A computer security researcher and his team have discovered what they describe as massive monitoring of BitTorrent download websites by copyright enforcement organizations, security companies and government research labs. Tom Chothia from the University of Birmingham, UK, further noted that this behavior has been going on for at least three years.
The researchers set up a fake server and very quickly realized that someone was monitoring what was being downloaded from the server and who was doing the downloading. They noted that only the top 100 torrents were being tracked. If you happened to download a popular album, movie, television show or ebook, you probably had your IP address logged within three hours of doing so.
Chothia and company presented their findings at this week’s SecureComm conference in Padua, Italy. In the presentation he points out that publically-available blocklists used to prevent contact with monitors contained a large number of false positives and false negatives. As such, they recommend using blocklists based on empirical research instead of speculative ones.
The question left on everybody’s mind now is, what do these monitoring agencies plan to do with the seemingly massive amount of data they have collected over the past three years? One would have to assume that copyright lawsuits would have already been handed down at this point if that were the intent. Or perhaps the top torrents are being monitored simply to assess the scope of the problem for future planning or laws.