PeerGuardian 2 -- Will I regret installing it? -- Opinions please!

[GeneL]

Hi everyone,

I recently installed uTorrent a couple of days ago and I'm pretty clear on the need for I.P. Blocking and the security it provides when using any P2P program.

My research into I.P. blocking programs has led me to consider installing PeerGuardian 2 to perform this function on my WinXP computer.

I'd like your opinions on whether or not I'll regret installing it and whether it will turn out to be the resource hog some claim it to be and that it will slow down my computer's performance significantly.

Note: I'm thinking of only having it enabled during the times while in the process of looking for and then downloading torrents instead of it continuously running in the background.

PeerGuardian 2...should I or shouldn't I?

If not PG2, then what do you recommend?

Thanks for your input.

[moogly]

Forget PG2. Use personal ipfilter.dat in folder %appdata%\utorrent and enable it in Peer tab.

[GeneL]

Can you explain further?

I went to my uTorrent folder at %appdata%\utorrent and don't see a file named ipfilter.dat or anything close to that.

Please elaborate, considering I'm new at this.

Thanks.

[moogly]

Create the file yourself.

http://www.utorrent.com/faq/misc#faq11

Search on the boards, there are 2 or 3 recent threads (1 or 2 weeks old) about this subject (IP blocklist).

http://forum.utorrent.com/viewtopic.php?id=55342

[GeneL]

Thanks moogly,

Before receiving your last post I Googled "ipfilter" and found there is a small application named Ipfilter 1.0 available at Download.com and tried installing it but when I click to open the .exec file all I get is a flash of a Command prompt window but only for a brief second so I haven't installed it.

Your bottom link pretty much gives me the answer to my question about PG2 that "it's more likely to cause problems by blocking access to between hundreds and thousands of potential peers." posted by DreadWingKnight along with more reasons not to install it.

I'll go ahead and create the file based on your input and the FAQ you sited and look around for block lists. Sounds as though it will be just as effective as any application I could download.

Thanks again.

[ncx]

There's nothing wrong with Peer Guardian 2. Under XP it works great and always did. The app had problems running under Vista and Windows Seven but those problems have been completely resolved with the release of a new loader. Under XP you won't need that loader but (as a side note for others) it's available in the forums at the peer guardian developers site as a separate download from peer guardian itself. If you need help installing or using PG2 under XP or Vista, those forums would be the place to post questions. Just go to the phoenix labs homepage and look to the right menu under "other stuff" for the forums link.

I would also add, make sure you get PG2 6c for XP, the RC1 version is Vista only. As for whether or not you'll regret installing it, I see no reason why you would. It does what it says and does it well, it removes itself from the system without issue if you decide to uninstall and it's free. I've used PG since the beta days and never had a problem.

[DreadWingKnight]

We've gone over this time and time again.

The blocklists given out block far too many legitimate peers and don't block the "bad guys".

[Switeck]

Please read carefully:

http://forum.utorrent.com/viewtopic.php?id=55378

Even if you knew ALL the corporate ip ranges of the copyright monitoring companies and blocked them, you would NOT be safe.

Firon: "A VPN is basically your only way to be secure."

Which isn't to say I don't believe in blocking ip ranges...blocking for the sake of reducing (but not eliminating) poison peers/seeds connecting to you is mostly worthwhile:

http://forum.utorrent.com/viewtopic.php?id=46221

[GeneL]

Hey Guys,

Ok, considering the recommendation of some and against the better judgment of others, I've gone ahead and installed and updated PeerGuardian 2, Rev 6C.

This one, compared to other IP Managers and IP Filters I looked at, plus a couple I attempted to install, seems to be rather popular and the Installation Wizard and updater made the install process pretty simple compared to others. Plus I can enable/disable at will depending on when I'm connecting P2P.

I don't know if anyone will be reading this thread in the future but, I'll report back here with any problems I have or even if I feel installing PG2 was a good choice...or not.

Thanks for all your input, it was very valuable in helping me make a decision.

Please, feel free to comment or give any recommendations regarding PG2 you feel might give me an enhanced PG2 experience.

Gene

[sonel]

Hi, Genel I've also using Peer Guardian 2 (PG2.exe) in my Win XP system. I also updated it.

Now it's working fine. I think there is nothing to worry about it. I also get same (or even faster speed) than compared to past. So there is nothing to worry. I'm satisfied with PG2.

But in the short course of time I didn't check it by downloading various type of file as .iso,.avi etc.

I downloaded some application only. I'm not sure whether it'll work fine with perfection; in case linux or any OS Image file, as there md5 value restriction is applicable in that case.

I never downloaded a file & cross test it with .md5 value verification.

In case if any member want md5 verification tool for Windows platform here is the most authentic & dependable company(Nero) software.It's a freeware. So download it from their site as given below:

http://www.nero.com/ena/downloads-nero9-tools-utilities.html#tab3

So I also want that other members also use the program & reply in this thread about their views.

