µTorrent Community
You are not logged in.
So, I really want to hear the mods/developers opinion on this. I didn't read if this has been talked through yet, so I just thought I'd ask this straight up.
uTorrent sends data outside the tracker, nobody doesn't know exactly what data, YET, but it sends data, and lots. It's a feature (NOT A BUG) in 1.7.1, and I'm sure that lots of users would like to know what is that data, and where it's sending it.
Developers, you really should tell us this, because after all, we are using your program, which was just fine until today.
Offline
Nice of them to provide wireshark logs reporting the data that is being sent.
They haven't provided proof that there's any new data going out that isn't part of implemented features (specifically local peer discovery).
Offline
So the developers are saying that there's no data sent anywhere else than the tracker?
Offline
That is correct.
There is no usage logging going anywhere in uT, and private trackers are still getting the same sort of DHT restrictions they always have (DHT gets turned off for flagged torrents. No peer info for those torrents is exchanged).
Offline
Of course I would like to believe this, and for the time being I am going to believe this, but I'm sure you also know that if this is a lie, you will lose all your users 
Anyway, uTorrent is the best program out there, and I really would like to use it in the future too. Hopefully you didn't sell out.
Offline
Ask them to provide wireshark logs.
And if they think it's sending data to the IP 239.192.152.143... they're really misinformed. That's a multicast IP, and is related to local peer discovery (it's a broadcast that won't go out of your subnet to find peers on the same LAN/MAN).
http://www.tcpipguide.com/free/t_IPMult … essing.htm
Just to clarify, 239.0.0.0/8 is considered the local multicast range, so it won't make it past your LAN, or your ISP's MAN (if you're not behind a router).
Offline
Not much info in those packets even .
0000 01 00 5e 40 98 8f 00 0f 66 f2 15 17 08 00 45 00 ..^@.... f.....E. 0010 00 93 58 ef 00 00 ff 11 18 62 c0 a8 01 10 ef c0 ..X..... .b...... 0020 98 8f 1a 73 1a 73 00 7f b4 73 42 54 2d 53 45 41 ...s.s.. .sBT-SEA 0030 52 43 48 20 2a 20 48 54 54 50 2f 31 2e 31 0d 0a RCH * HT TP/1.1.. 0040 48 6f 73 74 3a 20 32 33 39 2e 31 39 32 2e 31 35 Host: 23 9.192.15 0050 32 2e 31 34 33 3a 36 37 37 31 0d 0a 50 6f 72 74 2.143:67 71..Port 0060 3a 20 33 36 36 34 33 0d 0a 49 6e 66 6f 68 61 73 : 36643. .Infohas 0070 68 3a 20 46 33 31 44 34 44 41 34 41 38 46 41 36 h: F31D4 DA4A8FA6 0080 43 30 36 32 44 36 42 44 31 37 43 36 41 35 39 36 C062D6BD 17C6A596 0090 33 46 43 45 41 41 43 33 33 36 34 0d 0a 0d 0a 0d 3FCEAAC3 364..... 00a0 0a .
OOOOoooohhh, very scary!! 
Offline
BT-SEARCH * HT TP/1.1 Host: 23 9.192.152.143:6771 Port: 36643 Infohash: F31D4DA4A8FA6C062D6BD17C6A5963FCEAAC3364
That's the local peer discovery multicast thingiemajigabob which firon was on about. -_-
Offline
Well I am thinking of going back to 1.6.1 as my favorite tracker biteme is blocking utorrent 1.7.1
Offline
Just stop using that tracker. Make them properly justify the bans.
Offline
here is what i found out at one tracker thats banning it:
Is it allowed here?
NO
Why?
uTorrent 1.7, NO other torrents going other then 1 linux iso torrent, no other applications running (actually running in wine), separate dedicated IP = Mediasentry IP hits 36.
Halite, same torrent, same system = 0 Media sentry IP hits.
Every version > 1.6.1 is Bittorrent Inc., which is directly in partnership with the movie studios. Viacom Inc.'s Paramount Pictures, News Corp.'s 20th Century Fox, Lionsgate, Palm Pictures and Kadokawa Pictures USA etc etc .
In fact versions > 1.7 don't even have the same developer doing it. It's all handled now by Bittorrent Inc's development. The original author (up to 1.6.1) is no longer even part of the project.
Right from uTorrent's FAQ
"Who makes µTorrent?
Ludvig Strigeus (ludde) is the original author and former maintainer of µTorrent.
BitTorrent Inc's developers are the current maintainers of µTorrent. "
Will it ever be allowed?
