Researchers: Your IP is logged within 3 hours of downloading a torrent

By on September 4, 2012, 2:30 PM

A computer security researcher and his team have discovered what they describe as massive monitoring of BitTorrent download websites by copyright enforcement organizations, security companies and government research labs. Tom Chothia from the University of Birmingham, UK, further noted that this behavior has been going on for at least three years.

The researchers set up a fake server and very quickly realized that someone was monitoring what was being downloaded from the server and who was doing the downloading. They noted that only the top 100 torrents were being tracked. If you happened to download a popular album, movie, television show or ebook, you probably had your IP address logged within three hours of doing so.

Chothia and company presented their findings at this week’s SecureComm conference in Padua, Italy. In the presentation he points out that publically-available blocklists used to prevent contact with monitors contained a large number of false positives and false negatives. As such, they recommend using blocklists based on empirical research instead of speculative ones.

The question left on everybody’s mind now is, what do these monitoring agencies plan to do with the seemingly massive amount of data they have collected over the past three years? One would have to assume that copyright lawsuits would have already been handed down at this point if that were the intent. Or perhaps the top torrents are being monitored simply to assess the scope of the problem for future planning or laws.




User Comments: 32

Got something to say? Post a comment
2 people like this | bielius bielius said:

Protip: Only download torrents which take less than 3 hours to download.

Solved

Guest said:

To build a case to have any site that hosts links to torrents to be banned via ICE

Win7Dev said:

Protip: Only download torrents which take less than 3 hours to download.

Solved

Protip: use an RDP to download the torrent.

mizkitty said:

Pretty vague on technical details. The paper's not dated. The last period of monitoring seems to be May 2011.

The year "2012" is mentioned only twice...both times in the "biblio".

Didn't see anything in the paper making this newsworthy.

Guest said:

Most Pro Tip:

Use newsgroups with a VPN.

Nm actually....keep using torrents.

alcarin2030 alcarin2030 said:

Good thing you can't track people by their IP.

Camikazi said:

Good thing you can't track people by their IP.

That won't stop them from going after you though, just force the ISP to give name of person who was attached to that IP at a given time and assume they are guilty.

2 people like this | Guest said:

Good thing they only go after poor people. :)

Guest said:

The rich get richer and the poor get poorer and the rich will do anything to get your $$.

1 person liked this | Guest said:

Well... they wouldn't want to target someone who can afford to defend themselves in court.

psycros psycros said:

Wonder how many threatening calls the anonymous proxy operators get. If you're not using one of those or TOR, you should be.

Guest said:

Well, I'm glad piracy is legal in my country :)

Guest said:

I am lucky too, as hardly people know about torrents in my country, I can happily go about torrenting. These filthy rich regulators, tryin to clamp things down.

Sunny87 said:

Good thing you can't track people by their IP.

That won't stop them from going after you though, just force the ISP to give name of person who was attached to that IP at a given time and assume they are guilty.

Ha good luck with that holding up in court, you can counter sue them for obtaining your personal information illegally and sue your ISP for handing it over, either way you would win as it's your ISP responsibility to keep your personal information safe that you have handed over to them, and it's illegal practise as a company to hassle your ISP for your information, even something simple like your phone number is illegal to obtain if you are on the http://www.tpsonline.org.uk/tps/index.html list.

They would have the change ToS agreements and in the UK ToS agreements don't hold up at all in a court of law I don't see why companies even bother with them over here!

ikesmasher said:

Good thing you can't track people by their IP.

That won't stop them from going after you though, just force the ISP to give name of person who was attached to that IP at a given time and assume they are guilty.

Ha good luck with that holding up in court, you can counter sue them for obtaining your personal information illegally and sue your ISP for handing it over, either way you would win as it's your ISP responsibility to keep your personal information safe that you have handed over to them, and it's illegal practise as a company to hassle your ISP for your information, even something simple like your phone number is illegal to obtain if you are on the http://www.tpsonline.org.uk/tps/index.html list.

They would have the change ToS agreements and in the UK ToS agreements don't hold up at all in a court of law I don't see why companies even bother with them over here!

have you paid attention to any news? tons of people have said this and not many have ever won against a corporation.

DanUK DanUK said:

I guess this isn't really that surprising as it's probably quite easy to track - whats more surprising/worrying is what they're actually going to do with this data as you say - is it just for analysis or is it going to be to prosecute people with? Im glad I'm not really a serial downloader - legally acquired 99% of the music, 80% of the movies and 100% of the games that I own, and never really hop on to download any of "the latest thing", but still you can never be sure of what they have picked up on who.

