How a BitTorrent Tracker Owner Hides from the MPAA/RIAA
Written by enigmax on February 06, 2008Apart from The Pirate Bay guys, most tracker administrators are acutely aware of the risks they expose themselves to, and do everything they can to hide in the shadows. We speak to a tracker owner to find out the kind of measures these guys take in order to protect their identities.
In most countries around the world, the legality of running a tracker is still uncertain, in that definitive court decisions have not been made. Even in the US, the last two big trackers to be shut down , LokiTorrent and EliteTorrents , weren’t shut down by a court, but thanks to the mainstream media, public perception is that these sites are operating illegally. The lawyers of the MPAA, RIAA and IFPI maintain they’re illegal so that’s often enough to cost an admin , if his identity is compromised , lots and lots of worry, and probably money too, regardless of his status under the law. It seems that being an admin these days is more about keeping an identity secret rather than acting within the law, as more often than not, old fashioned threats take down torrent sites, not legal action.
TorrentFreak spoke to the admin of a BitTorrent tracker to find out how he stays safe, not sorry.
Introduction
“I’m fairly paranoid and I find that’s a good start point” he told us. “I’m probably overly cautious, but if that’s what it takes for me to sleep right, that’s cool. I’m nothing special and not a huge target but I don’t leave much to chance, even though I don’t have much to worry about compared to the really big boys. I don’t claim to be an expert on security, I’m self taught only, but I’m happy to share my precautions with you (and happy to hear from others on where I need to improve!). I know of admins who run their trackers from their parents residential ISP account with little extra care at all, so any protection is better than nothing!”
Below, our admin gives a breakdown of some of the measures he takes to stay safe. Although an experienced security aware user might spot some holes in this series of measures, it’s interesting to see the lengths to which people will go to protect themselves when seemingly, others take few precautions. This article is entirely consistent with the admin’s message, but at his insistence, it has been re-written by TorrentFreak:
Identity is Everything , If you never tell anyone, no-one will ever know
If the authorities/MPAA/RIAA don’t know who I am or where I live, they can’t threaten me. When I’m working on the site I use either an encrypted connection via an Internet connection available in these premises (my name isn’t on the bill, adding another layer of confusion), or a secure VPN over a local open wireless network. For me, hiding my activities from any ISP accounts even remotely linked to me is important, as I don’t want any ISP to be able corroborate anything specific about what I do. If approached by a 3rd party for information (with a request like “can you confirm that such-and-such connected here at XX:XX time”, for example), they know little or nothing about what I’m doing, throwing any gathered evidence into doubt.
I think the recent OiNK bust was quite a wake up call. I for one was laboring under the misconception that copyright issues are mainly civil and I really only thought through evading civil actions. Once the police get involved, they can find out pretty much anything about you from anyone. Thanks to what we learned about the OiNK bust, my improved security measures should save me from the police too, in the small chance they are interested in a relatively small fish like me.
Registering a Domain
The WHOIS for the site’s main domain is protected, for that added layer of annoyance, although even this isn’t foolproof. Our main domain name isn’t owned by anyone who has anything to do with the site, so it’s pointless threatening that person, even if they find out who it is. It might not stop them making threats so just in case the domain owner complies, other domain names point to our server too and every user is aware of these. None of the domains are owned by me.
Paying for Stuff Online
When we need to pay for something we use disposable credit cards, and the same via PayPal. We also have a few other PayPal accounts scattered around which we run unverified, then dump when PayPal start asking questions. ‘We’ is a term I (we!) get into the habit of using often, it’s less focused than ‘I’.
Using Email
Use a few varied accounts and try not to ‘cross contaminate’ them by doing *any* personal stuff on them at all , site business *ONLY*! If your email address typed into Google returns results other than to do with the site, you are taking risks. Ideally a search would produce nothing at all. In addition, I always hide my IP when I pick up or send email.
Security When Using Other Sites
They’re not, but I act as if all file-sharing forums are insecure. I work on the basis that someone on the staff could be a security risk so I make a policy of never discussing site business on other sites, unless I’m asking general questions. I’d certainly never say “I’m the admin of etc-torrents, hi!” on an open forum and wherever possible I use other aliases.
Find a good host you can trust who doesn’t ask for much verification of identity
Our site has had a few hosts since it began a few short years ago. The first was a friend of a friend of a friend who accepted us with no formal contract or ‘paperwork’, paid from any old PayPal account. For a while we just got users to donate directly to the host which meant I didn’t need to get involved at all. The second and third hosts were people who had established (anonymous) reseller accounts with big ISPs. As long as they got their money, they didn’t ask any awkward questions like: ‘What’s your name and address and credit card number?’ I communicate with any host using disposable email addresses (or something like Hushmail) combined with some sort of anonymizing system previously mentioned. I guess even more precautions could be taken, but time is time and we all have to do some productive work in the end!
