BitThief Downloads Torrents Without Uploading
Written by Ernesto on January 04, 2007BitThief is a BitTorrent client developed by the Computer Engineering and Networks Laboratory in Zurich that manages to download torrents without uploading. Overall the downloads rates are a bit slower than with other clients, but on well-seeded torrents the performance of BitThief is comparable to any other client.
BitThief is based on the mainline client and Azureus, and is written in Java. The client uses some simple alterations that make it possible to download torrents without uploading. It constantly pretends to be a newly arrived peer that doesn’t have anything to offer itself.
Additionally, the client re-announces itself many times during the start of the download, and it ignores the 30 minute announce interval. The goal is to establish as much connections with other peers as possible. BitThief then exploits other peers, and opens up a lot of simultaneous connections, 500, compared to 80 on default by the mainline client. One of the downfalls of this aggressive approach is that it will instantly crash a lot of routers. It took less than 4 seconds before my router gave up when I attempted to download a popular Ubuntu release.
BitThief is an extremely aggressive client that disobeys all BitTorrent rules. Other clients generally look for the rarest piece that’s available among the peers in the swarm, this ensures that the swarm stays healthy. BitThief doesn’t, it just takes every bit it can get.
The developers tested the effectiveness of BitThief by downloading seven ‘real life’ torrents from mininova. According to their data, BitThief outperformed the mainline client in 3 out of the 7 test, 2 times it was slightly slower, and in the other 2 tests it took almost 4 times longer to download the torrent with BitThief. The developers conclude in their research report that swarms with a lot of peers and a high percentage of seeders give the best results for BitThief. They further report that the client didn’t get banned by any tracker while running these tests.
The “selfish” BitTorrent client, BitTyrant suddenly looks very social compared to BitThief. It is remarkable what people can get away with in the name of science. Of course, it is needless to say that this client will seriously hurt the performance of BitTorrent transfers, and I seriously hope that it will be banned and blocked wherever possible.
Previously: BitTyrant: The “Selfish” BitTorrent Client
Next: A Simple Way to Remotely Download Torrents on the Mac
26 Responses
Thanks for the heads up. :(
This is more than a treacherous leecher tool. I am afraid it could give anti-p2p groups ideas on how to destabilize swarms, and a ready to use tool to do it.
How long before people get frustrated of seeding and see users of this kid of client suck their precious upload bandwidth(most home users have very low uploads compared to DL speeds). Ultimately, people will get annoyed and reduce their seeding all together.
This is crap. :(
[quote comment="36345"]Thanks for the heads up. :(
This is crap. :([/quote]
It is, but it’s out there.
I’m sure it will be banned from most trackers soon enough.
So we can expect BitTyrant and BitThief to be banned by trackers then?
Nice Article.
Best watch out tho Cos the Slycks might steal this also
> The developers conclude in their research report that swarms with a lot of peers and a high percentage of seeders give the best results for BitThief.
That’s hardly news… everyone knows that, it’s a simple fact because there’s lots of spare bandwidth on a swarm where the # of seeds is greater then the number of peers. And since seeds can’t do tit-for-tat you can freeride them.
BitThief will horribly fail on a torrent w/o (many) seeds, because in that case all it can do is leeching of optimistic unchokes…
You mentioned as supported sytsem OS X, but I find only instructions for the use in Linux and Windows.
I find it kind of interesting that both clients are the results of “academic” studies, which could have (and should have) been performed without actually releasing the clients to the public. Guess my expectations are too high.
Anyway, about banning this stupid client; it *cannot* be banned like most others, as it identifies itself as Mainline 4.4.0 (which is a nasty trick in and of itself), so a simple peer_id ban will not suffice. However, if tracker operators do wish to ban it, they will have to examine either the Accept: header or Connection: header, which looks like this when BitThief is running:
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Connection: keep-alive
The mainline client does not transmit the Accept: header, and it lists the Connection: header as “close” instead.
It may also be possible to ban the client based on its un-parsed peer_id field, as BitThief transmits every character of the 20 byte peer_id URLencoded, so it looks like this:
%4d%34%2d%34%2d%30%2d%2d%31%36%34%64%32%65%34%61%30%66%62%61
Whereas Mainline looks like this:
M4-4-0–55949dd2a9cb
Hope this helps some tracker admins out there.
That was a great post, Anonymous,
Indeed it’s puzzling that a research institution would release something like this in the wild - they could have done testing, even larger scale testing, without making it public.
Thanks for the info on the connection information, Hope people will be able to use it to ban this client.
Screwed stupid associal leecher tool (BitThief).
What do they think their Download comes from? Not from servers they would pay, that’s for sure. No, they join a system of taking and giving, and just don’t give, which is unacceptable. If they don’t give, look elsewhere to get downstream.
It’s amazing how you can write a paper about ‘Free Riding in BitTorrent is Cheap’. Of course, if you just let others pay, it’s cheap. Which finding.
