Ratio Vulnerability in BitTorrent Discovered

An anonymous reader writes "The "vulnerability" has been tested on all the major torrent trackers that use the torrentbits source code. The idea is that you will sniff your torrent info using the HTTP Analyzer and with Firefox you will update your stats to the tracker being identified as a client."

Was it good to publicise this?

[Agret]

Was it really a good thing to make this public?
Won't this cause a new wave of leechers?
A lot of trackers are built on torrentbits.

Re:Was it good to publicise this?

[zegebbers]

According to the IE7 thread, the only way to force fixes is by disclosing vulnerabilities. Goose, gander etc I suppose

Re:Was it good to publicise this?

[Sorthum]

Actually, this is a common concern among security folks. "If we announce a bug, those who don't patch are going to get pwned."

Only security researchers generally don't use the term "pwned" in their press releases...

Re:Was it good to publicise this?

[mrRay720]

Yes, it's amazing how opinions on that sort of thing changes for so many people when the product in question isn't "their's" but "ours".

I would say that it's hypocritical but... ..I caa't think of a but. It's just hypocritical.

Re:Was it good to publicise this?

I'm going to be a bit vitriolic, but you deseve it.

Was it really a good thing to make this public?

Yes, it was. This way, all people will know about the vulnerability, and we can get around to design something better - instead of it spreading among leachers and not to the general population.

Won't this cause a new wave of leechers?

That's part of the idea. Bittorrent is an open protocol, and when everyone knows about the vulnerability - it's a tad more pressure on various developers to remove the design flaws.

A lot of trackers are built on torrentbits.

So fucking what? Do you want to tell mother nature not to send a hurricane against New Orleans, because it will be a disaster? No, you won't.

What you will do, on the other hand, is try to design something that works. If it doesn't work, it's back to the drawing board. Keeping silent is what companies such as microsoft think is a good idea. It is not. It's a hellish bad idea. You'll have various scum abusing the vulnerability without everyone knowing about it. You'll have admins having these kind of thing biting them in the ass without being prepared for it.

Publishing this kind of information, even though when it's a deep design flaw in the trackers such as this, makes it easier to cooperate and eliminate the fuckups. Keeping silent about it doesn't do any good at all.

Did you know that various worms abused sendmails "debug" command in eariler years? And that it gave you a root-shell on the mailserver? No? Well, it wasn't very smart - and a lot of people knew about it, without giving it much publicity. It was way larger than this idiotic flaw, but it was your idiotic idea about 'shutting up about it' that caused the havoc.

One should always disclose security flaws. No exception. Even though if hundreds of millions will be caught in the middle. It's the only way to ensure that it'll be fixed, and that everyone will know about it - at least everyone that cares enough to follow the news.

Now onto an idea on how to fix this garbage. It's not a bug in the bittorrent protocol, as it won't affect how much various people send to eachother. It'll mainly affect statistics on various sites, and whether you will be banned or not. Personally I think the solution is for every client to upload how much their peers have sent them - and for the peers to check that amount. Think of it as 'trusted third party'. If any of the peers disagree too much about the amount over time, they discontinue talking to each other - and the client that disagrees logs an 'objection' with the torrent-server. If we're talking several gigabytes of data, it should be very easy to spot by the administrators. Especially if it's the same peer that gets flak all the time.

Of course, this will be problematic when you think about NAT's, as various computers behind NAT-devices will check their internal IP, and not the external one. That, however, is not the responsibility of the trusted third party, but the responsibility of the peer. Unfortunately this will make things more difficult, but hell, it's a tradeoff in any case. This might be solved through in-band communication with peers telling each other who they think the other party is.

Ahwell. Enough ranting.

Re:Was it good to publicise this?

[Idimmu+Xul]

I thought EVERYONE IN THE WORLD new about this? People have been doing this since Brahm first released Bittorrent, hacking the Python source code to increase their rate of upload and total upload. It's litterally a * 2 stuck in the correct place.

A few of the good trackers are aware of this and if their are large anomolies with a specific torrent (ideally the up/down ratio for each torrent should be around 1) it gets flagged for the admin to look out.

Re:Was it good to publicise this?

[Cramer]

This isn't a vulnerability; it's simply the way the protocol works. It doesn't take a client to act like one and send syntacically correct requests to a tracker. (In fact, that's how I test tracker code... with telnet and/or nc)

I will warning those wanting to "cheat" using this method... if you follow his instructions to the letter, you will be detectable like a road flare in a movie theater. (if anyone is actually looking.)

Re:Was it good to publicise this?

[Cramer]

You don't understand the protocol, so you don't understand this is simply How It Works (tm).

You can use telnet to browse websites if you understand the HTTP protocol well enough. Is this a vulnerability? No.

Re:Was it good to publicise this?

[ZorinLynx]

Closed trackers are freakin' annoying anyway. I get almost all my stuff from open trackers and get decent download speeds all the time.

If people really are doing nothing but leech, they aren't causing much harm. Besides, the way BitTorrent works, you don't receive much data if you don't contribute, so it's hard to simply "leech" in the first place.

-Z

Re:Was it good to publicise this?