Server Location
I would never choose a host in my own country and I’d never put a server in a country where my worst anti-piracy enemy is located, the legal wheels turn too easily. But if the wheels do turn really easily and your host hands over your personal details, you will have been clever enough to make sure that they never had the correct information in the first place. Pay your host on time and be a good customer, you need him onside.
Online Identity
Ok, so I may be a proud super admin (j/k!) but I’m not too keen to spread my nick around carelessly or needlessly. I try to resist the ego trip, even though it can be fun using your ‘power’ to get stuff you wouldn’t normally have access to! Remember, even online nicknames can be a source of identification over time. In my opinion, any admin who features himself on Facebook or MySpace in a way that could be linked back to his torrent activities, really needs a psychiatric evaluation. But I know of a couple who do and so far, they’ve survived. Maybe I’m crazy, and they’re all sane. It’s possible!
Security on the Site, Choosing and Dealing with Staff
Any logging on the server or control panel info excludes staff members details, so a rogue moderator with a grudge can’t get any useful information, should someone try to make it worth their while to provide it. No-one on the site knows anything really useful about me, even within my own team. None of us have ever met in real-life, but I make it my business to learn as much about them as possible, just in case. The very closest people to me on the site know my first name, I guess that’s ok?
Wrong!
I never let anyone know anything important about me, no matter how small. Small clues can easily add up to answers when put together like a jigsaw. Let people think they know your real name if you like, it’s functional and no-one really gets hurt. For the survival of the site I believe it’s acceptable for me to lie about my country of origin, my age, marital status and even my sex, but beware, pretending to be a girl will get you LOTS of attention! Look after the small things and everything else looks after itself.
It’s also a good move to encourage my staff to be security conscious too but I don’t force my regime onto them. I find that when choosing staff it’s best to never let people with inflated egos get close to you – they tend to have big mouths too. They generate tension and trouble and YOU will become a target with their boasting and trigger happy attitude. I like quiet, considered staff because i’m paranoid!.. but this style doesn’t suit everyone.
Try making other forum accounts and act like a normal user on them. You’d be surprised at what people will tell you about your own site that you didn’t already know when they think they aren’t talking to anyone important.
Site Donations
Anonymous PayPal accounts (or in a 3rd party’s name) are completely desirable. Although I suggest a level of transparency in showing users how much money in donations are received, making these records public provides a level of evidence of financial income to the site and you just know that this would be used against you at some point, should the shit hit the fan. If you know and trust your host, why not let users donate directly to him?
Don’t Break the Law!
Running a tracker is a gray area in most country’s laws but I try to stick to some basic guidelines to not show blatant disregard for things that are surely illegal in most places. Under no circumstances would I seed any copyright works on my own tracker. I saw an admin recently who had uploaded 4tb of warez and was showing off his stats for all to see. Why take the risk?
If you get a DMCA type takedown request, take the torrent down! The Pirate Bay guys are going crazy at me now I guess (they’re entitled to hold their own style of course!) but I see no point in doing anything unnecessary to annoy copyright holders, especially us small guys who don’t have many resources.
Do unto others as you’d have done to you!
Try and make good contacts at other torrent sites as they can be a valuable source of information. Try to stay out of conflict with others and be known as a problem solver, not a problem maker. A good reputation is a must to maintain admin karma ;) No-one wants online enemies, especially in huge numbers! People with a grudge and keyboard can really fuck you up. Don’t badmouth people to others unnecessarily , you have no idea who they know, who they might tell and what it could lead to.
A few basic tips to hopefully keep the right side of the law
1. If you can’t be identified, they can’t do anything against you personally.
2. Always respond to proper takedown requests. Be courteous, don’t make enemies.
3. Never seed anything yourself and don’t operate a seedbox. If others operate them on your tracker, that’s up to them.
4. Don’t run any kind of pay-to-download service unless you like police attention.
5. See 1
Final Thoughts About Being Anonymous
Being as anonymous as I can is a must for me and it helps me feel safe. It’s probably already past a healthy stage and it does have drawbacks. A few of my staff I love, I really do, they’re great guys but I can never let them know my true identity, which is sad for me because maybe we could become more to each other than just text on a screen. If I thought even one person knew who I was, my confidence in security would fall dramatically.
Being anonymous can be a quite lonely experience as you struggle to keep the very things that make you an individual, private, while constantly having to view people that probably don’t deserve it, with suspicion. But in the end you gotta keep the torrents going, so it’s all good.
Previously: Pirated by iTunes, Artist Turns to BitTorrent
Next: The Pirate Bay Interrogations
118 Responses
Damn these guys do this without getting paid. A big great THANKS to them.
OH yeah FIRST
whoa, over the top much
Some good advice there.
