back to article P2P eavesdrop 'guilt by association attack' developed

US engineering researchers say they have identified a new privacy threat to users of peer-to-peer (P2P) networks such as BitTorrent and (perhaps) Skype. Obligingly, however, they have freely released a protective plugin designed to work with a popular torrent client. According to Fabián Bustamante, computer science prof at …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Paris Hilton

    Good scare tactics

    tell everyone you can get found out if you don't install this plug-in which, like all good trojans, actually sees what you are doing and reports home. Wonder how many people will now get caught by the RIAA and suchlike ?

    Something about dumb strikes me....

  2. Sooty

    wasting bandwidth

    is the least of your worries if it is indeed downloading completely random content from p2p, as you are effectively downloading from a massive range of possibly monitored sources instead of the one you initially connected to.

    what if you're just trying to download the latest summer blockbuster and this randomly downloads something much nastier that gets you flagged by more than just the RIAA

  3. The Fuzzy Wotnot
    Alert

    Something for nothing always wins out!

    When SfN is on offer, say what you but like the vast majority will keep taking a chance that they will not get caught and carry on ripping stuff off using P2P. When you have non-tech savvy people like the Mums at my kid's local primary school discussing what movies they got off Pirate Bay last night, really makes you wonder how huge this thing really is and how much of a fight the media companies have on their hands!

    You Linux zealots, don't get all sanctimonious, yes you can get genuine legit gear off Bt, but let's face facts, 90% of users are in it for the free goodies and TV shows, something for nothing.

    This latest attempt at frightening people off P2P/Bt will fail just like all the laws have, the system is called "torrent" for a very good reason!

  4. Tom Chiverton Silver badge

    This could

    This could also handily screw over the govts stupid plans to try and monitor everyones internet traffic, more so than leaving a random legal torrent of something popular (linux ISO) running 24/7 :-)

  5. Daniel Gould
    Black Helicopters

    And what about the random downloads it does ?

    Could be anything from just junk to other copyright works or even kiddie pron? A few trojans perhaps, or the source code for Conficker ??

    How would you defend that in court..... "I was trying to quietly download the latest ripped-off movie but ended up with all this other incrimiating stuff instead" ?

    If it's truly random, no telling what you could get caught downloading there !

  6. Andrew Norton
    Pirate

    @AC 11:05

    Ah, there's a version fo that been going on for years, it's called Peerguardian. While the program itself is not what you describe, the default lists, made by a British company called Bluetack (although they deny being a company) are exactly what you describe.

  7. Goatan
    Black Helicopters

    <paranoia>

    This sounds like something you would download to get associated with the "communities"

    </paranoia>

  8. Lionel Baden

    could also be developed by RIAA/NSA

    to actuall start buliding groups they can target easily

  9. Anonymous Coward
    Anonymous Coward

    @Anonymous Coward Posted Thursday 9th April 2009 11:05 GMT

    So you are incapable of downloading the jar file, getting the included source file, and checking it?

  10. Ryan Barrett
    Thumb Down

    Isn't it just easier to connect to the swarm..

    ..of a torrent you're interested in monitoring?

    Because 100% of the clients connected would be downloading the material.

  11. Fabian

    Some clarifications

    I'm one of the guys named in the article and, after reading it, I figured I should clarify some points here - I swear over my laptop that:

    - Nobody in the group is supported by RIAA (or associated organization).

    - There are a number of legal scenarios you may want to use this for, not just downloading copyrighted material (think of China, Venezuela, Cuba, ...).

    - Funding comes from only one only 3-letter organization of the US government - the National Science Foundation

    - We are not collecting data on anything; let me say it again - the extension/plugin is NOT reporting any data to anybody - you can inspect the code yourselves. In the other plugins we have made available, those that do report data, this is a functionality you can disable whenever you want.

    - The plugin does not download crazy random stuff; if you actually try it you'll see that it picks random torrent from a set of links you provide.

    - Finally, the *last* thing we want to do is to scare people off, we are just trying to help (and we have a track record showing it).

    Hope this help; there's nothing wrong with being paranoid - that's why you should get the fact straight.

    cheers

  12. Nathan
    Pirate

    Usenet > FTP > IRC/DCC > BitTorrent

    Ill stick with my Usenet binaries.... Safe(er) (more)secure and MASSIVE amounts of bandwidth. Try downloading a 1080p dvd on bittorrent at 48Mb/s (6MB/s, not bad for a Cable ISP)...

This topic is closed for new posts.

Other stories you might like