[Alsee]

Yes, it's amazing how opinions on that sort of thing changes for so many people when the product in question isn't "their's" but "ours".
I would say that it's hypocritical but... ..I caa't think of a but. It's just hypocritical.

False. It is only hypocritical if you can dig up a post where the SAME PERSON was saying that things like IE vulnerabilities should be published.

-

Re:Was it good to publicise this?

[Alsee]

I don't think he's calling the ability to read/use the HTTP protocal a vulnerability, the problem is that the tracker is trusting arbitrary input from the client and using it. He's reffering the ability of leeches to falsify their upload statistics.

I'm not sure I would even call it a security vulnerability. While it would certainly be nice to penalize leeches in bittorrent, I don't think I would call leech access an actual security violation. It's not line they can cause actual damage like poisoning torrent files.

-

Re:Was it good to publicise this?

[sud_crow]

The difference is that, IE is a propietary application, from a company that is known for not caring about its security issues until they get public so they _must_ fix them, and even this way, there are times when they dont fix it either.

Bittorrent is open source, free software, libre, so you dont need to "force" fixes... usually fill a form at a bugtracker and you are set, if its dangerous enough, you might get a very fast answer, if not, the next version will fix it.

Re:Was it good to publicise this?

[KillShill]

neither do people who consider themselves having an IQ greater than 50.

Re:Was it good to publicise this?

[brunson]

Aw, go play with yourself, that was funny. I'd blow a mod point if I hadn't already posted to this article.

Re:Was it good to publicise this?

[utnow]

Let's assume that slashdot, every time you submitted a comment, included a variable that incremented the "number of comments you've made today". Let's call it "inccom=1" and lets say that in the code while it's processing your comment it just adds "total comments" with "inccom" and gets the total number of comments you've made today.

This would be a stupid way to measure the total number of comments because I could simply modify this value to 0 or -1 and make an unlimited number of comments every day. This would be a way of messing up the system. This would be an exploit.

So why is the bittorrent protocol doing (essentially) this?

Re:Was it good to publicise this?

[BobPaul]

neither do people who consider themselves having an IQ greater than 50.

Replace "having an IQ greater than 50" with "pretentious blowhards" and the statement is true.
--
Don't fight Firefox! Let FireFox fight YOU!

Re:Was it good to publicise this?

[utnow]

The letters are insignificant if you knew what I meant.

First IE

[zegebbers]

now this. I can't believe it, my world is falling apart!

Re:First IE

[G-Licious!]

If you're browsing torrent sites with IE, I'm surprised it hasn't already.

Re:First IE

[AnObfuscator]

now this. I can't believe it, my world is falling apart!

I know, what is the world coming to when even P2P networks have security flaws?

Well, I guess I'll head back to safe, secure kazaa.

This is really gonna help

[knightrdr]

I can't wait to see my pornbits ratios go through the roof! j/k

Why a vulnerability

[sabre307]

Ok, it's definitley a cool hack, but why are they calling it a vulnerability??? Maybe it's just too early and I haven't had enough Mountain Dew.............

Re:Why a vulnerability

[joto]

Well it seems that this could completely demolish the protocol. If everyone used this and then set their upload to the minimum (what, 1kbps?) it would take forever and a day to get files from Bittorrent.

No, it wouldn't. The only thing this has any effects on, are tracker stats.

Bittorrent clients upload to who uploads most to them. And then they add a certain amount of randomness so that they get to try different peers. They don't care about the stats from the tracker, and neither should they, as they can be easily forged anyway (just change a line in your favourite bittorrent client and recompile).

If the bittorrent protocol was so brittle as to care about easily forged information, it would never have worked as open source software anyway.

So why do people care about trackers stats? Well, some people like to publish them (e.g. to make leechers ashamed). Some are nazis, and want to block leechers from their trackers. And some go beyond nazis, and want to block multi-tracker clients, etc, because it disturbs their tracker stats. This "vulnerability" is only a vulnerability to the two last groups...

Re:Why a vulnerability

[op12]

Some are nazis, and want to block leechers from their trackers.

In some closed communities (i.e. requiring registration), this method can be used to reward those who upload a lot and limit those who don't (ratio below 1). In that way, download speeds tend to be higher than without the system in place, and people are more likely to give back more.

Re:Why a vulnerability

[stickyc]

Well it seems that this could completely demolish the protocol. If everyone used this and then set their upload to the minimum (what, 1kbps?) it would take forever and a day to get files from Bittorrent.

I would think that the vast majority of folks using BT to get "legitimate" downloads won't be using this hack (I must get this Knoppix ISO and not share!). Really, it just exploits the greed of the pirate community, for which I have little sympathy.

Re:Why a vulnerability

[techno-vampire]

Some are nazis, and want to block leechers from their trackers.

So, what do these nazis do to people who's client is sitting there, waiting to upload and give back the bandwidth they've used but who aren't being asked for anything? I've sometimes left my client running for hours after finishing a download and not sent back a single piece because nobody's asking for it. Does that make me a leach?

Re:Why a vulnerability

[joto]

I've wondered about this myself. I guess you have to ask a nazi tracker administrator about it.

Luckily, most nazis are administering small trackers, where they only block consistent leechers, and only manually. In that case, it isn't a big deal anyway, and you get a chance to explain yourself if you disagree with the decision.

