Honeypot reveals mass surveillance of BitTorrent downloaders

Filed Under: Featured, Law & order, Privacy

Files and the cloud, courtesy of ShutterstockEver used BitTorrent to download a song? A book? How about a film or a TV show?

It's highly likely that within 3 hours of doing so, the copyright enforcement people were on to you, monitoring your IP address, according to new research.

Security researcher Tom Chothia and his colleagues at the University of Birmingham, UK, conducted a three-year study that revealed "massive monitoring" of BitTorrent download sites, such as the PirateBay, that's been going on for at least that long.

For the study, researchers developed a fake pirate server: software that acted like a BitTorrent file-sharing client that logged all connections made to it.

Tom Chothia, who led the research, says that popular content downloads were monitored within hours.

The BBC quoted Chothia:

"You don't have to be a mass downloader. Someone who downloads a single movie will be logged as well."

"If the content was in the top 100 it was monitored within hours. Someone will notice and it will be recorded."

The researchers unveiled their findings this week at the SecureComm conference in Padua, Italy, according to New Scientist.

According to their study (PDF), 40% of the monitors that communicated with the team's clients made the initial connection within 3 hours of the client having joined the swarm; the slowest monitor took 33 hours to make its first connection.

The copyright enforcers might not distinguish between hardcore downloaders and casual/new file sharers, but they definitely put their resources behind monitoring highly popular content.

From the paper:

The average time [for a connection to be monitored] decreases for torrents appearing higher in the Top 100, implying that enforcement agencies allocate resources according to the popularity of the content they monitor.

How exactly do the monitors monitor us?

The study considers two approaches: indirect monitoring, which traces indirect clues about a peer's sharing activity (e.g., its presence in a tracker's peer list), and direct monitoring, which establishes connections with peers to estimate their participation in sharing activity.

Spying on computer, courtesy of ShutterstockPrevious research has focused only on how people monitor us indirectly - a less expensive approach for the monitors, both in terms of cost and computing resources - but the Birmingham researchers considered both methods.

Research has shown that enforcement agencies use indirect monitoring extensively.

The problem with this approach, however, is a high rate of false positives. As shown in a 2008 study, indirect monitoring nabs perfectly innocent devices - and that's how printers and wireless access points end up receiving cease-and-desist letters.

More recent studies have shown that, unfortunately, those sloppy monitoring methods are still in use.

Who's monitoring us, and why?

The "who" is not altogether clear. The researchers were able to identify about 10 monitoring firms logging content, out of which a few could be identified as copyright-enforcement organisations, security firms or even other research labs.

About six of the monitors doing the heaviest monitoring were tougher to identify, since the companies relied on third-party hosting firms to run searches.

The "why" may have to do with "because we can," Chothia told the BBC:

"Many firms are simply sitting on the data. Such monitoring is easy to do and the data is out there so they think they may as well collect it as it may be valuable in future."

It's actually valuable now, as evidenced by mass piracy lawsuits.

I'm not asserting that file sharing is justifiable for any reason, be it that music or books or video are too expensive or that some file sharing is actually legal.

No, what's most interesting about these file sharing stories isn't so much the question of whether file sharing is good or bad, it's that monitoring without a court order could be construed as being a breach of civil rights.

Commenter #77 on the BBC's coverage of the story put it this way:

"Okay illegal downloading is stealing, but what of monitoring my internet use without a court order. Can I demand a copy of all their info under data protection? Can I correct errors? Can I sue the monitors for breech [sic] of privacy? Doesn't all this sound slightly one sided? Once again big business rides over the rights of the little guy who can do nothing to stop them."

That sounds about right.

It's certainly not like we haven't seen businesses use copyright-infringement monitoring services to shake people down in what clearly looks like extortion.

Case in point is a recent Kentucky class action suit that accused porn studios of extorting BitTorrent users, looking for payouts of $1,000 to $5,000 from victims too embarrassed or shamed to defend themselves in court.

As the Kentucky lawsuit claims, this isn't simply a war on piracy; rather, it's a "new business model" that's not set up to deter illegal downloads but is instead set up simply to squeeze profit from its victims.

Multicoloured files, courtesy of ShutterstockHow do you defend yourself from monitoring? The University of Birmingham's paper promises to provide means of doing so, but it wasn't easily gleaned, so I looked around.

New Media Rights, for one, has published a guide for defendants in mass copyright lawsuits.

As far as fending off tracking goes, there are proxies that shield you by routing your traffic through another server, such as BTGuard.

