New Research Sets The Stage For Next Round Of Cat-And-Mouse Between BitTorrent Users & Snoopers
from the don't-look-now,-you're-being-watched dept
The BitTorrent protocol is an extremely efficient way of moving files around the Internet, especially big ones. That makes it highly popular with those seeking to download unauthorized copies of music and films, for example. But the clever approach that enables BitTorrent to do that, which involves downloading fragments of a file from a shifting swarm of fellow peers holding some or all of it, is also a weakness from these users' point of view: it means that downloads take place in public, rather than as a private transaction from a client to a server (as with cyber lockers.)
Fascinating new research entitled "The Unbearable Lightness of Monitoring: Direct Monitoring in BitTorrent" (pdf), from researchers at the University of Birmingham, explores just how public. It seeks to quantify how many peers in a swarm are actually being run by companies monitoring unauthorized downloads, and how long it takes for them to detect such activity:
From our experiments, we derived a number of interesting properties of monitoring, as it is currently performed: e.g., that monitoring is prevalent for popular content (i.e., the most popular torrents on The Pirate Bay) but absent for less popular content, and that peers sharing popular content are likely to be monitored within three hours of joining a swarm.
Many BitTorrent users are aware that such monitoring is going on, and try to avoid detection by using some kind of blocklist designed to catch peers being run by companies offering digital forensics. But if the current research is accurate, those lists have big gaps: of the peers the researchers identified as likely to be run by monitoring companies, only 69% were found on the blocklists they checked. In other words, there was nearly a one in three chance that they would not be blocked, and would therefore be able to monitor unauthorized downloads.
Despite this, one of the study's authors, Tom Chothia, told New Scientist that file sharers needn't be worried too much by the revelation they are being monitored -- at least, not yet:
"All the monitors connected to file sharers believed to be sharing illegal content. However, they did not actually collect any of the files being shared. So it is questionable whether the observed evidence of file-sharing would stand up in court."
More cautious users of BitTorrent may find other ways to avoid detection, using VPNs or proxies. But as Tim Lee points out, the main effect of this new analysis will probably just be an escalation of the long-standing arms race between file-sharers and copyright enforcers:
Users will presumably take advantage of the new monitor-detection techniques identified by Chothia et al to produce more accurate blocklists. Monitoring firms may respond by tweaking their monitoring clients to behave more like real clients, and by more frequently changing the subnets they use for monitoring.
And so the game of cat-and-mouse will continue.
Follow me @glynmoody on Twitter or identi.ca, and on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: bittorrent, monitoring
Reader Comments
Subscribe: RSS
View by: Time | Thread
To behave more like real clients would presumably mean that they contribute to the upload/download process. Once that happens, the torrent should be considered authorized. After all, if they're actively engaged in the sharing of the file, no court in the world should say that other people then downloading the file should then be prosecuted.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
How many times must we here at Techdirt keep saying that?
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
How many times must we here at Techdirt keep saying that?
As many times as the shills are paid to say the opposite.
[ link to this | view in chronology ]
It's not about standing up in court, it's about scaring people and extorting people and getting the occasional (probably corrupt) court to fine someone six digit numbers per song, to scare people even more.
[ link to this | view in chronology ]
none so blind as those that will not see!!
[ link to this | view in chronology ]
It's not pirating when we do it!
[ link to this | view in chronology ]
Collateral damage is not acceptable.
[ link to this | view in chronology ]
Re:
The problem is that for collateral damage to actually matter they must be held accountable to at least some effective degree for that damage. The courts and law enforcement haven't held them accountable at all. Nor have consumers to a degree sufficient enough to be considered a detriment.
[ link to this | view in chronology ]
"All the monitors connected to file sharers believed to be sharing illegal content. However, they did not actually collect any of the files being shared. So it is questionable whether the observed evidence of file-sharing would stand up in court."
Mostly because they don't know - or perhaps because this hasn't been turned on yet. I wouldn't be shocked to see them come to target one more compliant ISP and start running the table on file sharing.
It supports my theory: even if you go totally darknet, someone will let the cat out of the bag, a link will get out, your method will be exposed... and you can be tracked.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Imagine the Government contracts
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
:)
[ link to this | view in chronology ]
Lesson learned:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
-One trip to the theater for one person (snack included): $20
-Five movies at $10 each: $50
-Total monthly bill for "art": $170 - $220
-Yearly total: $2,040 - $2,640
[ link to this | view in chronology ]
Donkeys and mules falling into the traps of trolls similar to acs:law and righthaven, will presumably end with the same results.
[ link to this | view in chronology ]
The Study Authors gave some helpful info
AS23504 AS174 AS209 AS558 AS27699 AS1213
If someone compiled all the IPs in those subnets into a single block list it would contain 3128 CIDRs.
One could just block torrent traffic to those addresses until a more precise option was developed.
I'm just sayin.
[ link to this | view in chronology ]
[ link to this | view in chronology ]