Internet In Thailand - A Never Ending Story

[webfact]

I discover strange behavior since last Sunday with the Internet in Thailand.

Connections are lost, web sites load extremely slow, loading is stalled, pages are "not available" on the server,

"wait for....", speed is dropping and more...

It looks to me that an "invisible hand" is surfing in that moment I surf, send or check email.

Due to our several locations I could check with different Internet providers e.g., CSLoxinfo, TOT, True - it's almost the same network behaviour.

Calling my provider I was "of course" assured that this problem "must be my line" because everything which does not work

is blamed at the customers line or computer configuration...

My provider became very silent when I told him I suspect my Internet traffic is scanned. He did not object nor did he agree.

Am I wrong with my suspicion?

Edited July 3, 2008 by webfact

[Guest Reimar]

I deleted your double post.

Reimar, Moderating Team Thaivisa.

[A_Traveller]

There has been some discussion in the press here about this. Some software which was purchased could be configured to run aggressive traffic scanning, though it was supposedly purchased for 'traffic shaping'.

Regards

[Crossy]

There are certainly plenty of rumours (rumors) around that the government have had a cheap / badly configured traffic scanner running for the last month or so (IIRC there was a Bangkok Post article alluding to this too).

We've been having similar problems in the office, slow connections and emails (in and out) that wander into the ether never to be seen again.

[webfact]

I deleted your double post.

Reimar, Moderating Team Thaivisa.

to Reimar: you might want to know I posted only once (clicked once) but the system showed my posting twice!

It's the second time this has occured.

[Guest Reimar]

I deleted your double post.

Reimar, Moderating Team Thaivisa.

to Reimar: you might want to know I posted only once (clicked once) but the system showed my posting twice!

It's the second time this has occured.

No problem with that, but sometimes you didn't feel if you just hit twice the mouse button. It wasn't a complaint, just an info.

Cheers.

[webfact]

Just realized another strange thing. If I switch to my providers proxy server it almost works good.

Can it be providers "force" customers to conmnect through their proxy servers because it is easier to scan?

Edited July 3, 2008 by webfact

[A_Traveller]

The Bangkok Post article was on June 4 This link to a cached version of the article, given Bangkok Post's subscription mode, may be relevant.

Regards

CiteBite Link

[jeffer]

Does anyone really know why internet speeds vary for so many people? So many possibilities and I don't think you can always blame the internet companies or the government. I changed routers the other day, now all the YouTube videos that stuttered previously play smoothly, speedtests indicate my download speed has increased by 5-10%, uploads by 10-15% and the internet is working very well for me even though it was usually never too bad anyway.

Don writes some good articles, doesn't he?

When Things Started To Get Nasty At Paragon

[RonD]

My provider became very silent when I told him I suspect my Internet traffic is scanned.

Am I wrong with my suspicion?

What's your real concerns - Privacy or Internet Speed?

[A_Traveller]

On the router point, I'd advise anyone to change away from the supplied 'free' equipment.

Regards

[webfact]

My provider became very silent when I told him I suspect my Internet traffic is scanned.

Am I wrong with my suspicion?

What's your real concerns - Privacy or Internet Speed?

Both! If someone pays a few thousand baht for a connection and its business depends on a "reliable" internet connection...

which was possible until a few days or weeks ago... I must be concerned! Unfortunately if I change the provider here in TH, the issue will not be solved! You only carry it from A to B. Thats the point!

And to be frank, the privacy matter scares me very much because I have nothing to hide!

Edited July 3, 2008 by webfact

[RonD]

I agree that privacy protection can be of a concern for all us, for a number of reasons (identity theft, protect business/company information and profile tracing, household location protection and many, many other reasons).

