digg

Facebook Connect Join Digg About

Why You Shouldn’t Run BitTorrent Over Tor

chrisbrunner.com A quick story about the harm of using Tor to download torrents and what exit node operators and BitTorrent users can do to save the Tor anonymity network.

Who dugg this? Made popular Jul 10, 2006

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

86 Comments

show profanity settings
expand all
  • blapierre, on 10/12/2007, -10/+86Bit Torrent can be and is used for purposes other than piracy.
  • brunner, on 10/12/2007, -12/+67Yes, but the Tor network isn't the place for it. BitTorrent traffic on Tor only damages the network.
  • jonesin, on 10/12/2007, -8/+39Uh, brunner, those two sentences you wrote above contradict eachother. If "Tor was a system designed to allow the unfettered spread of information", then by blocking piracy it's no longer unfettered. Any time you're deciding for the end user what information he can't view, be it a torrented movie or a "legitimate" web article on democracy, you're censoring the end user in much the same way as the oppressive governments that this system works around.

    Don't get me wrong though, I don't want folks using torrents over Tor, it's slow enough as it is, but I still think that blocking certain traffic goes against the principles of the Tor system.
  • coolguy69, on 10/12/2007, -1/+30mirror
    http://www.duggmirror.com/software/Why_You_Shouldn_t_Run_BitTorrent_Over_Tor/
  • MisterCookie, on 10/12/2007, -1/+29Agreed, all this does is punish those kind enough to donate their bandwidth to the tor network.
  • szelij, on 10/12/2007, -6/+31I can't read the article...got a 404. But i do think that Tor isn't the right place for it...Tor's quite slow actually..so..yeah.
  • inactive, on 10/12/2007, -5/+28You see tor is made of a series tubes,
    Tor is not a truck,
    these tubes can be filled
    You put a message in, it gets in line and its going to be delayed by anyone that puts into that tube enormous amounts of material.

    SO Ted Stevens was actually talking about Tor.

    (just satire, i dont torrent over tor and wont.)
  • blapierre, on 10/12/2007, -15/+36Doesn't blocking specific traffic defeat the whole point of Tor?
  • g0zer, on 11/11/2007, -6/+25oh man, this is hilarious. you submitted an article on your crashtastic blog with a dubious claim, and a useless solution:

    ExitPolicy reject *:1214
    ExitPolicy reject *:4661-4666
    ExitPolicy reject *:6346-6429
    ExitPolicy reject *:6881-6999

    news flash -- bittorrent runs on any port you want. in fact, most people already use alternate ports.

    lol, who digg'ed this again?
  • MattH, on 10/12/2007, -0/+16Tor is good for running trackers , but but running a Bittorent client over TOR is very conterproductive

    I2P encourages Bitttorent traffic over thier network .
  • sillygates, on 10/12/2007, -2/+18Its sad people use TOR for large transfers, slowing down the network, but the nature of tor is to preserve anonymity, and privacy, targeting specific traffic could reduce access to people who need to use it, say, a person in china downloading a politically con traversal document, why is it anyone Else's business anyway?

    The only reasonable way to help protect Tor is informing users when they should and should not use Tor, not blindly blocking access, or trying to figure out what those people are doing on the Internet.
  • Reweave, on 10/12/2007, -0/+16Why you shouldn't run BT over Tor: Tor doesn't have the bandwitch capacity necessary to handle this, so you won't download much through it anyway.
    It's always been kind of slow, much like freenet.
  • Recluse, on 10/12/2007, -2/+17I'm using tor right now at work and sometimes it is slow as dog crap, I can't help but think this is partly because of people using it for bittorrent.
  • pbaehr, on 10/12/2007, -1/+14There wasn't very much information in the article but I'll digg it because it's an important statement.

    Maybe they will make Tor into a scalable network and allow torrent traffic in the future, but for now it's just a pain in the ass and slows everything to a crawl.

    Also, while I don't download torrents through Tor, I do run the communication with the tracker through Tor. It doesn't anonymize you to peers, but the tracker can't tell where you're coming from and it doesn't hurt the Tor network since it's low bandwidth, periodic communication.
  • Duston, on 10/12/2007, -0/+11While I believe that anyone who knows about Tor also runs there Bit-Torrent on an alternate port but regardless you should not be running it through Tor. The network simply cannot handle the traffic and if you are a member of any private Torrent sites this often breaks the log in. As you hop IP Blocks too much.
  • pbaehr, on 10/12/2007, -3/+14Apparently it's so slow you were tricked into double submitting your comment.
  • kimos, on 10/12/2007, -12/+21@badbox: "After all, if you have nothing to hide, then why are you using Tor to begin with, right?"

    That's a horrible outlook. Just because you're not doing anything wrong doesn't mean you shouldn't be allowed to have your privacy. I don't transfer any important information through my gmail account, but I still always use https... If I don't want people monitoring what I'm doing, then I'll do what I can to stop them.

