BitTorrent

3.3727351164747 (1159)
Posted by pompos 03/25/2009 @ 17:14

Tags : bittorrent, peer-to-peer, uploading and downloading, internet, technology

News headlines
eBay vs L'Oreal Through a BitTorrent Prism - TorrentFreak
We take a look at the case through a BitTorrent prism. On Friday the High Court ruled that online auction site eBay is not liable when fake beauty products are sold to the public by its users via the site. Justice Richard David Arnold ruled that eBay...
9 of the Best Free Linux BitTorrent Clients - LXer (press release)
Over the years BitTorrent has received a considerable amount of bad press, mainly because the protocol is seen as a convenient way of facilitating mass illegal downloads of music, movies, games and software. Consequently, it is disliked by some content...
Top 10 Most Pirated Movies on BitTorrent - TorrentFreak
The top 10 most downloaded movies on BitTorrent. A new R5 release of 'X-Men Origins: Wolverine' tops the chart this week followed by 'He's Just Not That Into You'. This week there are only two newcomers including a R5 release of 'X-Men Origins:...
Web downloading site found guilty - Canada.com
The website, www.thepiratebay.org, bills itself as the world's largest BitTorrent tracker. BitTorrent is a file-sharing protocol that allows downloads of digital content while users track everything from music to movies to video games and other content...
BitTorrent Spammers Target The Pirate Bay - TorrentFreak
Taken together, all these rogue projects have generated millions of dollars while leaving many BitTorrent users dissatisfied. One of the more recent attacks targets the weak spot of the average BitTorrent user, as it promises to increase the download...
Apple rejects BitTorrent, Jesus-themed iPhone apps - ipodnn
The first is Maza Digital's Drivetrain, a remote control program for the Transmission BitTorrent client. Initially met with an Apple message that the app would demand "unexpected additional time for review," Maza later received a notice saying that...
CBS gave RIAA Last.fm user data: report - p2pnet.net
The unreleased album, which is due out on March 3, found its way onto BitTorrent and was downloaded hundreds of thousands of times. That, apparently, sent music industry lawyers over at the Recording Industry Association of America into a fit....
Dutch Youth Addicted to BitTorrent - TorrentFreak
In most cases this means that using BitTorrent to download copyrighted music is not the best choice, since it generally requires uploading. However, this is not holding any of the Dutch youngsters back, so it seems. BitTorrent was by far the preferred...
Office 2010 Builds Hit BitTorrent, Feature Windows 7 Taskbar ... - Lifehacker
Microsoft is due to release a Technical Preview of Office 2010 to trusted partners and lucky registered testers in July, but in what's become a pretty common pattern, BitTorrent-savvy browsers are already seeing leaked builds....
Vuze Cashing in on Porn BitTorrent Users - TorrentFreak
In a bid to increase their revenue, among other things, Vuze has added a catalog of HD adult videos to their BitTorrent client. For a few dollars a month Vuze users can subscribe to the latest hotness. Of course, all torrents on the erotica network are...

BitTorrent (software)

BitTorrent v6.0.3.png

BitTorrent is a peer-to-peer program developed by Bram Cohen and BitTorrent, Inc. used for uploading and downloading files via the BitTorrent protocol. BitTorrent was the first client written for the protocol.

BitTorrent is often nicknamed Mainline by developers denoting its official origins. Version 4.20 of the client was dubbed Allegro by BitTorrent Inc., in reference to protocol extensions developed by the company to accelerate download performance and ISP manageability.

Since version 6.0, the BitTorrent client is a rebranded version of µTorrent. As a result, it is no longer open source, and this version of the program is currently only available for Windows.

Prior to version 6.0, BitTorrent was written in Python, and was free software. The source code for versions 4.x and 5.x are released under the BitTorrent Open Source License, a modified version of the Jabber Open Source License. Versions up to and including 3.4.2 were distributed under the MIT license.

The BitTorrent client enables a user to search for and download torrent files using a built-in search box ("Search for torrents") in the main window, which opens the BitTorrent torrent search engine page with the search results in the user's default web browser.

The current client enables a range of features, including multiple parallel downloads. BitTorrent has several statistical, tabular and graphical views that allow a person to see what events are happening in the background. A host of views offer information on the number of peers and seeds which are present, from how much data is being downloaded to how much data is being uploaded. It has an automatic recovery system which checks all data that has been handled after an improper shutdown, such as a power failure.It also intermediates peering between itself, source file servers ("trackers") and other clients, thereby yielding great distribution efficiencies. The client also enables users to create and share torrent files.