I know others have mentioned about the grey areas of tying someone to an IP adress but I have a feeling that the law around this could all change quite soon.

Sunny87 said:

have you paid attention to any news? tons of people have said this and not many have ever won against a corporation.

What so they are going to take billions of people to court? Don't be silly no matter how corporate some companies are, someone is going to notice, you only hear of one every now and then and that ends up in the news.

The truth of the matter is millions of people are downloading torrents world wide, I doubt in the UK this would even be entertained in a court of law especially if a corporation obtained information on you illegally, as soon as evidence of that is proven then any case is dismissed from court, R.Kelly got away with accusations of child molestation because the evidenced obtained on him came from questionable legal grounds.(I'm not saying he did anything wrong but I'm also not saying he didn't, just the evidence was thrown out of court)

I'm sure millions of other court battles have ended on the same grounds of illegal evidence, especially where corporations are involved. I think that a lot of the time when it's a civilian being sued they either don't know the law to use it against the companies or they don't have enough money for a high end solicitor who does.

MilwaukeeMike said:

I am lucky too, as hardly people know about torrents in my country, I can happily go about torrenting. These filthy rich regulators, tryin to clamp things down.

I don't understand this point of view at all... regulators, cops, auditors etc... none of them are rich. The lawyers who would sue might be rich, but the poor sap who's gotta do all the grunt work isn't rich or he'd stop doing such a crappy job.

I'll bet they track all sorts of data about torrents. Not so they can sue, but figure out ways to fight it and discourage people from using it. They're not planning on suing you. For what? Your entire bank account plus your car wouldn't pay for their legal fees. Anyone sued would just file for bankruptcy anyway and it'd be a huge waste of time and money that wouldn't accomplish anything.

Guest said:

Oh my god! my neighbor is going to jail. Sense I was on his wifi. With a spoofed mac address.

Guest said:

Dan UK you said that 99% of the music and 80 of movies. You know that it only takes 1 to 6 to get you a letter claiming that you owe about 800,000 for copyright infringement. So that %1 music and %20 movie is a very good chance that they already have you.

Guest said:

What I question is why the 3 hour delay. Your IP can be logged within seconds. As soon as others appear on your connected and downloading list I figure should be the logged begin time. As soon as you have a connection. The trackers log is I guess public information. And to spoof a tracker should be easy. Not like they operate with certs. or anything. The only thing the encryption should be a little harder to crack. But I am sure many spineless hackers are working on it.

Tygerstrike said:

What everyone seems to be missing in all of this is that given the trend of piracy through Torrent files, that file format is going to become illegal. Now all the uber nerds are going to hop on and give little quips about how they do this thing and wont get caught. Or they do this other thing and they dont get caught. Face it ppl, it would be a lot easier for them to completly outlaw Torrent files and then go after ppl.

I have heard many say that many other files go out on Torrent that isnt piracy. That is where they get you. They regulate who can use something then punish those that dont have permission. So they pass a Law, and start throwing ppl in jail or hitting them with fines. Its a grim future for the net. Now maybe if ppl would stop pirating long enough for those idjits in power to move on to a different subject, but that aint going to happen.

Guest said:

I don't think it is about pirating mr. You are on the wrong track. The FBI could care less wether you download a boobie movie or not. They are going after the pirates because of all the hacking that has been going on where sensitive info is released. They didn't even give a sh I t when campanies got hacked and money and credit card info was stollen. They started busting when sensitive info about opratives were released. That is what screwed all of us. That hackers had to be big mouth and release that crap to everyone. If they kept their big braging mouth shut there would be no trouble. But the FBI figures if they squise the pirates and procecute. They will soon get close to catching the hackers. It is a good shot in the dark. It be interesting to see that they can't get one on hacking a national security database. But they get the ***** on downloading a movie or a song and ruining him financialy. Or getting someone on cracking something instead of hacking a top secret web site. Kudos FBI.

