A question which regularly pops up in the TorrentFreak mailbox is “How do hide myself online? How can I get free anonymous BitTorrent?” Our answer is usually something along the lines of “Free anonymous BitTorrent isn’t really a reality right now. You could use TOR but please, please don’t. It’s slow and really, the people who run TOR do not want it flooded with torrent traffic. Your best option is to use a VPN service, but this will cost you a few bucks.”
Maybe, just maybe, in future our answers will be different. Allow us to introduce BitBlinder, a new and free cross-platform (Mac support coming soon) open source project which not only claims to make anonymous BitTorrent transfers a reality but also hides your IP address while browsing the web. Its functionality also extends to the bypassing of some web filters and in the future will be compatible with more applications, such as email, IRC and instant messaging clients.
Although anonymity with the previously-mentioned TOR is good, using it for torrents is a big no – it’s too slow and the operators of the network do not appreciate it. BitBlinder was born to solve the problems that TOR couldn’t. TorrentFreak caught up with Josh Albrecht, one of the creators of BitBlinder, for the lowdown.
“BitBlinder is an attempt to address the aforementioned issues with Tor – we want to make online anonymity fast, usable, and ubiquitous to the point that organizations give up on spying and filtering us,” Josh told TorrentFreak. “BitBlinder is actually built on much of the same technology as Tor, though we have a completely separate network.”
The anonymity itself is provided by BitBlinder’s own P2P network, inside which everyone is required to contribute their own bandwidth to proxy other users’ data. The diagram below shows a standard user setup, without anonymity;
As seen in the diagram below, your request for data using BitBlinder is passed encrypted through multiple peers. Each peer in the chain only knows the IP address of the next person in the chain, not the original requester/sender.
Since decent BitTorrent-capable anonymity services cost money these days, how can BitBlinder offer the same for free? The key is to think of it as operating a little like a private BitTorrent tracker.
In order to maintain a good ratio on a private tracker, at a minimum you need to upload the same amount of data as you downloaded. With BitBlinder there is a similar system – in order to get the service for free you have to proxy X GB of data for other people inside the swarm if you want to share X GB of anonymized data. In common with some new accounts on private trackers, BitBlinder accounts come pre-loaded with some free credit to get the user going – 2GB to be precise. If anyone prefers not to be bound by ratio rules in the future, just like on many private trackers it will also be possible to buy ‘upload credit’ to use BitBlinder, but there is no reason why people can’t use it for free, as long as they share their bandwidth as detailed above.
At this point some readers will be asking how it’s possible for no-one to know what’s going on inside the BitBlinder swarm, yet somehow BitBlinder manages anonymity ratio tracking. It is possible though, and for those interested to learn about the micro-payment system BitBlinder’s is based on, further (highly technical) reading can be found here (pdf).
Of course, since traffic is sent from your PC to others in the BitBlinder swarm before reaching its destination in order to anonymize it, it won’t be as quick as regular non-anonymous BitTorrent use, but Josh told us speeds should be respectable and in any event, much faster than TOR. Indeed, within a few seconds of starting a ‘Steal This Film’ torrent from The Pirate Bay, we experienced speeds in excess of 2Mbit/s, which is massively faster than my previous experiences of BitTorrent over TOR.
For Windows users the BitBlinder package comes in a 17mb installer. The torrent client is a custom version of BitTornado and although it doesn’t have all the features of say uTorrent, more features will be added as time goes by. The bundled anonymous browser is naturally built on Firefox.
Josh told us that the BitBlinder network could be made to work with uTorrent or another browser such as Internet Explorer but unfortunately both applications are closed source, which means that it’s impossible to be certain that all data will be sent through other users (proxies) in the BitBlinder swarm and not directly to the Internet. For the same reasons, Flash is unavailable in the bundled version of Firefox.
Another trick up BitBlinder’s sleeve is the development of techniques to bypass web filters.
“BitTorrent encryption is pretty good at avoiding ISP level restrictions but it doesn’t do much for things like avoiding university or corporate firewalls. One of Tor’s goals is to circumvent the Great Firewall of China and we hope to make BitBlinder even better,” explained Josh. “Filters generally work by either blocking ports, a certain IP address, or by inspecting the traffic itself for specific protocols. We’re working hard to make BitBlinder effective against all three of these methods, but we still have some work to do on these features, so results may vary.”
Since BitBlinder has an anonymous browser, it should prove useful if you don’t want your employer knowing what you’re doing on Facebook or other social networks, for example. Indeed, if these sites are blocked it’s possible to use the BitBlinder network to access them. Of course, the anonymity would also be useful for signing up to and using the HTTP element of a torrent site.
Inevitably there are some issues with an anonymity system such as BitBlinder, and they parallel those experienced by users of TOR. Any traffic generated inside the BitBlinder network eventually needs to escape to the wider Internet. In order to facilitate this, some users need to act as an exit point. In basic terms, this means that an exit node operator’s IP address will be associated with the traffic leaving the network.
Before panic sets in, this is not necessarily bad news. Acting as an exit node provides the operator with plausible deniability, since they will have no idea what data is passing through. It would also be difficult to say if the data leaving that PC had originated from there or elsewhere, extending the deniability of their own traffic too. And it’s not as if that user’s IP address wasn’t perfectly visible already before BitBlinder came along.
For most users, however, opting to act as a beginning or middle proxy in the BitBlinder network means that no-one outside can see any traffic emanating from their PC and the good news is that this internal traffic still adds upload/download credit to the user’s account.
Time will tell if BitBlinder lives up to its dreams (and everyone else’s) but from what we’ve seen so far in the beta version, things are looking very promising indeed. That said, remember folks this is a beta and it is likely people will uncover bugs so please be patient and consider allowing the app to send crash reports, it will help the team a lot.
New users should note that invite codes will be sent out at a controlled rate. Early adopters will be able to register fairly quickly but as more and more people apply, the longer the wait will become. This is merely to ensure a healthy network with an adequate number of quality proxies.