back to article Internet abuzz with BitTorrent bypass code

A block of 86 lines of C# code is creating a buzz online following claims it may make BitTorrent downloads untraceable. The code, sweetly named SeedFucker, is actually an exploit discovered last November that would allow a BitTorent user to fake the IP address of a server from where a file could be downloaded. It could also be …

COMMENTS

This topic is closed for new posts.
  1. JB
    Coat

    All this fuss and bother...

    ...so people can share Linux distributions.

  2. asdf
    Flame

    lmao @ UK

    How far the mighty has fallen. Doesn't the UK still have to follow EU laws? I thought Europe was supposed to be more mature and protective of things like individual civil liberties. Pretty sad when the UK is even worse than the US Inc. when it comes to these issues. At least our government is bought and sold by the corporations who are some what accountable to shareholders instead of self appointed incompetent window lickers who are accountable to no one. Hey UK wake up. If even we the sheeple in the states can get rid of Bush and buddies perhaps you all shouldn't be reelecting NuLab and Gordo Brownie.

    1. Anonymous Coward
      Anonymous Coward

      america f*ck yeah

      Your understanding of world politics is unrivalled. Well done for showing the rest of the world that America is a country to be taken seriously and not just full of ill informed fools.

    2. Richard 81

      EU

      Ultimately our government does have to answer to the European Court of Human Rights, but they're always less than eager to do so.

      Anyway, it's general election time.

    3. John Murgatroyd

      But even

      David Cameroon has to follow EU law, which overides UK law. Nothing he can do, short of leaving the EU, will change anything. the EU is just as restrictive as the UK !

      And where did you get the idea that EU law does, or will, allow download of unpaid-for copyright material ?

      1. BristolBachelor Gold badge

        EU Laws

        But they have worked out how to rig it. If you look at the horrible EU laws, you find that they were lobbied for and created for the local politicos that we are hoping the EU will protect us from. (E.g. any copper in any country paid by any crook can look at any police record of anyone in Europe?)

    4. heyrick Silver badge
      FAIL

      @ asdf

      Fail, dude. A US president can only run for two four-year terms. The Americans did not "get rid of Bush", he was out of the picture, leading to a competition between Obama and a guy named after an oven chip, neither of which were Bush.

      Epic Fail as you appear to be American and don't know that. Wow.

      Oh, and none of us elected Gordie. We elected the party and the party elects the leader. When the pseudo-elected leader (Blair) left (was pushed), Gordie assumed leadership. This state of change should have triggered an automatic general election, but our (so-called) democracy is too f**ked for that.

      1. Anonymous Coward
        FAIL

        @heyrick

        No, Blair resigning should have triggered a by-election in Sedgefield, which is did. If Phil Wilson had assumed PM-ship, you might might have a point. No voter other than Sedgefield voted for Blair in 97 - with the exception of idiots. So far it's a repeat of the story of John Major becoming PM in 1990, the only difference is people have spent too much time watching the West Wing and think they're American.

  3. nicolas
    Thumb Down

    but of course

    This is silly. As silly as patenting One click.

    This is simply using the bittorrent protocole.

    There are two ways to announce your IP to the tracker. Either you don't give any address, and the tracker assumes that the originating tcp/ip address is your address. Or you can give ANY address in the corresponding address field of the first request.

    This has been possible since day one.

    What this seedfucker does is that it's a script that connects to trackers and sends fake originating IPs.

    It's VERY easy for trackers to protect from that. Simply look at the originating tcpip address, which CANNOT be faked. And ban anyone who sends you more than 2 or 3 different addresses...

    And of course it can be exploited to give out government, majors, you name it, IP addresses :)

    So to sum up my feeling, there is no exploit or any special thing here, only an idiot who wrote a huge script that fakes IPs. No hacking here.

    1. Anonymous Coward
      Thumb Down

      Ban multiple IP submissions

      "It's VERY easy for trackers to protect from that. Simply look at the originating tcpip address, which CANNOT be faked. And ban anyone who sends you more than 2 or 3 different addresses..."

      So, you block everyone who is using an anonymizing proxy, TOR, private network gateway, VPNs and other happy internet contrivance to normally manage resources or cloak the transaction. Yep, both "legal" and "illicit" purposes there, blocked and banned.

      And then you wonder why no one uses your tracker anymore...

      1. nicolas

        tracker keys

        Or then, you have people subscribe to your tracker, so that you can discriminate them,

        and you give out download keys that are linked to each user and embeded in the announce URL.

        Many trackers do that already.

        Then you can see who seems to be opening their torrents from all over the world every second...

        1. Anonymous Coward
          Anonymous Coward

          Indeed

          What a lot of the plebs don't realise is that a lot of private trackers issue unique keys on the torrents downloaded to their users. Then when the key ends up on a public tracker, the private tracker mods know it's been ripped and ban the user from the private tracker based on the fact that the user's key went "wild".

          A lot of private trackers issue warning after warning to never, ever put your torrent files anywhere public else you will be banned, not due to loss of the torrent content but for attempting to allow and sundry to bash on the door of the tracker.

          The only downside to this is that as user is tied uniquely to a tracker operator, the fuzz bust in and they have an instant database of who has been doing what with whom!

    2. Anonymous Coward
      FAIL

      er

      why would a tracker want to ban anybody?