Guest said:

No realy. What everyone seems to be missing is that torrent files can contain anything. You can imbed anything in the install package. Especially piratade os software. You can make it so where you got your own lailored task manager that does not show rogue processes. So one cannot even see processes or even stuff on the disk. You could be a zombie and not even antivirus software can see anything since most of that software is fake. It could tell you its the best antivirus and not be anything more than a software to keep other hackers out but give total access to the bot net owner. And you been gotten through your own greed of not wanting to buy your os. Or try the newest that is not for sale yet. Now how does this affect the rest of us. Think about it when even google was taken down for a couple of weeks. How anoying is that. 500,000 thousand stupid users infected and all of the suden no google. One day there will be no internet for a couple of months but we all can live without internet. Will just take a long walk in the park to blow off steam. So no dont care if torrents go away all together. Because if I miss the release of a movie I probably will find it years later on a garage sale for penies.

DanUK DanUK said:

Dan UK you said that 99% of the music and 80 of movies. You know that it only takes 1 to 6 to get you a letter claiming that you owe about 800,000 for copyright infringement. So that %1 music and %20 movie is a very good chance that they already have you.

Fully aware! Just hoping they'd go for the big sharks first ;P

ikesmasher said:

What so they are going to take billions of people to court? Don't be silly no matter how corporate some companies are, someone is going to notice, you only hear of one every now and then and that ends up in the news.

The truth of the matter is millions of people are downloading torrents world wide, I doubt in the UK this would even be entertained in a court of law especially if a corporation obtained information on you illegally, as soon as evidence of that is proven then any case is dismissed from court, R.Kelly got away with accusations of child molestation because the evidenced obtained on him came from questionable legal grounds.(I'm not saying he did anything wrong but I'm also not saying he didn't, just the evidence was thrown out of court)

I'm sure millions of other court battles have ended on the same grounds of illegal evidence, especially where corporations are involved. I think that a lot of the time when it's a civilian being sued they either don't know the law to use it against the companies or they don't have enough money for a high end solicitor who does.

thats not the point I was making at all, I was arguing yours.

Tygerstrike said:

It really doesnt matter what we say to those ppl who chose to pirate via Torrent sites. They will just have some assinine response that they have thought up justifing their actions. Then when the US govt does something REALLY draconian and messed up that puts the screws to those that pirate, we will hear from them "Oh no one told me it was illegal" or better yet "Why am I being persecuted? I only downloaded a couple of movies". In the end, these ppl chose to continue those actions. When the BS finally does hit them, everyone will have the "I told you so's" ready and waiting.

DKulzer said:

I got tracked on two movies. I got emails from Verizon explaining the process. In the email it stated the movie companies also pirate the "popular" torrents to track the IPs that connect to their server. All the IPs are recorded and every few months they send lists of IPs to the the ISPs. The ISPs send emails to the people responsible for the download based off the name on the account, which was me. They told me they didn't give out any of my personal info and would only do so with a court order.

I download some movies because it is ridiculous to have to pay $20 for me and my wife to go to the movies and another $20 if I want popcorn and a drink. I work full time, she goes to medical school full time and we have a 3 year old. I can't afford going to the movies. I know this is no justifiable excuse but maybe if the companies made things more reasonable this wouldn't be as big of a problem.

check sott.net check sott.net said:

I searched the net for "websites that file lawsuits regarding the use of video downloader software" and found few pertinent search results other than the following ZD Net.com post as follows: "Every Inch Counts: Porn Filesharing Lawsuits Crest 30K Defendants."

How timely that I would find the current page mere hours later.

fimbles fimbles said:

Ip adress is not proof of identity.

Same as if a car thief runs someone over in your stolen car you will not go to jail.

Guest said:

This has an unnecessary foreboding to it. They are collecting it for research. Sure some of it is for sending out those FUD "we have your IP" letters to ISP. Surely some are intended to for ill-fated lawsuits (ie the lawsuit is unlikely to work in most cases). But mostly it is what it is, research.

The MAFIAA isn't totally dumb. They do know that sharing helps their industry. Tracking IP gives excellent marketing research to them. People buy more music and movies than they ever did and sharing makes it happen by providing a no risk inroad to potential customers that is free for the media companies. Just like The War on Drugs, the only ones who support the war are those who benefit: drug dealers and enforcement. They get paid. Same with the War on Piracy. And of course now and then they do symbolic busts which disproportionately hurt the poor to keep the FUD going.

But if we all stop believing the hype then the drug pushers lose their power. Share and share alike.

Peace

Elpresador Elpresador said:

Will I Get Tracked I Live In Australia

Elpresador Elpresador said:

I Downloaded a Torrent At McDonalds LOL Their IP Will Be Tracked

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.