uh-oh!
Can some techy person tell me if I should be worried yet?
I haven't seen 24s8 yet!!!
Researchers have devised a way to monitor BitTorrent users over long stretches of time, a feat that allows them to map the internet addresses of individuals and track the content they are sending and receiving. In a paper presented earlier this week at the Usenix Workshop on Large-Scale Exploits and Emergent Threats, the …
Your ISP will still monitor who is using that IP at that time. When it gets a notice to release information from a court it will look up its DB and know who was assigned that IP at that time.
Good thing about this though. The stupidity of anti-piracy organisations is that they usually get times/dates wrong.
'My ISP uses floating IPs.'
That won't protect you in the slightest AC. They can tell that a file is being uploaded/downloaded by a given IP at a specific time and your ISP will have a log of which user that IP address was allocated to at that time.
So - the only thing standing between you and prosecution/internet suspension is how unhelpful your ISP is feeling when Mr BPI/FACT comes calling and even if the answer is 'very' it's not going to last in the face of legal action.
"I simply pointed out that the researchers would not have been able to track my IP over several days, because it keeps changing."
Areyou reinstalling your PtP program each time you reconnect? If you don't then your UID will stay the same no matter which IP you're on. One may ask if the researchers have stats about what IP ranges any given UID was bouncing around.
Ive read 4 pages (about half) of that PDF and come to a conclusion. Its nothing new. All they do is download all the new torrents from a public tracker. For which hopefully there will only be one seeder and no peers and scrape the server for the IP information of the seeder. They also go on a bit for confirming the IP is the uploader etc
They're language used in this PDF makes it confusing they use "Inject" and "Exploit" as terms that would not usually be associated at the same meaning.
"Therefore, it is surprising that the anti-piracy groups try to stop millions of downloaders instead of a handful of content providers"
And if you stop those handful? they seem to think that would be the end of it. More likely, someone else would start. My guess is there's only a handful because other people think "why bother, its already there. " What they would do if it wasn't there is unknown, but it seems unlikely they would all do nothing.
The reason that the music industry goes after the downloaders, is because they are some of those who are uploading content.
How else you think they get your IP addy or trace you?
THEORETICAL POSSIBILITY
--------1997------
Music CEO: We need to make more money.
Underling: We could start uploading music via torrents for others to download.
CEO: Why would we do that?
Underling: Well, when they download the music, we can obtain their IP address.
CEO: And how does this make us money?
Underling: Our lawyers can then sue the downloaders for "losses". We will make millions.
CEO: Brilliant, thats the best idea I have heard in years. You will rise very far in this company with thinking like that.
---2002----
CEO: That was a great idea you had years ago, we have made a large amount of money over the years. By the way, we need to cut costs, your fired.
Underling : Damn.
---- Early 2011 ---
After many years of research, the original underling now releases his own software for P2P that prevents the music companies from being able to track users, without the need for the users to "hide" via proxies or other methods. Pure protection for users of the software.
He releases this completely free.
--- early 2012---
The music companies finally realize that they have a failed business plan, however as they do not want to change, they instead get involved in politics, making every country mad at every other country.
--- late 2012 --
Due to the music industry medling, all countries launch nukes at the main offices of the different musc companies.
This results in the countries that house such industries to launch back.
The Earth become no longer able to support life.
-------------------------
Hmmm seems the mayans were right.
(created by darkwolf)
You don't need to upload content to get IP addresses. I could go into any swarm right now and get hundreds of IPs of people leeching content. At least some of those IPs won't be proxied and some of those ISPs will be willing to co-operate and there you have your victims.
The only new thing with this report is that someone's actually come out and said they can track IPs over multiple downloads. To be honest I wouldn't be surprised if the RIAA, MPAA et al aren't already doing this.
Since the BitTorrent protocol wasn't designed to absolutely protect anonymity, all the leeches will need to move to something different.
A basic problem with any piracy distribution method is effectively keeping the source and peers secret. Here's the conundrum: you want to announce to the world+dog that you have something to share, but you don't want world+dog to know your identity. Sorry, but that's basically not how the IP protocol is structured. Packets have a source and destination address. Any protocol running on top of IP must share the IP addresses of those who are involved in the data transfer. No address means no connection. You cannot both announce to the world and keep your anonymity.
Encryption doesn't mean that IP address are also encrypted, it just means that the content is obfuscated to a certain level. A VPN is also not the answer, because for a generally public protocol to work, the public has to access the VPN. That means that the record companies can also access the virtual not-quite-so-private network, and easily see who's doing what.
There is no perfect anonymity on the Internet. It doesn't exist. The only question remains is how hard it is for someone to get away with something illegal.
...that would be some kind of proxy that obfuscates the endpoints of the connection. But that's basically a server, and we all know what happened to client-server-based distribution systems. The only way around that is to station the server in a country with little or no enforcement of copyright law and little or no ability, desire, or compulsion to enforce those of other nations. But it's hard to think of a country with such a status that isn't notably hostile to western ideas, either. Kind of a no-win situation.
