back to article Researchers spy on BitTorrent users in real-time

Researchers have devised a way to monitor BitTorrent users over long stretches of time, a feat that allows them to map the internet addresses of individuals and track the content they are sending and receiving. In a paper presented earlier this week at the Usenix Workshop on Large-Scale Exploits and Emergent Threats, the …

COMMENTS

This topic is closed for new posts.

Page:

IT Angle

uh-oh!

Can some techy person tell me if I should be worried yet?

I haven't seen 24s8 yet!!!

2
2
Pirate

I doubt it...

...unless you're the type to look askance on the term "public proxy", that is.

That said, I think I know now where that 30% miss rate of their came from.

1
0
Paris Hilton

Yeah, 1

They discovered the the vast majority of the material on BitTorrent started with a relatively small number of individuals.

1
0
Anonymous Coward

Indeed,

I didn't realise you needed to do fancy research to work out that it all filters down via ripping groups and topsites.

1
0
Pirate

Indeed

Stark raving geniuses.

0
0
Black Helicopters

Oh noes

What will those p2p leechers ever do?

Srsly tho, I hope the buggers at least patented the thing - wouldn't want MPAA and RIAA ripping off their hard-made work without a license....

8
3
WTF?

tracking IP addresses?

My ISP uses floating IPs.

Every time I connect to the net, my address changes, so I can only assume that those they were tracking were using fixed IP (which is pretty stupid, IMHO).

1
5
FAIL

Risk

Your ISP will still monitor who is using that IP at that time. When it gets a notice to release information from a court it will look up its DB and know who was assigned that IP at that time.

Good thing about this though. The stupidity of anti-piracy organisations is that they usually get times/dates wrong.

1
2
Happy

You wish.

'My ISP uses floating IPs.'

That won't protect you in the slightest AC. They can tell that a file is being uploaded/downloaded by a given IP at a specific time and your ISP will have a log of which user that IP address was allocated to at that time.

So - the only thing standing between you and prosecution/internet suspension is how unhelpful your ISP is feeling when Mr BPI/FACT comes calling and even if the answer is 'very' it's not going to last in the face of legal action.

2
1
Anonymous Coward

eh

Not to burst your bubble but most ISPs keep a record of who was connected on which IPs and when. Dynamic IPs do not equate to anonymity (unless you work at the ISP and can verify their [lack of] logging ofc)

1
1
Silver badge

Ahh, not so.

Your ISP knows from what pool of addresses yours, at any particular time, came from.

So, yesterday yours was, say 212.148.67.45, tommorrow it'll be different, but your ISP will know what address was assigned to you, as a user of their service and can then identify you.

2
1
Stop

Digital Ecconomy Bull

In fact due to the recent legislation they have to keep it and let a copyright holder know about it.

0
1
Flame

read what I wrote you thickos

I'm not saying that my ISP can't identify me from my IP.

I simply pointed out that the researchers would not have been able to track my IP over several days, because it keeps changing.

Try reading what you're replying to.

5
1
FAIL

@fatchap

"In fact due to the recent legislation they have to keep it and let a copyright holder know about it."

No they don't.

Typing one-handed again, are we?

0
0
Silver badge
Troll

IP address not the issue.

"I simply pointed out that the researchers would not have been able to track my IP over several days, because it keeps changing."

Areyou reinstalling your PtP program each time you reconnect? If you don't then your UID will stay the same no matter which IP you're on. One may ask if the researchers have stats about what IP ranges any given UID was bouncing around.

0
0
Anonymous Coward

@Alan Brown

One may indeed ask, but I suspect it was IPs they were tracking, not P2P client UIDs.

0
0
Silver badge

Launch Legal Missiles

"The results are about 70 percent accurate."

That should be good enough for the Mandy-Bill to be used against you. Don't argue, they have 'computer evidence'.

4
1

Paid for

So, can they tell whether the download is paid for or not ?

And if not it can still be legal e.g. Virb

Does their research assume that all bit torrent traffic is illegal.