The "beyond nazi" position is more debatable.

Re:Why a vulnerability

[Lehk228]

find a safe and popular torrent (porn usually) a big one, 1.5 gigs or larger and grab it early on in the cycle, leave it running a few days and your ratio will be good for over a month unless you do some serious leeching the rest of the time

Re:Why a vulnerability

[iainl]

I've still not got my head around this one: Like many, many people, my ISP gives me a download bandwidth 10 times that of my upload bandwidth. How the hell am I expected to get a ratio substantially above 1 in a hurry?

Re:Why a vulnerability

[op12]

Why the hurry? You can let the upload trickle back. Alternatively, I've seen a model where you can pay to increase your ratio, where the amount you pay determines the amount of data that gets added to your "uploaded" amount. This is obviously not desirable to the user in most cases.

The thing is the exclusive content or accelerated speeds versus public torrent sites often make it worth the hassle of leaving the torrent open for a day or so after it completes. Just bump up your upload limit before you go to sleep, and often you've uploaded enough by morning to be back at a 1:1 ratio.

Mirror

http://xyflar.blogspot.com.nyud.net:8090/

Re:Mirror

[Agret]

That's great and all but I think google have enough bandwidth.

Re:Mirror

[croddy]

oh, you've got to understand -- posting a coral cache link isn't something that's supposed to be well thought-out with some sort of reason to believe that it will improve access to the site. it's just something you're supposed to feel obsessed and compelled to post. just post the coral cache link without thinking. coral. post the coral. no! DON'T THINK! JUST POST! CORAL! POST CORAL! DO IT!

Re:Mirror

[Jeremi]

Perhaps Slashdot should just automatically coral-cache-ify any URLs that it sees? Then it wouldn't be an issue, and it might even solve the "Slashdot effect".

Re:Mirror

[justforaday]

I just want to make sure the message gets out there.

Re:Mirror

[croddy]

no, seriously, it doesn't rewrite the image URLs. i promise i'm not lying!

Re:Mirror

[rthille]

This made me wonder...

What happens when you coral-cache-ify a coral-cache-ified (already) link? :-)

damnit....

[El_Muerte_TDS]

Guess now I really have to start seeding files. Thank you for spoiling it for me.

I can see the headlines now

[overshoot]

There are any number of parties who will headline "Vulnerability in BitTorrent!" and cound on most readers never bothering to get the facts.

Re:I can see the headlines now

[vigilology]

Like Slashdot? :-)

Neccessary Exposure

[Sv-Manowar]

As much as many people will ask if disclosure was a good idea in this case, it's important to remember that if one person can find this vulnerability and make it public, an unknown number of people could have found it and be making use of it in the background. The functionality of BitTorrent depends on clients seeding copies of the file back into the network after having downloaded, and a vulnerability like this in a significant amount of trackers could easily cause serious damage to the operation of many torrents.

Re:Neccessary Exposure

[fabs64]

indeed, and in fact this "vulnerability" was always a well known flaw in any of the groups that run trackers i've been involved with. Saw someone exploiting it a good 8-9 months ago.

Re:Neccessary Exposure

[nicklott]

BitTorrent also relies on numbers. One or two leechers isn't going to break the system; 70% of clients being leechers is.

Re:Neccessary Exposure

[OverlordQ]

This only effects sites that use ratios for things like "VIP Status" or Auto-Bans, without hacking the client as well you wont be able to fool the other clients to send you data if you dont send them data.

Re:Neccessary Exposure

[justforaday]

I don't think it would affect the actual operation of the torrents at all. If I understand this correctly, it would only screw with sites that keep track of ratios, and then it would only affect the reported upload/download info. This doesn't cause clients to try to get data/chunks from you that you don't have.

Not such a big deal?

[AC-x]

The way I look at it is this:

Step 1. Load site logs
Step 2. Do a search for these entries
Step 3. Ban any cheaters

I'm sure this it should be pretty easy to tell fake entries from real ones as I'm guessing that the tracker software, with a known IP address, is the only thing that should be accessing that url.

Re:Not such a big deal?

[AC-x]

So the actual tracker that the bittorrents connect to is written in PHP? I'd always figured it was running as a seperate process, pretty impressive you can run a large torrent site using just PHP (but then I like PHP so that's good :)

Even so the server's definitely Apache so they can log all accesses and can probably weed out cheaters pretty easily (someone suddenly adds a few gigs to their ratio you know something's up ;)

Re:Not such a big deal?

[KPU]

RTFA. They copy what the bittorrent client (running on their computer from their IP address) reports to the tracker. Then all they do is send a falsified version. The logs would show both spoofing and legitimate clients accessing the same url.

What one could do is search the logs for jumps in upload rate. For example, a user might be going 10 kb/s upload for a long time (while getting the file). Then all of a sudden it went to 10 Gb/s and nobody joined the torrent. Further if the sum of all downloads during that period is less than the sum of all uploads then somebody is probably cheating.

Re:Not such a big deal?

[Qzukk]

This kind of thing has been known for a long, long time now, though usually it's modified clients that simply lie about their stats, rather than some convoluted protocol sniffing thing. Many torrent sites that care about their ratios already check for obviously spoofed values.