"A VPN is also not the answer, because for a generally public protocol to work, the public has to access the VPN. That means that the record companies can also access the virtual not-quite-so-private network, and easily see who's doing what."
Not unless Internet Protocol changed overnight any nobody told me.
If I tunnel all of my traffic through a VPN, the only externally visible IP addess is the VPN's. Not mine.
Can the MAFIAA cartel still snoop on the swarm? Sure, of course they can, and they'll discover all the poor smucks who aren't proxying. And then, in the current climate, probably demand that nastygrams be sent to those downloaders unfortunate to live in a cartel-friendly jurisdiction.
But the original seeder is the top prize. If they are using a VPN, the only IP a snooper see will belong to the allocation pool of the VPN provider. Assuming said provider is genuinely logless, attempts to locate the orginal seeder are doomed to failure.
All of this assumes that the VPN is configured to handle actual payload traffic, not just .torrent file dissemenation. Lack of following this practice, I can only assume, is how the study managed to conclude that TOR provides no defence.
I'm probably missing the point of the research, but all this seems pretty obvious.
BitTorrent wasn't designed to protect anonymity, as mentioned by some of the above. But I heard rumours that the Pirate Bay boys were working on a next generation P2P system that would. Not sure what happened to that...
One 'solution' would be to use a foreign proxy; then you'd appear to be outside the remit of the Digital Economy Bill.
All the home-hub users out there on the BT Network log into the BT network with the same name : bthomehub@btbroadband.com : so how are BT to know which one is which, especially if the user DOES NOT use the BT Broadband Talk service. Or is some AC from BT gonna tell me that BT have records of which home hub MAC Address is assigned to which subscriber number. And what is to then stop that user from throwing the POS Home Hub in the trash where it belongs and getting their own ADSL Modem from PC World (for cash) and again using that wonderfully generic username to log back onto the BT Network?
Their switching system just before The Last Mile knows what MACs connect to it from which lines (one of which is your home btw and they know EXACTLY which line leads to your home). Simple matter to echo these MACs back to The Home Office for proper logging. That's how they associate your IP vs your MAC, charge end-users for services, track your usage over a given month, etc. If you're on the internet, your ISP knows who you are. True anonymity would be to only access the internet from WiFi hotspots (free ones, not the "pay us for use" ones) or wardrive/hack weak/unsecured wireless networks, and constantly rotate networking hardware (NICs, etc) or have one that spoofs its MAC addy and randomize it frequently. Of course, whether this would actually be effective in practice is an exercise for the trolls I guess. :)
>> Or is some AC from BT gonna tell me that BT have records of which home hub MAC Address is assigned to which subscriber number.
Tell me, does your telephone have unique user id and password? Does it have a MAC address?
No? So how do they manage to bill you for the calls you make?
I don't know enough about the specifics of the ADSL protocol to tell you __how__ they know who is assigned a given IP address, but the idea that they __don't__ is absurd. This is BT we are talking about, the main backer of Phorm in the UK.
I can't think of any way to tell whether a media file contains copyrighted or licence-protected material other than by having a human being examine it.
You could certainly guess that somebody downloading large amounts of audio or video is probably up to no good, but "guess" and "probably" doesn't have much legal standing.
>> They can *probably guess* from the file name "Avatar.Bluray.RIP.EncodersNameGoesHere.avi" that it's unlikely to be the random Linux distro of the month.
Of course, if it were 'the random Linux distro of the month', that would count as several hundred/thousand copyrighted items as opposed to just one in he case of a rip of Avatar(TM).
WRT Steve Graham's post, it is pretty safe to assume that someone owns the copyright for the vast majority of the files available via bit torrent - whether or not their copyright is being infringed is a different matter and requires not just a person, but a court case - which is presumably why the the Digital Economy Act uses the term 'apparent infringement'. I wonder how long it'll be before this is extended to other apparent offences - I bet the MPAA/RIAA/MPEG-LA/FACT/PRS/BSA can't wait until they can get all the people who are 'apparently slandering them' disconnected.
The researchers wonder why the criminal organisations such as the maa/riaa don;t go after the one who 'inject" the content.. well for all we know the MPAA/RIAA are the one puting the content out there... there is much more money to be made by destroying the life of millions of families then to stop the problem at it;s source.
But as soon as MPAA/RIAA connect to a torrent aren't they themselves uploading too? And if, once the download is complete and they check it, they find out that the file "Hit me baby one more time" was actually a pron flick, they themselves are now guilty of infringement and distribution, ha ha!
Can't even reach the keys today, Mectron?
"there is much more money to be made by destroying the life of millions of families then to stop the problem at it;s source."
The only families whose livelihoods are being destroyed are the original creators, and they're being destroyed by zitty-faced losers like you, and your luser Freetard pals.