      1. Anonymous Coward
        Anonymous Coward

        Simples

        "why would a tracker want to ban anybody?"

        Because otherwise the long arm of law^Wcopyright enforcement will nick their servers?

  4. frymaster

    It forces due diligence, which is no bad thing...

    so now users can make a torrent seem to have fake peers as well as the tracker... if the companies are doing their jobs properly*, this shouldn't matter... a valid fragment of the file (i.e. not just random bytes) should be uploaded from the peer to the company before they record that IP as being infringeing

    * pretty sure they _aren't_ this diligent... all this'll do is make them wise up quicker, though, rather it waiting until the comedy moment when someone's webcam gets sued

    1. Anonymous Coward
      Anonymous Coward

      unfortunately

      It's very possible to be visible in a swarm but still not download/upload to any particular host. The industries don't want to risk missing IP addresses they see in the swarm and usually count them all as infringers.

      Funny thing is that even though inserting fake ip's has been a feature of opentracker for a few years (http://opentracker.blog.h3q.com/2007/02/12/perfect-deniability/), an ip address alone is still widely viewed as evidence enough of wrongdoing.

    2. Anonymous Coward
      Anonymous Coward

      Forget the webcam moment

      They already sent DMCA takedown requests for three laser printers

      http://boingboing.net/2008/06/05/entertainment-indust-1.html

  5. henrydddd
    Unhappy

    Swings both ways

    Everyone seems to be in a stir about so called file sharing. But the recording industry is also part of the problem. The recording industry has lobbied Congress (US) many times to get copy right extensions. With the Sony Bono Copy Right Extension (1998), the copy right on movies has been extended to 120 years in some cases. Virtually every movie produced by a movie studio is now copy righted. In essence, there is no public domain for copy righted works. These extension laws were designed to preserve works of art, but they only serve to allow the recording industry to bury their movies and music forever. Until the recording industry is willing to compromise with the public (things like limiting the length of a copy right to 25 or 30 years maximum), they will have little success in fighting file sharing. All of the draconian laws to stop file sharing will fail. All that will be produced is a hot war between the public and the recording industry. Greed can only go so far

    1. Anonymous Coward
      Grenade

      So ...

      You reckon if the US copyright laws change from 120 years (in some cases) to being only 25 to 30 years, that will stop global file sharing? People all over the world will stop if americans only have to wait 25 years from release to share films?

      Isn't half-term over? Shouldn't you be back at school?

    2. Mme.Mynkoff
      FAIL

      Who's greedy?

      "Greed can only go so far"

      Wise up guys, you have to pay eventually.

      Sitting in your Mom's house downloading every TV, movie and CD you want without paying, sheesh.

      1. henrydddd
        Thumb Down

        perpetual copyright

        But extending copyright protection to cover every copyrighted piece to eternity, that destroys any incentive of people not to download works. The Wizard of OZ should not be under copyright protection period. IF this corporate greedy mentality were extended to patients, there would be no such thing as generic drugs. By locking so called works of art up forever, that will aid in creating a further class difference between the rich and the poor. Finally, why should tax payers pay so that these corporate stooges can keep a cheap movie under raps for ever? As for me, I could not care less about file suckers and what they do. Who knows, maybe someone will eventually wake up

  6. Anonymous Coward
    Go

    Remember Prohibition!

    That worked.

    Ban Drugs................. that worked...................... eh what was I saying... hey crisps!

    hmmmmm hamburgers

    Carry on...

    1. Anonymous Coward
      Anonymous Coward

      Err...

      Banning sale and consumption of drugs is analogous to banning the unlawful copying of other's copyright material, how?

      1. MadonnaC
        FAIL

        Link

        You mean you can't see the link between:

        Prohibition and Speakeasy

        "War on Drugs" and your local dealer

        ?

        it is *really* a stretch of the imagination to see

        MPAA/RIAA/Etc and PirateBay et al. </sarcasm>

        you fail at failing!

  7. Andrew Norton
    FAIL

    Not quite Kieren

    Kieren, please, read the code. Then understand the bittorrent protocol, and you'll see why the conclusions in your article are false. Most of the big trackers already do this anyway, and have for years. After the University of Washington study in 08, antiP2P companies doing monitoring wouldn't be affected by this either, as they learnt their lesson.

    However, about the only practical use for this code is to inflate scrape-value peer numbers for fake torrents, so that the values on some sites will be higher, leading to people downloading it. If anything, the Antip2p companies are the ones most likely to be using this, to 'entice' people onto their torrent so they can be tracked.

    If you want more detailed reasons, Kieren, then get in touch.

    1. SuperTim

      Quite.

      Anybody seeing a file with a suspiciously high seed rate should automatically avoid it anyway, as it likely does not contain whatever legal file you were looking for.... Ahem.

  8. Ed 11
    Thumb Up

    VPN's

    Surely the easiest way around the new legislation is simply to treat your ISP as a pipe through which you create a SSL VPN? The ISP then can't see what you may or may not be downloading, which means they needn't consider cutting you off. Apart from rather a lot of traffic on port 443, the only thing my ISP knows about my surfing habits is that I occasionally use for PS3 to play games online.

    1. Goat Jam
      WTF?

      Nice idea

      Where does your tunnel terminate though?

