Switzerland Network Testing Tool

Is your ISP interfering with your BitTorrent connections? Cutting off your VOIP calls? Undermining the principles of network neutrality? In order to answer those questions, concerned Internet users need tools to test their Internet connections and gather evidence about ISP interference practices. After all, if it weren't for the testing efforts of Rob Topolski, the Associated Press, and EFF, Comcast would still be stone-walling about their now-infamous BitTorrent blocking efforts.

Developed by the Electronic Frontier Foundation, Switzerland is an open source software tool for testing the integrity of data communications over networks, ISPs and firewalls. It will spot IP packets which are forged or modified between clients, inform you, and give you copies of the modified packets.

You can download the latest release of Switzerland here. Before you run Switzerland, be sure to check out the notes about privacy, security, and firewalls. Switzerland is currently in alpha release as a command line tool. In other words, right now it is aimed at relatively sophisticated users. However, because it's an open source effort, we anticipate making it easier to use over time (please please please let us know by email, by IRC, or by filing bugsif you're running the client but it isn't working for you — we've seen some clients reconnecting in cycles that makes us think there's a bug we should fix!).

Switzerland is designed to detect the modification or injection of packets of data traveling over IP networks, including those introduced by anti-P2P tools from Sandvine (widely believed to be used by Comcast to interfere with BitTorrent uploads) and AudibleMagic, advertising injection systems like FairEagle, censorship systems like the Great Firewall of China, and other systems that we don't know about yet.

The software uses a semi-P2P, server-and-many-clients architecture. Whenever the clients send packets to each other, the server will attempt to determine if any of them were dropped, forged, or modified (if you're interested in how it does that, you can read the design document here — we'll try to continually revise that document so that it accurately describes the code, though inevitably it may lag a little behind). Switzerland is a much more sophisticated successor to the pcapdiff software that we released last year. It automates many of the things that had to be done by hand with the earlier code.

One advantage this architecture has over other network testing toolsis that it can spot arbitrary kinds of packet modifications in any protocol — it doesn't assume that the interference comes in the form of TCP reset packets or web page modifications, and it isn't limited to BitTorrent or any other specific application. In the future we expect it to offer a good platform for collecting statistics on bandwidth, bidirectional latency, jitter and other traffic performance characteristics that might be signs of prioritization of some applications over others.

How do I run tests with Switzerland?

There are a few different ways to run tests with Switzerland. Any packets exchanged between Switzerland clients connected to the same server will be tested automatically. The question is, how do you find other clients and talk to them using the protocols you want to test? For now, the easiest way to set up tests is to co-ordinate them through this wiki page.

If you want to test whether BitTorrent downloads are working correctly, go to that page and find some torrents that others are seeding from test machines. If you want to test if your ISP is interfering with BitTorrent seeding, you can post a link to a torrent file on the wiki, seed that torrent while running a Switzerland client and other people can find it on the wiki and try to download it while running a Switzerland client.

Another way is to run clients on two different computers, and then make the machines talk to each other using whatever protocol you'd like to test. That's fine if you have administrator accounts on two suitable machines for running the test, and are comfortable running the right clients and servers on them. If you're a developer working on an application (say a P2P or IP telephony app) that might be a target for interference, you could automate one of the above methodologies.

Development

Switzerland is free/open source software licensed under the GPL. We'd love for members of the community to improve it! Switzerland development is currently hosted by Sourceforge, and you can check out a development release using subversion (running svn co https://switzerland.svn.sourceforge.net/svnroot/switzerland/ will get you the whole development tree). You can join the project's development mailing list here (if we're around, you can also ask questions on IRC — #switzerland on the OFTC IRC network, irc.oftc.net:6667 ).

Related Issues

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Celebrate the 4th by giving to EFF! We're fighting to stop mass surveillance in the US and worldwide. https://eff.org/EFF25

Jul 4 @ 5:36pm

A deep dive into XKEYSCORE, one of the NSA's creepiest spying tools: https://eff.org/r.c6hp

Jul 3 @ 3:12pm

Come to EFF HQ on July 8 for a book talk with author of "Geek Heresy: Rescuing Social Change from the Cult of Tech" https://eff.org/r.i3fv

Jul 2 @ 4:57pm
JavaScript license information