Re:Not such a big deal?

thirded. Apache isn't the only httpd that makes logs, and (2) something still has to read and make sense of the logs.

Any task can be called easy if you don't know what the fuck you are talking about.

Re:Not such a big deal?

[Cramer]

It doesn't take any sniffing at all... just read the spec for the BT protocol. This is the same lameness as screaming Apache is vulnerable because I can use telnet to get a web page. (And I don't need ethereal's help doing it.)

BT protocol flaw?

[dancallaghan]

Seems kinda dumb that BT trackers rely on the clients to honestly report their ratios/upload amounts. Is it just this tracker implementation, or does the BT protocol work that way?

IIRC the ed2k network had a similar issue in its infancy, nowadays (with eMule anyway) "upload credit" is maintained as a relationship between each client (i.e. I know how much a person has sent to me, so I know how much I should reward them in my upload queue) -- no potential for abuse that way.

Re:BT protocol flaw?

[AC-x]

The article doesn't go into much detail, but I believe the vunerability is caused by how trackers report back to the website's database, which manages all the ratio recording.

The tracker itsself is self contained and keeps track of the ratios internally, but the website's gonna be running on a proper webserver and to keep a list of all the users and their ratio the 2 need to talk to each other, I guess they chose REST to do it.

I'm pretty sure this isn't a big deal as it should be simple to find fake entries in the web server log and ban users. It would have been better if the site and tracker could be configured with a password that they use when talking to each other tho...

Re:BT protocol flaw?

[justforaday]

I would imagine that setting up a small script that bumps up your uploaded amount by a few hundred MB every now and then would be very hard to detect. Certainly more difficult than spotting someone who just uploaded 10GB out of nowhere (as in the example).

Re:BT protocol flaw?

[Zerth]

Or you just do the smart thing and mod your client so that Announces(what ratio sites use to track up/down) always return
(down*(desired ratio)+random number)/down

Then there aren't any "massive jumps" and there isn't a blatently obvious set ratio.

I'd be suprised if anyone with even the smallest bit of curiosity didn't go looking through the code the first time they hit a ratio site that had a "users with less than X ratio and Y gigs uploaded have to wait 48 hours to join the swarm".

Re:BT protocol flaw?

[BobPaul]

Seems kinda dumb that BT trackers rely on the clients to honestly report their ratios/upload amounts. Is it just this tracker implementation, or does the BT protocol work that way?

The BT protocol doesn't rely on this. This is a well known issue that effects tracker server logs and stats only. The actual BT Protocol for downloading makes decisions about who to upload to entirely in the client without requesting stats from any other client or tracker.

This "vulnerability" affects torent sites that enforce upload ratios in order to earn access to more torrents, and that's it.
--
Don't fight Firefox! Let FireFox fight YOU!

A devious plan!

[roman_mir]

for promoting FF, but one of the steps in that list should be: set FF as the default browser ;)

Nothing new

[gagge]

Seriously, I thought this was already widely known. All info from the client to the tracker is sent with basic HTTP GET requests. You could fake your ratio with a simple php script. Well, maybe even by just typing the info in your web browser, however I think the urlencoding would be a problem.

Re:Nothing new

[mysidia]

If it's just a GET request, users wouldn't need to go so far, they'd just need to type something into their web browser title bar, or make a bookmarklet with a proper javascript snippet.

I.E. Try typing

javascript:document.location=
"http://www.google. com/search?q="+escape(prompt("Text:"))+"&btnG=1"

Into your URL bar, all on one line.

Note, that in IE and Firefox, this would open a dialog box and fetch search results. URL escaping is already a possibility built into the browser side scripting languages.

Re:Nothing new

[Pharmboy]

Correct me if i'm wrong, but cant you also do simple GET requests using telnet? I used to have a simple script for surfing websites using telnet. pretty wierd, but worked. It would be very easy to make a telnet script in windows with cygwin or even perl installed. Obviously super easy with Linux.

This is not a vulnerability..

[kryptkpr]

This is not a vulnerability .. it's by design.

The statistics reported to the tracker by the client were never meant to be used for things like enforcing ratios because they TRUST THE CLIENT. But there's simply no other way to collect statistics such as amount uploaded.. if the client lies to you (which is what this "vulerability" is exposing), there is little you can do to protect yourself.

It's TRIVIAL (a 1 line change, or if you want to make it a parameter, a 4 line change) to modify any python open source client such that it 'amplifies' the ammount you upload by 10x or 100x. Then you don't need to do any HTTP sniffing, your client can just lie for you.

Now, there is a way to block this author's method because he doesn't amplify the upload, he creates a step-change in the upload ammount (which can be caught on the server side.. if it's been the same ammount of time since the last check-in, but suddenly his cumulative upload ammounts tripled, you're likely being abused). However, using my 'amplifying' trick from above, this is much trickier to detect. Perhaps you measure the client's upload speed on the website and record it to the database, maybe even double it just to be safe.. so you KNOW this client can only do 60 k/sec or whatever. Then when the client reports in stats, you take the time since the last check-in and you calculate his approxomate 'instantenous' rate. If this rate is higher then the upload rate you previously decided was this client's ceiling, then he's lying to you.