  9. Anonymous Bastard
    FAIL

    I don't understand the significance

    An ISP employing deep packet inspection will be able to spot BitTorrent connections regardless of what the client is reporting. For a spy outside the ISP's gateway it's a simple matter to connect to the supposed port and find out if it's really sharing said file.

    In essence this exploit appears useless but we're not given a chance to confirm the story ourselves because Kieren McCarthy in San Francisco gives not one reference and has shown a poor grasp of the subject at hand. (e.g. "No sooner had Napster been taken down than a new method of file sharing, BitTorrent, was rapidly adopted.")

    For the uninitiated Gnutella, WinMX, FastTrack and eDonkey all had their time in the spotlight before BitTorrent bloomed late.

    (My reference: http://www.slyck.com/story1314.html)

    1. Andrew Norton

      references

      think you'll find the references you need (including the C# code in question) here http://torrentfreak.com/seedfucker-is-not-going-to-make-bittorrent-anonymous-100414/

    2. Mark 65

      Really?

      Does deep packet inspection work on encrypted connections? Didn't think so.

    3. Anonymous Coward
      Anonymous Coward

      title

      Of course, no amount of masking your traffic destinations can hide the sheer volume going through your connection.

      For now ISP's simply slam the brakes on your speed, pray they don't cotton on and for ISP's to report your account for "suspiciously high volumes of traffic to locations outside of the pre-approved list (iplayer, youtube blah blah)".

  10. Anonymous Coward
    Big Brother

    A previously Ambilivant Paytard Comments

    I was listening to Radio 4 on this whole new law and t hey summed it up by saying something like that it was rubber stamped by "Mandleson at a Meeting with Geffen on the Rothschild Estate ......... it doesn't get anymore sinister than that"

    As a Paytard i wasn't even interested in this topic until they passed this dodgy bill into law without proper consideration during the washup but i am now. I think they best way to upset the Politicians and teach them a lesson would be for the interwebs collective uber brain to devise some new sneaky code that makes a mockery of it. Perhaps they will then be forced to rethink and consider if screwing the civil liberties of all to find a few is really a proportional response to copyright protected file sharing or as it otherwise known some kids downloading some rubbish they weren't going to buy anyway.

    There is no denying that we need to protect copyright and intellectual property, as a devloped nation we depend on such things more than others. That said when technolgies and laws are passed not to protect intellectual proerty but instead illegal and immoral cartell based business models its time to draw a line.

    1. Anonymous Coward
      FAIL

      Epic freetard fail

      "There is no denying that we need to protect copyright and intellectual property"

      Well, you are denying it for a start.

      How are you going to protect it from freetards, then?

  11. Anonymous Coward
    Pirate

    it's only a matter of time

    before bittorrent peers become either untraceable or participation impossible to prove due to the deluge of false IP addresses being thrown into the swarm

    anyhow, they can't even catch anybody now, so I don't think I'll bother panicking

  12. Anonymous Coward
    Grenade

    If I'm reading this correctly

    This is very old news. The tracker protocols (actually just a HTTP/URL protocol for announcing you want to join the peer network) have had the ability to specify the IP address you're connecting from for ages. Not all trackers will support the IP= field, but it seems that most do. It's very handy if you're sending all your tracker requests through a VPN, tor network or web proxy, which seems to be the main reason it's supported in the first place.

    Once again, I'm pretty sure the code described in the article is based on old knowledge. There's a good paper describing how (I think) this technique was used to get DMCA takedown notices sent to a network printer:

    http://dmca.cs.washington.edu/dmca_hotsec08.pdf

    The Reg article is also quite a bit off when it talks about using this for "anonymity". In fact, if you want to connect to the swarm, you have to have a valid IP from which you can connect. Once you're in the swarm, the tracker knows about it and will gladly tell anyone who makes a request to join later. All you achieve by feeding fake IP data to the tracker is to increase the amount of unnecessary traffic that will be generated by peers trying to connect to random machines and making it more difficult (but not impossible) for eavesdroppers to say with certainty whether a given IP is actually part of the swarm.

    The next logical step for eavesdroppers is to actually attempt to connect to the sites themselves and see if they're actually accepting incoming bittorrent protocol messages. Of course, the other side can also make things more difficult by picking machines they know will be listening/conversing on a given port, so eavesdroppers might end up with a few more false positives than they'd like. Plus, if there are enough fake IP messages spread out to enough popular active torrents, the effect on the targetted IP address could be tantamount to a DDOS. I'm actually surprised nobody's gone and exploited that one so far.

    Although it's not mentioned in the article I linked, there's also the possibility of using the Peer Exchange feature of bittorrent to achieve pretty much the same spoofing behaviour.

    Finally, I think I'll go anon on this one cos I'd written my own scripts to do this spoofing since around, oh, Hadopi 1. Not that I've ever used them to bombard French government sites with masses of torrent traffic, but since it seems like such an obvious thing to do, I don't want to get blamed for the actions of any other (hypothetical) script kiddies who've had the same idea. Better safe than sorry.

    1. Anonymous Coward
      WTF?

      Technically illiterate journalist gets pwn3d

      Nothing to see here, move along.

  13. Sorry that handle is already taken. Silver badge

    SeedF**cked

    SeedFlecked?

    SeedFlicked?

    SeedFlocked?

    SeedFrocked?

