New Research Sets The Stage For Next Round Of Cat-And-Mouse Between BitTorrent Users & Snoopers

from the don't-look-now,-you're-being-watched dept

The BitTorrent protocol is an extremely efficient way of moving files around the Internet, especially big ones. That makes it highly popular with those seeking to download unauthorized copies of music and films, for example. But the clever approach that enables BitTorrent to do that, which involves downloading fragments of a file from a shifting swarm of fellow peers holding some or all of it, is also a weakness from these users' point of view: it means that downloads take place in public, rather than as a private transaction from a client to a server (as with cyber lockers.)

Fascinating new research entitled "The Unbearable Lightness of Monitoring: Direct Monitoring in BitTorrent" (pdf), from researchers at the University of Birmingham, explores just how public. It seeks to quantify how many peers in a swarm are actually being run by companies monitoring unauthorized downloads, and how long it takes for them to detect such activity:

From our experiments, we derived a number of interesting properties of monitoring, as it is currently performed: e.g., that monitoring is prevalent for popular content (i.e., the most popular torrents on The Pirate Bay) but absent for less popular content, and that peers sharing popular content are likely to be monitored within three hours of joining a swarm.
Many BitTorrent users are aware that such monitoring is going on, and try to avoid detection by using some kind of blocklist designed to catch peers being run by companies offering digital forensics. But if the current research is accurate, those lists have big gaps: of the peers the researchers identified as likely to be run by monitoring companies, only 69% were found on the blocklists they checked. In other words, there was nearly a one in three chance that they would not be blocked, and would therefore be able to monitor unauthorized downloads. Despite this, one of the study's authors, Tom Chothia, told New Scientist that file sharers needn't be worried too much by the revelation they are being monitored -- at least, not yet:
"All the monitors connected to file sharers believed to be sharing illegal content. However, they did not actually collect any of the files being shared. So it is questionable whether the observed evidence of file-sharing would stand up in court."
More cautious users of BitTorrent may find other ways to avoid detection, using VPNs or proxies. But as Tim Lee points out, the main effect of this new analysis will probably just be an escalation of the long-standing arms race between file-sharers and copyright enforcers:
Users will presumably take advantage of the new monitor-detection techniques identified by Chothia et al to produce more accurate blocklists. Monitoring firms may respond by tweaking their monitoring clients to behave more like real clients, and by more frequently changing the subnets they use for monitoring.
And so the game of cat-and-mouse will continue.

Follow me @glynmoody on Twitter or identi.ca, and on Google+



Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    Rikuo (profile), Sep 5th, 2012 @ 5:11am

    "Monitoring firms may respond by tweaking their monitoring clients to behave more like real clients, "

    To behave more like real clients would presumably mean that they contribute to the upload/download process. Once that happens, the torrent should be considered authorized. After all, if they're actively engaged in the sharing of the file, no court in the world should say that other people then downloading the file should then be prosecuted.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    quawonk, Sep 5th, 2012 @ 5:16am

    "So it is questionable whether the observed evidence of file-sharing would stand up in court."

    It's not about standing up in court, it's about scaring people and extorting people and getting the occasional (probably corrupt) court to fine someone six digit numbers per song, to scare people even more.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Sep 5th, 2012 @ 5:29am

    and if the entertainment industries weren't so hell-bent on punishing file sharers and spent a damn site less money on listening to and giving what customers keep asking for, there would be no need for any of this shit at all!

    none so blind as those that will not see!!

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Sep 5th, 2012 @ 5:38am

    "To behave more like real clients would presumably mean that they contribute to the upload/download process. Once that happens, the torrent should be considered authorized. After all, if they're actively engaged in the sharing of the file, no court in the world should say that other people then downloading the file should then be prosecuted."

    It's not pirating when we do it!

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    abc gum, Sep 5th, 2012 @ 5:39am

    The industry seems to be showing interest in fine tuning their honey pot(s), whilst doing so they also seem to be ignoring their responsibility for elimination of false positives.

    Collateral damage is not acceptable.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Sep 5th, 2012 @ 5:50am

    This quote is interesting:

    "All the monitors connected to file sharers believed to be sharing illegal content. However, they did not actually collect any of the files being shared. So it is questionable whether the observed evidence of file-sharing would stand up in court."

    Mostly because they don't know - or perhaps because this hasn't been turned on yet. I wouldn't be shocked to see them come to target one more compliant ISP and start running the table on file sharing.

    It supports my theory: even if you go totally darknet, someone will let the cat out of the bag, a link will get out, your method will be exposed... and you can be tracked.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    Ninja (profile), Sep 5th, 2012 @ 5:53am

    All that money being wasted with a natural behavior that will not stop anytime soon. I should open a monitoring company, at least I'd put the money to good use lol.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Sep 5th, 2012 @ 5:57am

    Re:

    Collateral damage is not acceptable.


