digg

Facebook Connect Join Digg About
See the original image at torrentfreak.com

IsoHunt Goes Secure, Adds SSL Encryption

torrentfreak.com ISPs and authorities increasingly use Deep Packet Inspection hardware to block access to BitTorrent sites, or spy on users’ browsing habits. To offer its users more privacy, isoHunt has now added SSL encryption, making it impossible for your ISP or the authorities to monitor your activities on the BitTorrent site.

Who dugg this? Made popular Jun 27, 2008

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

88 Comments

show profanity settings
expand all
  • geekchic, on 06/27/2008, -0/+71"making it impossible for your ISP or the authorities to monitor your activities on the BitTorrent site."

    Never say "impossible" where technology is concerned.
  • inactive, on 06/27/2008, -4/+46i for one welcome our new ssl encrypted isolords
  • dsmx, on 06/27/2008, -0/+29Peer guardian is only useful against know threats much like an anti virus programme, it's better than nothing however don't rely on it.
  • straylight51, on 06/26/2008, -1/+30Awesome, IsoHunt rocks big time for major movies. You should still stay safe though using peer guardian or something like it
  • evilxhwnd, on 06/27/2008, -2/+24There is nothing wrong with peer guardian. It does not provide 100% protection against performing copyright infringement, however, it does lower the chances of getting in trouble. If you are going to download copyrighted stuff, do use peer guardian.
  • nekroskoma, on 06/26/2008, -1/+23i like this news

    brb, encrypting connection
  • peterjmag, on 06/26/2008, -0/+19It's always great to see sites like these standing up for their community.
  • nybble41, on 06/27/2008, -0/+17One Time Pad (OTP) encryption can't be broken; all one can determine about an OTP cipher without the key is the maximum length of the message. Unfortunately it requires that you exchange keys in advance through some other secure channel (e.g. in person), which renders it impractical for general Internet use. (Quantum Encryption is actually OTP with a clever solution to the key-exchange issue.)
  • anononon, on 06/27/2008, -0/+15I just tried it out. It wor
  • SocialPoison, on 06/27/2008, -0/+14Came here for this. The only absolute when it comes to encryption is that every encryption can be broken.
  • bhattsan, on 06/27/2008, -3/+16***** THE RIAA
  • estvir, on 06/28/2008, -1/+13On why SSL doesn't really matter for torrent sites by someone else:

    "This is a terrible idea. It will not change the game at ALL. I highly doubt you can go to jail over "searching" for something, so what are they really trying to hide? The point is, the tracker is still open to the public and you're still going to get nailed for your downloads. All they need is your IP -- nothing has changed.

    We're going to see a lot of torrent users who are not very computer literate thinking they are safe. They're far from it.

    There's only one place you can download from at will with end to end encryption and zero records of your activity and it's NOT bittorrent nor will it ever be."

    The person made that comment when TPB announced SSL. I guess though for accessing the site it may help.
  • Lixie, on 06/27/2008, -0/+12Now, if only there were some way to wager money that certain lawmakers will try to make it illegal to use SSL encryption.
  • SolidSnak, on 06/28/2008, -0/+11CRAA Cartridge Remanufacturers Association of Arizona (Mesa, AZ)
    CRAA Casselton Regional Airport Authority (Casselton, ND, USA)
    CRAA CECLANT Routine Activity Area
    CRAA Cedar Rapids Aquatic Association (Iowa)
    CRAA Center for Relationship Abuse Awareness (Palo Alto, CA)
    CRAA Centre for Radiochemistry and Activation Analysis
    CRAA Chattanooga Regional Anthropological Association
    CRAA Chimney Rock Archaeological Area (Colorado)
    CRAA China Refrigeration and Air-conditioning Industry Association
    CRAA Chinese Restaurant Association of Arizona
    CRAA Chipola Regional Arts Association (Florida)
    CRAA Colorado Rock Art Association
    CRAA Columbus Regional Airport Authority (Columbus, Ohio)
    CRAA Committee for Rehabilitation Aid to Afghanistan
    CRAA Commodore Racing Association of Australia Inc.
    CRAA Computer Related Abbreviations and Acronyms (Andreas Hammarstedt)
    CRAA Connecticut River Arabian Association, LLC
    CRAA Coon Rapids Athletic Association (Minnesota)
    CRAA Cotabato Regional Athletic Association
    CRAA Credit Reference Association of Australia
    CRAA Credit Reporting Agencies Act
    CRAA Credit River Anglers Association (Ontario, Canada)
    CRAA Critical Reflection Activation Analysis (surface analytical technique)

    ?
  • ExRe, on 06/28/2008, -0/+10I'd like to see them try.

    Online stores and banks would have to block all US traffic. The internet would basically have a stroke.
  • thecheatah, on 06/28/2008, -0/+9OOh yea, lets spend thousands of cpu hours trying crack a key for the possibility of catching someone. Smart!
  • Dohko_Xar, on 06/27/2008, -0/+7Yup, I learned the lesson with the Gibson
  • vfreak2, on 06/27/2008, -1/+8See? We're humans - we'll just adapt. How is the record industry going at adapting to new technology (which is what created their industry in the first place)? hmm...
  • bagelmaster, on 06/28/2008, -0/+6How dare the government (or ISPs, or other organizations) spy on me without a warrant or probable cause.
  • MAGZine, on 06/27/2008, -3/+9May I be the first to say... shizam.

    F.T.RIAA.
  • SolidSnak, on 06/28/2008, -1/+7***** the MPAA!
  • Louis11, on 06/28/2008, -0/+6SSL is for the website you stupid *****, not the actual torrenting.
  • johnkelly84, on 06/28/2008, -0/+5I'm not sure what you mean. If the secure web server is providing a third-party signed X.509 certificate, there isn't a way to pull a man-in-the-middle attack that inspects the connection's contents, assuming that the client machine does not trust the attacker's CA. That's the whole reason secure websites offer signed certificates to identify themselves.