  14. Tony Paulazzo
    Happy

    The dark sith

    "Obi-Wan once thought as you do. You don't know the power of the Dark Side, I must obey my master. The ability to destroy a planet is insignificant next to the power of the force. You cannot hide forever, Luke."

    Privacy Pirate Party UK!

  15. LaeMing
    Boffin

    GNUNET?

    http://gnunet.org/

  16. Winkypop Silver badge
    Joke

    What?

    There's free stuff on the Internets?

    Who'd a known it?

  17. ShaggyDoggy

    The point is ....

    ... that you only need the possibility of fake IP's in the swarm to get your case thrown out of court e.g. that wasn't me it must have been someone else faking an IP which happened to be mine. The prodecution can not prove beyond reasonable doubt that it was me. End of.

    1. Andraž 'ruskie' Levstik

      Wrong

      That only applies to criminal cases. But copyright last I checked was still under civil law so there you are the one needing to prove your innocence.

      1. Jonathon Green
        Pirate

        Not Wrong

        "That only applies to criminal cases. But copyright last I checked was still under civil law so there you are the one needing to prove your innocence."

        There's still presumption of innocence in civil law, what changes is the standard of proof required, criminal cases must be established to a standard of "beyond reasonable doubt" whereas civil cases need only be established to the level of "balance of probabilities" (i.e. more likely than not).

        My (probably horribly naive and misguided - IANAL etc) interpretation of this as it would apply to using spoofing of IP addresses as a defence in court would be that if you could demonstrate that IP addresses corresponding to real entities were being "spoofed" in a bit torrent swarm at *any* level that would make it extremely difficult for anyone relying on an IP to prove guilt to the standard required for a (hypothetical - as far as I know this stuff still remains within the realm of civil law) criminal prosecution but that to use it as a defence in a civil case you'd have to establish that it was happening often enough to result in a significant probability that a given IP address would appear in a swarm as a result of spoofing.

  18. Il Midga di Macaroni

    Geeks move faster than legislators

    ... and it will ever be so. If the music/flim industry want to stamp out royalty evasion, they should get geeks instead of lawyers and political lobbyists.

    Face it, the Internet is founded on the principle that if there is information in one place, it can be replicated to another place. Hence, ALL forms of personal privacy, copyright, or any other reason to hold up the flow of information, are inevitably doomed to fail.

    Here's an idea from another industry. Why don't they drop the royalties on the movies/songs themselves, or at least lower them dramatically, and make up the revenue from merchandise and stuff? More people watching the movie (because they can download it free) means more potential customers for a themed t-shirt.

    Oh wait - then they'll have to put some quality into their movies or people won't buy the stuff. Back to the old drawing board...

    1. PsychicMonkey
      FAIL

      yeah, that'll work.....

      they'll make far more money by selling t-shirts than by selling the dvd.....

  19. Disco-Legend-Zeke
    Pint

    It's So Sad...

    ...that a great idea like Bittorrent has become syonymous with freetards. Cascade distribution is the greatest bandwidth saver ever. Oh well.

    211, on the other hand, prevents me from letting my rant-quest from going up the tower.

  20. Bram
    Flame

    A waste of time

    This is not going to hide anyone from from the authorities any no one should be downloading this fix, its probably rigged to report you straight to Sony and the other media industries.

    The fact is Media is quite expensive to the average person (believe me I have been poor) paying 79p for a song that your not going to listen to that much in 6months or a year is just a waste, movie rentals catalogues online are not extensive or big enough (in the UK at least) to be worth the £4-8n per a movie extra storage space, broadband connections and TV screens and media players to view the content is not that cheap either.

    If young people can't be involved in the new media content and spread its popularity then it will never take off, the main culprit in this whole silly mess is the Media companies that failed to change their business plans in the decades they controlled the industry, why oh why am I still being offered pop corn at the cinema can't stand the stuff! I would like a hamburger and a milkshake, that would make me go to the cinema not a bloody 3d film with smurfs, which I have to wear glasses that don't fit well on top of my glasses.

    When an artist/director creates some media content there is no reason it shouldn't be available worldwide instantly (without favor to the US) and at the same price (not just by replacing a $ with a £) and maybe YouTube wont stop people from watching content from other countries for no obvious reason other than a request from a controlling media industry, they'll stand up to China but not EMI lmao

  21. blackworx
    Flame

    I look forward...

    ...to the day when all this fighting is a footnote in history (like the fighting after the introduction of radio) and we can all get on with enjoying music, movies and books without the background noise of freetards obtuse whining or being made to feel guilty by pigopolists who refuse to get with the times.

    1. Andrew Norton

      *ahem*

      if you look at radio, or VCRs or any other past example of new technologies impacting a pre-existing status-quo in the copyright area, you will find two things.

      1) the position of the so-called 'freetards' has persevered, and

      2) not only was the alleged damage not forthcoming, but usually the industries, when forced to, not only adapted but grew.

      1. blackworx
        FAIL

        @Andrew N

        That was pretty much my point, but rant on if it makes you feel better

  22. Anonymous Coward
    Pirate

    I want

    I want to get every Steven Seagal movie, what an actor, what amazing storylines, what a great persona. Give me the seeds!

  23. Skymonrie
    Paris Hilton

    Care?

