Research Exposes Risks for BitTorrent Seeders

Ernesto
April 30, 2010
85
bittorrent,
research
Print

A recently published paper found that it is relatively easy to expose BitTorrent’s biggest content providers. The researchers were able to identify 70% of the initial seeds of publicly available torrent files that were uploaded to The Pirate Bay, something that might peek the interest of the entertainment industry.

It is no secret that BitTorrent users publicly share their IP-address when they share something. This is how anti-piracy outfits collect info for their takedown requests, and how some copyright holders use the information to demand cash from claimed infringers.

Less known is the fact that the people who are adding content – the initial seeders – can also be exposed quite easily. With this info copyright holders could potentially track down the big uploaders that are responsible for providing the content which goes on to be distributed among millions of people, and take action against them.

TorrentFreak spoke with Arnaud Legout, one of the researchers who examined how easy it is to spy on BitTorrent users. “Our goal is to make the privacy issues associated with BitTorrent usage public,” he said. “BitTorrent is truly one of the most beautiful, elegant, and efficient protocols ever designed. However, it has never been designed with privacy in mind.”

Legout and his colleagues found that spying on BitTorrent users is relatively easy and cheap. “We showed that anybody can monitor tens of millions of BitTorrent users in real time from a single machine and with a xDSL connection,” he told us.

The researchers also found that pinpointing the IP-addesses that make files available (initial seeds) is relatively easy to do. “We were able to identify 70% of the initial seeds for all the contents uploaded to The Pirate Bay in one month,” Legout told us, adding that they could have achieved a much higher percentage if they further refined their techniques.

The researchers were able to find the initial uploaders by quickly jumping on new torrents that were added on The Pirate Bay. This allowed them to grab the IP-addresses of the ‘content providers’.

Another interesting detail that the research revealed is that the majority of all the uploaded content originates from a small group of users. The Pirate Bay has millions of users, but only 100 IP-addresses are responsible for seeding 30% of the material uploaded to The Pirate Bay. The top 1000 IP-addresses are the ‘content providers’ of 60% of the torrents.

Taken together, this means that anti-piracy outfits could quite easily track down the biggest providers of copyrighted material, instead of just going after regular sharers.

Although most of these top providers do not use their home connection but high bandwidth seedboxes instead, shutting these down through legal action might hinder the distribution of copyrighted material.

Previous Post | Next Post

Follow @torrentfreak

Kaz

There is always a way around something in the bittorrent world.
Barry

Peek the interest?
Bill Dance

Peak the interest, not peek. :)
-_-

The word is “pique”.

“…pique the interest…”
colored

If the information is collected illegally from the ISP owner? they can not use it in court against the owner.
Aaron

The second bit, about most of the content coming from a few people is interesting, but the rest looks like a report from the land of duh.

If you are a big initial seeder, you better use a very trust-worthy VPN or seedbox.
Anonymous

“The Pirate Bay has millions of users, only 100 IP-addresses are responsible for seeding 30% of the material uploaded to The Pirate Bay. The top 1000 IP-addresses are the ‘content providers’ of 60% of the torrents.”

This is the true. Initial uploading is not unmercenary, most of people are downloading, but few people have something for uploading because tracker could not live without content.
Amfortas

@colored

“If the information is collected illegally from the ISP owner? they can not use it in court against the owner.”

Laws can and will be changed…
Tom

Thank you for pointing this out to the guys in the suits.
LRN

1) Torrents uploaded to TPB are not always the first ones. It is not a secret that content often comes from the scene, and private torrent trackers sometimes get it before it is uploaded on TPB. So seeking initial uploaders is not THAT helpful.
2) SuperSeeding, in theory, should disable such detection – it is not possible to distinguish between SuperSeed and initial peers. Although with very low reaction time it might be possible to grab a new torrent, find the only peer who has anything to share among all other peers, and assume that peer to be the SuperSeed. But that will only _point_ to the initial seed, it is not a proof.
Lucky Man

well i got idea! Anti-Privacy companies, MIND YOUR BUSINESS!!! quit bugging unaffordable people cuz you know there’s stink pay wages out there and you want people stop downloading? no way i keep downloading as long as i’m alive… everyday antiprivacy company waste lot of money for reduce sharing? it won’t work cuz anti-privacy been had over billions of dollars for many years and now they want to talk about bittorrent? well i wish i could invest something new like not bittorrent, usenext, or file share such as rapidshare, megaupload, etc…
BigM

but the seed boxes can move, just like back in the day where ftp sites were the best way. Maybe even more so with todays technology
Lucky Man

these stars already rich so why not regular ppl’s turn to be star? if i made couple of movies then i would be already rich n i would save money for living. everybody’s living cost should be least 5-10 million dollars. anti-privacy companies seems got over billion or trillion dollars which are greedy!!
Whatever

Why would you want to tell the MAFIAA that ?

