Outsmarting the ISP

[bumperscookie]

Question. I got a message from my ISP that a copyright holder had managed to track part of a movie file that was being transferred from my computer and had filed a complaint with my ISP. They provided a copy of the portion that the copyright holder was able to monitor coming from my system, in spite of having my security settings up there.

I thought that this was basically impossible with torrents, or maybe that's old school?

And is there a way to better secure my system so that fookers can't track me? I've been paranoid of leaving the program open for longer than short periods at a time very since:(

[DreadWingKnight]

If you don't want to be tracked, don't use torrents that will be tracked.

[bumperscookie]

Thanks Captain Obvious, that was an incredibly helpful response

[kotekzot]

don't use public trackers. do use protocol encryption.

[incurablegeek]

Bumperscookie, Now that you have been clowned by the clowns, here's a suggestion that I came across somewhere on the net.

There is an ipfilter.dat that you Put in Users - App Data -- Roaming

Simply Google "utorrent ipfilter dat" and you will get tons of info.

Remember: On the net, there are never any stupid questions. There are, however, lots of really stupid replies. Never mind. :cool:

Old proverb: "Better to be thought a fool than to open your mouth and remove all doubt".

[ktetch]

don't use public trackers. do use protocol encryption.

What difference do you think it makes if you use public trackers or activity-logging (commonly termed 'private') trackers? If you can access them, the person who is getting paid to access them somehow can't? I don't think so...

And protocol encryption does NOTHING for this sort of thing. Never has. It's about traffic shaping, nothing else.

Old proverb: "Better to be thought a fool than to open your mouth and remove all doubt".

So follow it. Ipfilters do nothing. Can actually make you more susceptible. Never been proven to work, and there's a big question as to who runs the lists. One study actually found rate-of-letters DOUBLED when using the most popular antip2p blocklist....

You want to know how tracking is done? It's real simple. They just jump on the torrent, and record your activity, while acting like any other peer. They can do it from ANY IP ADDRESS. This idea that they have to use a corporate network or whatever, absolute bunk.

(video)

[incurablegeek]

Kletch,

If you do indeed work for TorrentFreak, then I expect you know me. At least Ernesto does.

You may wish read the following article at TorrentFreak: http://torrentfreak.com/do-p2p-blocklists-keep-you-safe/

It seems to be in disagreement with your put-down of my post:

blocklists significantly decrease the risk of getting caught by the MPAA or RIAA

[ktetch]

That was one paper, 5 years ago. And I disagreed with the methodology of it, as did some of the other writers (such as the CTO, and my Boss, Ben Jones) at the time. However, TorrentFreak is a news site, and as such, it covers things like papers, and their conclusions, You also seem to have read the early part, but not later on

The paper has some interesting findings, and does provide some insight into the workings of blocklists. However, it doesn’t say much about the accuracy and effectiveness of these blocklists.

And then when an expert (and I know exactly who) says what he says, he's missing a caveat - that the ratio of blocked IPs to ones they use is very large. Something like 50,000IPs blocked for every 'actual hit'.

As well as Ben's pieces above (and he and I both worked as Copyright Enforcers i the late 90s) there's things like Slyck's research during the mediadefender leak (the ONLY time antip2p IP addresses have ever been published), where on a list blocking 30% of the net, they had a hit-rate of about 3%... Yikes....

BTW, both myself and Ben are on the bluetack blocklists... Sure I've spent years working for torrentfreak (and before that sites like mininova) and I've run pirate parties, and helped send two pirates to the EuroParl, And i've been asked to be an expert witness for the defense in some of the mass bittorrent lawsuits, BUT I critisised Bluetack's staff, saying they are lazy, and incompetent, and therefore you'll probably find me on the list as 'antip2p', just as Slyck was for a long time (and might still be) and utorrent was (and probably still is)

The problem is this. Without a way to identify a peer as 'belonging to them', there's no way to spot it to add it to any list. There's no way to identify a peer because it doesn't have to act in any way out of the ordinary. As a result, most of their additions to the list are either bad-data spam (which clients can deal with anyway) or random IP's they have a 'feeling' about, with some made-up reason why (and you can't challenge them, because they've never published their methodology for populating their lists, and no-one actually knows who is behind groups like BlueTack. I was actually interviewed a few years back by one of the original creators of Peerguardian, for a radio station in Scotland. He NEVER knew who was running Bluetack. They wouldn't tell him. You have to wonder WHY they wouldn't even tell someone they were working with that closely who they were. The only reason I can think of is because he wouldn't work with them if he knew (plus I've tracked some paperwork to an office shared with a law firm in Southampton - curious, eh?

[incurablegeek]

Kletch,

Thank you for your definitive post. Hope you don't mind but I printed it for future reference.

So there be no misunderstanding, my post about "Fools" was directed at the posters who attempted to clown the OP with their sarcastic answers to his question. I just don't like nasty putdowns of people looking for help. But I should have been more specific at who I intended for. Sorry.

Thanks again for all the very nice info. I must say however that I have used uTorrent and Bit Torrent for ages and never, ever received a cautionary letter in the mail. I now use VPN.

My post, simplistic though it may be, was more directed at opening blocks thrown up by uTorrent for certain torrent downloads. I did have that problem once with uTorrent after an upgrade, though I do not remember it clearly since it was so long ago (6-8 mos.).

Thanks again,

IG

[ktetch]

I must say however that I have used uTorrent and Bit Torrent for ages and never, ever received a cautionary letter in the mail.

Have you ever been struck by lightning?

There's over 25Million on TPB's trackers at any one time. How many letters do you think are sent out a year? I'd guess maybe 1-2 million, worldwide, at most.

The ratio of letters to peers is that most people don't get a letter. I've never had one.

I don't use a VPN either, (but have on occasion, to test services out for TF)

I broke down a lot of this stuff into a clearer, more cogent argument (that I spent 2 months writing, off and on, interspersed between a book due out end of the year) which you can see here http://www.ktetch.co.uk/2012/07/no-comcast-is-not-monitoring-your.html

But going back to the OP, and his question

is there a way to better secure my system so that fookers can't track me?

There is only one answer, and that's the one DWK gave.

If you don't want to be tracked, don't use torrents that will be tracked

It sounds flippant, but it says in 14 words what I took 1322 to say in that piece. You can't stop them ID-ing you if they're monitoring the torrent, you just need to get torrents that are not monitored.

I'll maybe cover that next week.