The Hydra Project: An Anti-Piracy Proof BitTorrent Tracker
Written by Ernesto on December 03, 2007The Hydra Project is a new script for private BitTorrent trackers designed to resist any attack or raid, and to guarantee the privacy and anonymity of its users. It’s truly hydra compatible, which is much needed quality in these turbulent times.
The Hydra Project, THP for short, is developed with privacy, anonymity and survivability in mind. One of innovative features of the project is to make an OpenID for users of private BitTorrent sites so their login information and upload/download ratios can be shared across different websites. The torrents can also be shared among different trackers. This ensures that user ratios and uploaded torrents will not be lost if for some reason one of the BitTorrent trackers ceases to exist.
Shanti Braford, the developer of the project explained to TorrentFreak: “The idea is that a group of admins can get together and form a sort of distributed set of private BitTorrent trackers. bacon.org, eggs.com, ham.net and sausage.fm can all get together, share user databases, torrents, upload/download ratios, etcetera. If eggs.com gets raided, the rest of the sites are still alive and the torrents people have downloaded will still work because they’ll be associated with multiple tracker URLs.”
THP will be one of the most private and anonymous BitTorrent trackers, something that most users will absolutely appreciate. For example, no email addresses will be collected, the IPs will not be stored (only memcached) and .torrent files will not be connected to users. There is even an option for the administrator to delete all data via a memcached shutdown in case the server loses its connection to the network, which will happen if there’s a raid.
The tracker script is developed in Ruby on Rails. “The code is about 90% there,” Shanti told us “I’ve kept it very simple and rudimentary, but functional. If any PHP coders are interested perhaps it could be ported over.” I would encourage all developers who are interested in the project to take at the project page and THP’s Sync API wiki.
If THP lives up to its expectations the Hydra will be more flexible and stronger than ever.
Previously: The Pirate Bay Dashboard Widget for the Mac
Next: MPA to Christmas Movie Pirates:”You’d Better Watch Out, You’d Better Not Try!”
76 Responses
Pages: « 1 2 [3] 4 » Show All
Another idea is have a network where you prove trustworthy to be a moderator of a torrent website, like a secret rule where you have to share about 200 pirated releases without breaking any rules to become a moderator because a RIAA/MPAA/Fed Agents would never share lots of pirated content, so that solves our problem.
No rebel Moderator Spies.
Great but how much PHP do you have to know to use it on your own site
Again, why not co-operate with David & Co from randpeer.com, and make it the best thing ever. Shanti, this is for you:
http://www.pjort.com/randpeer/backgr.html
Try not to flood the world with attempts at things, be VERY certain it WILL actually be safer than anything else.
And those nagging about it being prone to kiddy porn and such, get a clue: THEN DON’T DOWNLOAD IT. You’re barking up the wrong tree and scared of the wrong groups of people. The ones that want to hide their identity in order to exchange forbidden data will NEVER be discouraged or encouraged by any new peering technology like this.
“Another idea is have a network where you prove trustworthy to be a moderator of a torrent website, like a secret rule where you have to share about 200 pirated releases without breaking any rules to become a moderator because a RIAA/MPAA/Fed Agents would never share lots of pirated content, so that solves our problem.”
Nice idea but unfortunately they can probably do wtf they want with the law falling over themselves to help the corps
What did the MPAA say to the Hydra?
[quote comment="230112"][quote comment="230073"]Great idea, to bad it won’t work.
For starters there is no safety in using private sites. Organisations like media defender have never had any problem infiltrating these in the past.
Keeping ip numbers in memory may sound nice, but it only takes one http request to obtain the list of ip numbers on a torrent from a tracker. And joining the swarm will have all the other clients that aren’t listed trying to connect to a fake client.
Furthermore what is going to stop organisations like media-defender from joining the hydra with their own trojan tracker? Sure your tracker will keep all the important data in memory, but it won’t be very hard for a hacked version that is a part of this hydra to dump all the information into a neat logfile.