For some reason, the damned button told me I was posting too quickly even though I only clicked it once.
Can’t remember entiely what I said but in case it doesn’t post I think it was something along the lines of keeping your personal details private is good advice for using the Internet in general. Not just for tracker admins.
This reminds me off the pirate radio days!!
Thanks dude, really helpful information for me, as I may be like you one day ;)
Hey Cool,
You honestly believe they do it without getting paid?
All you freeloaders are just a bunch of cheap, greedy, selfish and ignorant people who want to enjoy artists work without giving anything in return.
Those prepaid disposable cards can still be traced, sorry. Remember when you signed up? You had to provide ID.
[quote comment="282838"]whoa, over the top much[/quote]
There’s no such thing as too much paranoia while online and security starts with anonymity. 10 or 15 years ago the internet was just a big game. These days with online banking, eBay/PayPal, online shopping etc.. it’s more serious and less fun than it used to be. Everything we type or say or do while online is logged by somebody, somewhere. For the first time in our history we are truly immortal. What we do, who we talk to and where we go can be tracked. If nothing else, that should bother you.
*Opinion mode off. Insert 2c to continue…*
“If you know and trust your host, why not let users donate directly to him?”
Umm… Because most sites use more than one host and have several servers around the world. Do you even run a tracker? If so, for how many people!??! 10? What about seedboxes for speeds? At lot of this article makes me think this is just some moderator who doesn’t really know what he’s talking about but wants to pretend to be one of the big boys.
[quote comment="282881"]Those prepaid disposable cards can still be traced, sorry. Remember when you signed up? You had to provide ID.[/quote]
No. you can go to any store like Rite Aid and even most gas stations and buy cards with no id
this is the coolest article i’ve read on torrentfreak for a long time. a real insight into the world of torrent admin. perhaps people won’t be so quick to jump down their throats when there’s something that slightly narks them about their site.
x
[quote comment="282862"]Thanks dude, really helpful information for me, as I may be like you one day ;)[/quote]
ok candor, ill remember your nick :P
I have no idea who you are or what site you run, but well done. Mad props to you.
I think a few key points were left out or ignored.
Firstly, get to know the piracy laws in your country, and the country you host your tracker in, VERY well, as you might just need that info later in life.
If willing, contact the legal team at EFF or one of the various ‘pirate’ friendly lawyers out there. Having a lawyer that can actually explain to you the laws is key.
Your lawyer can NEVER tell you how to break the law, or how to get away with it, but they CAN tell you how to stay within the law, and keep your risk factors low.
They also ingored the site / tracker code. You MUST be able to read that code line by line and understand it, or make the entire code from scratch. If you merely grabbed the torrentbits code or something similar, and have no ability to actually decifer the code, you leave yourself open for back door accounts and hackable holes.
If coding and scripting is beyond your ability, get one of your most trusted members, maybe a few of them, to examine the code for flaws and such.
I’d also throw in there that having your site linked on other large torrent sites is good for visitor stats and seeds, but you really don’t want a link from a huge torrent site to you, as that torrent site is probably being watched, and you are now affiliated with them.
[quote comment="282849"]This reminds me off the pirate radio days!![/quote]
mmm
microwave link boxes and an lnb.. ;)
That guy is paranoid, but in the stormy weather nowadays that seems to be a good thing. Respect to him!
And to his last remark about being lonely, I might want to say this: Having an off-internet social network is great for that problem. I experienced that kind of lonelyness too (I only knew people through my RJ45-cable), but since I went to study it really improved.
And again, people who have the courage nowadays to run a torrent-tracker are definitly on my respect-list!
~Fransw
Going through so much faff to hide you’re identity is tantamount to an admission of guilt if at any time someone does decide you are a worthwile target to persue. “I know what I’m doing is wrong so must take all any any steps to hide who I am”, basicaly the internet’s equivilent to a ski mask. Travker administrators who are of the opinion that what they are doing is legal have no objection to using their real names, becuase as far as they are concerned their activities are legitimate. If you believe that there is nothing wrong with bittorrent, stand up like a man, dont be a cloak and dagger super secret agent wannabe pussy about it.
Thanks for making it possible…. =/
Closed down 2004
Re-started with new site name same staff team and owners on new site and new servers in new country.
Users Informed of move and all moved over to new site within 48 hours….
We are now in 2008 and still going strong ????
Ummm why so paranoide
http://www.slyck.com/story786.html
As to seeding and seedbox, yes not good for owner to use these things best to leave that to others in the site chain of command.
That is awesome dude. I don’t have lot of time on my hands due to the nature of my job but I wish I could host a site. Thanks for all the info. :-)
pffft amaturs
“…Under no circumstances would I seed any copyright works on my own tracker.”
so then why is that paranoia?