    It's reasoning like that that is allowing the American government to invade the privacy of it's citizens.
  • Piper7865, on 10/12/2007, -2/+11Yah I'm running Tor right now but I don't run Bit-torrent over it it just takes up too much bandwidth
  • tokachu, on 10/12/2007, -1/+9There's an easier solution to this. Use this exit policy:

    ExitPolicy allow *:53
    ExitPolicy allow *:80
    ExitPolicy allow *:443
  • maninblac1, on 10/12/2007, -1/+8Other Bittorrent clients have had encryption for almost 6 months now, high level encryption is nothing new to the torrent community. The fact that the "standard" Bittorrent client will have it only worth noting since it will increase then number of crypted connections. However, if it's not RC4, it won't be compatible with the other clients anyway.
  • solidcube, on 10/12/2007, -2/+9@Badbox: Reading comprehension? Not so much. I think maybe many of the people here have very good reading comprehension.

    Maybe it's just that they don't like being called douchebags.
  • g0zer, on 10/12/2007, -5/+11Why You Shouldn't Run BitTorrent On Your Wordpress Server
  • hadees, on 10/12/2007, -0/+5It is true I2P is being designed to allow bittorrent to be used over it but you shouldn't do it there just yet. First I2P doesn't have exit nodes so you can only share with other I2P users. Also it is still in early development and the network can't handle the load of a site such as mininova or thepiratebay. When it is mature it will most certainly be the best option for using bittorrent with out getting caught. For now though your best bet is to try to block IPs of companies that could be trying to watch you.
  • schmichael, on 10/12/2007, -2/+7Those are simply the most popular BT ports that many BT clients are configured to use by default. Your average user (and people like me who just don't care) never touch the port numbers. So I'd guess those port numbers block a significant amount of BT traffic.

    I think its a good article with a valid point. BT is a bandwidth hog, and bandwidth is something Tor never has enough of.

    Take your trolling elsewhere please.
  • Jozer99, on 10/12/2007, -0/+5Tor is a P2P network. People on the network are responsible for the bandwidth capacity of the network as a whole. The more people who share bandwidth (by setting up a tor server, not just using the client) the faster the network. Right now, the amount of bandwidth donated is much smaller than the amount needed by all those bittorrent users.
  • templest, on 10/12/2007, -1/+6This may sound like an newb question, but *how* exactly do you do that?
    Because that sounds mighty handy. :-)
  • maninblac1, on 10/12/2007, -0/+5Okay, here's a big question, if you use Bittorrent, why are you bothering with the Tor network anyway. Of the networks available in the USA Bittorrent is probably the most secure and hardest to shut down. Except WASTE, but that's only for very small private networks. Of the few thousand lawsuits a year, very few come from the torrent community. It's like adding insult to injury, sure does it make you more anonymous yes, but is it really necessary?
  • SpacemanSpiff, on 10/12/2007, -3/+7PeerGuardian
  • M2Ys4U, on 10/12/2007, -3/+7Exactly if you're smart enough to be using Tor you're smart enough to know to change the default BT port number.
  • Jozer99, on 10/12/2007, -2/+6Well, now I know that you shouldnt use Tor for bittorrent (I didn't, but its good to know). What SHOULD I use to protect myself when I use bittorrent?
  • inactive, on 10/12/2007, -0/+4I think he suggests these ports because this is what clients have as defaults but I do understand that anyone who knows about and used TOR will be able to change their port number
  • inactive, on 10/12/2007, -3/+7I don't think so. Tor doesn't seem to be in need of bandwidth....I [tor]rent occassionally, and get 100KB/s down right along side my 110KB/s up. Likely tor's problem is ping time, travelling through several servers would greatly increase the amount of time needed to load a webpage. You wouldn't notice this on a torrent since thats just moving data where pings don't matter.

    I justify using Tor by donating 3x the total bandwidth I used once I'm done [tor]renting. If people want to be anonymous, and they use tor, but it drives them to set up and donate 3x the bandwidth they used when [tor]renting, that can only be a good thing.
  • mookieXL, on 10/12/2007, -0/+4I2p
  • eosp, on 10/12/2007, -2/+6@tokachu:

    Let us use SSH at least.