NO
If your in doubt trrace these IP's that were blocked from outgoing through my firewall with uTorrent 1.7
64.124.145.113
64.124.145.104
206.169.225.92
64.34.174.141
64.34.172.152
206.169.170.246
206.169.230.102
and here are the whois/trace:
http://whois.domaintools.com/64.124.145.113 Abovenet Communications, Inc
http://whois.domaintools.com/64.124.145.104 Abovenet Communications, Inc
http://whois.domaintools.com/206.169.225.92 Time Warner Telecom, Inc.
http://whois.domaintools.com/64.34.174.141 Peer 1 Network Inc.
http://whois.domaintools.com/64.34.172.152 Peer 1 Network Inc.
http://whois.domaintools.com/206.169.170.246 Time Warner Telecom, Inc.
http://whois.domaintools.com/206.169.230.102 Time Warner Telecom, Inc.
Offline
And where are the wireshark spacketsniffs telling what information is being sent?
Offline
well thats the problem they dont know what it is, i mean it could be anything, logs of use perhaps they dont know.
and besides why would you want your client send data to Time warner and peer 1?
Offline
Well, if they knew how to use wireshark to save their ass, they could tell us what data is actually being sent.
Offline
So the developers are saying that there's no data sent anywhere else than the tracker?
That is correct.
Possible exceptions: update checking, DHT bootstrapping
(I'm not a developer.)
Offline
If a torrent has hostile ips in its peer list, most ANY BitTorrent client will make outgoing connections to those ips unless explicitly blocked using its blocklist. If they retested µTorrent v1.6.1 they'd probably find it 'hostile' too. So would be Azureus or Halite now as well once hostile ips get into the peer list from the tracker.
But they probably didn't run the test using µTorrent's own ipfilter.dat before writing it off.
Offline
Utorrent.com should do a small contest:
Provide reproducible steps that proves that utorrent is leaking out malicious and/or private data.
- Win $100!!
I would easily contribute a few bucks
By the way, this one is my favourite so far in this paranoia circus.
From total torrent 
Last edited by tjobo (2007-07-18 07:42:11)
Offline
Even assuming this stuff is true, how come it doesn't do that for EVERYONE?
Offline
JexnerTheBad: that was a post made by the DigitalHive admin, and he used such poor procedures that it's really no surprise. He ran a torrent for 24 hours and just had iptables logging outgoing connections for the entire system. That's not scientific.
Offline
doesn't matter what version or what ever bittorrent cleint you use,the chance is still there that MPAA and RIAA can get your information
Offline
Ask them to provide wireshark logs.
And if they think it's sending data to the IP 239.192.152.143... they're clueless. That's a multicast IP, and is related to local peer discovery (it's a broadcast that won't go out of your subnet to find peers on the same LAN/MAN).
Translated....: OrgName: Internet Assigned Numbers Authority
OrgID: IANA hxxp://www.iana.org/
hxxp://www.iana.org/faqs/abuse-faq.htm
Offline
Utorrent.com should do a small contest:
Provide reproducible steps that proves that utorrent is leaking out malicious and/or private data.
- Win $100!!
One one occasion, I kept Shareaza from being banned on one system and got it unbanned on another by offering the Administrators a $100 donation if they could prove that it cheated/leeched. It wasn't much money, but it was enough to get them to start speaking factually instead of relying on rumors.
Offline
http://whois.domaintools.com/64.124.145.113 Abovenet Communications, Inc
http://whois.domaintools.com/64.124.145.104 Abovenet Communications, Inc
http://whois.domaintools.com/206.169.225.92 Time Warner Telecom, Inc.
http://whois.domaintools.com/64.34.174.141 Peer 1 Network Inc.
http://whois.domaintools.com/64.34.172.152 Peer 1 Network Inc.
http://whois.domaintools.com/206.169.170.246 Time Warner Telecom, Inc.
http://whois.domaintools.com/206.169.230.102 Time Warner Telecom, Inc.
????
What's the matter of your firewall?
I am a Chinese and UT 1.71 sending data to NO ip listed above.
FXXK the liar.
Offline
They wouldn't be interested in your IP ranges. They would mainly be targetting US IP ranges, as well as ranges of other organizations they're partnering up with in other countries.
With all the traffic they're generating too, they'd have to be bigger fools than they already are, to not ignore 'outside' IP ranges.
-- Smoovious
Offline
µtorrent 1.7.1 has now been banned. The new version contains a feature that sends your IP and upload/download information to the MPAA and the RIAA
Offline