To the top



BitTorrent (protocol)

BitTorrent is a peer-to-peer file sharing protocol used for distributing large amounts of data. BitTorrent is one of the most common protocols for transferring large files, and by some estimates it accounts for about 35% of all traffic on the entire Internet.

The protocol works initially when a file provider makes his file (or group of files) available to the network. This is called a seed and allows others, named peers, to connect and download the file. Each peer who downloads a part of the data makes it available to other peers to download. After the file is successfully downloaded by a peer, many continue to make the data available, becoming additional seeds. This distributed nature of BitTorrent leads to a viral spreading of a file throughout peers. As more seeds get added, the likelihood of a successful connection increases exponentially. Relative to standard Internet hosting, this provides a significant reduction in the original distributor's hardware and bandwidth resource costs. It also provides redundancy against system problems and reduces dependence on the original distributor.

Programmer Bram Cohen designed the protocol in April 2001 and released a first implementation on July 2, 2001. It is now maintained by Cohen's company BitTorrent, Inc. There are numerous BitTorrent clients available for a variety of computing platforms. According to isoHunt, the total amount of shared content is currently more than 1.1 petabytes.

A BitTorrent client is any program that implements the BitTorrent protocol. Each client is capable of preparing, requesting, and transmitting any type of computer file over a network, using the protocol. A peer is any computer running an instance of a client.

To share a file or group of files, a peer first creates a small file called a "torrent" (e.g. MyFile.torrent). This file contains metadata about the files to be shared and about the tracker, the computer that coordinates the file distribution. Peers that want to download the file must first obtain a torrent file for it, and connect to the specified tracker, which tells them from which other peers to download the pieces of the file.

Taken together, these differences allow BitTorrent to achieve much lower cost to the content provider, much higher redundancy, and much greater resistance to abuse or to "flash crowds" than a regular HTTP server. However, this protection comes at a cost: downloads can take time to rise to full speed because it may take time for enough peer connections to be established, and it takes time for a node to receive sufficient data to become an effective uploader. As such, a typical BitTorrent download will gradually rise to very high speeds, and then slowly fall back down toward the end of the download. This contrasts with an HTTP server that, while more vulnerable to overload and abuse, rises to full speed very quickly and maintains this speed throughout.

In general, BitTorrent's non-contiguous download methods have prevented it from supporting "progressive downloads" or "streaming playback". But comments made by Bram Cohen in January 2007 suggest that streaming torrent downloads will soon be commonplace and ad supported streaming appears to be the result of those comments.

The peer distributing a data file treats the file as a number of identically sized pieces, typically between 64 KB and 4 MB each. The peer creates a checksum for each piece, using the SHA1 hashing algorithm, and records it in the torrent file. Pieces with sizes greater than 512 KB will reduce the size of a torrent file for a very large payload, but is claimed to reduce the efficiency of the protocol . When another peer later receives a particular piece, the checksum of the piece is compared to the recorded checksum to test that the piece is error-free. Peers that provide a complete file are called seeders, and the peer providing the initial copy is called the initial seeder.

The exact information contained in the torrent file depends on the version of the BitTorrent protocol. By convention, the name of a torrent file has the suffix .torrent. Torrent files have an "announce" section, which specifies the URL of the tracker, and an "info" section, containing (suggested) names for the files, their lengths, the piece length used, and a SHA-1 hash code for each piece, all of which is used by clients to verify the integrity of the data they receive.

Torrent files are typically published on websites or elsewhere, and registered with a tracker. The tracker maintains lists of the clients currently participating in the torrent. Alternatively, in a trackerless system (decentralized tracking) every peer acts as a tracker. This is implemented by the BitTorrent, µTorrent, rTorrent, KTorrent, BitComet, and Deluge clients through the distributed hash table (DHT) method. Vuze also supports a trackerless method that is incompatible (as of April 2007) with the DHT offered by all other supporting clients although it did develop DHT first.

Users browse the web to find a torrent of interest, download it, and open it with a BitTorrent client. The client connects to the tracker(s) specified in the torrent file, from which it receives a list of peers currently transferring pieces of the file(s) specified in the torrent. The client connects to those peers to obtain the various pieces. If the swarm contains only the initial seeder, the client connects directly to it and begins to request pieces.

Clients incorporate mechanisms to optimize their download and upload rates; for example they download pieces in a random order to increase the opportunity to exchange data, which is only possible if two peers have different pieces of the file.