The above method is not foolproof, but it would likely be better then the nothing we have now. It was really only a matter of time this surfaced.. and I'm amazed it took this long.

--kRYPT
(author of burst! and MakeTorrent)

Re:This is not a vulnerability..

But there's simply no other way to collect statistics such as amount uploaded.

Why not ask the other peers?

Instead of having every client tell the tracker how much it's uploaded, have each client tell the tracker how much it's downloaded from each of it's peers and extract the other peers upload rates from that data.

At least that way you need a conspiracy of multiple clients to fake a high upload rate. Combined with only allowing one client per torrent per IP, this could prevent a single machine from providing false upload data.

Re:This is not a vulnerability..

[kryptkpr]

Combined with only allowing one client per torrent per IP, this could prevent a single machine from providing false upload data.

I see 3 problems with your proposal:

1) I'm not sure if it's fair to impose a one client per torrent per IP rule.. sometimes NATs (I'm thinking unviersities here) can be pretty big, encompassing thousands of machines.

2) The original problem (trusting the client) has not been solved. Instead of trusting the client to report it's own statistics, you now trust it to report someone else's. Nothing stops several (2 or 3) clients from corroberating. They could refuse to connect to any client they don't know will lie for them, and then easily amplify their upload by 1000000x and their partners in crime will corroberate their story. This wouldn't need to be done very often, just when you feel like boosting your ratio.

3) This would add quite a bit of overhead to tracker requests; you now have to report statistics for every peer you're connected to.. and this could be hundreds of peers. Many trackers are bandwidth-strapped already.

Re:This is not a vulnerability..

[kryptkpr]

Torrent site administrators have known about this problem for a long time. Anyone who wrote their own tracker is definitely aware of the problem.

Over a year ago I had created a proof-of-concept client that could do the upload amplifying trick and had discussed the vulerability with several site admins. The general concenssus was that it would be dealt with if and only if it actually became a problem (because it's not something trivial to deal with; it requires extra resources at the server side, which many trackers simply haven't got).

I was responsible enough not to release the modified client, so it wasn't a problem then. The guy who wrote the article obviously isn't as responsible.. he just wants to leech. Too bad for him, becuase if everyone does this, leeching is the last thing he's going to be able to do.

Re:This is not a vulnerability..

[Bert64]

Bittorrent doesn`t work very well with nat..
Also, if multiple machines are behind the same nat and downloading the same file then bittorrent should be smart enough to only bring 1 copy of the file down through the natbox and distribute it throughout the local peers..

Re:This is not a vulnerability..

[Megane]

Nothing stops several (2 or 3) clients from corroberating.

I can use two clients to abuse upload ratios even without hacking the clients or the data they send. All I have to do is find a reasonably small torrent (15-20 or so clients max) where I have a good chance of one client being requested to send data to the other, and put them on the same Ethernet segment, the faster the better, and turn off any bandwidth limits. They don't even have to have the same real IP address (I get five addresses on my DSL, and normally use three).

Once one client starts sending to the other, the upload rate goes sky-high, giving you lots of karma with the tracker. If the receiving client is asked to report its download rate, it will even agree. Again, standard client, no hacking involved.

That being said, years ago I've heard of hacked clients that the moment they appear, suddenly everyone else's download rate flatlines (seen from a client in the torrent that shows everybody's stats), as everybody's client starts sending data to the leech. Then once they've leeched the file, they disconnect immediately.

Re:This is not a vulnerability..

[kryptkpr]

Also, if multiple machines are behind the same nat and downloading the same file then bittorrent should be smart enough to only bring 1 copy of the file down through the natbox and distribute it throughout the local peers..

The problem here is discovery. How do you make it 'smart enough' to recognize that multiple people behind your NAT are transferring this file, when you cannot (for practical reasons) connect to every peer on a torrent and you usually only get to see an external IP when you do.

There was some interest a while back in creating a special BitTorrent Tracker Proxy for NATs, similar to transparent HTTP proxying, that would keep track of things like this and insert local peer's info in with the real tracker's reponse.. so it's definitely possible, but I'm not sure what became of it. I could see this being very useful even on an ISP-level, where internal bandwidth is cheaper then external.

Re:This is not a vulnerability..

[Pharmboy]

Also, if multiple machines are behind the same nat and downloading the same file then bittorrent should be smart enough to only bring 1 copy of the file down through the natbox and distribute it throughout the local peers..

If I am hearing you correctly, you are saying that if two people are behind a NAT firewall and downloading the same file, the NAT (or bittorrent) should only download it once and give it to both clients? I am pretty sure this is NOT a function of either the bittorrent protocol, or any NAT protocol. Maybe you could configure a proxy to do this, but this is WAY beyond the purpose of bittorrent as I know it.

The bittorrent client would have to be aware of the other client, what it was downloading, and what parts it had, and the two would have to communicate this information. This seems more in the Ethernet protocol than bittorrent itself.

Or if it was the NAT doing the distribution, it would have to be aware of the bittorrent clients, what they download, what pieces they have, and then cache the downloads. My understanding is that a NAT is pretty ignorant of this, it just knows how to route packettes according to source and destination, interfering as little as possible.