There are also IP-blocking applications such as PeerGuardian or IP Blocker that use a constantly updated blacklist of IP addresses known to track your activity, but beware: they rely on blacklists, and those have issues.

And here's the least fun thing I've written all day:

If you really want to stay within the realm of legality, fend off predatory mass lawsuits and avoid having your file sharing be monitored, you could always just avoid file sharing altogether.

Honey, files and the cloud, multicoloured files and spying on computer images courtesy of Shutterstock.

, , , , , , , ,

You might like

27 Responses to Honeypot reveals mass surveillance of BitTorrent downloaders

  1. lowerarchy · 1093 days ago

    Thanks for a nice article about research from my Alma Mater - I think your advice is sound - avoid file-sharing.

  2. @fadscientist · 1093 days ago

    The last sentence sums it up pretty well. On the other hand, if you want something for nothing, keep downloading and karma will eventually come knocking.

  3. Everard Edbutt · 1093 days ago

    Thats the trouble with public trackers

  4. Machin Shin · 1093 days ago

    "you could always just avoid file sharing altogether. "

    Indeed you could avoid file sharing altogether..... and wait half a day for that linux distro to download instead of waiting just a few minutes......

  5. Lyman · 1093 days ago

    As one uses torrents to download various Linux distros for testing and evaluation, where does that put me?

    Guilty by association!?!!

    • Kat · 1093 days ago

      Of course you're guilty. Everyone knows that open source software is a communist plot or possibly a scam. No decent organization would just give software away for free. That's why we need fine upstanding groups like MegaExtortU Corp. to defend the honor of big business!


      • Anonymous · 624 days ago

        Communism doesn't work because people don't have the morality to uphold it. On the internet you don't need morality to download something it just happens without a thought process involved beyond pressing the button that downloads. Mega doesn't extort and frees items for download by others and helps in the overall spread of access to items. They don't even defend big business, they fight it by supplying the means to not buy from big businesses. Only decent organizations would give away software. That or ones that can afford to for their own long-term benefit.

  6. Jay Cjay · 1093 days ago

    All they're tracking is IP addresses, using publicly available data. There's no way to connect that to an individual user without that info being handed over by an ISP, which is where the court order would come into play.

    So, certainly no violation of "civil rights" here.

  7. Sam Hunter · 1093 days ago

    "I'm not asserting that file sharing is justifiable for any reason"

    This may be the most ignorant statement I've ever seen published by Sophos.

    There are legitimate uses, such as downloading game client patches. Blizzard, EA, Steam, etc. use peer to peer networks as a means to save money and allow quicker patching and downloads for legitimate users.

    I don't use file sharing to download illegal content, but it's difficult to completely avoid it. And my connections are still monitored as well.

    • Lisa Vaas · 1093 days ago

      That was a lazy, shorthand way to avoid getting dragged into the argument over whether or not file sharing is good or bad. Of course it's used for legitimate purposes that have nothing to do with copyright issues. Sorry I wrote it in a fashion that made it seem as if I were ignorant of legitimate usage.

      • Sam Hunter · 1091 days ago

        I sincerely appreciate the acknowledgement and clarification, Lisa!

  8. Jim J · 1093 days ago

    IP Broker would not install to my Dell (x64). Advised only fits x86, although I have a Programs Files (x86) folder.

  9. Heather · 1093 days ago

    If people want to file share go ahead. You never know the quality so it's not like it's store bought anyway. But didn't you used to record off the radio as a a kid. Or record a show off the VCR. The main thing here is Big Business is infringing on people's civil rights! Scaring them! Bullying them! And that's not right! Now if people are copying & selling yes punish them. But if someone if getting low quality file share for themselves well I personally believe they are punishing themselves in the quality of the file share. It's a crap shoot. And we people need to stand up for OUR RIGHTS. I'm half tempted to file share just to see if Big Bussiness is looking in on MY COMPUTER WITHOUT A WARRENT!! Who in the H*LL do they think they are?!?!?

    • MikeP · 1092 days ago

      Redcording off radio onto a tape or off TV onto a VCR is perfectly legal FOR PERSONAL USE in the UK. If you were to then share or try to sell the recording without permission of the copyright holder you would be acting illegally.

      It not the same thing as sharing files via the internet of copyrighted information, such as music or a film. without the persmission of the copyright owner. Such downloading clearly infringes the rights of the owner. But there are music groups and individuals who make their work available free via the web and downloading their work is entirely legal.

      But are the 'snooper's distinguishing between these sources? Does the 'academic' research report show they had differentiated between what is entirely legal but uses a bit-torrent method and that which is potentially illegal?

