this post was submitted on 05 Nov 2023
13 points (100.0% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

1444 readers
17 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

This is an continuation of my last post, specifically a comment from @rufus@discuss.tchncs.de:

It will never get recommended. It’s bad for the network and bad for your privacy.

Excluding that doing so is bad for the network, why it is "private" using VPN but not Tor, inferring from common consensus. The main point in the blog post is a protocol level problem:

apparently in some cases uTorrent, BitSpirit, and libTorrent simply write your IP address directly into the information they send to the tracker and/or to other peers

Tor and VPN are both transports what wrap other traffic within. If that statement is true, no transport can save the information leaking nature of the BT protocol itself.

top 7 comments
sorted by: hot top controversial new old
[–] rufus@discuss.tchncs.de 18 points 1 year ago* (last edited 1 year ago) (1 children)

Both work quite differently. TOR routes you over several layers, obscures your IP and changes the IPs around occasionally so you can't be tracked.

With Bittorrent you want lasting connections to other peers to be able to receive and send all the data. This doesn't align with the ever changing IPs and stuff.

A VPN gives you one IP that you can have for hours.

A VPN supports UDP connections, TOR doesn't.

Connecting your Bittorrent client to the Socks-Proxy of a TOR client is a different setup than it just sending normal packets through a VPN tunnel.

TOR is slow (by design), a VPN is fast.

If your client or something leaks your IP it happens anyways, if you route it over one node or seven. All the extra energy is just wasted.

And bittorrent puts even more strain on the TOR network the way it works. Making it slower for anybody else. And (ab)using the resources volunteers provide. (And which are meant for better use-cases.)

[–] umami_wasbi@lemmy.ml 2 points 1 year ago (2 children)

If your client or something leaks your IP it happens anyways, if you route it over one node or seven. All the extra energy is just wasted.

Yes. That's how I see the problem.

And bittorrent puts even more strain on the TOR network the way it works. Probably making it slower for anybody else.

I understand and agree.

In the context of this question, I don't really cares if the IP changes or if UDP supported or the network degraded. I'm asking a more fundamental one: when the data in the BT protocol contains sensitive information, then why VPN/I2P is acceptable but Tor (or other transport) are not? That sensitive info is still being transmitted. If that Tor blog is true, then no matter what we use, it is still bad for privacy.

[–] rufus@discuss.tchncs.de 7 points 1 year ago* (last edited 1 year ago)

Well, I don't know the exact reasons. I read somewhere that it's been a frequent issue. That has either to do with the way the torrent client is programmed and it doesn't pay attention to the specifics for that case. Or the users frequently get the config wrong.

For example: Since Tor doesn't support UDP, if your torrent client sends out a UDP packet, it goes over your normal internet connection, immediately revealing your real IP. Whereas if you used a VPN, the packed had been tunneled and that would disguise you.

Also the Socks-Proxy setup is more complicated. Seems to be the case there are just many more possibilities to get it wrong.

I don't know any reason why you couldn't theoretically get it watertight. But you have to pay close attention to do it right.

There could be specifics to torrent traffic that expose you in some way. I'm not sure, you'd need to ask a security expert about this. But a torrent download is another kind of data stream than the web-surfing Tor was made for. I know there was research done on Tor. I can only speculate.

load more comments (1 replies)
[–] binhex@feddit.uk 8 points 1 year ago (1 children)

It's not bad for privacy, is bad for TOR

[–] Lemongrab@lemmy.one 2 points 1 year ago

And privacy because no crowd to blend in with.

[–] antlion@lemmy.dbzer0.com 6 points 1 year ago (1 children)

Tor routes through relays, which could be run by digital rights holders or government entities. Presumably they could trace with some effort. VPN is an encrypted connection to some trusted party who is accepting your money. Some VPN providers have policies about keeping no logs of your network traffic. Presumably the VPN provider needs good lawyers to know they can safely discard and ignore all the copyright notices. If the VPN provider did keep logs, and if they were legally compromised in some way, the VPN would no longer be protective.

[–] rufus@discuss.tchncs.de 3 points 1 year ago* (last edited 1 year ago)

The relays don't have access to the content, it's encrypted. But the exit-nodes can see what you're transmitting. They just don't know who you are because they got your data forwarded by the relays.