Video: How People Are Tracked Using BitTorrent
Written by enigmax on January 14, 2008Being tracked by anti-piracy organizations and receiving infringement notices on file-sharing networks is becoming more common. A security project manager has just released a short video showing how it’s done.
A common question from BitTorrent users is how anti-p2p outfits trace and trace file-sharers in order to send infringement notices. We’ve reported on one technique in the past and now, thanks to Dan Morrill, a Security Project Manager with VMC Consulting in Redmond Washington, we have a short video illustrating another basic technique which is easy to understand.
Dan’s example involves him downloading a large file with the popular Azureus client, while giving a commentary on the various types of information offered by the client, a brief overview of how BitTorrent works, how it’s possible to be tracked and how the gathered information could be processed. He also touches on anonymity and the use of blocklists.
A popular piece of IP blocking software is Peerguardian, which can be downloaded at Phoenix Labs, with the blocklists available from Bluetack. Users seeking anonymity can achieve this by using a free proxy server but in reality, most don’t offer performance anywhere near good enough for BitTorrent. VPN services such as VPNTunnel aren’t free but they’re reliable and generally protect users from the techniques shown in the video.
Just one criticism; Dan states towards the end of the video that if you don’t use blocklists you are almost guaranteed to be ‘nabbed’. The majority of people don’t use blocklists and the majority of those are not getting ‘nabbed’.
Indeed, most of the cases we hear of from the United States are people who don’t use BitTorrent at all. On the other hand, blocklists mostly offer pseudo-security, since there’s no guarantee that you are not tracked while using them.
Previously: TorrentFreak Interviews a Lawyer Defending 500 File-Sharers
Next: MediaDefender Hacker Speaks Out
93 Responses
Pages: « 1 [2] 3 4 » Show All
I’m attempting to log all traffic in and out of the RIAA offices. Anyone else want to help in this project?
I need a log of all traffic, ip addresses etc. Just incase there’s any thing illegal going on.
They shouldn’t mind me doing this now should they, since they do this to us all?
@24, yep, they are breaking the law too, but some companies use clients that don’t download or upload any real data. This is one of the least informative videos I have ever seen, throwing in a bunch of computer vocab to act smart lol.
Most of the anti p2p company’s have “intellectual rights” to the items there spying on so you cant technically steal which you already own.
I use PG2 even though i know it makes hardly any difference, but it still offers than bit of protection in a naive way.
As people are saying they can use the same ways we use to hide to try and find us, they will go for the easy targets, and to the guy that said they go after the big guys not the little people, just look at case history, there all just normal people with no computer knowledge downloading music and movies or public trackers.
@24:
[quote comment="263336"]Doesn’t this mean they have to download illegal stuff themselves? :)[/quote]
They already own their own material.
I’m pretty sure that they can download their own stuff without going to court.
Are you going to sue them for downloading their own movie/music?
What are your charges?
Them downloading their infringed copyrighted material from you?
that is the gayest voice i’ve ever heard
That video sucked. Anyone who uses a bit torrent client knows the IP addresses of the peers connected to it. So what else is new?
This is what Media-defender offers to their clients (from website):
MediaDefender uses a range of non-invasive technological countermeasures employed on P2P networks to frustrate users’ attempts to steal/trade copyrighted content. We have a proven track record of adapting to challenges and successfully protecting our customers as new technologies and networks arise.
Decoying and Spoofing are the most commonly known techniques that we employ. We send blank files and data noise that look exactly like a real response to an initiated search requests for a particular title. Pirated files will no doubt be on the networks, but with our protection applied it would be easier to find a needle in a hay stack than a real file amongst our countermeasures.
In addition to anti-piracy solutions, MediaDefender also offers a Leak Alert service. Our industry leading Leak Team scours Newsgroups, Usenet, and BitTorrent sites to see what cracked/pirated content has most recently leaked. Upon discovery, MediaDefender will download the leak and either send it or provide a secure ftp login for customers to sample the pirated material.
Here we go again.
1) Blocklists do not offer protection.
So what MD can’t use their corporate IP to track you, they just rent blocks of IPs from ISPs around the world.
All blocklists do is block legitimate IPs from joining swarms.