Where is this heading ?

0
0
Stop

.....lolwhut

Ive read 4 pages (about half) of that PDF and come to a conclusion. Its nothing new. All they do is download all the new torrents from a public tracker. For which hopefully there will only be one seeder and no peers and scrape the server for the IP information of the seeder. They also go on a bit for confirming the IP is the uploader etc

They're language used in this PDF makes it confusing they use "Inject" and "Exploit" as terms that would not usually be associated at the same meaning.

1
0
Thumb Down

Dodgy logic

"Therefore, it is surprising that the anti-piracy groups try to stop millions of downloaders instead of a handful of content providers"

And if you stop those handful? they seem to think that would be the end of it. More likely, someone else would start. My guess is there's only a handful because other people think "why bother, its already there. " What they would do if it wasn't there is unknown, but it seems unlikely they would all do nothing.

3
0

simple

The reason that the music industry goes after the downloaders, is because they are some of those who are uploading content.

How else you think they get your IP addy or trace you?

THEORETICAL POSSIBILITY

--------1997------

Music CEO: We need to make more money.

Underling: We could start uploading music via torrents for others to download.

CEO: Why would we do that?

Underling: Well, when they download the music, we can obtain their IP address.

CEO: And how does this make us money?

Underling: Our lawyers can then sue the downloaders for "losses". We will make millions.

CEO: Brilliant, thats the best idea I have heard in years. You will rise very far in this company with thinking like that.

---2002----

CEO: That was a great idea you had years ago, we have made a large amount of money over the years. By the way, we need to cut costs, your fired.

Underling : Damn.

---- Early 2011 ---

After many years of research, the original underling now releases his own software for P2P that prevents the music companies from being able to track users, without the need for the users to "hide" via proxies or other methods. Pure protection for users of the software.

He releases this completely free.

--- early 2012---

The music companies finally realize that they have a failed business plan, however as they do not want to change, they instead get involved in politics, making every country mad at every other country.

--- late 2012 --

Due to the music industry medling, all countries launch nukes at the main offices of the different musc companies.

This results in the countries that house such industries to launch back.

The Earth become no longer able to support life.

-------------------------

Hmmm seems the mayans were right.

(created by darkwolf)

6
3
Troll

Poppycock...

Two things wrong with this.

First, BitTorrent wasn't a protocol until 2001.

Second, RIAA executives didn't even know what the Internet was before 2004.

0
0

This post has been deleted by a moderator

Third thing...

You don't need to upload content to get IP addresses. I could go into any swarm right now and get hundreds of IPs of people leeching content. At least some of those IPs won't be proxied and some of those ISPs will be willing to co-operate and there you have your victims.

The only new thing with this report is that someone's actually come out and said they can track IPs over multiple downloads. To be honest I wouldn't be surprised if the RIAA, MPAA et al aren't already doing this.

0
0
Megaphone

@Darkwolf

Thanks for showing us why there's a "tard" in Freetard: it's short for "retarded".

Don't give up the day job son.

Moderators: We need an icon for posters who think they're funny, but are desperately lonely losers...

0
0
Silver badge
Alert

OK, so...

What can we do about it?

VPN? Encryption?

0
0
Alert

Re:"What can we do about it?"

Buy it, like everyone else?

Then sell it on eBay or Amazon if you don't like it?

Rent it from Blockbuster?

Borrow it from the library?

These are all things you can do cornz1, instead of leeching. Now pull your trousers up and wash your hands.

0
0

Need different P2P protocol

Since the BitTorrent protocol wasn't designed to absolutely protect anonymity, all the leeches will need to move to something different.

A basic problem with any piracy distribution method is effectively keeping the source and peers secret. Here's the conundrum: you want to announce to the world+dog that you have something to share, but you don't want world+dog to know your identity. Sorry, but that's basically not how the IP protocol is structured. Packets have a source and destination address. Any protocol running on top of IP must share the IP addresses of those who are involved in the data transfer. No address means no connection. You cannot both announce to the world and keep your anonymity.