I just wish people would get a clue, hiding in the shadows is simply not going to cut it.[/quote]
Lol theres always mr know it all in these comments, and yet you have no idea what the fuck your talking about, YOU get a clue, from what it sounds like you have no idea how this stuff works.
Do a little research when the product comes out, instead of just coming to the first conclusion you can muster, otherwise, shut the fuck up. Apparently you think that hiding is not a good solution, so what IS your solution? Hmm thats right you don’t have one, so go fuck yourself.[/quote]
Hehehe, I must have put my finger on the sore spot there…
.;LJKCVJM;DS;/. CV;L’ CV AV/;’VA [’DRSJ /.’X
this shit sounds like a bust
I think Im gonna Cry. Im so happy come on 100% its like waiting for the ball to drop and its 1999 all over again the anticipation and suspense is …….. driving me crazy. go team Hydra you are gods to us
[quote comment="230256"].;LJKCVJM;DS;/. CV;L’ CV AV/;’VA ['DRSJ /.'X[/quote]
Get it in PHP, and it will see success. Offshore Rails hosts are much harder to find, unfortunately.
Seeing as 99.999999999% of sites are hosted in sweden it wont make a difference if one of the sites gets taken down, because the whole operation will be for naught!
pffff…..LETS ALL HYDRA TO SWEDEN!!
lol? I think n.o.t
well great, “hydra” went from a word i haven’t read since high school to the most annoying overused word on my computer screen.
[quote comment="230356"]Seeing as 99.999999999% of sites are hosted in sweden it wont make a difference if one of the sites gets taken down, because the whole operation will be for naught!
pffff…..LETS ALL HYDRA TO SWEDEN!!
lol? I think n.o.t[/quote]
hmm didnt TPB start looking for a safe spot in North Korea because sweden wasnt safe anymore?
hmm perhaps it was just a shit report…
First off, Ernesto - thanks for shedding more light on the project. I’ll definitely get my act in gear and finish up the proof of concept in RoR.
To answer a few of the questions from the comments:
* All sites in each “federation” or whatever you want to call it, have to trust each other. This is left up to the torrent admins who want to try running a script like this. If they believe that they can trust one another, then they add each other (including the passkeys, domain names, etc) to the list of trusted sites in the network. If you trust someone who happens to work for the MPAA, well, you must not know your friend / fello admin that well, and I don’t know of a way to get around this threat, really.
* There can be multiple (any X number) of federations. i.e. as from the example, you can have “bacon.org, eggs.com, ham.net, etc” in one federation, sharing torrent / user data. Then another group of admins, with completely separate torrents and data, can get together, and perhaps have a different focus on their content (music, instead of video, for example). This separate network would operate on their own domain names, e.g. fido.net, shaggy.com, lassie.org, whatever.
* It *is* indeed true that if every single one of the sites gets raided at the same time, the entire network will crumble. It’s easy to make backups, but if the network has lost control of all domain names, then the .torrent files people have downloaded will simply no longer work. Having servers in Sweden, China, South America, etc (one “head” of the Hydra in each) may well be a good idea for the truly paranoid.
If you want to hack on code (RoR, PHP or python), drop me a line at: shantibraford (at) gmail.com
To quote jamiroquai: o/` We’re going deeper under ground o/`
Wouldn’t this just raise more questions, if the thing is meant to be global? Who controls the OpenID server, who controls the ratio?
First off, Ernesto - thanks for shedding more light on the project. I’ll definitely get my act in gear and finish up the proof of concept in RoR.
To answer a few of the questions from the comments:
* All sites in each “federation” or whatever you want to call it, have to trust each other. This is left up to the torrent admins who want to try running a script like this. If they believe that they can trust one another, then they add each other (including the passkeys, domain names, etc) to the list of trusted sites in the network. If you trust someone who happens to work for the MPAA, well, you must not know your friend / fello admin that well, and I don’t know of a way to get around this threat, really.