2) There is nothing illegal about downloading or uploading anything to which you have been given the right to do so by the copyright holder.
Although MD and others do not own the material, they are given these rights as part of their service contract.
3) There is nothing illegal about reading your IP from a tracker. You published your IP when you decided to download the torrent.
If you put up a billboard ad to sell crack, you can’t complain if the police read it.
4) A truly private tracker can offer protection. “Private” trackers with 100K members and open signups once a week are not private at all, but semi public.
If you know everybody on the tracker, it makes it real hard for the mafiaa to get in. A lot of people are starting to run their own private places just for friends.
5) @#25, logging all traffic in and out is not anything like what they are doing.
When you download, you connect to other peers and tell them things like how much you have downloaded, what pieces you have, what pieces you have just been given etc.
Each and every client then logs this information to be able to do its job. If they didn’t, bittorrent would become very inefficient.
In short, the information they log is part of their “conversation” with you and can be legally recorded. Logging all data flowing in and out of someone elses machine would involve electronic eavesdropping, and would be illegal.
@ #2- STFU moron. You obviously don’t know what you’re talking about. PG and the blocklists from Bluetack work just fine. Anyone not using them is just asking for trouble. Is it perfect and guaranteed? No, of course not. But to not use a simple tool that removes 95% of the problem just because it’s not 100% perfect in all ways is stupid, as is telling other noobs not to use it.
@ #33- “1) Blocklists do not offer protection.
So what MD can’t use their corporate IP to track you, they just rent blocks of IPs from ISPs around the world.
All blocklists do is block legitimate IPs from joining swarms.”
Here we go again, with the blind leading the blind. Or more accurately, the clueless and misinformed.
“Blocklists do not offer protection”
Bullshit. They offer quite wide-ranging protection from known bad apples.
“So what MD can’t use their corporate IP to track you, they just rent blocks of IPs from ISPs around the world.”
They could, but they generally DON’T.
Why? Because they already have a target rich environment where the majority do not use IP blocking. Why jump through extra hoops when they already have more fish in the barrel than they can shoot?
“All blocklists do is block legitimate IPs from joining swarms.”
LMAO! How legitimate can they be if they’re on a blocklist? 99.9999% of the time, there is a very good reason why a certain IP has been added to the blocklist.
And finally, any thinking person would have to ponder just who would benefit the most by7 posting on forums about how blocklists don’t work, blocklists are useless, blocklists won’t protect you, etc.
Hmm, who could these naysayers be? Why are they so-o-o intent on dissuading people from using PG and blocklists? Perhaps, just perhaps, these asshats have the best interests of a certain industry on their agenda rather than the best interests of filesharers.
(*Cough*MPAA*Cough*. *Cough*RIAA*Cough,Cough*) :P
peerguardian ?
l can see the peers
country,ip,%,upspeed/downspeed lalalalalala in youtorrent. so it isnt guarding peers in the swarm is it.
why it has to show this feature is crazy ! why can’t they hide or scramble that shit !
hell l can even go to http://webtools.live2support.com/misc_locate_ip_address.php
Location of User Country, State & City by IP address
and find what city those guys in the swarm are in.
l used my ip to see if it could find me and it can’t find my town/city.
maybe because l always used pg ? maybe not ? l dunno !
there are or must be soon ultra secret sites on the net that bin files,iso etc are dumped, where none of us know where yet.maybe oneday l will start a site like this .but maybe you might never find it ever !
The Media companies are breaking the law and should be punished.
If several computers network together, whatever they do , illegal or not, is still subject to privacy laws and should be protected from the illegal eavesdropping from these companies.
The government should be protecting it’s citizens from these criminal companies.
Going without a blocklist is akin to going without your pants on buddy!
The problems with blocklists is that they do not work on BitTorrent. The only thing the blocklist will do is to make you protected from direct connections from the IP’s in question. However since your Ip and your presence as a leecher/seeder will be reported to all the others in the swarm by the other peers involved. They will be able to see you just fine.
In order for blocklists to work they need to be implemented at tracker level or used by 100% of teh peers in a swarm and that aint gonna happen.
Blocklists are useless!
So they can see my ip in the swarm? So what, with the blocklist they get no response on what I have, all the file / part of / requesting it or seeding .
