Just over a month has passed since the first stable public release of the software and PeerBlock has now managed to clock up more than 100,000 downloads. To mark this milestone, TorrentFreak caught up with Mark from the project for the lowdown.

Mark told us that the creation of PeerBlock was inspired by him upgrading his PC from 32 to 64 bit in order to utilize 6gb of RAM. Everything worked fine – until he tried to get PeerGuardian (another IP blocker) to work.

Having hacked away and jumped through hoops to get around driver-signing it would still only work half the time and often crashed without warning. As a software engineer who has worked in the commercial sector for more than 13 years, Mark – who admits to being “an arrogant bastard who truly believes he can do just about anything better than just about anybody,” decided he could find a solution. It was “put up or shut up time,” he told TorrentFreak.

Noticing that the PeerGuardian code was open-source but hadn’t been touched for a couple of years, Mark contacted another developer who had the same thing in mind, but having heard nothing back, he went at it alone.

“I started setting up a Sourceforge.net project for it so we could get free source-control, but they took too long to set it up for me so I instead created a project over at Google Code where it was ready within minutes,” he told us.

Having heard from a few people who were interested in helping out with the development side – “night_stalker_z” who’d earlier started trying to hack the PG2 code into shape, “DarC” / “DisCoStu” who wanted to help out with fixing up the installer, XhmikosR who rewrote the installer, and some testers, things moved forward.

After facing troubles due to the lack of a “signed driver” for 64-bit versions of Vista (which resulted in Mark having to set up a registered company before they were allowed to buy a $230 code-signing certificate), a couple of blogs wrote articles on PeerBlock which attracted some much-needed publicity to the project. This resulted in 10,000 downloads in just one weekend.

“We’re still getting donations from people and we now have enough to pay for next year’s annual code-signing certificate, and we’re saving up to be able to rent our own VPS with full root access etc, upon which we’ll be able to build a ‘real’ online-update system, a custom web-app to tie our forums/issue-tracker/website all together, and some other neat things,” Mark explains.

The first stable release of PeerBlock came out on September 27th, and as of November 5th had clocked up an impressive 100,000 downloads. The site now receives up to 7,000 visitors each day.

Aside from fixing one or two bugs, the team has lots of new features planned for PeerBlock. Anyone that has tried to surf the web with a blocklist in place will know how painful that can be, so PeerBlock will have some new features which allow the “whitelisting” of certain apps, such as a browser, the creation of a proxy server to let users configure PeerBlock to listen on certain ports, possibly an integral “AdMuncher” style ad-blocking feature on a per URL basis (as opposed to just an IP-address), and an encrypted chat feature.

TorrentFreak asked Mark why users should choose PeerBlock over the competition.

“Well, first off we need to ask ‘Who IS the competition?’ The only ones I’m really aware of are: Protowall by the folks over at Bluetack which is closed-source and I don’t believe was ever updated for Vista, and Outpost Firewall, which is closed-source and basically just a hack add-on to a more professional firewall product,” he responded, while noting that uTorrent’s built-in IP-filtering feature only handles one manually-updated list.

“We protect your entire machine, and give you the option to try out any P2P app you want – this freedom of choice is a very important thing, I think. And since it does everything automatically, including list-updates, it’s one less thing to think about,” he added.

Another important question relates to the blocklists that have to be used in conjunction with PeerBlock in order for it to block anything.

He told TorrentFreak that he’s a big fan of iblocklist, who serve up a staggering 10TB of blocklists every month for free. The site doesn’t create the lists, but does offer those from Bluetack, including the Level1 list (renamed to ‘P2P’ in PG2/PeerBlock, which contains both Gov and Anti-P2P IP-addresses) and others.

Mark admits that even in a best case scenario, the available blocklists aren’t 100% effective. That said, there have been studies which show that using blocklists along with software such as PeerBlock can help speed up downloads, but no-one knows how many of the potential “bad IPs” are covered by currently available blocklists.

P2P aside, Mark says there has been feedback to suggest that PeerBlock discovered a Conficker infection on a user’s machine that their anti-virus programs missed, and can also stop ads appearing in browsers that lack in-built blocking.

One other exciting thing for the future of PeerBlock is porting it to the Mac. Mark says they’re saving all the donations for additional development and this is the most-requested request right now.

Users of PeerBlock are encouraged to give as much feedback as possible to Mark’s team, via their forums, IRC (#peerblock on freenode.net) or email.