    This will change nothing to be honest, if anything it will stoke up more support for anti-sharing measures.

    The “substitution rate" (how much lost per download) at the moment is at a ratio of 1:1 which doesn't make sense as it is. I discovered some of my favourite artists through P2P and have even gone so far as their live gigs, is this something I would have done without P2P???

    Idiot's like Murdochs son who recently stood up and said "downloading music illegally should be treated like robbing someones house" will only get more of a listen. I'm not defending freetards or attacking copyright, both have a place and BOTH can generate revenue.

    It's only a problem because, the copyright holders don't actually DO ANYTHING but sit on someone ELSE's work. Quite simply, kick the lawyers in the cojones and give the world a break. Unless the person in question is trying to make money out of it by running a dodgy media ring, not important, actually good to spread an artists vibes! That or start stocking "media" I'd actually want, never seen a Nujabes CD in the shops or even at HMV online...

    Back to the point. Other than not adding anything new to shroud ones address for discovering new music, if the it appears more people are downloading, the copyright kings will kick and scream "Piracies on the rise!"

    I would reallllly love to see some of the figures from artists who actually have people go to their gigs rather than "this month's" waste of space.

    Going to cinema > watching movie off the net

    Going to a live gig > listening to an mp3

    Paris - She knows she has tits

    1. Andrew Norton
      Coffee/keyboard

      ah, the 'substitution ratio'

      "The “substitution rate" (how much lost per download) at the moment is at a ratio of 1:1 which doesn't make sense as it is."

      It doesn't, and many people, including software companies (Such as EA at the news Spore had become the most downloaded PC game according to Torrentfreak - funnily enough, said list of most downloaded games was included in the DEAct consultation documents), have said it's nonsense. Then you have the ratio from the (extensively flawed) study Mr Orlowski championed a few weeks ago.

      One thing that didn't get a mention here (or at least i've not seen it), when it came to substitution ratio, was the nice little piece published earlier this week by the US GAO. You should be able to find it easily enough, but the gist was 'there's no evidence to back up loss claims, or the substitution ratios they're based on'

      Of course, that report, like the one by the Canadian Government saying p2p actually increases sales, and the ones by all the independent researchers (such as myself), will be ignored in favour of industry-sponsored ones, that have big losses, but give no data or methodology.

      Icon because that's what happens when people resort to substitution ratio arguments, as everyone knows it's a load of crap, even Labour Candidate Ricahrd Mollet, standing in South West Surrey (and formerly a high muckety-muck in the British Phonographic Institute)

      1. Anonymous Coward
        Anonymous Coward

        @Andrew Norton : *cough*

        http://www.theregister.co.uk/2010/04/15/gao_spanks_piracy_exaggerators/

  24. Spoonguard

    -o̶̵̵-<◁

    We Await Silent Tristero's Empire

  25. Stefing
    FAIL

    Not quite

    http://torrentfreak.com/seedfucker-is-not-going-to-make-bittorrent-anonymous-100414/

    In theory, SeedFucker could cause problems for the anti-piracy outfits that track BitTorrent downloads because they would run into many fake peers. However, most reputable tracking companies confirm whether the material in question is actually being shared from a particular IP-address.

    “It might seem to some that this is a major change, but in reality it’s nothing new, nothing that isn’t already done by some trackers themselves,” an experienced BitTorrent developer told TorrentFreak when commenting on the code, adding, “It doesn’t substantively change anything, and will not change things in the conceivable future.”

  26. Anonymous Coward
    Anonymous Coward

    Wtf?

    Wtf are "private Internets"? Is this an attempt at ironic kiddie speak?

    1. Dale Richards
      Go

      Private internets

      I would expect that private internets are internets that can't be accessed by the general public. Something like a darknet...

      http://en.wikipedia.org/wiki/Darknet_%28file_sharing%29

    2. Frumious Bandersnatch
      FAIL

      -1 internets for you!

      I don't see anything wrong with the term "private internet". An internet is simply a network of networks connected using the various "internet protocols" such as TCP/IP, UDP/IP or whatever other form of higher-level protocol you want to implement over the IP layer. If you've got a home/office router and you've got different subnets running off it, then you've got "an internet" right there. If this internet is being firewalled behind the same router box, then by definition, it's a "private" internet.

      This is the very simplest form of "private internet", but others are common. A corporate internet will very often have VPN (Virtual Private Network) access points so that a person (employee) can connect to the company's internal (private) internet by connecting to and authenticating themselves with a VPN server somewhere out on the (capital "I") Internet. In this case, a higher-level protocol again (ie, VPN) is built on top of the existing TCP/IP infrastructure and provides the illusion that all the company's computer are all on the same physical "internet" or subnet. In other words, VPN provides an "internet over internet" abstraction/encapsulation layer.

      There's nothing very difficult to understand about this (you might even call it "simples"), but unfortunately a lot of people can't even distinguish between "the Internet" and "internet" (as a set of protocols). It kind of ticks me off when I hear people who should know better obviously failing to understand even this simple distinction. At least when politicians and media spokesmen display the same kind of non-understanding it can be somewhat funny at times. But Reg readers? Tcshh!