Good advice. You are only as strong as your weakest link.
this is good info dor Deimos :)
whilst i dont go to these lengths, or infact anywhere near them (the most i do is nick my wireless off the neighbour and never seed from home :P) you have to keep some anonymity whilst a site mod/admin/sysop/other…
in my opinion its mainly to protect yourself from disgruntled users though… theres alot of people out there who expect you to bend over backwards just so they can download a torrent… and as has been mentioned earlier… its not like we (in the majority) are being paid, whatever anyone thinks…
all those who wanna give props to someone… give it to the coders.. they’re the one commodity that seems to be in need out there… and without them none of the sites would exist at all
#22 Your ignorance proceeds you..
It is always good to see what others are doing to protect themselves now days. One can NEVER be too cautious.
if they want you, they will get you, no matter what precautions or measures you take.
this is the most impractical and over the top guide that i’ve seen.
it’s site’s and articles like this that bring more attention to the torrenting community, ever more so than those idiots at TPB, who just love seeing their own press.
write something good in the future, and not something that an 11 year old could have worked out in between yu-gi-oh and spying on the neighbours daughter
@ 28..
its sites like this that also increase awareness to regular users that they should be taking some simple precautions to protect themselves in the short term… if someone is trying to bust a downloader and they see 2000 users with no security and 1000 users with simple security… they’ll go down the easiest route..
treat them like eletricity i spose..
if someone can list a few utilities that help in keeping ones ip and id anonymous.. and how to encrypt internet connection for general surfing ??
addition of some more detials like names of softwares etc could help most of us ( n00bies) to keep away from trouble
( remember a lady being fined a HELL LOT for downloadin mp3s ? )
[quote]
No-one wants online enemies, especially in huge numbers! People with a grudge and keyboard can really fuck you up. Don’t badmouth people to others unnecessarily , you have no idea who they know, who they might tell and what it could lead to.[/quote]
My favorite statement in the entire story. Hopefully “SPECIFIC” admins/users of IRC P2P-Network will keep that in mind. As well as the mods at suprnova.org
Thank you.!!
+1
I feel discusted against the record labels and iTunes. It is absolutely morally discusting what they do.
shouldnt that be on the previous article?
his tracker “hosts” no copyrighted works and he responds to dmca takedown requests? does he even get any?
it must be a totally useless tracker..
i agree @ 29
there is simply no way to hide electronically from the government, but bear in mind this quote ‘empty vessels make the most noise’
i agree @ 28
there is simply no way to hide electronically from the government, but bear in mind this quote ‘empty vessels make the most noise’
Good: Be anonymous :)
amazing to do that kinda work..
A few unmentioned items for hosting torrent sites:
1) Don’t use any hosting providers or domain registrars in anti-p2p lands (USA for example)
(It’s too simple to serve a US-based registrar a fake DMCA to reveal real whois info for a domain or have a site taken down.)
2) Distribute the servers to different regions of the world, having the DNS “A” record for the site point to a “dummy” router in one location that reroutes the traffic to your web servers and torrent trackers.
3) Host your servers in lands that entertainment lobbyists (RIAA/MPAA) can’t pressure the United States to use diplomatic pressure against.
4) Use dedicated, non-shared servers that you have total control of.
5) Always have a way out :)
WTF?
“Under no circumstances would I seed any copyright works on my own tracker.”
Then why go to all the trouble? If you’re not allowing any copyrighted works, then this seems like a *long* way to go for no gain of any kind…
[quote comment="283142"]his tracker “hosts” no copyrighted works and he responds to dmca takedown requests? does he even get any?
it must be a totally useless tracker..[/quote]
Re-read what was said: “Under no circumstances would I seed any copyright works on my own tracker.”
He personally, doesn’t see anything on his tracker.
Thought I’d clear that up for you.
Using TOR might help too, especially in connecting to get mail, or using the VPN. It is a simple method.
And beware of hushmail, they’ve opened their supposedly encrypted mail before to the feds.
Didn’t mention full drive encryption, and onion router networks.
I think he means he personally doesn’t seed the copyrighted works..
everybody else on the tracker takes care of that.
^^^^^ You GIMP!! HE means under no circumstances would HE PERSONALLY seed copyrighted works!!
I was really hoping the standard of visitor to this site might have improved by now.
…..nope still full of ignoramus’ & wannabe 1337 4Chan spaks…..
Ernesto attracts the cream of the P2P with these *cough* excellent stories. [Stories as in Jackanory....fairy-tale] This article was re-written at the authors insistence..? pfft yeah right!