The effectiveness of this data exchange depends largely on the policies that clients use to determine to whom to send data. Clients may prefer to send data to peers who send data back to them (a tit for tat scheme), which encourages fair trading. But strict policies often result in suboptimal situations, such as when newly joined peers are unable to receive any data because they don't have any pieces yet to trade themselves or when two peers with a good connection between them do not exchange data simply because neither of them wants to take the initiative. To counter these effects, the official BitTorrent client program uses a mechanism called “optimistic unchoking”, where the client reserves a portion of its available bandwidth for sending pieces to random peers (not necessarily known-good partners, so called preferred peers), in hopes of discovering even better partners and to ensure that newcomers get a chance to join the swarm.

A growing number of individuals and organizations are using BitTorrent to distribute their own or licensed material. Independent adopters report that without using BitTorrent technology and its dramatically reduced demands on networking hardware and bandwidth, they could not afford to distribute their files.

CableLabs, the research organization of the North American cable industry, estimates that BitTorrent represents 18% of all broadband traffic. In 2004, CacheLogic put that number at roughly 35% of all traffic on the Internet. The discrepancies in these numbers are caused by differences in the method used to measure P2P traffic on the Internet.

Routers that use NAT, Network address translation, must maintain tables of source and destination IP addresses and ports. Typical home routers are limited to about 2000 table entries while some more expensive routers have larger table capacities. BitTorrent frequently contacts 300-500 servers per second rapidly filling the NAT tables. This is a common cause of home routers locking up.

The BitTorrent protocol provides no way to index torrent files. As a result, a comparatively small number of websites have hosted the large majority of torrents linking to (possibly) copyrighted material, rendering those sites especially vulnerable to lawsuits. Several types of websites support the discovery and distribution of data on the BitTorrent network.

Public tracker sites such as The Pirate Bay allow users to search in and download from their collection of torrent files; they also run BitTorrent trackers for those files. Users can typically also upload torrent files for content they wish to distribute.

Private tracker sites such as Demonoid operate like public ones except that they restrict access to registered users and keep track of the amount of data each user uploads and downloads, in an attempt to reduce leeching.

There are specialized tracker sites such as FlixFlux for films, MVGroup for educational content, Metal-Torrents.com for metal music, cheggit.net for pornographic content, and tv torrents for television series. Often these will also be private.

BitTorrent does not offer its users anonymity. It is possible to obtain the IP addresses of all current, and possibly previous, participants in a swarm from the tracker. This may expose users with insecure systems to attacks.

A BitTorrent user may often choose to leave the swarm as soon as they have a complete copy of the file they are downloading, freeing up their outbound bandwidth for other uses. If enough users follow this pattern, torrent swarms gradually die out, meaning a lower possibility of obtaining older torrents. Some BitTorrent websites have attempted to address this by recording each user's download and upload ratio for all or just the user to see, as well as the provision of access to newer torrent files to people with better ratios. Users who have low upload ratios may see slower download speeds until they upload more. This prevents (statistical) leeching, since after a while they become unable to download at even a fraction of the theoretical bandwidth of their connection. Some trackers exempt dial-up users from this policy, because their uploading capabilities are limited.

There are "cheating" clients like BitThief which claim to be able to download without uploading. Such exploitation negatively affects the cooperative nature of the BitTorrent protocol, although it might prove useful for people in countries where uploading copyrighted material is illegal, but downloading is not.

The BitTorrent protocol is still under development and therefore may still acquire new features and other enhancements such as improved efficiency.

In June 2005, BitTorrent, Inc. released version 4.2.0 of the Mainline BitTorrent client. This release supported "trackerless" torrents, featuring a DHT implementation which allowed the client to use torrents that do not have a working BitTorrent tracker. Current versions of the official BitTorrent client, µTorrent, BitComet, and BitSpirit all share a compatible DHT implementation that is based on Kademlia. Vuze uses its own incompatible DHT system called the "distributed database", but a plugin is available which allows use of the mainline DHT.

Another idea that has surfaced in Vuze is that of virtual torrents. This idea is based on the distributed tracker approach and is used to describe some web resource. Currently, it is used for instant messaging. It is implemented using a special messaging protocol and requires an appropriate plugin. Anatomic P2P is another approach, which uses a decentralized network of nodes that route traffic to dynamic trackers.

Most BitTorrent clients also use Peer exchange (PEX) to gather peers in addition to trackers and DHT. Peer exchange checks with known peers to see if they know of any other peers. With the 3.0.5.0 release of Azureus, now known as Vuze, all major BitTorrent clients now have compatible peer exchange.