* There can be multiple (any X number) of federations. i.e. as from the example, you can have “bacon.org, eggs.com, ham.net, etc” in one federation, sharing torrent / user data. Then another group of admins, with completely separate torrents and data, can get together, and perhaps have a different focus on their content (music, instead of video, for example). This separate network would operate on their own domain names, e.g. fido.net, shaggy.com, lassie.org, whatever.
* It *is* indeed true that if every single one of the sites gets raided at the same time, the entire network will crumble. It’s easy to make backups, but if the network has lost control of all domain names, then the .torrent files people have downloaded will simply no longer work. Having servers in Sweden, China, South America, etc (one “head” of the Hydra in each) may well be a good idea for the truly paranoid.
If you want to hack on code (RoR, PHP or python), drop me a line at: shantibraford (at) gmail.com
As for the future of p2p I’m not entirely convinced it will be online. Once 2TB HD’s are commercial & portable HD’s reach 200GB I would imagine piracy would revert back to the classic ‘tape sharing’, with 2 results - less network congestion & more security. It’s certainly how I would envisage my own use going.
The majority of the problems seen in America is due to the rampant business nature of the economy. Music exec’s have to be seen to do something about the p2p problem or else they’ll be fired for incompetency, up steps the lawyers “hey guys! we’ll take the problem away for you! no win, no fee!” and here we arive.
69: Oh thats right, You failed to mention, I don’t know, It has no hope of providing anonymity in any sort of degree, I downloaded the source and it wasn’t even complete. Secondly, You erroneously make the statement that Trackers provide some sort of intrinsic performance enhancement, Trackers are used in order to get around the problems of decentralized systems of Searching and Distributed Hash tables, Which is why if you are using Azureus (or uTorrent, Though it provides a slightly inferior implementation of DHT {{Distributed Hash Table}}) You will never get as many sources as you would with just a tracker.
Of course, I haven’t even BEGAN to touch on the problems of sending the public/private key along with encryption data, Which, Might I add, Doesn’t even make sense.
[quote comment="229872"]Sounds exactly like what’s needed for the bittorrent community. Hopefully this isn’t just a flash in the pan and it turns out to be The Next Big Thing.[/quote]
Are you kidding? If this actually comes out, it’ll be the biggest thing since header/protocol obfuscation debuted 2-3 years ago!
[quote comment="230140"]Centralizing is not good, adding extra compelxity isnt either, the old chaotic pirate cell approach is much better.
Trackers can use encrypted disks.
Tracking tables already are memtables.[/quote]
Correct; centralizing power is always a bad idea; but the only way to efficiently have decentralized power is to have global communications and inter-personal/entity/community relations. This only happens with communications, with communications that are “centralized” in the sense that they are global, and all individuals and communities can access the communications network.
So yes, centralizing power is bad (ie, cenralizing all tracking lists onto one site); but globalizing tracker communications (ie, giving each shared file a list of failsafe trackers)? That’s just smart.
[quote comment="230217"]Again, why not co-operate with David & Co from randpeer.com, and make it the best thing ever. Shanti, this is for you:
http://www.pjort.com/randpeer/backgr.html
Try not to flood the world with attempts at things, be VERY certain it WILL actually be safer than anything else.
And those nagging about it being prone to kiddy porn and such, get a clue: THEN DON’T DOWNLOAD IT. You’re barking up the wrong tree and scared of the wrong groups of people. The ones that want to hide their identity in order to exchange forbidden data will NEVER be discouraged or encouraged by any new peering technology like this.[/quote]
Hell, judging by the ease with which the mafIAA has penetrated the bitTorrent network [we may as well be transparent:], and yet the continued presence of pedo rings online [with their heavy funding from organized crime], I would think they use a radically different p2p approach than bitTorrent, or they would be caught by now!
almost makes ya wish there were big funding behind greyhat issues too….
im a programmer over at seedmonster.com, i will definitly discuss this with the staff. Sounds like a cool project.
1 references to this post
Pages: « 1 2 [3] 4 » Show All
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.