@42 – ‘HE’ doesn’t seed copyrighted material – that doesn’t mean others don’t…
something I do when doing some questionable things is to create a vm on my machine with a clean fresh install. Love linux!!! ESP Live CD’s!! then make it either non persistent or whatever depending on the virtualazation software. then fire it up and do my stuff from it. that way any changes or other items that might get written to your computer will be destroyed once the VM is powered down. and there is no way to track it using tracking items of any kind. then I secure wipe the file that was deleted with the deltas so it can’t be used/recovered.
yah, what dimwits bitching about how this torrent site doesnt have copyrighted material…
HE doesnt operate a seedbox, yet he has no problems(is for) uppies to utilize them.
good article, while may not be perfect, very interesting
@44
from http://www.torproject.org:
3. No anonymity system is perfect these days, and Tor is no exception: you should not rely solely on the current Tor network if you really need strong anonymity.
stay anonymous is really hard nowdays. :)
[quote comment="282881"]Those prepaid disposable cards can still be traced, sorry. Remember when you signed up? You had to provide ID.[/quote]
Really? I know at least one place where you can pay straight cash for them.
the story rings true to me. it is how most trackers start out. anonymity and making it uneconomically expensive to find you is a great defense for a small tracker who is only trying to dodge the cost of defending a legal threat. if she keeps her head down and dodges she can live forever …
… or until her site grows to a critical mass where the cost of locating her is no longer prohibitive, or the police are involved. why would the police be involved? maybe she is running ads and not paying tax on the income, or paying tax on her lease purchases, call it the Al Capone syndrome
… or she gets experienced enough to realise obscurity is no defense and acting in a guilty way is an admission of guilt to a court
the contributors in the comments have covered what was missing in the article, and the article must be great insight to guys, except for a couple of minor things:
1. i can use your site and send you an internal mail containing a 1 pixel image link hosted on one of my servers. when you open the mail and view that image i catch your ip as it reaches for the image. so sorry sweetheart your cover was blown in less time than it took me to write this comment
2. back up your site code, your db, your server configs, on a $10 memory stick and keep it offsite. if you lose the servers, or you lose your laptop, you can be back online in the time it takes you to send the money to a new host
3. disable access logging on your server. disable all logging you dont use. if u need to check something you can always enable it
4. delete the ip address scripts from your site code, even if admin only and not displayed to ordinary users the data can be extracted by an experienced php hacker. a good hacker will never let you know he was on your account
5. arm your site with RAB advanced policy firewalls, antidos scripts, and use ipfiltering to block ALL the corporate addresses. blackout
6. create a corporate legal entity and let the corporation run the site, pay your taxes, take out legal insurance. look at how Mininova BV operates
7. follow in the footsteps of the big guys you trust and learn from them. they will shade you from the big threats and you get the benefit of them paying the legal bills
8. stay away from the guys who are unlucky, you dont need their luck
9. stand up for what you believe and dont ever permit a pirate mentality to breath on your site. software piracy is a criminal activity. filesharing is a social network phenomenon
10. repeat it as a security mantra “obscurity is no defense”
Respect to you good sir! im paranoid about just DLing from torrents adn seeding i even limited my DL adn UL speed to something a little low so as not to get any ISP suspicions about random large ass transfers and wat not.
peaceee
I’m impressed! So much for running a tracker.
But, this little sentence:
“I saw an admin recently who had uploaded 4tb of warez and was showing off his stats for all to see. Why take the risk?”
Have you checked Anonymous at MovieX? Uploaded 341.76 TB!!
Yes, I know they’re hosted on an offshore server, but still, I’m guessing Anonymous aren’t.
Thank you for keeping information free and fighting the fight for freedom. We are loosing the battle daily, and people like you keep the hope alive.
[quote comment="282986"]Going through so much faff to hide you’re identity is tantamount to an admission of guilt if at any time someone does decide you are a worthwile target to persue. “I know what I’m doing is wrong so must take all any any steps to hide who I am”, basicaly the internet’s equivilent to a ski mask. Travker administrators who are of the opinion that what they are doing is legal have no objection to using their real names, becuase as far as they are concerned their activities are legitimate. If you believe that there is nothing wrong with bittorrent, stand up like a man, dont be a cloak and dagger super secret agent wannabe pussy about it.[/quote]
These are the times that try men’s souls: The summer soldier and the sunshine patriot will, in this crisis, shrink from the service of their country; but he that stands it now, deserves the love and thanks of man and woman. Tyranny, like hell, is not easily conquered; yet we have this consolation with us, that the harder the conflict, the more glorious the triumph. What we obtain too cheap, we esteem too lightly: it is dearness only that gives every thing its value.
Thomas Paine
His paper “Common Sense”, which ignighted the American Revolution was first published anonymously.