  27. Anonymous Coward
    Anonymous Coward

    Volume litigation

    In regards to an IP address used to "identify" an "alleged" copyright infringer, I happen to agree with this excerpt from an article on "volume litigation":

    If one assumes the practice is compliant with the Data Protection Act, there remains an argument that the process is flawed. The data provided by the ISP relates to the ‘registered keeper’ of the IP address at that time. This is different to the user. I am the keeper of my broadband account: it is though used by others in my household. This has been recognised recently by the Tribunale di Roma which ruled that an IP address is insufficient evidence to identify an individual. During preliminary investigations of a file-sharing copyright infringement complaint, the investigatory magistrate and the judge considered that the mere ownership of the connection from which the offence was committed was not sufficient to establish the liability of defendants, especially since the alleged infringement may have been committed by other people. It is widely accepted that the industry standard WEP encryption protocol used for wireless routers is not sufficiently secure to prevent illegal access to even a secured router. The risk of identifying innocent parties as ‘infringers’ is therefore great. This has been evidenced in the hundreds of individual testimonies which may be read at http://beingthreatened.yolasite.com/your-stories.php as well as in high-profile cases such as that of Ken and Gill Murdoch.

    Source: http://www.scl.org/site.aspx?i=ed14683

    The only thing the Digital Economy Act 2010 does is smooth the way for such volume litigation. Everyone ignores the family demographic (parents with one or more teenagers). This is the demographic that will be hit hardest financially (by such litigation troll firms mentioned in the Volume Litigation article).

    Hypothetical: what if someone developed a P2P system using Google Mail as the transport (so music files were zipped up and transferred via email)? If such a system prevalent prevalent, would it be possible to order Google Mail to be blocked or taken down? If such a system was developed, would it be acceptable for Google to check the contents of emails sent to/from it's Google Mail customers? It wouldn't be possible to use DPI because GMail uses encryption.

    Another one: I found an article somewhere (can't find it right now) about some Japanese teenager who has developed a "proximity sharing" application intended for use on the up and coming handsets that will sport Bluetooth 3.0 (transfer rates of 480Mb/s - same as USB 2.0). This completely changes the "sharing dynamic". Does it mean their mobile carriers would be required to disconnect customers accused of "proximity sharing"?

    I don't use any P2P clients - never have, never will (not knowingly anyway). I don't need to download free stuff, I'm fortunate enough to make enough money to buy things. I am, however, a parent, and I can't believe that I could now be held accountable for something one or more of my children does. Worse still, I could be held accountable for something one or more of their friends does on my network. What's the solution? Stop sharing the Internet connection completely? Is that what our society has been reduced to - being taught that sharing is a bad thing?

    I for one am disgusted at the display of "democracy" referred to as "wash-up", and the obvious influence and corruption injected by Mandelson. For this reason, I have decided to participate in the BPI Boycott:

    http://bpiboycott.wordpress.com/

    This, it appears, is the only means I have of protesting against what I believe is ill conceived (and possibly unlawful) legislation rushed through parliament. I refuse to finance the companies who engineered the Digital Economy Act, and I will not give my vote to any politician who voted for it. There are other forms of entertainment out there.

    By the way, the first I heard about this and how it could effect my life was at a "Parents and Teachers" meeting. Don't underestimate the P&T - news of this will spread like wild fire. After all, we (parents with teenagers) are the demographic that will be hit hardest.

    1. Anonymous Coward
      FAIL

      WTF?

      "I am, however, a parent, and I can't believe that I could now be held accountable for something one or more of my children does."

      And who else should be responsible for your children's actions? Or are you saying that you'd rather have your kids tried in an adult court and given adult sentences if it means you don't have to worry your lazy arse about what they're doing on their computers in their rooms?

    2. scrubber

      Not quite right

      "I don't use any P2P clients - never have, never will"

      Used BBC iPlayer?

      "Tribunale di Roma which ruled that an IP address is insufficient evidence to identify an individual"

      Indeed, but the owner of a speeding car is still fined if his car is caught on camera speeding and he can't/doesn't identify the driver.

      1. Bod

        Speeding car

        "Indeed, but the owner of a speeding car is still fined if his car is caught on camera speeding and he can't/doesn't identify the driver."

        However the IP argument relates more to the owner of a speeding car being caught for his neighbour speeding in their own car, if somehow his details could be associated with your address, or someone uses fake plates cloning your car, gets snapped speeding and the gov decide they don't care and will prosecute you regardless.

      2. Anonymous Coward
        FAIL

        Car ≠ computer

        Car analogies=FAIL.

        Cars can kill people or be used to commit actual crimes with victims.

        The only solution to the BPI's woes is simple: Turn off the Internet.

        As the Americans say, let us know how that works out for ya.

  28. David Edwards

    IP Trace on P2P

    I have not spent much time looking into P2P issues, so tell me.

    Once the file sources have been located via the tracker sites by a downloader, a Peer to Peer connection is established between the sharer and the downloader. If a downloader ran wireshark they would see the REAL ip address of the source (or VPN end point) . Faking that Real IP address to the endpoint of a P2P would surley be impossible, or the packets would not know where to go.

    So its not ISPs that send IP addresses to the rights holders, its the rights holders trawining for "thier files", identifying sharers and then asking for the physicall address relating to the IP they have seen sharing the files?????

    (This is a question so no flames, I want to know how this works)

  29. Al fazed
    Dead Vulture

    Way to go

    Who downloads that pigopolist shite anyway ?

