Jump to content

Fake Bitspirit =? BitTorrent/4.1.2


hofshi

Recommended Posts

@avatarl: That's not the point. The point is that µTorrent won't help you discriminate against users. Take a look at the long, locked, Manual IP Banning thread, and you'll see any arguments about it (yes, manual IP banning runs along the same line as client ID banning).

Link to comment
Share on other sites

I didn't say anything about manual banning or client ID banning, just automatic banning clients with ID spoofing, which is not the same. The logic presented about "non-discrimination", an irrelevant argument in this particular case. The arguments on that particular thread were about MANUAL IP banning, not automatic ID spoofing client banning. Of course, if you think who someone who uses client ID spoofing is not suspicious of anything and clients shouldn't be acting against him, well, you are free to believe that :P Plus, THAT particular criteria is fairly reasonable. I'm just saying that ìTorrent should automatic ban THIS particular OBVIOUSLY SUSPICIOUS behaviour.

Link to comment
Share on other sites

Eh, that sounds like having a security guard that validates each individual's credentials, someone comes with obviously forged credentials (reason unknown!) and yet he allows him to pass with the idiotic argument that "well, he's human, too". I somehow fail to see the logic behind this attitude.

Link to comment
Share on other sites

Where's you proof that they're suspicious? Have they done anything wrong to you? They're obviously not getting banned from your client automatically, so that means they're not sending you bad files. It's the same thing as saying "Oh this guy looks like he's Middle Eastern... that must be suspicious, let's arrest him, even though he hasn't done anything wrong!"

If you're going to take the stance that they're probably cheaters, then BitComet should be banned first before any of these, but BitComet's not getting banned from µTorrent, period.

Link to comment
Share on other sites

No, it's like having someone say "Yes, I am a terrorist" and the response being "you just say that, you have no proof".

I can't really say about BitComet, I'm not monitoring my torrents and checking every IP and what it does.

Plus, that Middle Eastern argument is totally off. The correct example would be, there's clearly a Middle Eastern person, he gets his ID checked, and the ID has a western name with a western (white) picture on it! Now, if that's not suspicious, what is? Or you'd rather have him bring the whole place down BEFORE you admit that his ID was pretty suspicious to begin with :P Or maybe let him be, he doesn't blow up the airplane, he gets on and off the plane just fine and you say to yourself, see, he didn't do anything after all. Let's disregard the fake ID thing. :P

Link to comment
Share on other sites

How is changing your client ID a declaration of being a terrorist? And the point of the "Middle Eastern" example wasn't to be an exact correlation to this situation. It was to show that you can't judge something superficially. Sure, it may be suspicious, but until that person actually does something wrong, do you have the right to arrest him?

You seem to be a "guilty until proven innocent" kind of person, based on your responses thus far (or maybe just a "guilty if suspicious" kinda person ;P). Well, I'm more of a "innocent until proven guilty" kind of person, so that probably explains our disagreement on the matter =T

Link to comment
Share on other sites

Eh, you know, the aforementioned Middle Eastern with the fake ID IS guilty of AT LEAST having a fake ID. And that goes for the clients as well. So you can safely arrest that Middle Eastern fellow NOT because he's a terrorist, but because he does have a fake ID. And I'm sure you know that having forged credentials IS a crime in most countries. Why should that not apply to client ID spoofind as well? That's why I fail to see the logic. Or is having forged credentials not a crime in your country?

Link to comment
Share on other sites

lol we're having an intersting discussion ;P

I don't know much about legal matters, even simple things like that, and for all I know, you might be right (I'm in the US, so you're probably right, the more I think about it). But this isn't a government of any sort and client spoofing isn't against any rules. Aside from that, people who spoof don't necessarily cheat.

In the end, this is still some kind of discrimination, and ludde won't do it (or at least that was his stance a while ago). That attitude explains why a lot of the banning requests have been rejected, and I'm pretty sure this would too.

Edit: And what Firon said. Was going to mention it, but felt like... "bleh, there's going to be more counterarguments against that too" xP

Link to comment
Share on other sites

avatarl: try to be a little more open minded and read Ultima's posts again. He's been patient with you, and raised good arguments.

to sum up, there is no justification to ban a client just because it is spoofing. If the spoofing client still plays by the rules (BT protocol), then you only benefit from this client's existence.

What would you do about all the clients which have unrecognized IDs ? ban them as well? that makes no sense at all.

Link to comment
Share on other sites

I'm from the same country as Ludde, and I understand his stance against discrimination. I share it, as does a majority where we're from. We also have generally a "rehabilitation over punishment" attitude to crime, and the vast majority here are very much of the "innocent until proven guilty" mindset. Thus, I can't help but laugh at some of the quite hilarious Americacentrism in this thread.. :) You better watch it, you've given Homeland Security all the reason it needs to equate torrents with terrorism! Lol...

Link to comment
Share on other sites

I'm American, and I have that very mindset, as I said above O.o

lol sorry about that Middle Eastern example, that was the most exteme I could think of at the time...

@Switeck: That's true, but BitComet already does that, with or without spoofing, so if anything, they should be banned before spoofing clients =T

Link to comment
Share on other sites

@Switeck: That's true, but BitComet already does that, with or without spoofing,

Not every BitComet seems to do it to the same degree, as the post link I mentioned pointed out. Only 1 BitComet out of the 9 was being particularly bad. In that instance, banning BitComet would've only hurt the poster worse.

There is some level of insanely bad behavior which simply cannot be treated the same as a regular, fair client. The problem is, some of the behavior is very bad precisely because it exploits weaknesses in the protocol as currently implimented. (I've elaborated on that too much in another thread.)

Even banning a client because of hashfails may be excessive if it's 10 fails out of 1000's. Right now, Azereus' latest official build does that for encrypted transfers. On the other hand if it's 5 fails out of 5 total...that's definitely ban-worthy!

Fake client ids allows a hostile client to hide as something harmless -- µTorrent was even banned from a private tracker for awhile because of fakes (BitComet cores btw). Client id's aren't required by the BitTorrent protocol, so banning based on 'bad' client id is likewise excessive. Fake client id coupled with even minor hostile behavior may be ban-worthy, even though separately those 2 things might not be.

Minor client favoritism even isn't ban-worthy. For that, you can add ips for that to your ipfilter.dat if you want. However a client that devotes 90+% of its upload bandwidth to its own kind (if available)...IS ban-worthy in my opinion.

Banning based on hostile behavior on the other hand should not be viewed with much disdain.

Link to comment
Share on other sites

I'm just saying that ìTorrent should automatic ban THIS particular OBVIOUSLY SUSPICIOUS behaviour.

It is indeed suspicious, however, it isn't actually hurting -in itself-, which is I why I, personally, think it -shouldn't- be banned.

I am of this opinion because: 1)my general principles, 2)my experience with these ID-spoofers is good, besides the spoofing, no bad behaviour noticed. While reason 2, off course, can have counterexamples, it's mostly reason 1 of different people causing this argument, and I don't think anything will resolve it.

Link to comment
Share on other sites

Why? It's as useful as an HTTP user-agent string (read: not).

Plus, I'd rather not have any more revisions benefitting private trackers (and you know that's what people are clamoring for) :P

Instead, I'd rather the protocol get fixed up so that any client can't join and rape everyone through bad behavior. That is what the protocol REALLY needs, resilience towards leechers and bad clients.

Link to comment
Share on other sites

  • 1 year later...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...