(yes, the seeder part is interesting but the rest can be concluded from logic)

Makes me think about the comments on some Dutch articles about for example newsgroups. The horde of ‘innocent leechers’ saying ‘i only download so i am legal, let them go after the uploaders’. Those leechers are hypocritical and selfish. This is ignorance on purpose (history proves its a human property) to the fact that no uploaders=no downloads . When those few existing uploaders disappear, they will cry that they didn’t know.

(some things won’t translate well in English, sorry about that)
Lucky Man

so researchers can still detect ip address through whoever ppl still using PeerBlock?
Ricecake

As was pointed out, there’s a grammatical error in the summary :p.

No big deal really. Especially if English isn’t your first language.

It should be “… that might pique the interest… “, not “peek”.

http://www.wsu.edu/~brians/errors/peaked.html
GP

Unless they bribe the judges, seeding still isn’t illegal. There’s no law that says you can’t give something away. The law is against theft, and they have to prove that the seeder committed theft. If the seeder can show a receipt that shows that they purchased their original medium (or mediums) of the music, game, video, or whatever…
Surys

Do what EZTV do (as far as I can figure from observations of their public indexing site — I might be wrong though!!!)… don’t let one person stick their neck out for the guillotine.

Have your group of initial seeders among your release group community until there are 100-200 seeders, then post the torrent publicly.
Cha Ching

I’m going to buy me a cash register and make receipts for all of the 10′s of Thousands of files that I have *Coughs* paid for and am now sharing.:)

What now, HuH ??
spinach cookies

cat & mouse comes into mind & the mouse always gets away yeh fuck this shit we are living in the worst generation to date soon we wont be abole to fart in public let alone say boo to a ghost
Jay

“5 Apr 30, 2010 at 23:13 by colored
If the information is collected illegally from the ISP owner? they can not use it in court against the owner.”

Depends on the country, where i live prosecution is free to use any evidence no matter how it was obtained.
swerd

@11, you mean anti-piracy right? Why would there be an anti-privacy company?
KingSkaFa

Could a seed box run through a VPN?
jumping ship

“This paper presents a set of exploits an adversary can use to continuously spy on most BitTorrent users…”

perhaps you could have enlightened us with some info surrounding the techniques used? The link you offer is just a tiny summary that you have reiterated here anyway.. so what’s the point.

Bar the two generic statistics provided, this article is fairly kak.
Gary

Torrent days will be over unless they come up with a solution with privacy in mind.
hello

Your still joking?
jovialau

21 No,,,,,,,,I am sure he meant anti-privacy…….The other name for …..Government!!!!
anonymous

@23 look at that link again, it has links to the papers in question. The first and last ones are the most relevant.

But really, this isn’t their most important finding. What I think TorrentFreak should be talking about is what they found about running BitTorrent over tor:

- Running BitTorrent over tor does not make you anonymous in any way.

- If you send both web traffic and bittorrent traffic through Tor, your web traffic can also be identified!
cpt obvious

1% of stuff originates from TPB, and probably around 80% of content doesn’t even originate from the bitorrent protocol.
Anonymous

“Running BitTorrent over TOR does not make you anonymous in any way.”

Yes it does.

This is because it is like using ten of thousand of proxies at any given time. TOR also break through filters so if you want to access a site censored by a government you can by using TOR.

It is anonymous because it impossible to find the IP of a file sharer but it is not private because the content can be easily intercepted.

True, you can get the ip addresses of some nods but since you don’t know what each node is actually doing what is the point?

Beyong TOR there is others tricks that can be used to hide you IP address. One of them consist in borrowing the IP address of network routers.
jumping ship

@27.. thanks for the heads up… was worth the read.