Web seeding was implemented in 2006 as the ability of BitTorrent clients to download torrent pieces from an HTTP source in addition to the swarm. The advantage of this feature is that a site may distribute a torrent for a particular file or batch of files and make those files available for download from that same web server; this can simplify seeding and load balancing greatly once support for this feature is implemented in the various BitTorrent clients. In theory, this would make using BitTorrent almost as easy for a web publisher as simply creating a direct download while allowing some of the upload bandwidth demands to be placed upon the downloaders (who normally use only a very small portion of their upload bandwidth capacity). This feature was created by John "TheSHAD0W" Hoffman, who created BitTornado.. From version 5.0 onward the Mainline BitTorrent client also supports web seeds and the BitTorrent web site has a simple publishing tool that creates web seeded torrents. µTorrent added support for web seeds in version 1.7. The latest version of the popular download manager GetRight supports downloading a file from HTTP, FTP, and BitTorrent protocols.

I want RSS feeds of BitTorrent files. A script would periodically check the feed for new items, and use them to start the download. Then, I could find a trusted publisher of an Alias RSS feed, and 'subscribe' to all new episodes of the show, which would then start downloading automatically — like the 'season pass' feature of the TiVo.

The RSS feed will track the content, while BitTorrent ensures content integrity with cryptographic hashing of all data, so feed subscribers will receive uncorrupted content.

One of the first software clients (free and open source) for broadcatching is Miro. Other free software clients such as PenguinTV and KatchTV are also now supporting broadcatching.

The BitTorrent web-service MoveDigital has the ability to make torrents available to any web application capable of parsing XML through its standard Representational State Transfer (REST) based interface. Additionally, Torrenthut is developing a similar torrent API that will provide the same features, as well as further intuition to help bring the torrent community to Web 2.0 standards. Alongside this release is a first PHP application built using the API called PEP, which will parse any Really Simple Syndication (RSS 2.0) feed and automatically create and seed a torrent for each enclosure found in that feed.

Since BitTorrent makes up a large proportion of total traffic, some ISPs have chosen to throttle (slow down) BitTorrent transfers to ensure network capacity remains available for other uses. For this reason methods have been developed to disguise BitTorrent traffic in an attempt to thwart these efforts.

Protocol header encrypt (PHE) and Message stream encryption/Protocol encryption (MSE/PE) are features of some BitTorrent clients that attempt to make BitTorrent hard to detect and throttle. At the moment Vuze, Bitcomet, KTorrent, Transmission, Deluge, µTorrent, MooPolice, Halite, rTorrent and the latest official BitTorrent client (v6) support MSE/PE encryption.

In September 2006 it was reported that some software could detect and throttle BitTorrent traffic masquerading as HTTP traffic.

Reports in August 2007 indicated that Comcast was preventing BitTorrent seeding by monitoring and interfering with the communication between peers. Protection against these efforts is provided by proxying the client-tracker traffic through the Tor anonymity network or, via an encrypted tunnel to a point outside of the Comcast network. Comcast has more recently called a 'truce' with BitTorrent, Inc. with the intention of shaping traffic in a protocol-agnostic manner. Questions about the ethics and legality of Comcast's behavior have led to renewed debate about Net neutrality in the United States.

In general, although encryption can make it difficult to determine what is being shared, BitTorrent is vulnerable to traffic analysis. Thus even with MSE/PE, it may be possible for an ISP to recognize BitTorrent and also to determine that a system is no longer downloading, only uploading, information and terminate its connection by injecting TCP RST (reset flag) packets.

Another unofficial feature is an extension to the BitTorrent metadata format proposed by John Hoffman and implemented by several indexing websites. It allows the use of multiple trackers per file, so if one tracker fails, others can continue supporting file transfer. It is implemented in several clients, such as Vuze, BitComet, BitTornado, KTorrent and µTorrent. Trackers are placed in groups, or tiers, with a tracker randomly chosen from the top tier and tried, moving to the next tier if all the trackers in the top tier fail.

Even with distributed trackers, a third party is still required to find a specific torrent. This is usually done in the form of a direct hyperlink from the website of the content owner or through indexing websites like The Pirate Bay or Torrentz.

In May 2007 Cornell University published a paper proposing a new approach to searching a peer-to-peer network for inexact strings which could replace the functionality of a central indexing site. A year later, the same team implemented the system as a plugin for Vuze called Cubit and published a follow-up paper reporting its success.

The GitTorrent Protocol (GTP) is an, as of 2008, alpha-version of a protocol designed for collaborative git repository distribution across the Internet.

The Sandvine traffic shaping hardware / software system is able to (via a man in the middle attack send IP hangup packets to the sender and receiver -- allowing BitTorrent to be completely throttled. It must be pointed out that BitTorrent protocol behavior is easily spotted by this and other traffic shaping packages, as BitTorrent protocol setup is very dependent on a few very predictable signaling behaviors.

