I apparently skipped over a part of the explanation here. The window size is a *per-packet* window. You get a 0 window in this packet, then I should wait for an ACK before continuing, but I should always obey the window the last packet I received. The bug is that Authentium gets nailed into a 1-packet-at-a-time mode the first time it receives a zero window. They’ve admitted that it’s a bug and are fixing it.

But it’s not a blacklist. It’s just a bug. And craigslist could fix it on their end in the meantime if they chose to by modifying their window.

Craigslist’s packets aren’t malformed, they’re just a corner case. Weird corner cases happen on the internet all the time and network admins run around behind the scene to keep things working. In the past that was done by some guy in the NOC at one telco calling his counterpart at a competing telco and saying “Hey Bob, we’ve got a problem here; let’s fix it.” As network operations’ issues have moved out of the NOC and into other parts of the company (PR, Legal, Executives), it’s gotten harder to hold together this system that was originally based on a handful of guys “making it work.”

Calling every bug a conspiracy certainly isn’t going to help foster the atmosphere of mutal cooperation that keeps our networks working.

Notice the line “but for longer than craigslist explicitly requested?” Notice also that there’s nothing in the body of the explanation that supports that conclusion in the summary?

That’s because this is a case of compound failure. Cox supplies a firewall with its cable internet service, and that firewall didn’t work correctly (the release version still doesn’t, there is a beta that does.) The working production version is scheduled for this summer.

So this isn’t really a case of “fixing this for Craigslist,” its just a case of fixing it. For craigslist, whether they’re in violation of the protocol standard is pretty much a judgement call, but what they’re doing is wasteful of resources and just plain bad practice.

The foes of net neutrality are absolutely frantic to blame somebody other than the big cable company even for part of the problem. That’s why the summary includes a fact not in evidence. There is a problem at both ends of the cox-craigslist connection, and they both need to fix it.

And yes, we will be able to at least get a clue about how downstream providers are handling our packets through remote systems that report to us and through places that have multiple internet connections on different providers. Hughes satellite is wonderful for this. You shoot right up at a satellite and come down hundreds of miles away in a totally distant subnetwork.

Some enterprising dude could easily write a simple program to analyze traffic and look for suspicious patterns, just like they do for viruses. It’s not impossible.