PeerBlock can be downloaded here.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

The first thing to remember is, there is nothing on the net that you know of, that anti-piracy organizations don’t. No protocol, or secret piece of software, that you know of but which shouldn’t be talked about ‘in case they get to hear of it’. They employ people who do nothing all day but surf and chat. They act just like you or me – there’s no reason for them to behave in any other way. So, one of the first things to remember is, there’s no such thing as security by obscurity in P2P. If you can find it, what’s stopping someone in the pay of an anti-piracy organization from finding it too? That’s just common sense. Of course, as in the old saying – poachers make the best gamekeepers – quite often the people doing the investigations are not newcomers to p2p, but have been doing it for years themselves. In that respect, over most users, they have the advantage in experience.

The one thing most people seem to fail to understand, is that there are no magic solutions. At the end of the day, you have to get data back to your IP. In order to do that, at some point, your IP has to be known. While this can be obfuscated to the point at which it’s extremely impractical to trace, it is at the expense of bandwidth. This is why torrenting over Tor is a no-no. You could use a VPN service, but they also know your home IP, and also generally billing details for the account. In that way, they’ve not only associated it with a name, as they would with a home IP, but also your financial information, which would be a great way to prove you personally were behind it.

There are some common misunderstandings about anti-piracy activities that seem to be pervasive. So let’s address them.

1. There have been very few actual legal cases, as yet, that have involved torrents.
2. The majority of copyright cases are CIVIL, not criminal
3. What most people think of as being the law, often isn’t.
4. The RIAA and the MPAA never get involved in anti piracy evidence collection directly.
5. Most of the time, people are going from what someone they have met on a forum had read in an IRC channel.

1) – There have been very few actual legal cases, as yet, that have involved torrents.

Cases involving torrents are rare, as yet. This will probably change over the next few years. Despite the protocol having been around since 2002, it wasn’t until around 2004 that it started to gain widespread acceptance. Since then there have been a few cases, such as the DVDr-core, and the Elitetorrents enforcement activities, but they are in the main, the exception rather than the rule.

The Torrentspy judgment, handed down this past week, is also now heading for appeal, which could significantly change things, or could have it all stay the same. It’s too early to tell at present. Likewise, the ISOhunt case hasn’t even gone that far. Despite there being in excess of 100+ torrent sites active now, and a similar number at least having been opened and closed for various reasons over the past 5 years, that only one has got to an initial judgment says something.

Torrents are a difficult subject to litigate – the ISOhunt case is evidence of that. Unlike most other methods, which rely on a few centralized servers to index and sort, torrents rely on trackers, and on DHT. File names can be used to find torrent files, but owning a torrent file is not actionable. They are metadata (data about data) files and are not covered under the same copyright as the original source, any more than a film review belongs to the movie studio. The error checking aspect has a legitimate use as well, as it could be argued (how successfully I don’t know) that the torrent file is being used to error check existing data legitimately acquired.

Most recently, cases centering around BitTorrent sites have focused more on vicarious infringement, as in the Pirate Bay and oink cases. Basically, this means that the defendant had the right and ability to control the infringer’s acts, by being able to add or delete torrents, and that the defendant gets a direct financial benefit from these acts of infringement. Hence the claims of ‘paying for membership’ given to the police for the OiNK raids, and the focus on advertising in the Pirate bay trial. However, this can be a tricky subject for other companies too – including ISPs and technology companies like Sony, where they have to be certain to not fall foul of the ability+control aspect. This is why bandwidth-choked ISPs are firmly opposed to be involved in any sort of P2P-policing.

2) – The majority of copyright cases are CIVIL, not criminal

Now, civil cases are unlike criminal ones in that there is no ‘innocent until proven guilty’. There are just two groups of litigants. Whoever has the most proof (or preponderance of evidence) is the winner. So, where in a criminal trial, they must prove beyond all reasonable doubt that you did commit the acts, in a civil case, they only have to prove you did it better than you can prove you didn’t. Of course, I refer you to the caveat at the beginning, and note that many countries have differing requirements of proof for a civil case.

Another major factor that sets ‘criminal acts’ from those that are ‘civilly actionable’ is that whilst the former is always against the law, and doing that act means you’ve broken the law. If you punch someone, that’s always assault (with a few exceptions). Running a BitTorrent client, or participating in a BitTorrent swarm is not against any law. The contents of it might however be civilly actionable. If the copyright owners decide to sue, they can, but if they don’t, as the law goes, there’s no complaint to be answered.

3) – What most people think of as being the law, often isn’t.

This is especially common. When we broke the story on Mivii last year, a large number cried “entrapment”. There was a similar response the other day, to our story about the IFPI and limewire. Many people also believe that if a media enforcer is on a torrent, they can’t share data, else they’re complicit in the copyright infringement and are giving you some sort of permission to distribute yourselves. This could not be further from the truth.