This idea sounds not only unfeasible, but a serious security risk. If I am behind a NAT, I don't need to be advertising what I am doing and what parts I have and don't have with other clients on my network.

Also, bittorrent works fine with NAT, from my experience. Configuring a firewall is sometimes tricky to keep connectable, but I use a NAT at home and work with bittorrent every day with no problems. Some SITES choose to only allow one connection per IP address, affecting NAT's, but this is a choice of the site owners, not a limitation of the bittorrent protocol.

Re:This is not a vulnerability..

[Sancho]

The problem with your multi-client hack is that you'll be limited by the size of the file. Once both clients have that file, they won't be uploading to each other any more. With a large enough file, this could still boost your ratio--but you have to download the file in the first place.

Re:This is not a vulnerability..

[mysidia]

If two clients connect to the same tracker from behind a NAT, they will have the same external ip address -- when a bittorrent client sees a peer with the same ip address on the tracker, they should know they're both behind the same NAT: they could then attempt a broadcast on their local subnet to attempt to discover other bittorrent clients to possibly coordinate private a private transfer or paired transfer option (I.E. each client would have the option of sharing every file piece received with the other client).

Re:This is not a vulnerability..

[SurgeryByNumbers]

"That being said, years ago I've heard of hacked clients that the moment they appear, suddenly everyone else's download rate flatlines (seen from a client in the torrent that shows everybody's stats), as everybody's client starts sending data to the leech. Then once they've leeched the file, they disconnect immediately."

Since DL/UL between a particular pair of peers is determined only by the ratio between those two peers, that should be nearly impossible in BT. You'd have to hack everyone else's client in order to convince them that they have gotten lots of data (and even sending fake or dummy data, if successful, is pointless because you're still using up your upload bandwidth). Even if the phenomena is true, that is definitely not the cause.

Re:This is not a vulnerability..

[hugzz]

but the second client's download (from the first client) would count against it's ratio! so if the file is 200mb, client1 gets to improve it's upload by 200mb, but client2 now has a 200mb bigger download.. resulting in a net increase to your ratio of.... 0? and that's assuming that client2 ONLY downloads off you. if client 2 downloads 100mb off you and 100mb off other seeds, then your ratio will be worse by 100mb (downloaded 200mb on client2, uploaded 100mb on client)

Re:This is not a vulnerability..

[kryptkpr]

Why wait until you get a peer with you external IP? In a large swarm this may never happen. If you could do this, then just broadcast right away at start-up. It's a good idea, it's just not backwards compatible.

To really be effective, this is something that should be built on top of the current peer-discovery system, not beside it.

Re:This is not a vulnerability..

[cryptoluddite]

The real fix is to have the clients tell the server what data they sent by sending it a list of hashes from each block. This could be a very weak / short hash and still be effective in mitigating cheaters. It would also help identify clients (*IAA) trying to poison the torrent (they would have to report their stats or be isolated from the main part of the torrent).

Re:This is not a vulnerability..

[Wesley+Felter]

Sending a hash to a tracker only proves that the peer is in possession of a block; it doesn't prove that the peer actually sent the block to any other peer. Then a hacked peer can just tell the tracker that it uploaded 10 copies of one block instead of 1.

Re:This is not a vulnerability..

[Tony+Hoyle]

Bittorrent is fine with NAT for one, maybe two machines, but on large networks won't work because you'll *never* persuade IT to port forward a different port for every machine on the network...

It would be nice if BT clients broadcast for other local clients & allowed them to connect directly.. that wouldn't need much of a change to the protocol (since BT is already p2p, except for the tracker) and would achieve the benefits the OP wanted.

Re:This is not a vulnerability..

[Cramer]

There are two problems with this... 1) you assume the client knows it's external IP address. In most cases, this simply isn't true. And it's not even necessary. 2) Broadcast discovery will only work if the clients are in the same subnet and/or the same broadcast domain (i.e. more than one subnet on the same cable.)

Btw, people already cheat using this method. One machine reports to the tracker while another on the local lan does not. They can move the same file between themselves hundreds of times and "legally" boost their reported stats. [It's really much more work than it's worth.]

Re:This is not a vulnerability..

[Megane]

Uhhhh... once both clients have the file, they don't need to upload to each other any more... because now you've got the file, which is the whole point of leeching! (I never said it was a workaround for ratio quotas, did I?)

Re:This is not a vulnerability..

[Pharmboy]

It would be nice if BT clients broadcast for other local clients & allowed them to connect directly.... that wouldn't need much of a change to the protocol (since BT is already p2p, except for the tracker) and would achieve the benefits the OP wanted.

The client can't "just broadcast" magically. Since that is the tracker's job, you would need to install your own local tracker server, edit the primary client's torrent file to show both trackers, and then edit the torrent for each other client to only show the private tracker. This is a bit more than a trivial effort. Even then, would have to make sure the primary client accessed both tracker servers.

I haven't sniffed the network to see if it does that, but I am betting that it doesn't as long as it is getting the minimum clients from the primany tracker, so as long as there are 20 clients who want to connect to you, it won't work. It would be very inefficient if it DID connect to multiple trackers when it already have enough clients.