All they write which is positive is to avoid the Uploading others still need to do. Do they think it’s so funny for me to seed? I don’t mind Uploading to newbies with poor ratios, but I mind helping such tards with their handicapped plans. They also see the leeching as a way to kill filesharing, to help copyright companies. Hooray!
I don’t see why they wouldn’t make it public just because they’re academics. Someone could easily develop their own client based on their research.
Which would you rather be able to claim when it matters: a) we did some research on selfishness in the bittorrent protocol or b) we did some research on the bittorrent protocol, including the development of a client which quickly gained some popularity amongst a subset of bittorrent users, was reported in xxxx places included articles in xxxx and xxxx, the effects of which was a discussion of the robustness of the bittorrent protocol and the development of method to prevent selfish users. or something that could possibly go along those lines.
full disclosure and all.
Wouldn’t it be possible to greatly slow BitThief by designing clients / trackers to refuse to allow the same IP address to repeatedly re-announce itself as a “new client” within a time interval (eg 60 minutes)? Therefore a BitThief client downloads a packet, disconnects, attempts to re-connect as a “new client” and is denied connection. Maybe set this to allow one or two re-connections to allow for someone who accidentally canceled their download and is attempting to re-start, or whose ISP hiccupped.
That means that the BitThief client would only be able to download one packet per hour from each seed/peer, and if the IP address of BitThief clients detected in this manner was noted by the tracker, they could be banned for say 12 hours (remember many home users are on DHCP, so their IP address changes sometimes, a permanent ban is not good).
Just a starting point for discussion.
Sooner or later someone would have written such a client. The BitThief people made it public and “blam!” the torrentfreaks are thinking about ways to prevent such clients from flooding the network. Like “blah” said, full disclosure.
It’s academic research, so it should be public so everyone can profit from it. And by “profit”, I don’t mean that you should use it to download stuff, I mean that it should be used to harden the bittorrent protocol and servers.
Good post by anonymous.
I wonder why it is that bittyrant is getting most of the bad rap ?
bitthief is a leeching cheat that exploits and ignores the protocol to the max .
They even write in their paper that this clients concept could be used by
anti-p2p groups to destroy swarms . I think it’s good that they publish it, that allows
the right people to do something about it ..
Seems to me we’re all missing the point and we’ve not really understood the rationale behind BithThief’s creation in the first place. I’ll admit as first I was one of those. I actually thought this was tied up to the RIAA/MPAA at one point
The BitThief creators, I believe, are actually trying their damndest (WITHOUT being nefarious) to point out an inherent weakness/set of weaknesses in the underlying protocol.
They’re arguing that the underlying protocol needs to be modified so that what BitThief in particular does is NEVER allowed to happen.
Believe me I think these guys are definetly Pro-BT and they’re using science to promote it. They’re on OUR SIDE guys.
Spingle spandle very very wrangle. Fish wipes waddle and renoogle. Crendangle Fredoogle Skranoogle what time I getting my bum lickeroonioed.
I have to use this sort of upload blocking. I have already been contacted by my ISP about seeding torrents. Their policy is that the next time a torrent goes out from my comp my service gets shut off. It sux here in the US because of this crap. Damn Comcast.
How do I actually instal this? I extracted the rar but now what? There is no exe!
So, BitThief is made by peeps in Zurich.. Hmmm. Ya know, that’s where Rapidshare has all it’s servers too. Hmmm.. Conspiracy?
I guess there is no honor among thieves after all. It’s funny to hear pirates complain about what they are guilty of. The very same justifications for doing what they do can also be used by BitThief users too. Don’t be a hypocrite, keep on stealing what you can and be happy. I know it hurts to be cheated, but how do you think the media industry feels? Most pirates need to climb down from their high horse and accept the reality of this and deal with it, just like the media industries do. Evolve or die, remember? Thank BitThief for forcing BitTorrents to evolve. We want anonymous, fair, and secure BitTorrents for ALL.
First of all, bitthief is wrong. But I think it should be not difficult to a small group of leechers to change the code of their clients to leech faster without upload, as BitThief shows (and happened before with leech eMule clients). What’s the point in banning named clients if everyone could change a Vuze client to steal bandwith? The change should be at protocol level (IMHO).
The phrase “Theres no honor among theives” comes to mind.
I am pretty sure that the only reason bitthief even exists is to show the weakness in the Bittorrent protocol. I think we all should be greatefull and anyone who makes a true client, manages a tracker, or works on the protocol should look at bitthief and find a way to fix all the explites they use as well and some of the privacy flaws, I honestly don’t want everyone else who downloaded hacking manuals to know my IP address, even though I have a dynamic address and know how to instantly change it
hryuui\
For post no. 18:
see
http://dcg.ethz.ch/projects/bitthief/documentation.php
(there is no RAR archive, by the way)
Here are 2 ways to stop BitThief from spying on you:
http://limboinmetropolis.blogspot.com/2008/07/bitthief-how-low-can-we-go.html
5 references to this post
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.