Uncategorized

BitTorrent study finds most file-sharers are monitored

from nakedsecurity.sophos.com: Ever used BitTorrent to download a song? A book? How about a film or a TV show?

It's highly likely that within 3 hours of doing so, the copyright
enforcement people were on to you, monitoring your IP address, according
to new research. 

Security researcher Tom Chothia and his colleagues at the University of
Birmingham, UK, conducted a three-year study that revealed "massive
monitoring" of BitTorrent download sites,
such as the PirateBay, that's
been going on for at least that long.



For the study, researchers developed a fake pirate server: software
that acted like a BitTorrent file-sharing client that logged all
connections made to it.



Tom Chothia, who led the research, says that popular content downloads were monitored within hours.


The BBC quoted Chothia:

"You don't have to be a mass downloader. Someone who downloads a single movie will be logged as well."
"If the content was in the top 100 it was monitored within hours. Someone will notice and it will be recorded."

The copyright enforcers might not distinguish between hardcore
downloaders and casual/new file sharers, but they definitely put their
resources behind monitoring highly popular content.






The researchers unveiled their findings this week at the SecureComm conference in Padua, Italy, according to New Scientist.


According to their study (PDF), 40% of the monitors
that communicated with the team's clients made the initial connection
within 3 hours of the client having joined the swarm; the slowest
monitor took 33 hours to make its first connection.



From the paper:

The average time [for a connection to be monitored]
decreases for torrents appearing higher in the Top 100, implying that
enforcement agencies allocate resources according to the popularity of
the content they monitor.

How exactly do the monitors monitor us?


The study considers two approaches: indirect monitoring, which traces
indirect clues about a peer's sharing activity (e.g., its presence in a
tracker's peer list), and direct monitoring, which establishes
connections with peers to estimate their participation in sharing
activity.



Previous research has focused only on how people monitor us
indirectly - a less expensive approach for the monitors, both in terms
of cost and computing resources - but the Birmingham researchers
considered both methods.



Research has shown that enforcement agencies use indirect monitoring extensively.


The problem with this approach, however, is a high rate of false positives. As shown in a 2008 study,
indirect monitoring nabs perfectly innocent devices - and that's how
printers and wireless access points end up receiving cease-and-desist
letters. More recent studies have shown that, unfortunately, those sloppy monitoring methods are still in use.



Who's monitoring us, and why?


The "who" is not altogether clear. The researchers were able to
identify about 10 monitoring firms logging content, out of which a few
could be identified as copyright-enforcement organisations, security
firms or even other research labs.



About six of the monitors doing the heaviest monitoring were tougher
to identify, since the companies relied on third-party hosting firms to
run searches.



The "why" may have to do with "because we can," Chothia told the BBC:

"Many firms are simply sitting on the data. Such
monitoring is easy to do and the data is out there so they think they
may as well collect it as it may be valuable in future."

That sounds about right.


It's certainly not like we haven't seen businesses use
copyright-infringement monitoring services to shake people down in what
clearly looks like extortion.



Case in point is a recent Kentucky class action suit that accused porn studios of extorting BitTorrent users, looking for payouts of $1,000 to $5,000 from victims too embarrassed or shamed to defend themselves in court.


As the Kentucky lawsuit claims, this isn't simply a war on piracy;
rather, it's a "new business model" that's not set up to deter illegal
downloads but is instead set up simply to squeeze profit from its
victims
.



How do you defend yourself from monitoring? The University of
Birmingham's paper promises to provide means of doing so, but it wasn't
easily gleaned, so I looked around. 



New Media Rights, for one, has published a guide for defendants in mass copyright lawsuits.


As far as fending off tracking goes, there are proxies that shield you by routing your traffic through another server, such as BTGuard.


There are also IP-blocking applications such as PeerGuardian or IP
Blocker that use a constantly updated blacklist of IP addresses known to
track your activity, but beware: they rely on blacklists, and those
have issues.



And here's the least fun thing I've written all day:


If you really want to stay within the realm of legality, fend off
predatory mass lawsuits and avoid having your file sharing be monitored,
you could always just avoid file sharing altogether.

#PumpUpThaVolume: October 22, 2020