September 7th, 2012
(HigginsBlog) – Researchers have learned those using BitTorrent are being secretly monitored by shady companies, some still yet to be identified, and BitTorrent ignores applying peer-blocking rules to these firms.
At least 10 companies are covertly monitoring the online traffic of the popular Bit Torrent peer to peer traffic sharing software researchers from the University of Birmingham have revealed.
The researchers have learned several of the companies are government copyright enforcement agencies but their inability to identify several of the companies could mean that more sinister government monitoring is occurring.
The researchers also revealed the Bit Torrent software is not allowing manually created block lists to be applied to the companies conducting the secret surveillance.
While no one else has seemed to realize this but the fact that block lists are not being applied to these shady firms covertly monitoring the traffic despite being placed on block lists means that Bit Torrent software itself was modified.
This implies that not only is the government secretly monitoring user’s file sharing activities but that the government has secretly forced Bit Torrent, Inc to change to the software to allow the covert monitoring.
The government may have ordered the company to make secret changes to the software to allow monitors to bypass the blocklists by issuing a National Security Letter.
Companies issued a National Security Letter are not allowed to discus the government’s secret order under threat of a prison sentence of up to 30 years for violating National Security.
One of many reasons a national security letter may have been issued is because the whistleblowing website WikiLeaks only posts many of their leaked documents in the torrent file format.
By monitoring torrent traffic it is not unreasonable to assume the government has created a list of all users who downloaded or shared the top secret government documents.
Another explanation to explain how the government could have coerced the company into secretly modifying the software could be through threat of prosecution.
It is entirely the owner Bram Cohen agreed to make the secret modifications to the software in exchange for some kind of deferred prosecution agreement or to avoid prosecution altogether.
RT reports more:
BitTorrent traffic closely watched by shady firms
RT – About three hours after joining a file-sharing BitTorrent swarm you are likely to come up on the radar of copyright enforcement agencies, a new study reveals. Most of them are not reporting publicly that they engage in such monitoring.
The higher a torrent file is on most popular list, the faster the monitors are responding, Researchers from Birmingham University reported at the SecureComm conference in Padua, Italy, this week.
They also found that independent blocklists, which torrent users manually create to ward off suspected monitor organizations, failed to include many of the peers the researchers identified as suspicious.
BitTorrent protocol allows users, called peers, to share files by chunking them into small bits and bringing peers together for direct exchange. A torrent server lists internet protocol (IP) addresses of peers wishing to upload or download the files. Users join a swarm of peers sharing the file by announcing their presence to the torrent server.
The protocol is often used for distribution of free software, game updates and other legal content, but is better known for its part in illegal sharing of copyrighted material. Copyright holders are known to keep an eye on the largest torrent sites, such as The Pirate Bay, researchers say.
“Copyright holders are known to routinely monitor file-sharers, collect evidence of infringement, issue cease-and-desist letters and, in some cases, demand financial compensation from the users they deem to have infringed their copyright. The task of policing BitTorrent is often outsourced to specialist copyright enforcement agencies,” they reported.
The computer scientists used custom software to collect torrent traffic data for a total of 36 days over two years. They were looking for telltale signs of peers on 1,033 swarms, indicating that they were interested in monitoring the file sharing other users’ activities rather than engaging in them. They were hunting both for peers monitoring indirectly, by asking a torrent server for list of peers on a swarm, and directly, by joining a swarm and communicating with other peers.
Suspicious behavior like failing to report download progress or hanging in a swarm for an abnormally long time marked peers as possible monitors. Researchers then tracked them to about 10 companies and organizations. Some of them were known copyright enforcement agencies or provided computer consultant services, but did not specifically acknowledge monitoring BitTorrents. One was a research institute which has since published work describing the detection of initial seeders of files. Others were difficult to identify.
It is not clear how the data collected by monitors could be used by copyright holders other than to measure the popularity of content among pirates and issue cease-and-desist letters. The monitors don’t even download offending material from other peers, so the data they get shows only that users have a torrent client running.
Researchers state that they take a neutral stance in the conflict between copyright holders and file-sharing activists.
“The results we present could benefit both users (e.g. by improving the detection and blocking of monitors) and copyright enforcement agencies (e.g. by improving monitoring techniques),” the paper says.
Source: Higgins Blog