Because the BitTorrent specification is free to use and many clients are open source, BitTorrent clients have been created for all common operating systems using a variety of programming languages. The official BitTorrent client, uTorrent, Vuze, and BitComet are some of the most popular clients.

Some clients, like Torrentflux and TorrentVolve, can be run directly from a server, allowing hosting companies to offer speeds unavailable to most users. Services such as TorrentRelay, Instant Torrents, and ImageShack can download files on BitTorrent for the user, allowing them to download the entire file by HTTP once it is finished.

The Opera web browser supports BitTorrent, as does Wyzo. BitLet allows users to download Torrents directly from their browser using a Java applet.

An increasing number of hardware devices are being made to support BitTorrent. These include routers and NAS devices that use BitTorrent-capable firmware like OpenWrt or Openslug.

Proprietary versions of the protocol which implement DRM, encryption, and authentication are found within managed clients such as Pando.

An as-yet (2 February 2008) unimplemented unofficial feature is Similarity Enhanced Transfer (SET), a technique for improving the speed at which peer-to-peer file sharing and content distribution systems can share data. SET, proposed by researchers Pucha, Andersen, and Kaminsky, works by spotting chunks of identical data in files that are an exact or near match to the one needed and transferring these data to the client if the 'exact' data are not present. Their experiments suggested that SET will help greatly with less popular files, but not as much for popular data, where many peers are already downloading it. Andersen believes that this technique could be immediately used by developers with the BitTorrent file sharing system.

The BitTorrent client μTorrent implemented the UDP Torrent Protocol, beginning with version 1.8.2. This protocol is believed to be more resilient against traffic analysis while offering more control over the connection between peers.

December 2008 - BitTorrent, Inc. is working with Oversi on new Policy Discover Protocols that query the ISP for capabilities and network architecture information. Oversi's ISP hosted NetEnhancer box is designed to "improve peer selection" by helping peers find local nodes, improving download speeds while reducing the loads into and out of the ISP's network.

There has been much controversy over the use of BitTorrent trackers. BitTorrent metafiles themselves do not store copyrighted data, hence BitTorrent itself is not illegal—it is the use of it to copy copyrighted material that contravenes laws in some locations.

Various jurisdictions have pursued legal action against websites that host BitTorrent trackers. High-profile examples include the closing of Suprnova.org, Torrentspy, LokiTorrent, Demonoid, OiNK.cd and EliteTorrents.org. The Pirate Bay torrent website, formed by a Swedish group, is noted for the "legal" section of its website in which letters and replies on the subject of alleged copyright infringements are publicly displayed. On 31 May 2006, The Pirate Bay's servers in Sweden were raided by Swedish police on allegations by the MPAA of copyright infringement; however, the tracker was up and running again three days later.

HBO, in an effort to combat the distribution of its programming on BitTorrent networks, has sent cease and desist letters to the Internet Service Providers of BitTorrent users. Many users have reported receiving letters from their ISPs that threatened to cut off their Internet service if the alleged infringement continues. HBO, unlike the RIAA, has not been reported to have filed suit against anyone for sharing files as of April 2007. In 2005 HBO began "poisoning" torrents of its show Rome, by providing bad chunks of data to clients.

On 23 November 2005, the movie industry and BitTorrent Inc. CEO Bram Cohen, signed a deal they hoped would reduce the number of unlicensed copies available through bittorrent.com's search engine, run by BitTorrent, Inc. It meant BitTorrent.com had to remove any links to unlicensed copies of films made by seven of Hollywood's major movie studios.

More recently, the BitTorrent network has been subject to scrutiny by the British Phonographic Industry (BPI). There are suggestions that they are using the network to obtain the IP addresses of those currently connected to the tracker. The information is then used to contact the ISP of each downloader so that notifications can be made (this was given sizeable coverage in the UK press with regard to Virgin Media sending letters out to customers suspected of using P2P networks).

There are two major differences between BitTorrent and many other peer-to-peer file-trading systems, which advocates suggest make it less useful to those sharing copyrighted material without authorization. First, BitTorrent itself does not offer a search facility to find files by name. A user must find the initial torrent file by other means, such as a web search. Second, BitTorrent makes no attempt to conceal the host ultimately responsible for facilitating the sharing: a person who wishes to make a file available must run a tracker on a specific host or hosts and distribute the tracker address(es) in the .torrent file. Because it is possible to operate a tracker on a server that is located in a jurisdiction where the copyright holder cannot take legal action, the protocol does offer some vulnerability that other protocols lack. It is far easier to request that the server's ISP shut down the site than it is to find and identify every user sharing a file on a peer-to-peer network. However, with the use of a distributed hash table (DHT), trackers are no longer required, though often used for client software that does not support DHT to connect to the stream.