"Puting"
Every class has a Mectron - the guy in the corner who none of the cool kids ever want to talk to. Teacher will be attending to your Special Needs soon, Mecky, so please try not to wet the seat.
This post has been deleted by its author
FFS! All you have to do is join a torrent and you instantly see, even in software like uTorrent, click the peers tab and there is the list of IPs you are communicating with!
FFS, this is hardly rocket science is it! A freaking 10 year old CS student could tell you what peers/IPs are bound into a torrent!
This is actually an interesting study. By pointing out that a relatively small number of people are providing content to a far greater number of people, the study does highlight a weakness in the copyright owners' arguments - they are not interested in stopping material making its way onto the interwebs. Rather they are keen on maintaining their unfair pricing structure in the digital age. By highlighting the number of downloads and equating them with theft (which they are quite clearly not) they have reasonably successfully pressurised more or less complicit governments into more or less draconian legislation which, while it benefits the copyright owners little directly, allows them to continue to charge over the odds for their wares.
"oh, look at the sheer volume of theft!" cry the copyright owners. "we'll block your courts forever if we follow take even 1% of them to courts." Governments comply not least because the idea of knowing what the public is actually up to is appealing. And because the industry is suffering so much there will be no investigation into the price-fixing that is going on.
With the introduction of the compact disc the copyright industry never had it so good. Economically the cost of making a product is the cost of making *one more*. Clever marketing convinced the public to load up on compact discs that were vastly cheaper to produce than the vinyl they often already owned but which were sold at a premium. The same ploy worked with VHS and DVD but obviously we couldn't continue to buy new licences of what we *already* (okay so I'm thinking predominantly of baby-boomers who bought in the 60s, 80s and 90s) owned forever so the market started to flatten out.
Instead of price competition, with high street prices reflecting to some degree the cost of production, the industry dusted off the idea of theft - which a digital copy most definitely is not - which it came up with when compact cassettes were introduced. Digital distribution added channel to the industry with more radio stations duly paying for playing their wares. Since then the industry has essentially been lobbying for some form of byte tax and blaming its own cost explosion and lack of innovation on the mysterious pirates that are everywhere rather than acknowledging that these are contributory factors in their own failure to gain new customers. As such they will continue to talk up and scandalise the numbers of "freebooters" to bolster their claims to a piece of the cake, whilst at the same time arranging to fix ridiculously high prices for digital downloads.
Technologically they seem to have learnt their lesson and they're also coming round to realising that, as content is king, they are in a great position for the next wave of services with fanbois of all colours only too happy pay over the odds for the latest and greatest. Well, that's the publishers at least. The distributors, often owned by the same parent but who loathe the producers, that stand to lose out in the consumerist paradise which is excellent at pretending to cut out the middle man.
But while the deals with Google, Apple, etc. are worked out the torrent argument provides a great smokescreen and you can bet that the industry will seize on yet another set of figures to project their revenue loss.
The protocol debate itself has long since simply been about control.
"All the home-hub users out there on the BT Network log into the BT network with the same name : bthomehub@btbroadband.com : so how are BT to know which one is which, especially if the user DOES NOT use the BT Broadband Talk service."
It is the IP address that is important, this needs to be unique (behind any NAT devices - the NAT device will be able to track the addresses it is NAtting) so can be traced fairly simply. The login there is simply to authenticate to the BT network - some ISPs don't require CPE authentication (SKY, Virgin IIRC)
"Or is some AC from BT gonna tell me that BT have records of which home hub MAC Address is assigned to which subscriber number."
Doesn't matter - the IP address is important not the subscriber number. BT will track which IP addresses are assigned to which devices at any time. MAC addresses will always be used to translate end station addresses at L2 anyway. Look up ARP in your chosen reference.
"And what is to then stop that user from throwing the POS Home Hub in the trash where it belongs and getting their own ADSL Modem from PC World (for cash) and again using that wonderfully generic username to log back onto the BT Network?"
Nothing, but it will still get an IP address that is unique, logged and traceable back to the PC world modem via the phone line.
Like it or not, there is nothing you do on the internet that is truly anonymous - all that matters is how much a third party *wants* to identify you coupled with how much legal (or otherwise) authority they have.
Having financed and been involved in the production and distribution of indie CDs I have a fair idea how much the cost of extra discs is. I also know how much of a percentage the distribution channels make over the cost of the finished product (around 80-90% of the cost of a massmarket CD on the shop shelf is middleman markup)
It's very easy to characterise the current war on p2p networks as a way of eliminating competition for online sales so that the major labels can continue selling music at outragous markups. If tracks were fairly priced the p2p arena would die off quickly (indie pricing needs to remain at much the same price as recovering production costs is difficult on small numbers of sales, but majors would still be profitable selling on tracks for 2-3p a pop, let alone 99p - back catalogues would be profitable at 1-2p a shot)
The current war on p2p is about "control" - which is hardly surprising when you look into the history of major labels and the people behind them.