You can check out the following sample links for privacy solutions over networks. Some are free.

http://www.flexcrypt.com/flexcryptfree.html - Email protection (Free for up to communication to 3 persons)

http://www.trusttone.com/ - Free (lite version) and paid for email (and web mail) encryption for Microsoft Outlook

http://www.torproject.org/ - "Network scanning" or Traffic Analysis protection... Free

http://anchorfree.com/downloads/hotspot-shield - Public Network protection (Hot Spot Shiled) via VPN creation Free up to 3Gb traffic per 30 days.

http://www.anonymizer.com/consumer/products - Commercial

https://www.flashback.name/ - Another VPN product, fee based (Swedish)

http://www.secway.fr/us/products/simplite_msn/home.php - Encrypt MSN Messenger chats - free

http://x-im.net/download.asp - Instant Messaging Application (encrypted) - free

http://www.sms007.cz/ 0 - SMS encryption - commercial

http://www.kryptext.co.uk/ - SMS encryption - commercial

[Crushdepth]

It looks to me that an "invisible hand" is surfing in that moment I surf, send or check email.

Due to our several locations I could check with different Internet providers e.g., CSLoxinfo, TOT, True - it's almost the same network behaviour.

Calling my provider I was "of course" assured that this problem "must be my line" because everything which does not work

is blamed at the customers line or computer configuration...

My provider became very silent when I told him I suspect my Internet traffic is scanned. He did not object nor did he agree.

Am I wrong with my suspicion?

Never attribute to malice that which is adequately explained by stupidity :-) The internet is slow in Thailand because of a chronic shortage of bandwidth. There is definitely traffic shaping and also a fair bit of incompetence on the part of ISPs (and CAT) when it comes to configuring and maintaining things. Re. scanning, I doubt that your ISP could be bothered (maybe the government could, they certainly have established a convenient bottleneck at CAT).

[nikster]

http://www.torproject.org/ - "Network scanning" or Traffic Analysis protection... Free

I am TOR's biggest fan but have they solved the compromised end node problem now?

It used to work like this: You become a node in the global, encrypted, totally cool TOR network, and your connection exits into the "real" internet via another TOR node which has this enabled - they are your provider. This gets around firewalls like Thailand's... they have no idea who's talking to whom.

But there was a major problem in the design: The end nodes. Helpful government agencies that are interested in such things started setting up TOR end nodes, e.g. in China and in the USA. High capacity ones. So that was a very easy way to listen to all traffic entering and exiting TOR through that node. Whoops.

[nikster]

Never attribute to malice that which is adequately explained by stupidity :-)

LOL I was just going to post that classic Napoleon quote. It's always true

We all know thailand has a "great firewall" set up and in theory could scan your connection. In practice, they can barely keep the internet going, let alone scan anyone.

If you are visiting websites where privacy is a big concern then rent access via one of the VPN providers, then you connections out of Thailand and to the VPN are encrypted and no one knows where you were or what you did. Except the VPN provider but those won't give out your info unless there's a court order.

If you are concerned about your banking data or email, make sure to only access these things via https rather than http, then no one can listen either. Normal websites are set up that way anyway, and for your email it takes just a tiny bit of effort.

[JetsetBkk]

...Don writes some good articles, doesn't he?

When Things Started To Get Nasty At Paragon

What a great article! Thanks for the link - best read I've had in months.

[Greenside]

Help! Today slowest ever (other than no service) dowloading something at 0.8, most sites won't even finish loading a page. Yahoo Mail not available.

[RonD]

I am TOR's biggest fan but have they solved the compromised end node problem now?

Hey Nikster - I don't think this has been resolved as yet, but what you mention does high-light different aspects of security online. TOR is good for Anonymity purposes (with configurations required), but not for Encryption (it's only encrypted within the TOR network), so any unencrypted traffic (not going via SSL for instance) can still be read "clear-text" via the exit nodes.

[niller74]

I have DSL from 3 different providers (TOT, TT&T and CAT) feeding into a load ballancing router. What appear to be happening as of lately is directly related to the incompetence of CATs traffic shaping or lack thereof.

Many of you have notised extremely slow loading of webpages, where email services, VoIP, MSN and others are running smoothly.

