Bittorrent is one of the most famous way to share data among users. The files ranges from legal to illegal. This method of transmission is very much vulnerable to many exploits. Given its popularity, one ca imagine the number of illegal files like music, movies, tv shows and the likes are alive in the community. The immediate benefiters of these media are going berserk of what is happening. They are getting lesser than ideally they should be. Here come into scene, the monitoring agencies to track down those infringing copyrights. Reading through torrentfreak we can see the number of users who has been charged and dragged into court for sharing files online. But to what extent their evidences are precise? Today I am going to share what i read in a paper written by Washington University.

To start with I am doing to make a showcase of some terminology related to the technology (basic level just to ready your mindset).

1. Tracker is the computer that is keeping track who has got the file(s) (pieces) you are interested in acquiring/sharing.
2. Client is normally you, the user who will be receiving bittorrent requests.
3. Encryption is scrambling the data so that middle users cannot see what you are sending, receiving.
4. IP Address is comparable to your identity. You own it.
5. Bittorrent Requests are the set of data that is needed for correct operation of communication between clients.
6. Peers are those clients who have not yet snatched a torrent (not completed).
7. Seeds are those clients who have the full file(s).
8. A Swarm is made up of peers and seeders.

To name a few, RIAA and Media Defender are the most actively tracking down users presumably infringing copyright. As far as I am aware, there are two methods known that are being used to track down the culprits. The direct and indirect method.

The Indirect Method relies solely on what the tracker will be reporting to the “tracking client”. Going a step ahead, normally the tracker reports a list of peers/seeds to those peers participating in a swarm. Is something ringing? You can guess what happens when the “tracking client” gets hold of the list of ips.

The direct method is the total inverse of the direct one. The monitoring agency downloads the file from the client(s) and verifies its content. That is a more solid way of determining culprits. On the other hand, it costs resources in terms of funds and bandwidth.

In all the cases the indirect method is being used. Personally, I believe the indirect method can be effective in deployed in a proper way. But this is not the case for all the “star” 😛 tracking agencies nowadays. Like reported by the University of Washington, 5 desktop machines, 9 ip printers and 4 wireless access points had recieved DMCA take down notice. This clearly shows its inefficiency.

These observations clearly demonstrate the ability to frame someone else. That is another ethical point to be considered.

IP Spoofing involves reporting someone else IP instead of ours to the tracker. Some clients and trackers support this kind of behaviour. So reporting the IP of a printer, wireless access point or an innocent pc will result is some catastrophic actions.

Misreporting client or tracker can also be responsible for DMCA notices. Normally the softwares are buggy and misreport IPS. This is one way that things may happen. But, we must know that the torrent files (meta data) are user generated. A malicious tracker can be inserted into the list of trackers and thus users made to infringe copyright.

The report also included mistimed reports. I am going to quote this part directly from the report.

A tracker need not be malicious to falsely implicate users. Consider the following scenario. Bob participates in an infringing BitTorrent swarm from a laptop via WiFi with an IP address assigned via DHCP, e.g., at a university or coffee shop. Bob then closes his laptop to leave, suspending his BitTorrent client with out an orderly notification to the tracker that he has left. Some time later, Alice joins the same WiFi network and, due to the DHCP timeout of Bob’s IP, Alice receives Bob’s former address. Simultaneously, a monitoring agent queries the tracker for the swarm Bob was downloading and the tracker reports Bob’s former IP. The monitoring agent then dispatches a DMCA notice to the ISP running the WiFi network naming Bob’s IP but with a timestamp that would attribute that IP to Alice, a false positive. Whether this is a problem in practice depends on the relative timeouts of BitTorrent trackers and DHCP leases, neither of which is fixed. In a university environment in 2007, DHCP lease times were set to 30 minutes. The interarrival time of tracker requests is typically 15 minutes at least, meaning that even a conservative tracker timeout policy of two missed requests coupled with a 30 minute DHCP lease time could result in this type of misidentification.

Open Access Point is another major problem. Anyone can connect to your open wifi network and leech from your connection. You as an innocent being you will bear all the issues that will be raised against you even though you have never used any p2p softwares. Mike Elegan wrote why it is ok to steal wi-fi. This will be helpful dear readers.

These contents that I have written cannot be a replacement of the report. This just gives you enough information what lies beneath this supposedly righteous action. 🙂