Even if it did, then you have a problem with upload speed, since most savvy people throttle their upload to about 80% maximum, it would be either be choked back for the local clients, or make upload speeds unlimited, and your download speed would be throttled because your uplink is maxed out and ACK's become slow. This assumes an asynk setup, which is the defacto standard for cable and dsl.

I am by no means a BT expert, but I understand enough about networking to know that this is not a reasonable configuration. If you really wanted the file on 10 peers in the same NAT, you would just download with the one client, and the other peers would copy the file from them, reducing 99% of the overhead. When all is said and done, as long as you have trackers, this setup is not a good idea, and is more effort that just letting them all rip through the NAT individually.

Bittorrent IS p2p now, with the tracker. The tracker just provides information and doesn't make it more or less "P2P". All p2p systems currently have something similar (but different), or you wouldn't know who has the files you want to get.

This Is Nothing New

[Terran+Zwart]

I've been studying BT for over a year now, and this problem is very obvious and well-known. So, anyone who claims that they shouldn't have posted this because it's going to kill BT is wrong. They shouldn't have posted it because it's obvious to anyone who reads the BT protocol. You can just modify the source code and send a random real from zero to one, plus one, times however much you've downloaded and you've got a share ration between 1 and 2. Simple.

The simplest and best solution to this problem is the one that idiots (especially BT client developers like Bram Cohen and the Azureus dev team) tend to dislike the most: instead of forcing people to be cooperative by enforcing seeding requirements either in the client or at the trackers, simply recognize that swarming creates an inherently competetive environment, as everyone is really only concerned about their download and SHOULD only be concerned about their download, and let people use the most unscrupulous tactics they can think of to game the system. The way it will play out is that people will end up with a share ratio close to 1. The swarms become like little free markets: if you have a valuable piece, you can agree to trade for a lot of data. If someone breaks their agreement, you ban their IP address for a while. If you're willing to upload twice as much as you request from others, EVERYONE will want to trade with you.

If you do the math and economic analysis, everyone ends up trading on a 1 for 1 ratio, seeds only have to upload when there's very few peers (they simply require 2 bits from you for every bit they upload, that way people will only rely on seeds if they can't get a piece any other way, specifically, if the availability of the piece is zero), and no one other than the individual or group publishing the data needs to seed. BT was never meant (whether Bram Cohen realizes this or not) to shift the responsibility of serving from the publisher to the clients, it was meant to reduce the amount of bandwidth needed to publish data.

The current system is like socialism. It needs to become more like capitalism, and I'm not even a laissez-faire capitalist! Why no one realizes this is beyond me.

Re:This Is Nothing New

[Terran+Zwart]

Excellent example of the stupidity that pervades the BT community. IMNSHO, anyone who develops a BT client should have taken a course or read a book on game theory. You CAN'T understand the economic incentives at work here without a firm grasp of the subject.

Re:This Is Nothing New

[Elad+Alon]

I would have modded you, but I've already replied. Good points.

Re:This Is Nothing New

[mickwd]

"BT was never meant (whether Bram Cohen realizes this or not) to....."

Surely the inventor of BT knows better than you when his invention was meant to achieve.

Now how well it actually achieves it may be a differnt matter.

Re:This Is Nothing New

[nukeade]

Unfortunately, the economics that seems to play out the most looks like the prisoner's dilemma: if just one person cheats, they do better than everyone else. Therefore, "rational players" will cheat.

I wish cheaters would recognize that the system works best for everyone when everyone plays fair--there's something unsatisfying about having uploaded 6 times the file's size before getting 10% of the entire file.

~Ben

Re:This Is Nothing New

[Pharmboy]

Well, it's a better idea then one site that required everyone to have a 1.1 ratio or higher. (Think about what's wrong with that)

Quality sites don't "require" a 1.1 ratio, they reward it, usually by giving first access to a torrent, ie "power user" ranking. Usually there is a 2 to 4 week wait list too, to prevent people from spamming the registration system every time they get a .1 ratio, and get banned. Others users have to wait 24, 48 or 72 hours to start downloading.

Obviously it is impossible for everyone to have a 1.1 ratio, and your claim is based on you not knowing what you are talking about, reading the rules of a site entirely wrong.

Ratio enforcement SHOULD be enforced by the tracker, not the client. If you don't want to be a 1.1 or better seeder, go join another group. There are plenty of them out there. The groups that reward higher ratios generally are the better qualtiy sites, thus, worth belonging to, thus worth seeding more than you leech.

Re:This Is Nothing New

[TwinkieStix]

Socialism? Have you not read the paper (pdf) (google HTML version) on tit-for-tat that uses economic models from game theory as a basis for the bit torrent protocol? It's pretty capitalistic in my opinion.

Re:This Is Nothing New

[Jon+of+the+Wired]

What you describe is exactly how bittorrent currently works, so apparently that year of studying was pretty much wasted. If you knew anything about Bram, you'd know that game theory is one of his abiding interests. Try reading his blog, it can be pretty interesting.

Re:This Is Nothing New

[Aranth+Brainfire]

So wait. If you're just starting and have no pieces... how do you get any?

