Why BitTorrent and anonymous proxies won't help you "escape"
There's a lively discussion going on here, where someone asked if it's possible to escape detection from agencies if he were to use BT with anonymous proxies.
The short answer is NO, you cannot escape detection.
Why? My answer needs to be broken up into several parts. The first part, we need to talk about BT. What is the appeal of BT? One word, speed. It is able to exchange files in a very fast way, even and especially for big files like 1GB. BT was designed and written by Bram Cohen and it was designed and written with speed in mind. With that I believe he didn't and never will add in anything to compromise this. What can compromise this? For one, encryption.
2nd, what if a BT proxy were available for use tomorrow? Ok, since none exists, we use HTTP as a model. To understand how a HTTP proxy works please read elsewhere, but basically we all know about anonymous proxies. However, what anonymous proxies do is to hide your identity from the website. It does not hide your actual act of visiting the website, because your actual request (eg type http://ihatebush.com on your browser) is inside the request to the proxy inside the message headers. This can be seen by something like TCPDump. So while your visit to the website is safe from the view of the website, your actual visit isn't safe from the ISP or any agency.
Someone in the thread then came up with a nice diagram to explain his position that proxies can work, using SSL as a model. I suggested that his idea is flawed, lacking one detail. That detail is the word BitTorrent in his diagram. His diagram is HIS IDEA of a encrypted P2P system. It is NOT and never will be BitTorrent, for the reasons I explained above.
Ok, even if BT is somehow modified by a modder (like say BitComet) to include say SSL and SSL proxying to the design, will it help? To answer that we must understand how SSL and SSL proxying work. SSL is basically PKI between the PC and website. When you add a proxy, what happens?? Actually what happens is that there IS an open connection request from your PC to the proxy to request an SSL connection to the website. For example, this can be seen in the clear:
CONNECT www.dbsbanking.com:443 HTTP/1.1
Once the connection is successfully made, the 2 connections are stuck together and the proxy takes no part in the PKI exchange between the website and your PC. The connection to the proxy is clear and not secure, just like my previous paragraph of using anonymous proxies.
Yes, all this means you only see your request but not the files. However, it doesn't take a genius to do the same thing you're doing and download the same files you downloaded. Afterall, the files are free-access. With the destination discovered I can connect and download. How do you think ppl know what u share on Kazaa? Use Kazaa yourself lah!
Also, if you transplant proxy/SSL to BT and a BT proxy, the entire design of BT is changed. It no longer becomes a P2P tit-for-tat multi-node network. It becomes something similar to say Napster, a client-server model, because your proxy will actually contain all the file chunks (and by extension the files) ppl torrent at one time or another.
Yes, encrypting the data will hide your file contents, but making BT support encryption will cause your PC and BT to slow to a crawl as it is constantly encrypting torrents to upload and decrypting torrents you download. Your PC is 100% all the time, compared to BT's current about 10%. SSL can work on a browser coz it's not constant but per visit. BT is constant. Even web servers and SSL proxies struggle to do SSL. It can't do many, compared to normal HTTP. Dun say a PC.
Encryption and BT do not exist together. If you want encrypted data, I suggest two ideas. One, use Virtual Private Networks, or two, use another P2P software. If you check p2pforums.com there are at least 5-6 other P2P softwares tat support encryption.
But it won't be BitTorrent.
The short answer is NO, you cannot escape detection.
Why? My answer needs to be broken up into several parts. The first part, we need to talk about BT. What is the appeal of BT? One word, speed. It is able to exchange files in a very fast way, even and especially for big files like 1GB. BT was designed and written by Bram Cohen and it was designed and written with speed in mind. With that I believe he didn't and never will add in anything to compromise this. What can compromise this? For one, encryption.
2nd, what if a BT proxy were available for use tomorrow? Ok, since none exists, we use HTTP as a model. To understand how a HTTP proxy works please read elsewhere, but basically we all know about anonymous proxies. However, what anonymous proxies do is to hide your identity from the website. It does not hide your actual act of visiting the website, because your actual request (eg type http://ihatebush.com on your browser) is inside the request to the proxy inside the message headers. This can be seen by something like TCPDump. So while your visit to the website is safe from the view of the website, your actual visit isn't safe from the ISP or any agency.
Someone in the thread then came up with a nice diagram to explain his position that proxies can work, using SSL as a model. I suggested that his idea is flawed, lacking one detail. That detail is the word BitTorrent in his diagram. His diagram is HIS IDEA of a encrypted P2P system. It is NOT and never will be BitTorrent, for the reasons I explained above.
Ok, even if BT is somehow modified by a modder (like say BitComet) to include say SSL and SSL proxying to the design, will it help? To answer that we must understand how SSL and SSL proxying work. SSL is basically PKI between the PC and website. When you add a proxy, what happens?? Actually what happens is that there IS an open connection request from your PC to the proxy to request an SSL connection to the website. For example, this can be seen in the clear:
CONNECT www.dbsbanking.com:443 HTTP/1.1
Once the connection is successfully made, the 2 connections are stuck together and the proxy takes no part in the PKI exchange between the website and your PC. The connection to the proxy is clear and not secure, just like my previous paragraph of using anonymous proxies.
Yes, all this means you only see your request but not the files. However, it doesn't take a genius to do the same thing you're doing and download the same files you downloaded. Afterall, the files are free-access. With the destination discovered I can connect and download. How do you think ppl know what u share on Kazaa? Use Kazaa yourself lah!
Also, if you transplant proxy/SSL to BT and a BT proxy, the entire design of BT is changed. It no longer becomes a P2P tit-for-tat multi-node network. It becomes something similar to say Napster, a client-server model, because your proxy will actually contain all the file chunks (and by extension the files) ppl torrent at one time or another.
Yes, encrypting the data will hide your file contents, but making BT support encryption will cause your PC and BT to slow to a crawl as it is constantly encrypting torrents to upload and decrypting torrents you download. Your PC is 100% all the time, compared to BT's current about 10%. SSL can work on a browser coz it's not constant but per visit. BT is constant. Even web servers and SSL proxies struggle to do SSL. It can't do many, compared to normal HTTP. Dun say a PC.
Encryption and BT do not exist together. If you want encrypted data, I suggest two ideas. One, use Virtual Private Networks, or two, use another P2P software. If you check p2pforums.com there are at least 5-6 other P2P softwares tat support encryption.
But it won't be BitTorrent.
posted by Beng Hacks at 5:58 PM
4 Comments:
Crap.. just some secondary school kid showing off
And wat are you going to do about it, except post anonymously? hum-ji...
Who is showing off?
Case 1, post many diagrams and formulas on a popular public discussion forum like hardwarezone and argue off topic.
Case 2, post your own thoughts in your own blog.
Please, grow up moron. Beng is in the right here and as they say "to the victor belong the spoils". No need for grace or humility except from the loser.
Seems like cci[RR]us has a few groupies at hardwarezone, very irritating. tho I bet it's nice to have groupies do the dirty work for u...
Post a Comment
<< Home