    The problem is that for collateral damage to actually matter they must be held accountable to at least some effective degree for that damage. The courts and law enforcement haven't held them accountable at all. Nor have consumers to a degree sufficient enough to be considered a detriment.

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    Zakida Paul (profile), Sep 5th, 2012 @ 6:04am

    Re:

    "I should open a monitoring company"

    Imagine the Government contracts

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Manok (profile), Sep 5th, 2012 @ 6:35am

    I think that if you could block all peers from the same country as which you are in yourself, you would be pretty safe from (the current generation of) snoopers.

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    Ninja (profile), Sep 5th, 2012 @ 6:44am

    Re:

    I'm not sure, they'd still see you are in the swarm wouldn't they? To be really safe you'd need a VPN that doesn't keep logs.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Sep 5th, 2012 @ 6:56am

    Another reason every download isn't a lost sale, 30% of them are fucking monitoring companies. So I guess Hollywood only lost 12 trillion last year after all.

     

    reply to this | link to this | view in thread ]

  13.  
    icon
    Overcast (profile), Sep 5th, 2012 @ 7:41am

    So if the 'monitoring company' (the authorized agents of the recording company) provide the data - it's then legal?

    :)

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    Eponymous Coward (profile), Sep 5th, 2012 @ 7:50am

    Lesson learned:

    Don't download from the top 100 TPB torrents. Stream movies first, and if warranted, come back for them in a couple months.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Sep 5th, 2012 @ 8:14am

    wow. If you guys are seriously such greedy tightwads that you'd rather go this route than pay a measly 9 bucks for art, then you deserve whatever pain comes your way.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Sep 5th, 2012 @ 8:14am

    If people insist on the use of file sharing software on the net. The news is that those groups will be monitored. News that super and giga escalations in the copyright infringing distribution of files between agents of the matrix and pirates leave the future use of the net looking less sunny.
    Donkeys and mules falling into the traps of trolls similar to acs:law and righthaven, will presumably end with the same results.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Sep 5th, 2012 @ 8:15am

    Re:

    True unless they only leech. Their problem currently isn't even with you downloading the file, it's that you are facilitating theft by sharing. Once they stem that, then they will go after users for downloading.

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    NoahVail (profile), Sep 5th, 2012 @ 8:21am

    The Study Authors gave some helpful info

    In the study, the authors pointed out that the monitors they were tracking all resided within six AS#'d subnets.
    AS23504 AS174 AS209 AS558 AS27699 AS1213

    If someone compiled all the IPs in those subnets into a single block list it would contain 3128 CIDRs.
    One could just block torrent traffic to those addresses until a more precise option was developed.

    I'm just sayin.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Sep 5th, 2012 @ 8:23am

    Re:

    "Hits", not "art".

     

    reply to this | link to this | view in thread ]

  20.  
    icon
    The eejit (profile), Sep 5th, 2012 @ 8:50am

    Re:

    And what if I've already paid for it and it still doesn't work? Becaus erthat happens quite a bit with video games.

     

    reply to this | link to this | view in thread ]

  21.  
    icon
    Rikuo (profile), Sep 5th, 2012 @ 9:14am

    Re: Re:

    Copying file =/= theft.

    How many times must we here at Techdirt keep saying that?

     

    reply to this | link to this | view in thread ]

  22.  
    icon
    Rikuo (profile), Sep 5th, 2012 @ 9:15am

    Re:

    And if I've paid far more than 9 bucks for my content, but want to torrent it anyway?

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Bengie, Sep 5th, 2012 @ 10:10am

    Re: Re: Re:

    It is theft if they don't upload any of that file. Theft of swarm bandwidth /sarc

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Anonymous Coward, Sep 5th, 2012 @ 4:25pm

    "The Unbearable Lightness Of Monitoring". Sounds like that movie from years ago about this doctor and some chick who totally shows her boobs.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Rekrul, Sep 5th, 2012 @ 5:30pm

    Re:

    -Internet/TV/Phone (WITHOUT premium movie channels): $100 - $150
    -One trip to the theater for one person (snack included): $20
    -Five movies at $10 each: $50

    -Total monthly bill for "art": $170 - $220
    -Yearly total: $2,040 - $2,640

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Anonymous Coward, Sep 5th, 2012 @ 11:43pm

    Re: Re: Re:

    "Copying file =/= theft.

    How many times must we here at Techdirt keep saying that?


    As many times as the shills are paid to say the opposite.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This