Tor shouldn’t really be used for torrents, so the fact that it doesn’t anonymize bittorrent traffic is moot… and actually a good thing imo.

Limited capacity should be reserved for where it is most needed.
Ninja

10 Apr 30, 2010 at 23:30 by LRN said everything. This will lead to many false positives as the first one to download 100% will be pointed as the initial seeder.

Seriously, do they think uploaders are that stupid? I mean, of course there are the stupid ones but the heavy seeders and peers know what they are doing lol.

Hope MAFIAA bites this, it’ll be funny to see ppl using the superseed argument to win any lawsuits… Oh boy, exciting times ahead hahaha
TheSpark

This could be easily defeated with fake peers. Which trackers have. Unless they use their resources to not only connect but also download, any and all data collected is useless.
jose

given that torrents and/files are shared on multiple sites/protecols , this means nothing really unless they monitor everything 1984 style, which they are already trying to do. Resist!
Cujo

Something that has to be considered is that sometimes you want ta share some new content that you bought but it’s a rat race ta get it up before someone else dose

The guys that share a lot know how to stay anonymous ,, aXXo for example ;)
BIOS

@22

Yes, anything can be run through a VPN. You can run a VPN through a VPN :P
Einstein

To this day I don’t understand why .torrent clients put the lists of IP addresses for all the world to see!? Of course our ip addresses are essential for Bittorrent to work, but WHY make it a feature of a torrent client (in my case Utorrent) to display lists of ips?
Maybe it’s because the creators know that our ips will always be discoverable with appropriate software, so they figured, why bother?
Bud

utorrent the best.

Adult flicks @

http://www.cherrytorrents.com
Anonymous
neko

guess what, there’s organization at the top of that end too. The top 100 ip’s mentioned are controlled by something like 10 ppl. and its just a drop in the bucket. Shut them down – go ahead, think any of the info is real? think these were payed by a personal card? think this is the only thing those boxes do? think there’s no plausible ‘hacked’ denability?

Your NOT safe downloading, but we will NOT disappear either. ever play wack-a-mole? now imagine everyone you managed to wack, caused 3 to pop up?

Think boxes are rooted for only credit card’s sakes? FUCK NO.

when they filter the net:
WE WILL BE THERE AND BUILD A DARKNET

when they filter by protocal:
WE WILL BUILD NEW ONES

when they spy on the users:
WE WILL FEED THEM SHIT DATA

and when they go to get organized against us all:
WE WILL REMOVE THE DATUM. WE ARE THEY. WE ARE YOU. WE ARE WE. AND WE WILL NOT DIE. WE WILL FIGHT. AND WE WILL WIN.

FREEEEEEEEEEEEEEEEEEEDOOOOOOOMMMMMMMMM!!!!!! (FOR ALL GODDdddAMMIT {there’s no god})
jose

@22 , @34 If you know of a way to run a vpn through a seedbox please explain because I have talked to many of my seedbox providers and they don’t know how.
pique

I also immediately wanted to comment that it’s “pique”.
Anonymous

“Unless they bribe the judges, seeding still isn’t illegal. There’s no law that says you can’t give something away. The law is against theft, and they have to prove that the seeder committed theft. If the seeder can show a receipt that shows that they purchased their original medium (or mediums) of the music, game, video, or whatever…”

It’s copyright infringement. A stupid law that no one has any obligation to follow, but we can’t pretend it doesn’t exist.
JonnieHayward5655

http://hotfile.com/dl/40649549/8c1fc29/MOMENTUM-XviD-PDTV-S06E04-US-Swap-Wife_Sparhawk.r00.html
JonnieHayward5655

===========================
Avatar Blu-ray DRM Causing Playback Problems

http://www.cleveland.com/moviebuff/index.ssf/2010/04/avatars_blu-ray_blues_some_con.html
————————————————
Unauthorized Content Consumer

Piracy would end substantially if the corporations changed their business models and stopped allowing their greed to warp their impression of potential customers.