[Switeck]

A few years ago, I used to use Peer Guardian 2...but I don't now because the short blocklist I started using (or even the long blocklist I was using before I knew any better) worked just fine when converted in uTorrent as ipfilter.dat.

I didn't NEED to run a separate program to get the same results.

[opus44]

I get ipfilter.dat at BISS Security Center under the filename of nipfilter.dat.gz. I understand it's the same list as level1.

[Firon]

Still a complete and utter waste.

[Ultima]

BISS is BlueTack, so all problems associated with using PG2+BlueTack blocklists come with using their ipfilter.dat. There isn't any difference other than that PG2 auto-updates the list.

[opus44]

BISS is BlueTack, so all problems associated with using PG2+BlueTack blocklists come with using their ipfilter.dat. There isn't any difference other than that PG2 auto-updates the list.

Well, my point was sorta this. There is no need to use PG2 since you can get the same list and use it with uTorrent. Unless you're really paranoid and want to add other lists.

[Firon]

It's still dumb to use the lists at all with uTorrent.

You're missing the point here. Bluetack's lists are WORTHLESS for all purposes.

[ktetch]

Ok, I've been doing some of the investigating on this for the past few years, but I'm not the only one.

I've found that entries are often made up, associations claimed are not true, and that from tests of known IP ranges (what few there are) others have found hit rates significantly poorer than if they were entered at random.

I spoke to one of the founders of PeerGuardian the other week. Bluetack won't even speak to him. This whole website you're on now, is blocked by bluetack's level1 list. Why? well, that means following their chain of reasoning.

1) utorrent.com is owned by bittorrent

2) bittorrent inc. has made distribution deals with some US studios and production companies.

3) those studios and/or production companies are members of the MPAA

From that, bluetack deduce that utorrent.com is run by the MPAA, and that utorrent is spying on you. Simple, eh.

Another example is popcap games.

Popcap is owned by a company, and the parent company of that, has a share in mediasentry. Thus popcap works for mediasentry.

it's absurd what they use to justify a list. People also see what's being blocked and think that that company is trying to connect. Whats really happening is the program displays the lable in the list, that goes with the IP. If you take their level1 list, and replace 'mediadefender' with 'God', has peerguardian now proved the christians right? No, the program just shows what the lists have down. If the lists are crap, so are the results from it, and the lists ARE crap.

Personally, I think BISS is working with antip2p companies, not against them.

[Switeck]

I've done the research on these ip ranges:

http://forum.utorrent.com/viewtopic.php?id=46221

Blocking them is not effective in "hiding" from the media monitoring companies, but it will likely reduce hashfails on any torrent they're meddling with. Some of what they screw with isn't their right. (Legally filmed concerts, criticism, parody sites, mistargetted partial name matches, etc...) They make more money by how many people the can sue, guilty or not. It really gives them a strong conflict of interest in making certain their accusations are legitimate.

[GeneL]

I've listened to all the comments and the question keeps popping up in my head, "Why does anyone (yes, you know who you are) take the chance by downloading and distributing unauthorized copyrighted material of getting on these media monitoring companies "hit list" and therefore setting one self up for possible lawsuits, hefty fines or worse?".

I've come to the conclusion there is only one thing I can do to stay safe...move to Canada.

[moogly]

Canada is surely worth than USA. All major Canadian ISPs have confessed to filter p2p on their networks.

http://torrentfreak.com/all-major-canadian-isps-slow-down-p2p-traffic-090120/

America is surely not the best place to do torrenting! Come in Europe!

[Switeck]

Many ISPs don't take the cease and desist emails completely seriously, because there are so many false positives and because many of those emails could qualify as spam...and possibly get routed as such.

As such, some people never see the emails meant for them. The ones that do often mistakenly think it's their ISP that's "ratted" them out or been monitoring them.

ISPs have taken the media industries to court a few times over being told they had to give out private information on demand to every cease and desist letter that comes along.

[GeneL]

"As such, some people never see the emails meant for them."

Ok, let me ask you this Switeck. With the millions and millions of P2P users around the world, how safe from being singled out is the, let's say, "average" P2P community member who "accidentally" shares what could be perceived as an unauthorized, copyrighted file...let's say for the sake of argument here, it's a video or even an audio file and perhaps he/she does this a couple/few times a week only?

Would that much of a sharing habit raise the red flag subjecting him/her to the vengeance that these internet investigators seek and a subsequent visit in front of a judge where he/she is required to pay a hefty fine of thousands to avoid jail time? Or are they looking for the heavy sharers, who practically make a career out of downloading and distributing audio and video files deemed to have the classification of unauthorized, copyrighted material?

I'm just wondering how caught up in all of this could be the "little guy" P2P user. Just where, if there is such a thing, do they draw the line?