To the top



BitTorrent protocol encryption

Protocol encryption (PE), Message stream encryption (MSE), or Protocol header encrypt (PHE) are related features of some peer-to-peer file-sharing clients, including BitTorrent clients. They attempt to make traffic harder to identify by third parties including internet service providers (ISPs).

MSE/PE is implemented in aria2, BitComet, BitTornado, Deluge, Flashget, Halite, KTorrent, Mainline, rTorrent, µTorrent, Transmission, and Vuze. PHE was implemented in old versions of BitComet. Similar protocol obfuscation is supported in up-to-date versions of some other (non-BitTorrent) systems including eMule.

Peer-to-peer file-sharing traffic makes up more than a third of total internet traffic. Some ISPs deal with this traffic by increasing their capacity whilst others use specialised systems to throttle (i.e. slow down) peer-to-peer traffic. Obfuscation and encryption make traffic harder to detect and therefore harder to throttle. These systems are not designed to provide anonymity or confidentiality.

Protocol header encryption (PHE) was conceived by RnySmile and first implemented in BitComet version 0.60 on 8 September 2005. Some software like IPP2P claims BitComet traffic is detectable even with PHE. PHE is detectable because only part of the stream is encrypted. Since there are no open specifications to this protocol implementation the only possibility to support it in other clients would have been via reverse engineering.

In late January 2006 the developers of Azureus, now known as Vuze, decided to design and simultaneously implement a new, open protocol obfuscation method, called message stream encryption (MSE). It was included in Azureus CVS snapshot 2307-B29 on 19 January 2006.

This first draft was heavily criticized since it lacked several key features. After negotiations between different BitTorrent developers a new proposal was written and then implemented into the Azureus and µTorrent betas within days. The developers were ludde, uau, The 8472, Parg and Nolar. In µTorrent, the new protocol was called protocol encryption (PE).

Azureus supports the final spec since 25 January 2006 (CVS snapshot 2307-B33). Azureus version 2.4.0.0 was released 10 February 2006, and was the first stable version of a client to support MSE/PE. However, glitches in Azureus' implementation resulted in improperly encrypted pieces that failed hash checking. The glitches were rectified as of version 2.4.0.2.

µTorrent premiered MSE/PE 4 days after Azureus with beta 1.4.1 build 407.. µTorrent version 1.5 (build 436) was released on 7 March 2006; it was the first stable version of µTorrent with PE.

BitComet version 0.63 was released 7 March 2006. It removed the old protocol header encryption and implemented the new MSE/PE to be compatible with Azureus and µTorrent.

KTorrent implemented MSE/PE in SVN version 535386 on April 29, 2006.

Mainline supports MSE/PE since version 4.9.2-beta on May 2, 2006.

BitTornado supports MSE/PE as of build T-0.3.18. As of January 5, 2007, this build is still marked "experimental" on the Download page.

Deluge supports MSE/PE as of Deluge-0.5.1.

Transmission supports MSE/PE as of Transmission-0.90.

The BitComet PHE method used in versions 0.60 to 0.62 is neither published, nor is it compatible with MSE/PE.

MSE/PE uses key exchange combined with the infohash of the torrent to establish an RC4 encryption key. The key exchange helps to minimize the risk of passive listeners, and the infohash helps avoid man-in-the-middle attacks. RC4 is chosen for its speed. The first kilobyte of the RC4 output is discarded to prevent a particular attack.

The specification allows the users to choose between encrypting the headers only or the full connection. Encrypting the full connection provides more obfuscation but uses more CPU time.

To ensure compatibility with other clients that don't support this specification, users may also choose whether unencrypted incoming or outgoing connections are still allowed.

Supported clients propagate the fact that they have MSE/PE enabled through PEX and DHT.

The estimated strength of the encryption corresponds to about 60–80 bits for common symmetrical ciphers. This is quite low for today's standards but one has to keep in mind that this protocol wasn't designed as a secure transport protocol but as a fast and efficient obfuscation method. AES was proposed as the encryption method but not adopted because it consumed too much CPU time and the required D-H keys to achieve a security equal to AES would have been much bigger or require elliptic curve cryptography, making the handshake more expensive in terms of used CPU time.