Encryption doesn't mean that IP address are also encrypted, it just means that the content is obfuscated to a certain level. A VPN is also not the answer, because for a generally public protocol to work, the public has to access the VPN. That means that the record companies can also access the virtual not-quite-so-private network, and easily see who's doing what.

There is no perfect anonymity on the Internet. It doesn't exist. The only question remains is how hard it is for someone to get away with something illegal.

2
1
Silver badge

Only one way I can think of...

...that would be some kind of proxy that obfuscates the endpoints of the connection. But that's basically a server, and we all know what happened to client-server-based distribution systems. The only way around that is to station the server in a country with little or no enforcement of copyright law and little or no ability, desire, or compulsion to enforce those of other nations. But it's hard to think of a country with such a status that isn't notably hostile to western ideas, either. Kind of a no-win situation.

0
0
WTF?

Eh?

"A VPN is also not the answer, because for a generally public protocol to work, the public has to access the VPN. That means that the record companies can also access the virtual not-quite-so-private network, and easily see who's doing what."

Not unless Internet Protocol changed overnight any nobody told me.

If I tunnel all of my traffic through a VPN, the only externally visible IP addess is the VPN's. Not mine.

Can the MAFIAA cartel still snoop on the swarm? Sure, of course they can, and they'll discover all the poor smucks who aren't proxying. And then, in the current climate, probably demand that nastygrams be sent to those downloaders unfortunate to live in a cartel-friendly jurisdiction.

But the original seeder is the top prize. If they are using a VPN, the only IP a snooper see will belong to the allocation pool of the VPN provider. Assuming said provider is genuinely logless, attempts to locate the orginal seeder are doomed to failure.

All of this assumes that the VPN is configured to handle actual payload traffic, not just .torrent file dissemenation. Lack of following this practice, I can only assume, is how the study managed to conclude that TOR provides no defence.

0
0

Illegal

Can we use that term yet ?

The Mandybill is not law yet.

Better keep to "unlawful" for now please.

1
1
Pirate

Underlying assumption

is of course that IP address == person or living address. That is not necessarily the case...

0
0
Anonymous Coward

o rly?

I'm probably missing the point of the research, but all this seems pretty obvious.

BitTorrent wasn't designed to protect anonymity, as mentioned by some of the above. But I heard rumours that the Pirate Bay boys were working on a next generation P2P system that would. Not sure what happened to that...

One 'solution' would be to use a foreign proxy; then you'd appear to be outside the remit of the Digital Economy Bill.

0
0
Alien

24s8

I think Jack will become the President.

But will then have to sacrifice himself to save humanity (USA) from alien terrorists.

0
1
Happy

Terrorists?

Surely the terrorist in S8 will be illegal P2P downloaders. After all they are ruining civilisation.

0
1
FAIL

24 S8

Seen up to the latest Ep (18 I think) and Season 8 shows that 24 has seriously jumped the shark.. Most disappointing for a 24 fan...

0
0
Headmaster

Thanks for sharing

But you have posted that in the wrong thread. On the wrong site.

0
0
Black Helicopters

DHCP from BT

All the home-hub users out there on the BT Network log into the BT network with the same name : bthomehub@btbroadband.com : so how are BT to know which one is which, especially if the user DOES NOT use the BT Broadband Talk service. Or is some AC from BT gonna tell me that BT have records of which home hub MAC Address is assigned to which subscriber number. And what is to then stop that user from throwing the POS Home Hub in the trash where it belongs and getting their own ADSL Modem from PC World (for cash) and again using that wonderfully generic username to log back onto the BT Network?

