June 20th, 2006
Craigslist scare story gets even stranger
[Update: Now we have US Senator Wyden propagating the lie that this was a Cox conspiracy to block Craigslist because they have their own classified service. The following blog proves that this was never the case and the original myth was retracted]
In my last blog about the lies being spread about Cox and Authentium, I showed how the Net neutrality lobbyists are lying about the situation to push their agenda even though they've been proven they were wrong. Their rallying cry has been that Cox blocks Craigslist and this is what you get without their brand of Net neutrality and their key reference point is Tom Foremski's original blog that made the following claim:
Back on February 23rd Authentium acknowledged that their software is blocking Craigslist but it still hasn't fixed the problem, more than three months later. That's a heck of long time to delete some text from their blacklist.
This statement that blamed this on a Cox/Authentium blacklist had turned in to the battle cry for the Net neutrality gang demanding a stop to all tiered pricing structures though they sell it as a case of your first amendment. It turns out that Tom Foremski's original blog that blamed this on Cox and Authentium's inability to change some text on a blacklist was indeed false. Foremski now states "I assumed there was a blacklist - I have no idea how Craigslist is being blocked".
To make the case even more strange, Craigslist founder Craig Newmark decided to weigh in and say I "have it wrong" though he offered no specifics on what he believes I have wrong. Newmark simply put up his own blog on this issue where he continued to pass the buck and took no responsibility on his part. But the truth is that Craigslist is equally at fault and could have fixed the issue themselves long ago if they were simply following the RFCs for TCP/IP. Many people have verified this to be the case and I took the time to verify it myself. Here is a screenshot of an Ethernet capture when I tried to surf craigslist.org.
Note the dark highlighted portion that reads "Window size: 0". That literally means "don't talk to me now I'm busy" in TCP/IP. That is the equivalent of putting up an "out to lunch" sign on the front door of a store.
Cox communications never blocked anything on the network so this was never a "Net neutrality" issue to begin with since the blocking is being done on a piece of software that users downloaded. That software is Authentium's personal firewall which Cox offers to its customers for self protection. Authentium's software fails in the sense that it never bothered to check back to see if the store was really open and simply took the "Window size: 0" literally and never checked back.
So whose fault is this? It is a fault on both Craigslist and Authentium where a bug in Craigslist servers triggered a bug in Authentium and the problem could be fixed on either end. Fixing the problem on Craigslist servers would immediately fix the problem for every single Authentium user which could be in the hundreds of thousands or more. Fixing the Authentium personal firewall won't do anything until a massive notification and deployment effort with Cox customers (and other Authentium users). Such a large scale deployment will take time and there is no guarantee that everyone will install an updated firewall or even bother reading the notification.
Craig Newmark could have corrected the problem for everyone globally on his own servers months ago yet he asks Cox and Authentium "why did it take so long". But it seems to me that Authentium at least took ownership of the problem months ago and does have an actual fix that they've scheduled to release. Craig Newmark on the other hand seems to have taken this to mean "see it's their fault and they admitted it" and refuses to even acknowledge what the blogsphere is saying about his responsibilities with his own servers. So my question for Mr. Newmark is this: Why didn't you fix this on your end months ago?
George Ou is Technical Director of ZDNet. See his full profile and disclosure of his industry affiliations.
| 06/20/06