Some ISPs are now using more sophisticated measures (e.g. pattern/timing analysis or categorizing ports based on side-channel data) to detect BitTorrent traffic. This means that even encrypted BitTorrent traffic can be throttled. However, with ISPs that continue to use simpler, less costly methods to identify and throttle BitTorrent, the current solution remains extremely effective.

The Sandvine application uses a different approach to disrupt BitTorrent traffic that makes seeding impossible. The Sandvine application intercepts peer-to-tracker communication to identify peers based on the IP address and port numbers in the peer list returned from the tracker. When Sandvine later sees connections to peers in the intercepted peer lists, it may (according to policy) break these connections by sending counterfeit TCP resets. Various solutions exist to protect against Sandvine's attack including encrypting both peer-to-tracker and peer-to-peer communication, using Microsoft's Teredo so that TCP connections are tunneled within UDP packets, filtering TCP resets before they reach the TCP layer in the end-host, or switching entirely from a TCP-based transport to a UDP-based transport. Each solution has its trade-offs. Filtering out TCP resets typically requires kernel access, and the participation of the remote peer since Sandvine sent the reset packet to the local and remote peers. Teredo is not available on all BitTorrent clients. Rewriting TCP reliability, in-order delivery and congestion control in a new UDP protocol represents a substantial engineering effort and would require upgrading both ends of any peer-to-peer connection. Increasing robustness to TCP resets solves Sandvine's attack, but it does not prevent internet applications from using the peer lists to perform other attacks such as blocking peer-to-peer connections completely. Encryption also won't stop a traffic shaping system configured to universally slow down all encrypted, unidentifiable or unknown protocols using a method as simple as packet loss. Encrypting tracker communications prevents eavesdropping on peer lists and does not require upgrading both ends of peer-to-peer connections, but it requires imposing computational overhead on the tracker.

Bram Cohen, the inventor of BitTorrent, opposed adding encryption to the BitTorrent protocol. Cohen stated he was worried that encryption could create incompatibility between clients. He also stressed the point that the majority of ISPs don't block the torrent protocol. Cohen wrote "I rather suspect that some developer has gotten rate limited by his ISP, and is more interested in trying to hack around his ISP's limitations than in the performance of the internet as a whole". Many BitTorrent community users responded strongly against Cohen's accusations. Cohen later added the ability to receive but not originate encrypted connections on his Mainline client. Notably, when µTorrent was purchased by BitTorrent, Inc. and then became the next mainline release, the ability to originate encrypted connections was retained.

To the top



Legal issues with BitTorrent

The BitTorrent protocol's wide use for copyright infringement has led to legal issues with BitTorrent.

BitTorrent trackers have been subjected to raids and shutdowns due to claims of copyright infringement. BitTorrent metafiles do not store copyrighted data, so it has been claimed that BitTorrent trackers, which only store and track the metafiles, must therefore be legal even if sharing the data in question would be considered a violation of copyright. Despite this claim, there has been tremendous legal pressure, usually on behalf of the MPAA and RIAA, and similar organizations around the world to shut down numerous BitTorrent trackers.

In December 2004, the Finnish police raided a major BitTorrent site, Finreactor. The case is before the courts, and 32 people, in September 2006, mostly administrators and moderators, are facing charges. Software and media companies are seeking damages worth 3.5 million euros (about 5.4 million USD) in total. Two defendants were acquitted by reason of being underage at the time, but they are being held liable for legal fees and compensation for illegal distribution ranging up to 60,000 euros. The court set their fine at 10% of the retail price of products distributed.

Suprnova.org, one of the most popular early BitTorrent sites, closed in December 2004, purportedly due to the pressure felt by Sloncek, the founder and administrator of the site. In December 2004, Sloncek revealed that the Suprnova computer servers had in fact been confiscated by Slovenian authorities.

LokiTorrent, arguably the biggest torrent source after the demise of Suprnova, closed down soon after Suprnova. Allegedly, after threats from the MPAA, Edward Webber (known as 'lowkee'), webmaster of the site, was ordered by the court to pay a fine and supply the MPAA with logs (the IP addresses of visitors). Webber, in the weeks following his receipt of the subpoena, began a fundraising campaign to pay legal fees in a legal battle against the MPAA. Webber raised approximately US$45,000 through a PayPal-based donation system. It is unclear how much of that money went to the MPAA. Following the agreement, the MPAA changed the LokiTorrent website to display a message intended to discourage filesharers from downloading illegal content. Webber did not comment on this change.

On May 25, 2005, the popular BitTorrent website EliteTorrents.org was shut down by the United States Federal Bureau of Investigation and Immigration and Customs Enforcement. At first it was thought that a malicious hacker had gained control of the website, but it was soon discovered that the website had been taken over by the US government. Ten search warrants relating to members of the website were executed. To date, six admins of the EliteTorrents.org website pleaded guilty to conspiracy to commit criminal copyright infringement and criminal copyright infringement of a pre-commercial release work.