[quote comment="283274"]@44
from http://www.torproject.org:
3. No anonymity system is perfect these days, and Tor is no exception: you should not rely solely on the current Tor network if you really need strong anonymity.
stay anonymous is really hard nowdays. :)[/quote]
“security by obscurity is no security atall”
[quote comment="282986"]If you believe that there is nothing wrong with bittorrent, stand up like a man, dont be a cloak and dagger super secret agent wannabe pussy about it.[/quote]
About a year ago I asked a bigwig attorney that pursued copyright infringements on behalf of a multi-billion dollar corporation what it would cost a small company to defend themselves from her organization. Her response was $1 million minimum, with emphasis on “minimum”. Seems to me that the anonymous and paranoid approach is the smart way to go.
Another proverb:
“it’s dangerous to be right when the government is wrong”!
How did you get into contact with this guy when he hides everything and tells no one he owns a tracker?
Privacy is like virginity -
once it’s gone, it’s gone forever!
props, great write up
=]
quote: 3) Host your servers in lands that entertainment lobbyists (RIAA/MPAA) can’t pressure the United States to use diplomatic pressure against.
wouldnt it be great if North Korea got a kick ass net pipeline and provided unrestricted hosting for 10 bucks a month… they would have plenty of customers.
That’s crazy. I don’t think I’d ever have the dedication for something like that.
[quote comment="282881"]Those prepaid disposable cards can still be traced, sorry. Remember when you signed up? You had to provide ID.[/quote]
Not really, thanks though.
[quote comment="283185"]WTF?
“Under no circumstances would I seed any copyright works on my own tracker.”
Then why go to all the trouble? If you’re not allowing any copyrighted works, then this seems like a *long* way to go for no gain of any kind…[/quote]
He is just tracking, not seeding. He doesn’t have a local headless bt client seeding uploaded torrents.
So how do they run adds on their sites if they are completely anonymous? There has to be some way to track them…
Very good article, with tips. I almost follow all these rules. We are Anonymous !
@54
”
1. i can use your site and send you an internal mail containing a 1 pixel image link hosted on one of my servers. when you open the mail and view that image i catch your ip as it reaches for the image. so sorry sweetheart your cover was blown in less time than it took me to write this comment
”
If he was that paranoid about other things, do you think he’d read all his emails in html? There is still a plain text option, and he seems like the guy to use it.
Nice article. There are lots of different ways to resist…sometimes it is useful to be covert…othertimes it is useful to be overt. It depends on the people and the situation – but good work nonetheless!
if it’s a criminal complaint they want to bring against you then good luck…doesn’t matter how hard you try to bury yourself in ‘anonymity’ they’ll get you…thinking you are invulnerable is absurd and naive…once they press your domain name provider he/she will snitch faster than an informant…what you have to do is be briefed on the laws you are breaking in order to mitigate any punishment brought on yourself…learn the laws and the punishments and figure out how to operate in the gray area or outside jurisdiction…this day and age there isn’t such a thing as ‘I’m not gonna get caught it’s when…if you can through enough shit in their in order to figure out an exit plan well then you might have something there…my two cents..whatever that’s worth
What do you make of sites like isoHunt, whose operator Gary Fung is anything _but_ anonymous ? He gets by just fine. He has been the target of lawsuits by the usual suspects, but he chooses to fight them head-on and stand for his ideals.
I highly respect the folks behind The Pirate Bay for this attitude. What these people are doing is a much needed service, a wake-up call to the world. Copyright law is sketchy and heavy-handed, and while a free-for-all environment is probably not the end goal, there is a definite need to re-balance the ecosystem between publishers and consumers.
We’re tired of being pushed around and abused by corporate interests, and BitTorrent is today’s tool to reclaim a tiny bit of the democracy of which we have been robbed.
terrific article TorrentFreak and whoever … contains much excellent advice for all internet users.
@ 54
You definitely know what you’re talking about.
2 points in response to your comments
Security hole # 1: There are ways to cover one’s track when picking up email, for instance access mail2web.com with TOR enabled (or the like), and the IP address calling up your image will be the Mail2web.com servers. Other option: don’t display images when opening emails (harder to do depending on your client).
When you say, “delete the ip address scripts…” what PHP vulnerability(ies) are you refering to?
Cheers
“Being anonymous can be a quite lonely experience as you struggle to keep the very things that make you an individual, private, while constantly having to view people that probably don’t deserve it, with suspicion. But in the end you gotta keep the torrents going, so it’s all good.”
Is this digital age we live in….:/
truer words were never spoken…Much respect and ‘thank yous’ for what you do and what you go through for the happiness and enjoyment of others…so it’s all good…
JAP
[quote comment="283082"]
+1[/quote]
+2
LOL I MAEK MONEIS FROM DONASHUNS I R GOOD GUAISE MAEK IT ALL FREE!
[quote comment="282881"]Those prepaid disposable cards can still be traced, sorry. Remember when you signed up? You had to provide ID.[/quote]
Don’t be sorry, you’re the one who is incorrect. Visa & Mastercard prepaids are very much available just about anywhere, pre-loaded and ready to go. The only “ID” you have to show is the cash to pay for one. Noob.