First of all, entrapment relates only to criminal cases, in the main, and for that matter, only occurs in a specific set of circumstances. If a law enforcement officer (as in someone with the actual power to arrest you) asks or incites you to commit a crime that you wouldn’t otherwise have done, that’s entrapment. However, if you’re not a law enforcement agency, then it can’t be entrapment, pure and simple.

The implicit permission argument is similarly flawed. Whilst the enforcement agent (‘snooper’) might have permission to distribute, by distributing in part of a bit-torrent swarm, it’s hard to argue that he’s similarly giving you permission to distribute. Try telling the judge “he did, so I thought I could” and you’ll not get a very positive reaction – mainly because he can point to his ‘distribution agreement’ from the owner of the copyright, and you can’t. If you want an example, look at alcohol. In most countries, alcohol can only be sold by persons licensed to sell it. If you try and sell it, without a license, you can face penalties under the law. Saying ‘I’m selling it because he’s selling it’ won’t work there, and it’s the same case for copyright and distribution.

4) – The RIAA and the MPAA never get involved in anti-piracy evidence collection directly.

Finally, lets just clear something up we all know at the back of our minds, but forget in the heat of an impassioned board post, or IRC comment. The RIAA and MPAA do not directly get involved with the details of ‘evidence gathering’ in these cases. The MPA and IFPI are lobby mouthpieces, not enforcement agencies. Their existence is not to investigate, or to sue. They exist to bribelobby politicians, to issue press releases, and ‘studies’, to hide conflicts between the major studios, and to discourage independent works. Member companies put money into these organizations, in exchange for getting their ideas across to those that make the law, to conduct studies to back up the wants and desires of the members, and to be a face to be interviewed by the media.

The enforcement activities are carried out by companies that exist for this purpose. In effect, they are digital private investigators (although most don’t seem to have bothered applying for the licenses) and like the old fashioned gumshoe, they work for whoever pays them. Some activities of the investigator might be illegal, but that’s nothing new from private investigators. Companies like Safenet, and BayTSP aren’t in it for an ideological reason, it’s just a business. As such they work like any other business, with long hours, and trying new things to get clients and please them.

Think you’ve tried hard to get onto that private tracker? Imagine the guy that got onto it, AND got paid to do so, sitting in a nice air conditioned office. I’m certain there are people who’s only task is to gain memberships to private trackers. To collect evidence, build up contacts, and invites. How do I know this? Well, it’s what I would do, if I were running such a company, and it’s fairly obvious, especially given the evidence of the EliteTorrents bust back in 2005. Sites know this as well, which is why most private trackers heavily discourage trading invites, and why the rule is that you only invite those you “know”.

The lack of knowledge most people have about these subjects, especially in relation to the law, is mind boggling. Also, whilst the power to change laws seems to be solidly with the cartels, the position now is better than it was just three or four years ago. If you want to help improve it, join your local Pirate Party, the EFF, or similar organizations and help them out. It might not be easy, but nothing worthwhile ever was.

5) – Most of the time, people are going from what someone they have met on a forum had read in an IRC channel.

Unlike most, I actually used to work in copyright enforcement – those of you that have read my bio will know that. Of course, this was around 10 years ago, when Napster was just becoming popular, and I dealt with physical copyright infringement (people selling CDs). However, I do have a grasp of the law, and personal experience in making and pursuing a copyright case. So, as you can see, this isn’t someone repeating urban myths, or something read in an IRC channel. It’s based on fact, and experience, which isn’t that common in this area.

What to do about it?

To be frank, there is no way to stop the logging bots that harvest peer info from torrents. They don’t give themselves away, because they don’t have to act any differently than normal clients. With a WebUI, or even a VNC set up, it can easily be controlled from the office, and provides much greater anonymity. After all, the bandwidth and reliability of a co-located server isn’t required.

It is also probably wise to avoid anything considered high profile, initially, and if you’re in the US, avoid any films that hit the net before the cinema. It is also safer, in the long run, to avoid private sites which deal in what could be called ‘mainstream’ material, better known as ‘scene releases’. This is stuff that is most likely to be tracked, and private sites, whilst fast, have the great disadvantage of being part of a very small subgroup. Put another way, you could be one of up to 20 million that use the PirateBay, or you are one of 40,000 that use SceneTorrents. And unlike the PirateBay, a private site has your activities stored (in some form anyway, to generate the ratio) as well as an identifier – the email address you used. Remember, it was the similarity between an email address login, and a kazaa login that was the ‘pivotal’ evidence in the Thomas case, and removed doubt about the identity. If the site displays user names on the torrent though, you might as well never contest any case that you are hit with. Being able to track user names as well as IPs in a torrent means they’re likely to get repeat hits on you, even when you switch IPs. You might be able to convince a court that once was a mistake in their evidence gathering, but if they have you on multiple occasions, with different IPs each time, that argument is out the window.