Thanks

[Switeck]

All I can say for certain is new releases are far, FAR more likely to be heavily monitored and reported to ISPs.

Pre-releases are even more dangerous, as unlike the usual cease and desist letters...people have gotten sued over them.

It's only been the music industry that's sued the "little guys" for the most part.

The movie industry has mostly only gone after pre-releases, though they send out cease and desist emails over movies and tv shows very heavily. If someone persisted in sharing those, they might demand (from the ISP) the identity of the sharer/s so they could sue them.

[GeneL]

That is very informative and insightful from someone I perceive has vast knowledge of these things like yourself Switeck. It might even help dilute some of the anxiety and fear that I have to believe exists throughout the P2P community, although it's obviously not meant to justify illegal activity of course but, it does help one understand to what degree they may or may not be breaking copyright laws.

Thanks for your honest answer.

[njyoder]

Please stop blanket bashing PeerGuardian. I've read the blog you linked to earlier, and it has faulty theoretical and practical assumptions. The blogger made no effort at all to test any of their hypothesis (i.e. it's pure speculation in spite of being falsifiable). I'm actually quite surprised that they think that even using the proposed strategy, that AOL trial discs or home DSL/cable home usage as potential implementation choices were anything other than a joke.

It's an unfortunate situation in security software where people go around suggesting that because something isn't perfect (nothing is), it is useless. When it comes to companies, they'll just apply Ockham's Razor against cost, and this "smart PG evasion strategy" loses. The fact that (as per theoretical point #3) they already have no problem finding many users (due to most people not using anything PG-like) and bringing them to court, invalidates any need for something more, especially something costly.

I've made a response to a post on this subject indicating the flaws in that outlined theory.

The main experimental evidence supporting use of PG are:

1. You get many hits from anti-p2p IPs shortly after trying a torrent (especially popular ones), meaning the companies still use them a lot. In other words, it is blocking some amount of them, hence we shouldn't throw it anyway any more than you'd get rid of the lock to your front door because it only deterred some criminals.

2. Companies are known, in court, to have made MANY false positives in identifying pirates. Their incompetence is demonstrated again and again. Any assumption that even the majority of them have created a sophisticated system to circumvent this is unfounded.

The main theoretical evidence supporting use of PG are:

1. ISPs are already known to be working with copyright owners. A much better strategy would just be automated spying on users. YouTube, Napster and other services already do automated infringement monitoring of users. They install neat little boxes at the ISP that monitor torrent connections and other pirating mediums to see what the users are doing. This solution makes more sense and is pretty much impossible to combat without encryption, which uTorrent does support and probably should be enabled by default on the various torrent clients.

2. The only cost effective way of utilizing many end-user dynamic IPs without lots of labor is to directly lease that IP space from an ISP, assuming that:

A) They'll give it to you knowing it might get their users added to various filters

The ISP knowing it will use up a lot of the little precious IPv4 space they have. IPv4 is becoming more and more of a precious commodity hence why dynamic IPs even exist; this strategy means CONSTANT use of IP space unlike on-and-off use of actual end-users. They'll need many IPs to avoid detection, because if some IPs had insane amounts of bandwidth it would be a dead giveaway, requiring they split that bandwidth over more IPs. More bandwidth = more monitoring capacity.

C) contracting the outsider programmers for this specialized, smart evasion software won't add too much to the cost. In many cases solutions like this get stalled and sometimes screwed up completely, requiring new contractors.

D) This won't be leaked. (It's happened, see MediaDefender.)

The other methods are horribly inefficient and would raise eyebrows because they'd know this one company was doing it, anyway (free trials require credit cards...I can't believe that guy suggested that and you only get one DSL/Cable connection per house).

This may very well be cost ineffective, given the value of such a large block of IPs for dynamic users being swallowed up. Would they want to spend that much just to catch someone pirating a few things whose value is far less than their monthly fees?

3. Even if they did employ this method, a counter-method could be employed...using block lists. You just monitor for IPs that are downloading abnormal amounts (especially re-downloading stuff they should have already retrieved, over and over). With software either run independently by the PG people or some plug-ins built into torrent software used by a variety of users, it would build an automated list of suspicious IPs based on automated consensus. Those IPs would be distributed via blocklist with an expiration.

4. They're already able to launch plenty of lawsuits as-is, because most users don't user PG or anything like it. How would the costs even be justifiable for all of this? Their current, simplistic solution works just fine for busting numerous users. If I were them, I certainly wouldn't bother getting around PG unless like 75%+ of users were using it (ignoring the other problems listed above). With the additional lawsuits from ISP-based spying, they're golden.

----

It's all cat and mouse. Pirates come up with better protection, and then the companies clumsily try to combat it. It seems that the pirates are better at creating new protection methods than companies are at making new spying methods. Once the ISP-based spying becomes highly prevalent, I suspect encryption will become more prevalent and the cat and mouse game continues.