Peerguardian works just fine. They can still see you, but wouldn’t have enough to charge you with anything.
someone should use that pg list for more than blocking if you get my drift.
Ive always supported using PG2… I consider it essential… Good Job TorrentFreak.. Im glad I visually get to see how\what is going on etc..
[quote]
Just one criticism; Dan states towards the end of the video that if you don’t use blocklists you are almost guaranteed to be ‘nabbed’. The majority of people don’t use blocklists and the majority of those are not getting ‘nabbed’.
[/quote]
True. I think there is a fundamental flaw in blocklists like Peer Guardian. Basically these organizations track you down by IP Address, that’s how they identify you. When one is making a connection, one has to know WHO to connect to in the first place. Now, the flaw lies in that blocklists block the connection after it has tried to take place, so by then, both computers already have each other’s IP Addresses, and are simply blocking the connection, but the IP Address is already known. I don’t know if that makes any sense. It will help in that you aren’t having any interaction (Sharing with) these organizations, but they know your IP regardless.
I use Peer Guardian to TRY and get an idea of the volume of anti-P2P traffic on a specific torrent, but in no way to I see it as any type of protection. Who knows, maybe if the connection keeps being refused to these organizations, they just ignore them, but we can’t be sure of this. So whenever I start up a torrent, I run Peer Guardian to see just how many people are ’snitching’ on the torrent, and if there are too many then I look elsewhere. And even this isn’t 100% accurate, as these lists don’t possibly contain every single IP address available to these organizations. For example, what is stopping them from just using a house connection with a dynamic IP which isn’t known by these block lists?
i thought that the purpose of blocklists like pg2 wasn’t to prevent anti-p2p groups from seeing you, but to prevent them from being able to directly connect and download the material in question, necessary evidence for criminal charges?
PeerGaurdian and the like aren’t really protecting you. MD will see your IP in the list anyway, it’s connecting directly to PG users that fails. But they don’t need more ‘proof’ than that. They will just make stuff up so you’re ‘guilty’.
And that movie told me a lot of new things. [/sarcasm]
I’m more interested in how they get the list of all peers in the swarm.
I download from 40.000 peer torrents almost every week, my client however only connects to, like, 200 peers(?). That’s a 0.5% chance that I’m in that swarm…
So unless you get the list of all the peers in the swarm, I’m not likely to get ‘nabbed’.
People stop being paranoid
They maybe able to track a few people but if billions of people
It is a complete waste of precious time.
;)
Remember it is just scare tactics
The paper tiger is as harmless as a bug if you ignore it…
its fear that they are preying on.
bullies = bark but no bite
get it???
The video is already gone, don’t we have a better video hosting service? http://www.snotr.com from mininova maybe?
I had a horrible dream last night, it was all about file sharing and possible consequences of it. I think the media industry will not stop until we’re either in a complete surveillance society or they’re bankrupt. We cannot expect any insight from them.
I too kinda expected more from the video , there was nothing there i hadn`t already known . There`ve been some valid points insofar , but the key issue here imo is to bear in mind copyright enforcers are corporate entities through and through . Their primary aim goes along the maximum output minimum input lines , they`re only interested in exchanging a certain amount of data with the offender precisely to turn peers into one . If your blocklist staves them off , you`re off the hook . It`s as simple as that . Of course they`ll log your ip as being part of the swarm , but that`s of little legal relevance , if any . My point is blocklists are truly useful to the extent to which they can filter out every malicious ip on the swarm , which is highly unlikely in case of , say , zero day thousands-of-peers blockbuster releases . And then should you get zeroed in on , it becomes a case of your ISP either playing along or standing their ground , that`s what makes it or breaks it for p2p infringers ultimately .
[quote comment="263192"]Peer Guardian II is a bag o’ shite……its a placebo and does as much harm as good.
Anyone that thinks otherwise is a complete Gimp and commonly known as a gullible plonker![/quote]
Noob
whats news in the video?
would guess this is the way…
what kills me about this whole file sharing topic is that there does not seem to be an agreement on anything when it comes to technical questions.
is there really no reliable,understandable source anywhere,book or website,to look these things up?
this insecurity is probably the strongest weapon of the mds.
Pages: « 1 [2] 3 4 » Show All
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.