uTorrent banned on several trackers!

So, I really want to hear the mods/developers opinion on this. I didn't read if this has been talked through yet, so I just thought I'd ask this straight up.

uTorrent sends data outside the tracker, nobody doesn't know exactly what data, YET, but it sends data, and lots. It's a feature (NOT A BUG) in 1.7.1, and I'm sure that lots of users would like to know what is that data, and where it's sending it.

Developers, you really should tell us this, because after all, we are using your program, which was just fine until today.

Nice of them to provide wireshark logs reporting the data that is being sent.

They haven't provided proof that there's any new data going out that isn't part of implemented features (specifically local peer discovery).

So the developers are saying that there's no data sent anywhere else than the tracker?

That is correct.

There is no usage logging going anywhere in uT, and private trackers are still getting the same sort of DHT restrictions they always have (DHT gets turned off for flagged torrents. No peer info for those torrents is exchanged).

Of course I would like to believe this, and for the time being I am going to believe this, but I'm sure you also know that if this is a lie, you will lose all your users

Anyway, uTorrent is the best program out there, and I really would like to use it in the future too. Hopefully you didn't sell out.

Ask them to provide wireshark logs.

And if they think it's sending data to the IP 239.192.152.143... they're really misinformed. That's a multicast IP, and is related to local peer discovery (it's a broadcast that won't go out of your subnet to find peers on the same LAN/MAN).

http://www.tcpipguide.com/free/t_IPMulticastAddressing.htm

Just to clarify, 239.0.0.0/8 is considered the local multicast range, so it won't make it past your LAN, or your ISP's MAN (if you're not behind a router).

Not much info in those packets even .

0000  01 00 5e 40 98 8f 00 0f  66 f2 15 17 08 00 45 00   ..^@.... f.....E.
0010  00 93 58 ef 00 00 ff 11  18 62 c0 a8 01 10 ef c0   ..X..... .b......
0020  98 8f 1a 73 1a 73 00 7f  b4 73 42 54 2d 53 45 41   ...s.s.. .sBT-SEA
0030  52 43 48 20 2a 20 48 54  54 50 2f 31 2e 31 0d 0a   RCH * HT TP/1.1..
0040  48 6f 73 74 3a 20 32 33  39 2e 31 39 32 2e 31 35   Host: 23 9.192.15
0050  32 2e 31 34 33 3a 36 37  37 31 0d 0a 50 6f 72 74   2.143:67 71..Port
0060  3a 20 33 36 36 34 33 0d  0a 49 6e 66 6f 68 61 73   : 36643. .Infohas
0070  68 3a 20 46 33 31 44 34  44 41 34 41 38 46 41 36   h: F31D4 DA4A8FA6
0080  43 30 36 32 44 36 42 44  31 37 43 36 41 35 39 36   C062D6BD 17C6A596
0090  33 46 43 45 41 41 43 33  33 36 34 0d 0a 0d 0a 0d   3FCEAAC3 364.....
00a0  0a                                                 .

OOOOoooohhh, very scary!!

BT-SEARCH * HT TP/1.1
Host: 23 9.192.152.143:6771
Port: 36643
Infohash: F31D4DA4A8FA6C062D6BD17C6A5963FCEAAC3364

That's the local peer discovery multicast thingiemajigabob which firon was on about.

Well I am thinking of going back to 1.6.1 as my favorite tracker biteme is blocking utorrent 1.7.1

Just stop using that tracker. Make them properly justify the bans.

here is what i found out at one tracker thats banning it:

Is it allowed here?

NO

Why?

uTorrent 1.7, NO other torrents going other then 1 linux iso torrent, no other applications running (actually running in wine), separate dedicated IP = Mediasentry IP hits 36.

Halite, same torrent, same system = 0 Media sentry IP hits.

Every version > 1.6.1 is Bittorrent Inc., which is directly in partnership with the movie studios. Viacom Inc.'s Paramount Pictures, News Corp.'s 20th Century Fox, Lionsgate, Palm Pictures and Kadokawa Pictures USA etc etc .

In fact versions > 1.7 don't even have the same developer doing it. It's all handled now by Bittorrent Inc's development. The original author (up to 1.6.1) is no longer even part of the project.

Right from uTorrent's FAQ

"Who makes µTorrent?

Ludvig Strigeus (ludde) is the original author and former maintainer of µTorrent.