You may claim that it could be cause 'they' would like to monitor our traffic. If that is the case they have at least started by monitoring the easiest of all traffic (http port 80). Sometimes this is also related to DNS, which is why I would recommend using opendns.com

I have done a few tests where I use my own proxy outside Thailand and it seems to give a much faster connection and ofcourse more secure

A few months ago I was fortunately enough to be invited (read. I just walked up the stairs) to see the CAT control center for northern Thailand in Chiangmai. Their HUGE concrete fortress isn't exactly a place where you feel welcome, but after several unsuccesful attempts to get to talk with someone with just a little technical knowledge, I took matters in my own hand. As I walked in the door on one of the top floors, I was shocked over hardware these people had to work with. I have spent 15+ years in the business and can defenately tell good from bad hardware.

Then I turn around only to see 3 young Thais (sys admins) sit behind each their desk playing with Windows on each their notebook. I asked them a couple of simple questions like if they could do a 'traceroute' to a server outside Thailand. They had no idea what I was talking about and started a bandwidth tester to a CAT server in Bangkok, which ofcourse showed a good connection. If that is the average skill level of a technician, even the best equipment wouldn't ever make up for that.

Needless to say I left the place a few minutes later never expecting to ever get a reliable connection in Thailand as long as CAT is running the show.

I have only had very little communication with TOT and TT&T, but I strongly doubt the level of expertise is any higher.

As a final note it furiate me how they charge more for a world-wide internet connection. Are these people so stupid they think the internet is only in Thailand or are they just trying to squeeze a few more baht out of everyone? They fail to see the point that on the internet its supposed to be transparrent where the information you are looking at is placed.

[surface]

One could wonder if a CCIE has ever been employed by any of the major ISP's. I'm inclined to say no. The way things look now, it appears they need to reboot the Win98 computer running ICS off their international backbone.

[klikster]

The Bangkok Post article was on June 4 This link to a cached version of the article, given Bangkok Post's subscription mode, may be relevant.

Regards

CiteBite Link

Thanks for that link.

[stumonster]

how many people are running AVG antivirus software on their computers ?

this is a lot of extra traffic and could cause a noticeable slowdown on your connection.

In late February, AVG paired its updated anti-virus engine with a real-time malware scanner that vets search engine results before you click on them. If you search Google, for instance, this LinkScanner automatically visits each address that turns up on Google's results page.

http://www.theregister.co.uk/2008/06/26/av...traffic_as_ie6/

[Crushdepth]

I have done a few tests where I use my own proxy outside Thailand and it seems to give a much faster connection and ofcourse more secure wink.gif

I've noticed this as well - if things get desperate sometimes I will try connecting via a proxy in Australia (links to Australia from Thailand are generally fairly good). Quite often this will give me a significant boost in international bandwidth.

Sigh...

[RonD]

how many people are running AVG antivirus software on their computers ?

this is a lot of extra traffic and could cause a noticeable slowdown on your connection.

Yes - I'd disable the AVG add-on in Firefox or IE itself - or better is to install it with the option not to use the LinkScanner, which is the culprit in this case. You can do this by supplying the following parameters during the installation (command line referencing the set up file): [path to AVGSetup file] \REMOVE_FEATURE fea_AVG_SafeSurf /REMOVE_FEATURE fea_AVG_SafeSearch

If it still doesn't work, there's other alternatives. Forget AVG and go for Avast instead for instance.

[nikster]

...Don writes some good articles, doesn't he?

When Things Started To Get Nasty At Paragon

What a great article! Thanks for the link - best read I've had in months.

LOL, this is fantastic.

The guard hid his face from the camera and tried to radio for backup. Only he could not call for backup as his red (consumer-grade, analogue) Motorola walkie-talkie could not reach his dispatch centre. So, I was in the rather comical situation of being "escorted" around Paragon by a security guard shielding his face as he searched for an area where his radio could get through to base to call for support.

TIT :D

The rest of the article is more serious, and, yes, truly great, thanks for the link!

Edited July 5, 2008 by nikster