    As far as I know, products like ClearTunnel just generate new certs on the fly to re-encrypt the connection using its own CA (usually a subordinate of the enterprise CA) which must be trusted on all client machines connecting to the secure server.
  • ExRe, on 06/28/2008, -1/+6ZaZ, the private key is NEVER transfered.
    http://en.wikipedia.org/wiki/Transport_Layer_Secur ...
  • thedragon4453, on 06/28/2008, -2/+7Take the time to do it right...


    ***** THE RIAA!!!
  • PHiZ187, on 06/28/2008, -0/+5Wow, this isn't just some checkbox that IsoHunt checked and boom now you have SSL encryption. SSL is VERY processor intensive, so they are taking a hit in that they are going to need to pay for more processing power to support this. Pretty cool.

  • noBananas, on 06/28/2008, -0/+4Excactly. Thx
  • seandfeeney, on 06/27/2008, -1/+5At what cost to speed?
  • PopcornDave, on 06/28/2008, -0/+4Very few people give bets on a sure thing.
  • Snokage, on 06/27/2008, -3/+7does it matter? if your DL'd it for free. who cares how long its takes.
  • inactive, on 06/28/2008, -0/+4Did anyone else just try to go to https://www.digg.com because of this story?
  • SolidSnak, on 06/28/2008, -0/+3Well at least its not practical enough for them to attempt to crack the encryption.
  • runelind, on 06/28/2008, -0/+3Wow, I am not sure...but...yep...you posted an outright lie! No government or other entity can break SSL encryption, unless they have some whiz kid locked away in a basement somewhere that is really damn good at factoring giant numbers. The only way people "break" SSL encryption is by SSL proxies, that is, they intercept your traffic with their own certificate, and then pass on your traffic to the real host. With this in place your browser will throw a hissy fit about the certificate chain not being complete.
  • Rotzooi, on 06/28/2008, -0/+3**cough**Relakks.com**cough**
  • Ford_Prefect2nd, on 06/28/2008, -3/+6***** the CRAA
  • johnkelly84, on 06/28/2008, -0/+3The U.S. used to heavily restrict the export of cryptographic technology, so web browsers "exported" from the U.S. had to be limited to 40-bit encryption, compared to the normal 128-bit encryption in use domestically at the time. Various other countries also have restrictions on exports, imports, and use of encryption.
  • Logicwax, on 06/28/2008, -0/+3there is a way, via man-in-the-middle attacks. but your ISP wouldn't go that route, as it might be illegal and they probably don't care about you that much to do that.
  • SnowCrashv5, on 06/28/2008, -0/+2To protect against throttling AND to stay safe:

    1. Use bit torrent trackers in countries with weak copyright law.
    2. Use a VPN (like Relakks provided by the pirate party)
    3. Encrypt your bit torrent headers
    4. If you use linux, modify your iptables to un-throttle comcast's sandvine
    5. Use Peer Guardian.

    If EVERYONE (or most everyone) followed some or most of these practices, the RIAA/MPAA would go ape *****.

    Or even better, use free software and support independent musicians and movies and stop giving big media the attention it wants.
  • tian2992, on 06/28/2008, -0/+2It is the Tracker, the speed varies only when encrypting the connections. Which by the way reduces speed only slightly, while letting you bypass package filtering.
  • DigitAl56K, on 06/28/2008, -0/+2They're already Doing The Wrong Thing(tm):

    "Just a heads up: we did in fact buy certificates, but loading some pages may cause warnings due to ads and digg not being on SSL secured connections, so please don't complain if you see these warnings. Your communication to isohunt.com and torrentbox.com are fully secure when browsing under https://. "

    I.e. "Ignore warnings your browser gives you about SSL". If you're going to ignore the warnings, someone can substitute another certificate and do MITM, since you're going to click "OK" anyway.
  • OpCzar, on 06/28/2008, -0/+2Reminds me of Deus Ex:

    "JC DENTON
    And all we have to do is crack the code.

    BOB PAGE
    Mathematically unlikely. As are your chances of leaving the Ocean Lab, by the
    way."
  • Spanq, on 06/28/2008, -1/+3Peer Guardian can be useful since many complaints from copyright holders sent to ISP's make the arguement about piracy if your IP address is caught merely sending data.
  • tama00, on 06/28/2008, -0/+2just change the url to https instead of http
  • tian2992, on 06/28/2008, -0/+2It sucks that All of the posts on Isohunt have a Digg it!™ button, yet all of the Isohunt related news i've seen on digg, come from Torrentfreak
  • dralezero, on 06/28/2008, -0/+2There's only one place you can download from at will with end to end encryption and zero records of your activity and it's NOT bittorrent nor will it ever be."

    ??
  • mrsteveman1, on 06/28/2008, -0/+2"If you use linux, modify your iptables to un-throttle comcast's sandvine"

    If you mean set iptables to block RST packets, thats stupid. You aren't just blocking the false ones you are blocking all of them on whatever port you put into the rule, and your TCP connections will pile up and screw your router into a backflip.
  • Mysk, on 06/28/2008, -0/+2Their website explains this. Adservers and digg.com buttons are not transported over an SSL connection. Those are the things that are triggering the warning that some elements are not secure.

    They don't matter. The point is not to hide the fact that you're on isohunt. The point is to make it more difficult for governments and ISPs to block access to the site, which is so far successful. :)
  • Fetching more discussions...
    Show 51 - 90 of 90 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...

© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.