0
0
Boffin

Title

Their switching system just before The Last Mile knows what MACs connect to it from which lines (one of which is your home btw and they know EXACTLY which line leads to your home). Simple matter to echo these MACs back to The Home Office for proper logging. That's how they associate your IP vs your MAC, charge end-users for services, track your usage over a given month, etc. If you're on the internet, your ISP knows who you are. True anonymity would be to only access the internet from WiFi hotspots (free ones, not the "pay us for use" ones) or wardrive/hack weak/unsecured wireless networks, and constantly rotate networking hardware (NICs, etc) or have one that spoofs its MAC addy and randomize it frequently. Of course, whether this would actually be effective in practice is an exercise for the trolls I guess. :)

0
0

Re: BT

BT authenticate you using the CLI (Phone Number) you are connecting from.

0
0
FAIL

Re: DHCP from BT

>> Or is some AC from BT gonna tell me that BT have records of which home hub MAC Address is assigned to which subscriber number.

Tell me, does your telephone have unique user id and password? Does it have a MAC address?

No? So how do they manage to bill you for the calls you make?

I don't know enough about the specifics of the ADSL protocol to tell you __how__ they know who is assigned a given IP address, but the idea that they __don't__ is absurd. This is BT we are talking about, the main backer of Phorm in the UK.

0
0
Silver badge

CLI

They use this information themselves to check that you are still authorized to use ADSL, so it is no hardship for them to log it.

0
0
Stop

copyrighted material?

I can't think of any way to tell whether a media file contains copyrighted or licence-protected material other than by having a human being examine it.

You could certainly guess that somebody downloading large amounts of audio or video is probably up to no good, but "guess" and "probably" doesn't have much legal standing.

0
0
Linux

re: copyrighted material?

They can *probably guess* from the file name "Avatar.Bluray.RIP.EncodersNameGoesHere.avi" that it's unlikely to be the random Linux distro of the month.

0
0

@DrunkenMessiah

>> They can *probably guess* from the file name "Avatar.Bluray.RIP.EncodersNameGoesHere.avi" that it's unlikely to be the random Linux distro of the month.

Of course, if it were 'the random Linux distro of the month', that would count as several hundred/thousand copyrighted items as opposed to just one in he case of a rip of Avatar(TM).

WRT Steve Graham's post, it is pretty safe to assume that someone owns the copyright for the vast majority of the files available via bit torrent - whether or not their copyright is being infringed is a different matter and requires not just a person, but a court case - which is presumably why the the Digital Economy Act uses the term 'apparent infringement'. I wonder how long it'll be before this is extended to other apparent offences - I bet the MPAA/RIAA/MPEG-LA/FACT/PRS/BSA can't wait until they can get all the people who are 'apparently slandering them' disconnected.

0
0

Why?

The researchers wonder why the criminal organisations such as the maa/riaa don;t go after the one who 'inject" the content.. well for all we know the MPAA/RIAA are the one puting the content out there... there is much more money to be made by destroying the life of millions of families then to stop the problem at it;s source.

1
0
Anonymous Coward

If they were

If the MPAA/RIAA were the ones putting the content out there, they would in effect be "Authorizing" the distribution, effectively indemnify all the pirates.

I'm sure the MPAA/RIAA would be well aware of this fact (although this does not guarantee they wouldn't still do it).

1
0

RE: If they were

But as soon as MPAA/RIAA connect to a torrent aren't they themselves uploading too? And if, once the download is complete and they check it, they find out that the file "Hit me baby one more time" was actually a pron flick, they themselves are now guilty of infringement and distribution, ha ha!

1
0
Flame

Uh....

Yes, in exactly the same way as when an undercover Police officer buys drugs they then have to be arrested....

Get real!

0
0
Anonymous Coward

Another Mectron fail

Can't even reach the keys today, Mectron?

"there is much more money to be made by destroying the life of millions of families then to stop the problem at it;s source."

The only families whose livelihoods are being destroyed are the original creators, and they're being destroyed by zitty-faced losers like you, and your luser Freetard pals.

"Puting"

Every class has a Mectron - the guy in the corner who none of the cool kids ever want to talk to. Teacher will be attending to your Special Needs soon, Mecky, so please try not to wet the seat.

1
1

Page:

This topic is closed for new posts.

Forums