  10. Encryptz0r · 1093 days ago

    LOL torrents.
    Because that is the best way to pirate shit these days. What year is this?

  11. Jeff2 · 1093 days ago

    gee... it's not like every website tracks your IP for statistical data. <sarcasm>
    It's no different here. If anyone expects privacy on the internet, a PUBLIC place, they had best give their head a shake

  12. Ozbloke · 1093 days ago

    Who cares?? Who would have the personnel and financial resources to pursue legal actions against millions of users worldwide anyway? That's not even taking into consideration the burden of proof. At best, information collected could only be used in a bluff.

    Do the words 'mountain' and 'mole hill' ring any bells?

    • Throkk · 1091 days ago

      Do the words 'threat' and 'extortion' ring any bells?

      The burden of proof has no significance if most cases never reach court. Many people simply pay off the demand because it is cheaper than facing the charge in a court case which can drag on until they are broke. The copyright companies make money from those who pay up and they make examples of those who won't.

  13. Andrew Ludgate · 1093 days ago

    "colleagues at the University of Birmingham, UK, conducted a three-year study that revealed "massive monitoring" of BitTorrent download sites, such as the PirateBay, that's been going on for at least that long.

    For the study, researchers developed a fake pirate server: software that acted like a BitTorrent file-sharing client that logged all connections made to it."

    So... the group spent three years conducting mass surveillance of bittorent (or fake server) connections, and discovered by doing so that they weren't the only ones doing it. My guess is that along with the groups listed, ratings firms (Nielson, etc) are likely also monitoring in order to build up demographics information (people who listen to this also listen to that... people in this geographic all watch these shows, but people in this other geographic area watch those shows, etc.). Such information would be a ratings company's dream!

  14. gregory · 1093 days ago

    If you are dumb enough to download illegal bit torrents without using an encrypted VPN then you are a dill and deserve what you get. Still I can't help but wonder what they could do with the 20 million ip addresses that they probably got in 1 hour ....go around and arrest them? Ozbloke you got right so long as so many people are doing it there is not much they can do...is there.

  15. Mark · 1092 days ago

    vpn, nuff said? :)

  16. JAYE · 1092 days ago

    Keep a Wi-FI Laptop used only for downloading use and IP masker like Anonymiser,
    Look into altering your MAC card address.
    There ARE ways to keep Big Brother's nose outta your business

  17. Gord · 1092 days ago

    Go visit your local public library. Although most libraries won't allow downloading to their computers' hard drive, they likely allow downloading to a memory stick. Mine does. And they don't give up personal ID account info to the police.

    • Gord · 1092 days ago

      Please add to my previous comment:
      The only problem with library computers is that they usually do not allow installing anything, including BitTorrent clients. So you have to find the file you want in another way.

  18. Guest · 1091 days ago

    All of those here (including the author of this article) arguing that folks should simply avoid P2P are overlooking an essential detail: IP addresses are not exclusive to an individual. For all practical intents and purposes, that is almost never the case.

    For example, if you're an average American using a residential broadband connection, there is a fair chance that it is, at some point, also used by those who cohabitate with you, those who visit as guests, and quite possibly one or more of your neighbors.

    And even more substantial is the fact that many such connections are also driven by dynamically assigned addresses, which means that you are likely inheriting the identity of tens, hundreds, or perhaps thousands of random strangers from your approximate geographic region. Further, even if an address is static, it is quite possible that one or more machines on a local network has been infected with a P2P virus at some point, which would expose users in a similar fashion.

    In other words, almost anyone using the Internet can be targeted indiscriminately and without any regard for justification. Let's call this behavior plainly what it is: a wanton for-profit invasion of privacy.

  19. George Butel · 1090 days ago

    Do they ever take into consideration that there might be an innocent explanation for someone visiting one of those sites? I avoid that kind of site the same as I would avoid an xxx site, concerned about viruses if for no other reason, but not long ago, I discovered that an old software install cd had become unusable, and I attempted to find the install file on the internet. The manufacturer no longer had it on their site. I'm talking about a piece of software which I legally own, and have a receipt for, but I went to one of those sites to get an uncorrupted copy. Could it conceivably be illegal to download something that you already own? I am wondering if their watchdogs ever check possibilities such as that out. A different question is this: I own a lot of vinyl that I have not digitized yet, as well as old VHS movies. Some of these are now available in digital format. I have not done so, but I have wondered how it could violate a copyright law to, as in the previous example, obtain a copy of something that I already own. Since I own a legal copy of the music and videos, although it is a different format, I could digitize it myself--and will eventually--but I wonder if it could be considered illegal to download?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.