    @everyone else:
    Also turn off images in your browser until you need them.
  • leva, on 10/12/2007, -0/+3I didn't really know what Tor was, but now that I know I'll let my friend know to stop using it for torrents. Also makes me want to set up a node myself, for Tor.
  • Hellmark, on 10/12/2007, -0/+3I thought that everyone believed bit torrent over tor was stupid, since you're effectively having 2, 3, 4, 5, etc other machines use as much bandwith, when many other people are trying to connect through those same spots. Its kinda selfish. Not to mention there are other ways for anonymous bit torrent usage.
  • Jozer99, on 10/12/2007, -3/+6Theres nothing in the Bible, Torah, or Koran about Nazis, does that mean being a Nazi is ok? Didn't think so. Just because it isn't explicitly stated in the manual doesn't mean that Bittorrent isn't bad for Tor as a whole. Its just common sense that using all of that bandwidth in Tor while not giving any back is a bad thing.
  • ePlus, on 10/12/2007, -0/+3Is a shame that Digg.com blocks Tor IP addresses. Talk about keeping anonymous....
  • acceptab1euname, on 10/12/2007, -2/+5@ electrosoccertu:

    That's a pretty lame rationalization for slowing down the Tor network for everybody else, and possibly putting those running exit nodes in danger. Not to presume you're torrenting anything illegal or at least actionable in court, but those who do can put people running exit nodes at risk of lawsuits and prosecution. Donating 3 times the bandwidth they consume doesn't do much to balance out the potential risk to the exit node admins. The increase in bandwidth is pretty worthless if it comes with a decrease in the number of exit nodes resulting from the owners/maintainers getting sued or arrested because somebody wanted to "(tor)rent " themselves some mp3s or something.

    Electrosoccertu, I'm not accusing you of being a pirate or doing anything illegal, I just object to your rationalization. I'm sure other people do the same thing, and regardless of the legality it makes the Tor network slower, and that can't only be a good thing.

    What about the guy running the exit node that gets sued by
  • chong, on 10/12/2007, -5/+8Haha, crashtastic indeed. I don't even know why this guy keeps posting his site to digg; that, and specific to this instance, his workaround does absolutely nothing. No digg.
  • StickyWidget, on 10/12/2007, -0/+2Wouldn't it be easier to track bandwidth at the entrance nodes for individual users? Then, a global policy could be coded which allows a certain amount of bandwidth, then decreases allowable bandwidth after that point in increments. To get more bandwidth, you have to share bandwidth with the rest of the Tor community.

    An example would be this:
    I decide to download a perfectly legal movie from the BitTorrent network, but I want to be anonymous while downloading it(perhaps I don't want my ex-girlfriend to know I'm spying on her by watching posted videos about her drunken exploits...). While downloading, I get an excellent rate for a little while, but it periodically drops down to nothing. At this point, I'm wondering what the deuce is going on, and realize I'm not giving back to the network the amount of bandwidth I'm attempting to use. So, I set Tor to share some of my bandwidth to bring it back up. I'll never transfer at full capacity, but I'm now giving back to the network and increasing my ability to download at a reasonable rate.

    Using a system like this, small downloads are handled by the network, but large downloads require a payback of sorts. Tor already keeps track of us at the entrance nodes using the shared encryption key, I don't see how keeping track of bandwidth according to that key would cause anonymity to fail. The only problem is estimating the amount you'd have to give back in order to balance the equation, as the traffic is routed over multiple internal nodes before it gets to the exit node.

    Comments?
  • mookieXL, on 10/12/2007, -0/+2Best solution would be if trackers blocked TOR traffic. It's much easier to do.
  • jasqwerty, on 10/12/2007, -0/+2Okay, my statement just needs some amending then:

    "I don't traffic in warez, child porn, or live in Saudi Arabia or China or the UK"

    :-)
  • shortyzgotpop, on 10/12/2007, -0/+2What about just using Tor to do tracker updates? It just uses a few KB's of bandwidth and only happens every 20 minutes or so. And it still offers pirates near-total anonymity from the MAFIAA.
  • sillygates, on 10/12/2007, -1/+3many programs like Azureus randomly generate a port anyway. In cases like that you dont even need to change the port manually.
  • evendell, on 10/12/2007, -0/+2@eric0213: No. Tor exit policies apply only to Tor traffic and do not affect other TCP/IP traffic on that node; they are set in the torrc file, not in the OS of the device/router/PC/whatever.
  • ballsanya, on 10/12/2007, -0/+2@badbox

    If nobody can understand what you're writing...maybe it says more about your writing ability than our reading comprehension...just a thought
  • tehgooch, on 10/12/2007, -0/+2Meh, this is really a non-issue. It is up to the exit-node-operator what they want going through their node even if it is a stupid reason. Personally I block everything but port 22, 21, 80, and 443 because I just don't want to deal with anything else.
  • Dracker, on 10/12/2007, -0/+1BitTorrent doesn't kill Tor because it's piracy.

    BitTorrent kills Tor because it's high bandwidth.

    And it's a lot more security than even most pirates need. They could just use a public proxy server that doesn't give out source IPs in a country with lax piracy laws (There are quite a few of these around) plus an ip filter like PeerGuardian to block known anti p2p organizations.

    Public proxies have fat pipes and they make it available. Tor is an encrypted network across volunteers' internet connections. Your speed will be better using the former as well.
  • keksovkeks, on 01/21/2008, -0/+1About use proxy and anonymous surfing http://vprivatenetwork.com/index.php?action=config
  • Fetching more discussions...
    Show 51 - 86 of 86 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.