Some suggest using blocklists, but since there is no way to identify an IP logging you, and no way to tell what IP it’s logging from, they really don’t keep you “safe”. Additionally, the most popular list provider, Bluetack, has added such a large number of IPs to their anti-piracy list (something like 700,000,000) that you are only eliminating legitimate peers slowing you down, and increasing the chance of being logged. Besides that, the people who do the logging are very aware of these blocklists, use proxies, and change IPs all the time. Additionally, the criteria for adding may not quite be at the “a guy that works there’s sister’s neighbor gets her hair done at the same place as the nephew of a guy whose company works for the company that delivers the water for the MPAA’s water coolers” – but it’s getting close (see here and here) as well as blaming hosting companies for the actions of their customers (example). The sad thing is, people run this, see all the blocks that come up, marked as being antip2p, and think “look at all those being blocked, now I’m safe” when the reality is, a group of people has claimed this, and how much do you trust the list makers. however, the final word on this comes from Phrosty, one of the coders of Peerguardian, who told one of our researchers “PG might help it might not. we think it does, but make no guarantees. make your own choice”.

Probably the most important thing you can do is know your rights, and know the truth. Use some common sense, and if in doubt, imagine yourself as an antip2p guy, and think of what you might do in their place. Unless it’s illegal, they’re probably doing it already (and maybe some of the illegal stuff too). The lack of knowledge, however, is to their advantage and not yours.

DISCLAIMER – We at TorrentFreak would like to remind you that we neither support or condone copyright infringement or theft, and that all infomation is for news reporting purposes only

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

• Companies (Or organizations. I won’t repeat orgs. over and over) who are clearly involved with trying to stop filesharing.
• Companies which anti-p2p activity has been seen from.
• Companies that produce or have a stong financial interest in copyrighted material.
• Government ranges or companies that have a strong financial interest in doing work for governments.
• Legal industry ranges.
• IPs or ranges of ISPs from which anti-p2p activity has been observed.

The IP addresses added were 89.202.149.32 to 89.202.149.63, 89.202.157.88 to 89.202.157.95 and 89.202.157.128 to 89.202.157.159, according to this forum post on the NOD32 support forum. These blocked IP ranges contain many of the servers used to provide anti-virus signatures for NOD32. These were added to the blocklist for alleged anti-p2p activities. However, what kind of anti-p2p activity was taking place is unclear.

Bluetack administrator ‘m00re’ told TorrentFreak that the IPs were added because “someone noticed them on a torrent”. ‘m0nk’, another administrator later told TorrentFreak that he noticed an IP belonging to ESET on a private tracker’s movie torrent that he was on. “It was only 1 IP, but since they’re a commercial software company with a strong financial interest in copyrighted material, they go on level 1 regardless”.

However, ESET didn’t take too kindly to this disruption of its business. A representative from ESET tried to contact Bluetack, to see about the removal from the list. He later posted a screenshot of the discussion to the ESET support forum.

This was the same kind of attitude experienced by Ludvig Strigeus almost exactly two years ago, after utorrent.com was added to the Bluetack lists. Similarly by the Opentracker people, and the German Chaos Computer Club.

Based on the feedback from Bluetack, ESET added PeerGuardian to their anti-virus updates. Two signatures called Win32/PeerGuardian were added in update number 2894 on the 21st of Feb, with another 5 added in update number 2895 the following day. These updates identify the PeerGuardian application as malware, and offer the user the ability to deal with the ‘infection’. Those that do, have been unable to use PeerGuardian afterwards.

Phoenixlabs, which makes PeerGuardian, put out this statement in response. Their representatives would not comment further on the subject, referring only to the statement. Bluetack, on the other hand, have been very vocal about it. ‘m00re’ said “whomever the person/persons are that made the flawed decision to maliciously target a non threatening application like PG2 is clearly a moron.” whilst ‘firstaid’ suggested that “people call them and have them stop having their product remove PG2 from their systems.”

ESET defended the addition, “By blocking update and threatsense servers detection of PeerGuardian as potentially unwanted application is fully justified as it could disrupt normal operation of NOD32 and or ESS.”

However, ESET has now changed it’s mind, saying “We have reconsidered detection of PeerGuardian and it will be removed in the upcoming update. However, we will actively continue protecting our users from blacklists that contain the IP addresses (ranges) of our update servers and thus preventing our paying or trial users receiving updates and keeping their computers protected.”

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.