On October 24, 2005, a 38-year-old Hong Kong BitTorrent user Chan Nai-ming (陳乃明, using the handle 古惑天皇 Lit. The master of cunning, (the magistrate referred to him as Big Crook) allegedly distributed the three movies Daredevil, Red Planet and Miss Congeniality in violation of copyright, subsequently uploading the torrent file to a newsgroup. He was convicted of breaching the copyright ordinance, Chapter 528 of Hong Kong law. The magistrate remarked that Chan's act caused significant damage to the interest of copyright holders. He was released on bail for HK$5,000, awaiting a sentencing hearing, though the magistrate himself admitted the difficulty of determining how he should be sentenced due to the lack of precedent for such a case. On November 7, 2005, he was sentenced to jail for three months but was immediately granted bail pending an appeal to the High Court.The appeal was dismissed by the Court of First Instance on 12 December 2006 and Chan was jailed immediately. On 3 January 2007, he was bailed pending appeal to the Court of Final Appeal on 9 May 2007.

In June 2006, the popular website Newnova.org, an exact replicate of Supernova, was also subject to closure.

The Pirate Bay torrent website, formed by a Swedish anti-copyright group, is notorious for the "legal" section of its website in which letters and replies on the subject of alleged copyright infringements are publicly displayed. On May 31, 2006, The Pirate Bay's servers in Sweden were raided by Swedish police on allegations by the MPAA of copyright infringement. The Pirate Bay was back online in less than 72 hours, and returned to Sweden, accompanied by public and media backlash against the Swedish Government's actions. A film, Steal This Film (Stockholm, Summer 2006), relating to these incidents has been produced.

On May 29, 2007, A federal judge ordered TorrentSpy, a torrent website, to begin monitoring its users' activities and to submit these logs to the Motion Picture Association of America. TorrentSpy's attorney, Ira Rothken, has stated that TorrentSpy would likely turn off access to U.S. users before it started monitoring anyone, since such monitoring is in violation of TorrentSpy's own privacy policy.

HBO, in an effort to combat the distribution of its programming on BitTorrent networks, has sent cease and desist letters to the Internet Service Providers of BitTorrent users. Many users have reported receiving letters from their ISP's that threatened to cut off their internet service if the alleged infringement continues. HBO, unlike the RIAA, has not been reported to have filed suit against anyone for sharing files as of April 2007. On the other hand, in 2005 HBO began "poisoning" torrents of its show Rome, by providing bad chunks of data to clients.

In Singapore, anime distributor Odex, has been actively tracking down and sending legal threats against Internet users in Singapore since 2007. These Internet users have allegedly downloaded fansubbed anime via the BitTorrent network. Court orders on ISPs to reveal subscribers' personal information have been ruled in Odex's favour, leading to several downloaders receiving letters of legal threat from Odex and subsequently pursuing out-of-court settlements for at least S$3,000 (US$2,000) per person, the youngest person being only 9 years old. These actions were considered controversial by the local anime community and have attracted criticisms towards the company, as they are seen by fans as heavy-handed.

On November 23, 2005, the Motion Picture Association of America and BitTorrent Inc. CEO Bram Cohen, signed a deal they hoped would reduce the number of unlicensed copies available through bittorrent.com's search engine, run by BitTorrent, Inc. It meant BitTorrent.com had to remove any links to unlicensed copies of films made by seven of Hollywood's major movie studios. As it covered only the BitTorrent.com website, it is unclear what overall effect this has had on copyright infringement.

There are two major differences between BitTorrent and many other peer-to-peer file-trading systems, which advocates suggest make it less useful to those sharing copyrighted material without authorization. First, BitTorrent itself does not offer a search facility to find files by name. A user must find the initial torrent file by other means, such as a web search. Second, BitTorrent makes no attempt to conceal the host ultimately responsible for facilitating the sharing: a person who wishes to make a file available must run a tracker on a specific host or hosts and distribute the tracker address(es) in the .torrent file. Because it is possible to operate a tracker on a server that is located in a jurisdiction where the copyright holder cannot take legal action, the protocol does offer some vulnerability that other protocols lack. It is far easier to request that the server's ISP shut down the site than it is to find and identify every user sharing a file on a peer-to-peer network. However, with the use of a distributed hash table (DHT), trackers are no longer required, though often used for client software that does not support DHT to connect to the stream.

To the top



Source : Wikipedia