“If you get a DMCA type takedown request, take the torrent down! The Pirate Bay guys are going crazy at me now I guess (they’re entitled to hold their own style of course!) but I see no point in doing anything unnecessary to annoy copyright holders, especially us small guys who don’t have many resources.”
Can’t stand the heat, get the hell out of the kitchen. There’s already too many chickenshit admins who are all about bending the knee or bending over if it will keep the powerful wrath of a nasty legal threat away from their mailbox.
Take the (now ex-) comic torrent site Z-CultFM, for instance. Gets a threatening letter from the major comic companies and the guy couldn’t move fast enough to drop trou and bend over by gutting the site into a pathetic shell of the once vibrant place it was.
Running a tracker is not about being comfortable and lubing yourself up for boning by industry hacks and the **AA. This is war, nothing less. If weak-kneed commitment and half-measures are what you bring to the table, then please don’t show up to the table at all.
great article.
Man I feel sorry for these people, you are wasting your life for nothing. You can’t take pride in your work because you are totally anonymous, are hated by many, loved by few, and for what? For nothing in the end. When you grow up and realize all of the time you have wasted I think you will be very sorry. You could have contributed to society in some way, art, music, writing, being a garbage man, wow thats sad.
(response to post #84 by Lisa)
Hey Lisa, what matters is he *is* doing something on his part. If people stopped doing what he is doing, there’d be no torrent sites… and you wouldn’t even be surfing TorrentFreak. :)
“People with a grudge and keyboard can really fuck you up. ”
My favorite quote of alltime on TorrentFreak. Right up there with the MediaDefender quote (the “this is really fucked” one)
@84
I think its the other way around. The only people who HATE them are the big record companies and the RIAA, whereas they are loved by the users that use their client. And they are doing _something_ whether or not its productive is irrelevant really, think about how counterproductive your comment was, or mine.
@44
TOR is not secure.
You cannot be sure where your traffic is being routed, or who is sniffing packets and re-assembling your emails/passwords etc.
You could be routing through the nsa or mpaa or anyone for that matter.
i dont see the point of it… thats my opinion tho, i guess…
There are, however, other altenatives…
lol this is so funny they think they are infringing the law, they should meet sceners those guys are really over the top not some lame tracker hosters with they asses wiped by their daddies
a big LOL at this failure
Keep flying!
While more unidentified than Bourne :)
“You can’t take the sky from me”
[quote comment="283484"]
When you say, “delete the ip address scripts…” what PHP vulnerability(ies) are you refering to?
[/quote]
i am referring to the code present in many sites for purposes of ratio tracking etc. which uses member’s IP’s
majority of torrent sites are not professionally coded and you dont need a PHP vulnerability to open them up. you need only have bad/old code
i have said it many times, if i was a member of the MAFIAA i would invent the ratio and the torrent history and the rest
@88:
“TOR is not secure.”
Nowhere on torproject.org do I see any claim made that it is secure, do you feel special saying this? What’s the point?
“You cannot be sure where your traffic is being routed, or who is sniffing packets and re-assembling your emails/passwords etc.”
Do you know what SSL and SSH are for?
“You could be routing through the nsa or mpaa or anyone for that matter.”
So more people should run tor exits, I would suppose? Don’t send passwords in plain text (unencrypted) while using it? Isn’t the N$A already tapping a good majority of the net anyway? If you’re not using encryption at this point, whether or not you’re using Tor, you’re stupid!
“i dont see the point of it… thats my opinion tho, i guess…”
You don’t even understand it if you have to say it isn’t secure. Hell, when you run it it even says, “This is experimental software. Do not rely on it for strong anonymity.” Half the people who use it probably don’t configure it correctly anyway.
It does help to use Tor IF you set it up correctly and WHEN you encrypt your connections while using it.
Nothing is secure
The sad part is all of this will end one day and will only be a story to tell our grandchildren. Keep the Internet Police away, freedom of the internet!
@11:
“you can go to any store like Rite Aid and even most gas stations and buy cards with no id”
Don’t forget to smile for the video camera during your purchase!
@Author:
Hushmail is bullshit, just as any Java security method is.
Useful shit:
http://en.wikipedia.org/wiki/Writeprint
http://en.wikipedia.org/wiki/TEMPEST
http://en.wikipedia.org/wiki/Van_Eck_phreaking
http://www.erikyyy.de/tempest/
http://eckbox.sourceforge.net/
http://www.alobbs.com/macchanger
does anyone knows how can i make an anonymous bank acoount connected with paypal(or paypal alternatives) for paying and receiving money??
foe example how can i make an anonymous account that gains money from ads and pay the server fees with this money(completly anonymously))?
and 88 you said: “There are, however, other altenatives..”
any examples??
