Monday, February 23, 2009

BitTorrent goes stealth(BitTorrent + Privacy =

If you're worried about your ISP snooping on your BitTorrent downloads, or the RIAA or MPAA trying to sue you for that illegal movie/song download, there is apparently help. I've been doing a little research into this topic since I'm starting to become privacy-paranoid in my old age, and have found this little gem:

I always do a little digging when I find something interesting so here are some interesting tidbits from their website and usability ...
  • plays upon the fears of downloaders - they play up the "knock at the door" scenario and even readily post many of the current legal suits regarding music/movie downloading
  • Language like "Ensures no lawsuits against you" but doesn't actually have any assurance or insurance against law suits - either monetary or compensatory in any other way, that I could find
  • Claims to make BitTorrent 100% anonymous and safe
  • A group of developers from the Russian Federation runs this little endeavor
  • It costs money to join their BitTorrent "relay" network
  • They provide an automatically configured uTorrent client (package comes complete with ssh tunnel software + torrent client)
The way this software works is like this:
  1. You fire up the "package BitTorrentPrivacy Client"
  2. local encrypted Netcat ssl tunnel shell opens connection to either Europe, America, or Canada -based servers
  3. NetCat (nc) opens a listener on port 2222 and redirects it to the tcp/22 (SSH) tunnel it creates
  4. uTorrent connects to peers on port 2222 which then gets forwarded down thep pipe in an encrypted fashion
They have some interesting quotes in their FAQ section...

Do you keep logs?
No, we just do not have them. We are not obliged by any law to keep logs and we have disabled logging for all our services. In addition, we disabled the disk caching wherever possible, and regularly run maintenance scripts to delete temporary data and compulsory cache files.
Why should I trust TorrentPrivacy?
We're the group of independent developers well known to you by several Bittorrent projects such as: Torrentreactor.Net, Fulldls.Com, Bushtorrent.Com, You can be sure that we're on your side! We know Bittorrent well - and we're ready to solve the problems of your privacy.
That's fascinating so I had to try it. As it says... I can verify the tunnel connects over to a server I pick, and I can grab a torrent (legal or otherwise) without showing my ISP that I'm downloading; except that they'll see a hugely active SSH connection to extremely active IP address.

What I find amusing is the assumption that your ISP won't notice you downloading torrents because you're not going to be connected to millions of peers and downloading torrent chunks. This just isn't true. All your ISP has to do is figure out that there are 3 IP addresses (or clusters) for the TorrentPrivacy servers; and match up SSH + large data streams and bingo. The only thing your ISP won't be able to tell is what you're downloading... but for some people that's worth the cost.

I think I'll just stick to legal downloads, easier that way... and it doesn't cost me anything or risk legal action.


UK Musings said...


Great, timely post.

I am currently evaluating TorrentPrivacy having received an email from my ISP forwarded on from Columbia Pictures after downloading Quantum of Solace!

I agree with you about your point about your ISP not knowing that you are downloading torrents. It doesn't take too much to put two and two together! I downloaded 94G last month and if I wasn't torrenting I must have had a pretty bad "zombie - spam program" sending out millions of emails!

My ISP sells connections with 60G and 95G and advertises them with examples that describe p2p - so I guess they are okay with it!

I am still not convinced that my IP is hidden, but I guess I am still waiting for the knock at the door!

Anonymous said...

"Stick to legal downloads because it doesn't cost you anything"?
You're kidding, right?

You're either sticking to small and very few legal downloads that are actually free (in which case they're costing you the enjoyment of bigger and more popular works of art) OR you're sticking to downloading all of the same types of content that P2P users download, in which case YOU'RE PAYING FOR IT ALL (so it costs you money).
In both cases you statement is a lie.