    Most films they are involved with and that I sometimes get to see, usually turn out to be rank remakes of tales of yore. Everything is drowned in very poor CGI, making a film appear like a very long comic strip ! DURR !

    Where went the art and creativity ? Seems like a visual cul de sac to me.

    Most music I hear these days is the same, just a rank remake of crappy pop tunes, once churned out by bands with names like "the Beatles", which in reality were once enjoyed only by grannies and very very young children, oh yeah and my son with Downs Syndrome.

    Mind you, some of the Beatles T-shirts doing the rounds are pretty groovey, and they are not free, and I'll bet that "the band" members do not get any royalties off these. AAAR !

    All the stuff I get to listen to or watch these days is usually available free of charge, NOT via P2P, but mainly as it is made to be distributed free of copyright.

    There you go Industry NIL, anarchists ONE.

    You should know, there are more of us than there are of you, anal retentive, need to pay to own it types. Because we are the worlds poor and you are not. The gap is apparently widening between us, so don't get any ideas about a career as a pop star, silly ! Or you'll end up as one of us anyway looking for stuff you can get for nowt ........

    I thought that this technology was supposed to narrow this gap ?

    Try this FREETARD haven,

    www.crackpots.org.uk

    ALF

    1. Anonymous Coward
      Anonymous Coward

      Testify!

      And ta for the linky.

  30. Jim Coleman
    Coat

    Erm...

    "...provide IP addresses to the authorities of files that are said to be infringing copyright..."

    Files have IP addresses? Who'd a thunk it?

    Mine's the one with the IP address to filename resolution lookup in the pocket.

    1. Dave 120
      FAIL

      What does "IP address" mean?

      Of course they do, that's their Intellectual Property address. Dummy.

      http://meeb.org/post/505849844/i-wrote-to-my-mp-two-weeks-ago-regarding-my-shock

  31. The Fuzzy Wotnot
    Pint

    There's the money shot!

    Now why can't these shady characters write code for Microsoft and Apple?!

    1. Product ( BT ) running for yonks.

    2. Legal action threatened by govs.

    3. Patch available quicker than can you say "Get stuffed Mandelson!"!!!

    I am surprised it took someone this long to come up with some way around being caught ripping off the latest Hollywood cack! Don't give me that Linux distro cobblers, yes we know you can do that, but less face it, BT exists purely for everyone to rip-off the latest blockbuster and wonderful X-Factor wang offering from Sony Music corp!

  32. Anonymous Coward
    Thumb Down

    Why is el Reg...

    ...leading this story with a pic of people climbing over the Berlin Wall?

    Seems to me that your general indulging of the economic, moral, political delusions (i.e. whims) of freetards is something of a pact with the devil.

    Reg should say it like it is.

  33. DaveB

    One step forward one step back

    I just hope that when this exploit starts generating false IP addresses they all point back to Mandy's computer.

  34. William 6

    napster -> bittorrent ?

    "No sooner had Napster been taken down than a new method of file sharing, BitTorrent, was rapidly adopted."

    there was others, bittorrent was not the drop in replacement as hinted to here. Gnutella and edonkey had way more users than bittorrent at that time.

  35. Anonymous Coward
    Anonymous Coward

    meh

    there are far more anonymous and secure methods of file sharing out there, it's just nobody can bothered with them at the moment as the chances of getting stung are so slight.

  36. Anonymous Coward
    FAIL

    This is hardly anonymous...

    Yes, it hides the true offender, but in doing so, it nails some innocent party who has absolutely nothing to do with the offence.

    But yeah, freetards/pirates couldn't give a monkey's about screwing up someone else's life with this, especially when it then costs those other people thousands of dollars in fees and hundreds of hours of negative effects on their health...

    This is so bloody typical about society lately - me, me, me, I don't care about the impact on other people.

    1. Anonymous Coward
      Anonymous Coward

      Exactly...

      ... it invalidates the defining characteristic used in the bill

      get it now?

    2. Anonymous Coward
      Stop

      No - I dont believe that the intention

      I believe the idea is not to pass the blame, but to undermine the confidence in the system. It would simply mean that determining the seeder by IP address would become unreliable, and hence useless.

      After all, its simply an arms race, with the Government falling for it hook, line and sinker.

      And as far as society is concerned, the privacy ramifications of mandybill are just the thin end of the wedge. This is about freedom versus control, as much as freetards getting stuff for nothing.

  37. Watashi

    Anonymous proxy

    All you need to do is to put a link in your data chain that is outside the legal jurisdiction of any country working to get rid of copyright infringement. This way, neither the police or the ISPs can link what you are downloading / uploading with where you are downloading from / uploading too. As far as I know, ISPs are not going to be allowed to cut you off just because there are music tracks in your data transfers.

    At the moment, anonymising proxies cannot possibly handle all the P2P traffic - but I spy a good business opportunity for some little non-conformist country looking for a quick cash injection into their economy. Wouldn't it be ironic if we end up with a situation where millions of music consumers pay £5 a month to some far-off proxy server so they can have access to unlimited music. All that money that should be going to the music industry will get siphoned off by terrorists, international criminals and despotic leaders as a direct result of the attempts being made to stop illegal downloads!

