The only vulnerability you describe is that what.cd was allowing too many simultaneous downloads.

The three month sting would work if there weren’t too many jurisdictions and private communities and if the masses weren’t doing it in droves. As it is now, authorities will go for the low hanging fruit in publicly available torrents and try not to expose their IPs by not seeding every torrent on the planet, otherwise it’ll make the job of university researchers that track the trackers a lot easier in determining where those IPs are.

I haven’t actually encountered any use of OVH/Leaseweb by DMCA contractors. Always residential lines. I guess the level 1 blocklist used by peerguardian really is shit.

Refer to my reply to “joao cesar” below for a little more detail.

I don’t like to talk about it, but at one time in my life I worked a forensics job for an independent firm. Lots of criminal complaint type stuff came through our office. It was only after too many “copyright infringement” cases came across my lab that I quit. Not like piracy infringement, like corporate reverse engineering complaints against employees who were making a little extra on the side taking their dongles apart.

It’s because of the experience I gained in Web forensics, that is logging, tracing, tapping, etc, that I can tell you it’s trivial to continue to make vulnerable any BitTorrent swarm.

With 50,000 USD, minor support from a residential class ISP, a bit of social redirection tactics, I could set a client up with the institutional capability to acquire the IP address of 99% of peers on What.CD. They have 11.3 million peers at this moment, across 1.7 million torrents. That’s for roughly 160k users. On What there is no maximum on how many torrents an account can be leeching. A friend of mine once bought a What account for 12 USD, and proceeded to download every album he wanted. He saved the .torrent files and then piled them into a uTorrent install, and then Force Started them all. He got banned, but who cares? He already had the peer lists and his torrent was happily downloading away. The peers involved were none the wiser. This was with an account less than 24 hours old.

A three month “sting” could culminate in one day of all out peer list grabbing. It’s fairly safe to assume most users are seeding (or leeching) at least one thing at any given time, just by the nature of What. This whole thing would be scripted, involving the Selenium as a solution for executing the job of scraping the .torrents from the site.

Now, does this equal out to thousands of infringement letters? No, but it equals out to a lot of data on infringing connections.

Your precious BitTorrent is NOT secure. Over the traditional Web, it can never truly be. VPNs and proxies and seedboxes are a temporary solution to a deep rooted issue. Whether its trackers or swarms, it’s never /really/ safe.

So the solution to the onslaught of copyright thuggery is, once they get too ambitious and track too many torrents, range after range after user and so on can be banned from private torrent forums.