Makestation
I Know What You Download... - Printable Version

+- Makestation (https://makestation.net)
+-- Forum: Technical Arts (https://makestation.net/forumdisplay.php?fid=45)
+--- Forum: Software (https://makestation.net/forumdisplay.php?fid=104)
+--- Thread: I Know What You Download... (/showthread.php?tid=3109)



I Know What You Download... - Lain - July 13th, 2020

https://iknowwhatyoudownload.com/

This is pretty big. I'd imagine a whole lot of people are going to be getting some love letters from their ISP in the next couple of months...

Essentially, this site is the data collected from a couple of bots running various torrents to see which IPs connect to it and are downloading certain torrents which include copyrighted material (or in some cases, non-copyrighted material.) for instance, back in the day, I would use TPB or KAT to download games and movies, but nowadays I just use private trackers to download anime or fully-legal torrents to download Linux distros because HTTP transfer of large files is usually unreliable.

Luckily, in my case, I never got caught back in the day (Canada is very lenient on torrent-use and piracy, often times not caring unless you turn a profit selling unlicensed content), and nowadays I use a (premium) VPN to torrent anything, so these guys don't have any data whatsoever on my IP.

So, I'm gonna turn this into a somewhat informative thread.



Torrents and P2P

Torrents are more reliable than a normal download in your web browser for one reason primarily.
A torrent splits the entire downloaded data into various parts, then downloads those small separate parts instead of the entire thing which results in the entire downloaded data when put together.

So if you're downloading a 4GB file and your internet cuts out once you've downloaded 3GB, you usually need to restart the whole thing. That means you end up downloading 7GB total instead of the 4GB you bargained for.

But if your internet cuts out after 3GB when downloading a torrent of the same data, then when you start it again, it'll verify all the data you do currently have, then can restart from all the data you do have and only download the remaining part you don't have. By extension, this means torrents also supports pausing and stopping torrent downloads manually, or downloading half of it, waiting a day, then coming back later when you have time to download the rest.


But torrents are also P2P. In other words, you're downloading all the data from other users on the network who are both hosting the complete data, or users who have downloaded and are still downloading certain parts, but have parts available that you don't have.

And if your connections are being done straight to another user without any sort of middleman, then you can see the IP of the user you're connecting to, and the other user can see your IP when they connect to you as well.


So how does a torrent client know which users are on the network?

Two ways. One is trackers, and the other is DHT.

Trackers are a way of acting like a 'middleman' server in the sense that you can connect to the tracker and give it some data like:
1. what you're downloading
2. What parts you have
3. Your IP
And it'll take that data, have it accessible to other users, and then you can use its other data to find other users who have parts you don't have, then connect to them to download what you don't have (and allow other users to connect to you to download parts they don't have but parts you do.)

Although it sounds kind of unsafe, it's actually a pretty good way to stop law enforcement from seeing you online. Most tracker servers are private, meaning you need to register on a site to have your IP whitelisted, and those registrations are very exclusive, only allowing a few users to join through invitations of existing users, or by going through rigid interview processes and only allowing those interviews to open every few months to stop the community from getting too big.

DHT is a little different. More on this in the next section.



Kademlia/DHT

Kademlia is a protocol that's most commonly used by default in most major torrent software like uTorrent or Bittorrent. It essentially allows the downloader to find other users who are also downloading a torrent, just like a tracker, but without actually having a centralized server that stores the data.

In fact, it's often abbreviated to DHT, or Distributed Hash Table meaning that the hash table is spread among other users online just like the way Bitcoin (and other crypto blockchains) are propagated. Yes, there are certain 'centralized' servers which contains complete synchronized data sets around the world which you can connect to in order to get some data to start yourself off, but each user who uses DHT has their own copy of the data as well.

It's often turned on by default on most torrent clients because it's a way for users to simply download whatever they want from public sites like TPB.

The problem with DHT is that, well, it's open and every user has their own copy of the data.

And that's how IKnowWhatYouDownload works.


All the site above does is scan and read data from the DHT to harvest information on all the users who have DHT enabled. It can see which IPs are downloading which torrents, how far into it they are, which ones are also uploading (i.e. sharing) data, and data they can upload based on what they already downloaded.



So, the moral of this story is:
1. Don't pirate stuff.

But more importantly,
2. If you're going to pirate stuff, stay safe when doing it.
2.a) Disable DHT
2.b) Use private trackers
2.c) Use a VPN or a seedbox if you want the added security of hiding your IP entirely.


RE: I Know What You Download... - Thomas - July 14th, 2020

I'm seeding 1400 torrents right now, and this site only sees two things I've never even downloaded.


RE: I Know What You Download... - Lain - July 14th, 2020

(July 14th, 2020 at 10:11 PM)Thomas Wrote: I'm seeding 1400 torrents right now, and this site only sees two things I've never even downloaded.

Indeed, if your torrents don't have DHT enabled on them (it's usually in the magnet parameter like ?DHT=1 or something of the sort) then this site won't be able to pick up your IP from the list of peers/seeds.
Also consider that they only have a few thousand torrents being monitored, many of them being versions of games like World of Tanks/World of Warships, so that also throws off the statistics.

But checking other (public) IPs on my /24 subnet (last number differing) I found one of my 'IP-neighbours' downloads a shitload of porn.
I wonder if it's a quarantine thing...


RE: I Know What You Download... - Guardian - July 15th, 2020

Thankfully they have nothing on me....

Which is obviously NOT surprising. Tongue

I mean... Big Grin


RE: I Know What You Download... - Darth-Apple - July 22nd, 2020

It´s insane just how much we can be tracked nowadays. It´s only a matter of time when lawmakers start passing laws that allow police to check records without a warrant. Huh


RE: I Know What You Download... - Guardian - July 22nd, 2020

(July 22nd, 2020 at 2:21 AM)Darth-Apple Wrote: It´s insane just how much we can be tracked nowadays. It´s only a matter of time when lawmakers start passing laws that allow police to check records without a warrant. Huh

I would say that;s why we have the 4th Amendment, but police and lawmakers violate half of the Bill of Rights on a daily basis anyway. Huh


RE: I Know What You Download... - Plushy - July 22nd, 2020

Holy Molly I have 1 registered

Fortunately one of the few advantages of living in a 3rd world country is goverment really doesn't care about this stuff and even with more copyright laws those are only pretexts to censore anti goberment media, activisms, etc and they are not gonna make anything because a nobody download a "chinese cartoon"


RE: I Know What You Download... - Lain - July 22nd, 2020

(July 22nd, 2020 at 4:44 PM)Plushy Wrote: Holy Molly I have 1 registered

Fortunately one of the few advantages of living in a 3rd world country is goverment really doesn't care about this stuff and even with more copyright laws those are only pretexts to censore anti goberment media, activisms, etc and they are not gonna make anything because a nobody download a "chinese cartoon"

That's what it's like in Canada too.
Unless you're actually making a decent sum of money off either selling/distributing pirated media or using it for other commercial purposes (think: pirating stock photos for an ad campaign) then it costs them more money to sue you than the amount of money they will get for suing you. It's a lose-lose situation, so they just sit back and wait for something big to pop up.

So yeah, the government doesn't really care what you do as long as it doesn't negatively affect your immediate community or doesn't hurt them in any way.