  38. Mectron
    FAIL

    Ridiculous

    Most company/organisations who complain about illegal download are court proven criminal entities who break the law on a daily basis. Any serious (IE: NON CORRUPTED) court of law will never accept any proofs provided by those companies. a log, a IP address etc... is way to easy to manipulate/spoof. but since the UK justice system (just like the US one) is now a full own branch of the MPAA/RIAA, regular joe does not stand a chance.

    The only way to curb piracy is to disolve he MPAA/RIAA and all other similar criminal gangs accross the globe, prevent media company from forming cartel and REGULATE (as in lower priced) media content and the amont of profits they can make. Exemple, who care that every one is donwloading Avatar on P2P. they allready made 2 billions with it. It should automaticly go public domaine.

    1. L1feless

      take this to the next step

      I can recall a film festival movie...My Big Fat Greek Wedding. This was originally released in a very limited # of theaters and won several awards at some key film festivals. Then a screener leaked online and it was all the buzz online. Because of this buzz It was then released on a much larger scale in multiple theaters and made millions. I am not sure if they still hold the record for most profit on a film by percentage but I know they did for a long time.

      I realize this is not the norm. but it sure does blow that 1:1 loss ratio idea out of the water.

  39. jon 72
    Grenade

    Take us up to broadcast depth

    Tracking downloaders across the internet is rat hole project and no matter how much money you throw at it the end result is failure, any good IT consultant will tell you that for nothing.

    Bearing in mind further still that even an old laptop plus wifi combined with freely available software can carve through the WEP encryption of most home routers passwords in around twenty minutes. Chance of a downloader getting caught becomes very remote indeed.

    Sadly times are hard and threfore must take advantage of the bean counters lust for cash ( and politicians ignorence ) so If we can't dazzle them with brilliance, baffle them with bull and ride the gravy train till the wheels fall off again.

    1. J. Cook Silver badge
      Pirate

      Gods, I hope not.

      "Tracking downloaders across the internet is rat hole project and no matter how much money you throw at it the end result is failure, any good IT consultant will tell you that for nothing."

      Nope, I suspect IT consultants would charge good money for that advice, actually, and take a couple weeks to give you that advice.

      At least the ones I've dealt with over here, anyhow. :D

  40. Anonymous Coward
    Boffin

    Does Seed**** make new IP addresses?

    Or just bounce traffic or fake traffic flows from existing IP addresses. If its the latter, you are inevitably going to end up with average law-abiding citizens getting swept up in the Data Protection Act dragnet when they in fact are not involved in any BitTorrent activity.

    Great for the downloaders, crappy for the rest of society....

  41. LawLessLessLaw
    Boffin

    It's about file sharing is it ?

    YHBT by your own govt. with scum like F. Sharkey as their dupe.

    This thing's going to get ugly.

  42. Anonymous Coward
    Anonymous Coward

    Skype

    Some people might develop another P2P protocol for file sharing that works like the Skype protocol i.e. users can be routing traffic for other users. Alternatively, someone might even figure out a way to use the Skype P2P network for file sharing..... That would be extremely difficult to track.

  43. Anonymous Coward
    Unhappy

    It would be nice...

    .... if the industries in question actually embraced the new technology, I'm sure that if they had looked at it as an opportunity from day one they would actually have bigger revenues and profits than they currently do.

    To me it's all about volume of product. Each additional item they sell via download adds very little to their overheads, but of course people do not appreciate being asked to spend the same amount for a download as they do for a hard copy. So what these industries should have done is gone for it hell for leather with marketting and capacity so that people could download a huge range (bigger than hard copy range), they could download really easily, and at a lower cost than hard copy. Now what happens? People get bitten by the downloading bug, instead of umming and ahhing over a £15 DVD maybe they buy a new movie for £7, then they notice that there's a huge back catalogue of old movies for £3, hey at that price I'll have a couple of those too. Therefore the volume of sales increases and even though the cost of each item is less than hard copy they make more profit as a percentage on each sale and they sell more items.

    Simples, well it would be if they'd actually done any of that stuff.

  44. Watashi

    Civil offence - proportionate damages

    The reason the BPI never got into sueing British downloaders is that in the UK (unlike in the US) damages are supposed to be proportionate to the harm done. If you download 100 albums, that's a £1,000 award - but the BPI would need to demonstrate you'd downloaded 100 albums. If you're busted for downloading 10 albums, they can only sue you for £100. To make sueing downloaders worth their while, they'd have to mount the kind of concerted spying effort that would quickly have them branded as dangerously intrusive nut-jobs.

    So, here we are at the cutting-people-off stage. Presumably, it is felt in the House of Commons that this amounts to proportionate punishment. However, this is all a swizz - if downloading music illegaly is that bad, just make it a proper criminal offence and get people fined by Magistrates. Only that will never happen, because downloading music illegally really isn't that big a deal, and there are better ways of dealing with the situation... just ones that are not so pleasant for the Music Industry giants.

    This new way of doing things is the best way to do the bidding of the Music Industry and other Big Corporations without attracting too much attention to what is actually being done. A stealth law, you could call it. Crime may not pay, but lobbying certainly does!

  45. JP19
    FAIL

    reaf this

    seed fucker wont work read http://torrentfreak.com/seedfucker-is-not-going-to-make-bittorrent-anonymous-100414/

This topic is closed for new posts.

Other stories you might like