BitTorrent Inc's developers are the current maintainers of µTorrent. "

Will it ever be allowed?

NO

If your in doubt trrace these IP's that were blocked from outgoing through my firewall with uTorrent 1.7

64.124.145.113

64.124.145.104

206.169.225.92

64.34.174.141

64.34.172.152

206.169.170.246

206.169.230.102

and here are the whois/trace:

http://whois.domaintools.com/64.124.145.113 Abovenet Communications, Inc

http://whois.domaintools.com/64.124.145.104 Abovenet Communications, Inc

http://whois.domaintools.com/206.169.225.92 Time Warner Telecom, Inc.

http://whois.domaintools.com/64.34.174.141 Peer 1 Network Inc.

http://whois.domaintools.com/64.34.172.152 Peer 1 Network Inc.

http://whois.domaintools.com/206.169.170.246 Time Warner Telecom, Inc.

http://whois.domaintools.com/206.169.230.102 Time Warner Telecom, Inc.

And where are the wireshark spacketsniffs telling what information is being sent?

well thats the problem they dont know what it is, i mean it could be anything, logs of use perhaps they dont know.

and besides why would you want your client send data to Time warner and peer 1?

Well, if they knew how to use wireshark to save their ass, they could tell us what data is actually being sent.

So the developers are saying that there's no data sent anywhere else than the tracker?

That is correct.

Possible exceptions: update checking, DHT bootstrapping

(I'm not a developer.)

If a torrent has hostile ips in its peer list, most ANY BitTorrent client will make outgoing connections to those ips unless explicitly blocked using its blocklist. If they retested µTorrent v1.6.1 they'd probably find it 'hostile' too. So would be Azureus or Halite now as well once hostile ips get into the peer list from the tracker.

But they probably didn't run the test using µTorrent's own ipfilter.dat before writing it off.

Utorrent.com should do a small contest:

Provide reproducible steps that proves that utorrent is leaking out malicious and/or private data.

- Win $100!!

I would easily contribute a few bucks

By the way, this one is my favourite so far in this paranoia circus.

From total torrent

Even assuming this stuff is true, how come it doesn't do that for EVERYONE?

JexnerTheBad: that was a post made by the DigitalHive admin, and he used such poor procedures that it's really no surprise. He ran a torrent for 24 hours and just had iptables logging outgoing connections for the entire system. That's not scientific.

doesn't matter what version or what ever bittorrent cleint you use,the chance is still there that MPAA and RIAA can get your information

Ask them to provide wireshark logs.

And if they think it's sending data to the IP 239.192.152.143... they're clueless. That's a multicast IP, and is related to local peer discovery (it's a broadcast that won't go out of your subnet to find peers on the same LAN/MAN).

Translated....: OrgName: Internet Assigned Numbers Authority

OrgID: IANA hxxp://www.iana.org/

hxxp://www.iana.org/faqs/abuse-faq.htm

Utorrent.com should do a small contest:

Provide reproducible steps that proves that utorrent is leaking out malicious and/or private data.

- Win $100!!

One one occasion, I kept Shareaza from being banned on one system and got it unbanned on another by offering the Administrators a $100 donation if they could prove that it cheated/leeched. It wasn't much money, but it was enough to get them to start speaking factually instead of relying on rumors.

http://whois.domaintools.com/64.124.145.113 Abovenet Communications, Inc

http://whois.domaintools.com/64.124.145.104 Abovenet Communications, Inc

http://whois.domaintools.com/206.169.225.92 Time Warner Telecom, Inc.

http://whois.domaintools.com/64.34.174.141 Peer 1 Network Inc.

http://whois.domaintools.com/64.34.172.152 Peer 1 Network Inc.

http://whois.domaintools.com/206.169.170.246 Time Warner Telecom, Inc.

http://whois.domaintools.com/206.169.230.102 Time Warner Telecom, Inc.

????

What's the matter of your firewall?

I am a Chinese and UT 1.71 sending data to NO ip listed above.

FXXK the liar.

They wouldn't be interested in your IP ranges. They would mainly be targetting US IP ranges, as well as ranges of other organizations they're partnering up with in other countries.

With all the traffic they're generating too, they'd have to be bigger fools than they already are, to not ignore 'outside' IP ranges.

-- Smoovious

µtorrent 1.7.1 has now been banned. The new version contains a feature that sends your IP and upload/download information to the MPAA and the RIAA