Okay…back to my superseeding through a neighbours unsecured wireless. xD
Brandon

I pitched my dvd player to make room for another 1tb sata rack on my tower take that bitches…. 8-P
Reality

@40

“US copyright law was changed to allow for the civil and criminal prosecution of persons allegedly engaged in copying of copyrighted works without permission that did not result in personal financial gain; historically, the criminal copyright law required infringement to be for financial gain”

i.e. if it’s free, it’s not a criminal case
CCC

nothing new. Bram had mention this before .
HNicolai

First of all, why does OBT allow the “scrape-all” command? When does you need it? (The researchers was using that (and other) commands to “spy” on the bittorrent users).
And why doesn’t the tracker “detect” people that connect to ALL new torrents? It’s a quite suspicious activity!
And people that upload alot, should just Ghost Seed, that would make it impossible to find the initial seeder.

Fail tracker, fail peers! :P

———————————-
The published paper can be found here: http://rapidshare.com/files/382236628/bt_privacy_LEET10.pdf
Anonymous

Block the entire Europe and US IPs and share files only with the people of North Korea, China or those anti-US people such as Afghans, Iranians.

Btw… fuck Russia! Yaye! :)
Afficianado

Well, I thought it was perk the interest.
deviant

Haha, how can someone actually get recognised for publishing a paper on this?

This ‘technique’ (if you’re even going to dignify something this simple with such a term) has been used for years by Staff on private sites. We’d always look at the peerlists on TL, FTN, ST etc.. to catch the IP of the idiot stealing it from ScT.
Mbb

Omg the anti-piracy people’s are so stupid, the key is by the scene groups of course

‘Without Osama Bin Laden no terrorist’

‘Without scene groups no torrents’

Its that easy
Phishy

@ Einstein

Basically, if the torrent client requires connections to outside IPs, there is no way to hide this. Yes, they could remove the ip list from the torrent client. That would be like closing your eyes, your machine is still connecting to those ips, your software firewall would see it, your os would see it, your router and any firewall on there would see it, the dsl modem would see it, your isp would see it.

In relation to the internet at it’s most basic there is no way to stop it from making those connections, and there is no way to make those connections invisible.

If you thought for a second the ip list you see in your utorrent “peers” tab is how they gather ips alone you are wrong, they use screen shots of those to show laymen. The ips are gathered by running a script or piece of software on the pc or router, and collecting all outbound/inbound tcp/udp connections. They monitor the seeds this way, as the only way to prove you shared it is for you to share it to them. This is rare

Mostly they just use tracker scrapes and pickup all the ips in the swarm, regardless of what they are doing and send blanket threats to the isps.

The only time they actually get into the swarm and download content is when they think they can nail a provider
Phishy

“And why doesn’t the tracker “detect” people that connect to ALL new torrents? ”

are you insane? do you even have a clue how much traffic and cpu cycles are being used even on small time trackers? You expect it to double the load instantly and maintain a realtime tracking database of all users and what they are tracking, constantly checking itself looking for someone downloading too many fresh torrents?

Dear god
Mr. Briggs

I concur with #4 (-_-), the word is “pique”.
mush

“give ‘em a boner” is the correct phrase
chili cat

this news is no biggie. everyone knows the risks of initial seeding and already takes good care
dncholas

It takes a research team to figure this out? All you have to do is open torrent and click “peers”.. pretty obvious the one’s with 100% on a new torrent is the one uploading it. Maybe these “researchers” should find better things to waste time examining, or better yet figure out something not already known :s
nom

if your foolish enough to use public tracker dont be surprised if you get caught.
6sixty6

Court OKs Unmasking Identities of Copyright Scofflaws – http://www.wired.com/threatlevel/2010/04/unmasking-copyright-scofflaws
rex

If you upload material to torrents use seedbox.

14 New Seedbox Providers to Speed Up Your Torrents

http://filesharefreak.com/2009/11/07/14-new-seedbox-providers-to-speed-up-your-torrents/

If you download stuff use VPN.

Total Anonymity – A List of VPN Service Providers

http://filesharefreak.com/2008/10/18/total-anonymity-a-list-of-vpn-service-providers/
Blabbitie

I totally agree with comment number 60.

It’s not that hard to do. Second of all, what the hell? Cmon, now if someone is engaged in frequent high-priority first seeding of a torrents then that person I hope is not dumb enough not to use an anonymizer or seedbox.

Also, this is only good for hot new releases, as I doubt few releasers keep seeding past a certain point.

