away from a test that could potentially uncover their products’ weaknesses?