[quote comment="283821"]Man I feel sorry for these people, you are wasting your life for nothing. You can’t take pride in your work because you are totally anonymous, are hated by many, loved by few, and for what? For nothing in the end. When you grow up and realize all of the time you have wasted I think you will be very sorry. You could have contributed to society in some way, art, music, writing, being a garbage man, wow thats sad.[/quote]
[quote comment="282876"]Hey Cool,
You honestly believe they do it without getting paid?
All you freeloaders are just a bunch of cheap, greedy, selfish and ignorant people who want to enjoy artists work without giving anything in return.[/quote]
[quote comment="282876"]Hey Cool,
You honestly believe they do it without getting paid?
All you freeloaders are just a bunch of cheap, greedy, selfish and ignorant people who want to enjoy artists work without giving anything in return.[/quote]
Hey! I’m not ignorant.
Re the original post, thanks. While a number of flaws in the strategy have been pointed out, it strikes me as a reasonable approach. As many have pointed out, you can’t be totally invisible or invulnerable. But you CAN reduce your visibility and make yourself a less attractive target. And in the real world, that’s an intelligent thing to do.
@82 (smells like chickenshit)
Tough talk there! So, how long has YOUR tracker been in operation?
@84 (Lisa)
If you really believe what you are posting….. then why the hell are you even here reading this stuff?
hey I’m not going to pay inflated prices on shit so “artists” can get their coke fix.
Piracy exists for graet justice.
#89 keo. Your so cool!!!…except not. (faggot)
[quote comment="283010"]pffft amaturs[/quote]
Pffft! trolls who can’t spell
@Plump Gelfling
Do you really think they are gonna get a name from some grainy video footage, not to mention they would need some valuable airtime on public tv to get a name which would be worthless for such a small offence. plus do the prepaid cards have serial numbers linked to the purchase id to find the time and date associated with it?
Im in jail because I didnt read this sooner. Stupid Cops. I went to the internet cops and told them someone was threatening my Torrent tracker site and Im going to court now.
[quote comment="282986"]Going through so much faff to hide you’re identity is tantamount to an admission of guilt if at any time someone does decide you are a worthwile target to persue. “I know what I’m doing is wrong so must take all any any steps to hide who I am”, basicaly the internet’s equivilent to a ski mask. Travker administrators who are of the opinion that what they are doing is legal have no objection to using their real names, becuase as far as they are concerned their activities are legitimate. If you believe that there is nothing wrong with bittorrent, stand up like a man, dont be a cloak and dagger super secret agent wannabe pussy about it.[/quote]
What an ignorant statement. Hiding from legal entities somehow equaling ‘guilt’ is untrue. Here let me ’stand up’ so I can level with the barrel of your gun, even though I could care less who you are holding the trigger or whether your pulling it is even justified.
What a retard.
Troy Anderson and Mike Kotter are pirates! yarr!
Thanks for the tips mate, I’ll probably need them really soon!
Reminds me of James Bond.
You guys are so dedicated.
fucking cheers to that!
alllotta work but thanks some1 gotta do it and besides things arnt gonna get easier over time. the farthest away from radar the betterbut as long as u stay small u should be good
man posting two posts in 45 min is too fast and my first was supposed to be up apprx 1minute? hmmm…. Help Im stuck in a time warp!
None of this really matters anyway, really what would they do if they caught you? They would take away all your toys and say “No no!” then maybe put you in time out, where you they give you other toys and bunch of friends to play with. You did say you were lonely right? And while you are in time out you could write a book or two on your experiences so others could try an become like you. You could make a small fortune the “old fashioned” way and buy a bunch of new toys once you get out of time out. Not to say that being paranoid and a super spy isn’t fun, cause I am a super spy and I always have fun. If I were to guess your “true” identity, assuming you’re a real person not just some made up character of the author of this article Id say you were associated with torrentportal ^_^ either way Kudos to this article writer I found it extremely entertaining to read about personalities that could be as crazy if not more so than my own.
Thanks again,
Adam
lookit that three post in a row Im on fire!
*_* hahahahah ^_^
More soup please!
Hey thats my spoon give it back!
Bad monky! Bad! I told you to stay out of my KY!
love love love
fuck fuck fuck
shit shit shit
rinse lather repeat….. mmmm…. lather….ahhhhhh…
I agree, these guys are risking a lot on our behalf. A big round of applause for these guys. though you know somethings wrong when guys like this half to risk their necks so much to avoid slaughter from the media. Again big round of applause for these guys a boo for shallow public opinion
this topic for test car
Probably the most intelligent sysadmin I’ve ever read words from.
Keep it up my man!
pfft this is all bullshit. this sounds like it was written by someone who has no clue what they are talking about. whoever wrote this doesn't host shit.
4 references to this post
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.