-Dem Tig ol bities
http://blabbities.tumblr.com
inet user_

“Cmon, now if someone is engaged in frequent high-priority first seeding of a torrents then that person I hope is not dumb enough not to use an anonymizer or seedbox.” ?

right.. not
rex

Uploaders seedbox and downloaders VPN. MAFIAA never catch you this way.
us

it was also intresting to read this week why proxy’s and tor doesnt help

http://activepolitic.com:82/2/old/30-4.html#Internet
Pingback: Research Exposes Risks for BitTorrent Seeders
Pingback: How does an investor research their stock investment? | Stock Market Group
Pingback: Research Exposes Risks for BitTorrent Seeders « Staatskulturminister
Pingback: Onderzoek: 100 ip’s uploaden 30% Pirate Bay-torrents « Mokkaas's Blog
Pingback: Onderzoek: 100 ip's uploaden 30% Pirate Bay-torrents - Firtina Community
paul

anyone else just feel the sudden urge to close their utorrent for a moment? haha
Borderliner

>> “Running BitTorrent over TOR
>> does not make you anonymous in
>> any way.”

> Yes it does.

No, it doesn’t. What people forget (or don’t know) is that the announce made by the BT client specifically includes the IP. Secondly – DHT runs over UDP and that can’t be used over Tor, hence if you’ve got DHT activated for a torrent (which is prefferred when dealing with public torrents) you won’t be anonymous. Thirdly – using a random port for communication can make you less random in a swarm.

Read what the people who develop Tor have to say about this:
https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea

As for the findings: not really a surprise. I’m quit certain bigger uploaders used seedboxes and not every account neccessarily has a different IP, hence a large number of uploaders might boil down to a handful of specific computers.
Anonymous

This is complete null study. Everybody knows you can see the initial seeder, when you immediately start downloading a torrent that was just uploaded. The one who has 100 % and is the only seeder is the source. D’uh. Not news!
2054

Though laws may and will be changed, ilegally acquired evidence will never be admissible in any court….
Pingback: Grootste uploaders The Pirate Bay opgespoord
Pingback: Exploring Privacy Threats in BitTorrent
Dicks

If it’s any comfort at all, the MPAA/RIAA has yet to prove that know how to use the internet…
SaveMyBreath

Ok,
we all know, downloading is illegal.
All hail torrents :D
We also know, governments can get any info they want about any1.
but, if they admit they receive the data illegaly, people who get sued, sue them. (at least in holland).
We might do sumthin illegal, but you ADMIT you got this info illegal.
And that way, you got PRIVACY INFO about tons of people.
so what I wanna know:

WHO IS LEGIT NOW?!?!?!?!
matey

Bittorrent over Tor isn’t a good idea
http://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea
iKo

Don’t worry guys, these kind of experiments break the rules regarding ip collecting in most countries so…
At least in France (they are scientist) you can’t do that with a lawsuit in mind.
anon

shut down the top1000 seeders, and make another 20000 appear! Im gonna support the pirates!
Pingback: Choosing self | Growing Zinnia Flowers
Cyber-Override

@40 that is true
and if they ilegally get any info on you thay cant use it in court

Back to super seeding

TorrentFreak

The place where breaking news, BitTorrent and copyright collide

Research Exposes Risks for BitTorrent Seeders

Related Posts

Previous Post | Next Post

NewsBits

Blu-ray Anti-Piracy Tech Stops Discs and Promotes Purchases

Foxtel Breeds Pirates by Locking Up Game of Thrones

UK Student Admits Breaching Sony Copyrights With Leak of PS3 SDK

Pirates Can Be Identified Despite Sharing IP Addresses, ISP Claims

Feds Seize Cash from Major Bitcoin Exchange’s Dwolla Account

MostDiscussed

Pirate Bay Takes Over Distribution of Censored 3D Printable Gun

McAfee Patents Technology to Detect and Block Pirated Content

Pirate Bay Finds Safe Haven in Iceland, Switches to .IS Domain

Game Pirates Whine About Piracy in Game Dev Simulator

The Pirate Bay Moves to .SX as Prosecutor Files Motion to Seize Domains

CopyQuote

PopularArticles

VPN Services That Take Your Anonymity Seriously, 2013 Edition

Top 10 Most Popular Torrent Sites of 2013

Which VPN Service Providers Really Take Anonymity Seriously?

What’s The Best VPN / Proxy for BitTorrent?

BTGuard Review: How Does it Work?

Optimize Your BitTorrent Download Speed