And how do college students and similar with a VERY limited upload speed get anything at all?

Re:This Is Nothing New

[Spy+Hunter]

The simplest and best solution to this problem is the one that idiots (especially BT client developers like Bram Cohen and the Azureus dev team) tend to dislike the most [...] The current system is like socialism. It needs to become more like capitalism [...] Why no one realizes this is beyond me.

What a wanking piece of haughty, uninformed bullshit! How this got modded up to +4 is beyond me. Bram Cohen has realized this from the beginning, and all client authors understand it as well. The design of the BitTorrent protocol is and always has been grounded in the economic principles of the free market. Seeding requirements are *not* enforced in the official client or tracker. Clients only upload to people who upload to them, and if people break their agreements they *do* get banned.

Your suggestion requiring uploads to seeds is stupid, because people would be even *less* likely to seed if it wasted their download bandwidth as well as their upload bandwidth (and twice as much of it too!). If you want to discourage downloads from seeds, simply make the seeds slow.

The idea of assigning economic values to individual pieces is already in the protocol implicitly; the economic value of a piece is inversely proportional to the number of clients who have it. If you have a piece nobody else does, you can upload it to anyone and get a piece in return, therefore that piece has high value. If everybody else has the piece, nobody will accept it in a trade. Therefore it's already in a client's best interest to grab the most rare pieces; additional incentive for this is not necessary.

If you have such awesome ideas about how to build a BitTorrent client that no one else does, then why don't you build one yourself and change the world? It's not that difficult; the protocol is simple by design. Otherwise, shut your trap about how stupid the people actually working on clients are.

The people who are not acting like a free market here are the writers of the *trackers* which trust reported uploads by clients (clients never trust these numbers for anything useful). Your entire rant is misguided and off-base; it should be aimed at the writers and users of ratio trackers, not the clients.

Re:This Is Nothing New

[NoOneInParticular]

Not quite true. Indeed in a simple prisoner's dilemma, defecting (cheating) is optimal, but in an iterated prisoner's dilemma it shifts to tit-for-tat being optimal. BT is iterated, if cheating for one block of the download can possibly ban you for a next block. In this scenario tit-for-tat makes sense. The only problem is the final block of code, for defecting to get that one is again optimal. To actually get full downloads it does seem that you need to have a few suckers around. The seeder is such a sucker, but all in all, I doubt that people will bother with writing cheats to *only* get the last block for free.

I think the GP is dead-on and a swarm-based tit-for-tat system would be a real stable p2p network. There's been twenty years of research after Axelrod's initial experiments and as far as I know, tit-for-tat has not been convincingly beaten.

Re:This Is Nothing New

[NoOneInParticular]

Ok, just read the rest of the comments and noted that BT is exactly this. Never bothered to read up on the actual protocol, hence the confusion. Ah well, another comment destined to the bitbucket.

Re:This Is Nothing New

[Terran+Zwart]

>The design of the BitTorrent protocol is and always has been grounded in the economic principles of the free market.

Several people have responded to me stating that BT actually is like capitalism, and that I should go read Bram's economic paper.

I HAVE read that paper, and in it he states that one of the big reasons for the success of the protocol is that people leave their download windows open after they're done downloading. This ties up the client's upload pipe needlessly, and the only reason that the rational person would allow this is that they've walked away from their computer and haven't altered the source code to prevent seeding. Also, Bram's decision to use recent download rates instead of recent amount downloaded prevents bit-for-bit trading (necessary for the free-market idea), which instead of creating a paradigm of trade creates instead only a paradigm of expected reciprocity, and inexact reciprocity at that.

Someone stated that BT is based on game theory principles and that I should learn game theory. Actually, everything that I'm saying is based on game theory. Bram Cohen and the other client developers seem to only have a vague, "you scratch my back and i'll scratch yours" understanding of it. The reason I say this is because of comments that they've made elsewhere. A while back an article was posted on slashdot about Microsoft making some kind of BT-like protocol, and Bram bashed them for advocating bit-for-bit reciprocity. As much as I hate M$, I have to admit they were right that time. There are other comments that Bram and others have made that do not hold up to mathematical analysis, but I'm not going to bother citing them here.

>Your entire rant is misguided and off-base; it should be aimed at the writers and users of ratio trackers, not the clients.

Actually, it should be aimed at both. The client developers are still using what I described above as "expected reciprocity." Also, the Azureus dev team has recently implemented a feature called "private torrent." I won't bother to descibe what this does here (you can find out for yourself) but suffice it to say there is no reason why any rational (keyword here is rational, not moralistic) person would enable this as it only limits their available connections. Ignoring protocol overhead, more connections is always better because it is more robust, allows for a more accurate random sample of the true value (in the entire swarm) of piece availability, and increases the effective (what your client can see) piece availability.

Also, I've talked with the Azureus dev team and confirmed (they even agreed with me) that they don't know anything about game theory.

>Your suggestion requiring uploads to seeds is stupid, because people would be even *less* likely to seed

If every client had a "seed?" checkbox that was disabled by default, and everyone were rational, only those who are genuinely interested in distributing the information would seed. This is exactly the way it should be. The way it is now, users are tricked into seeding by moralistic do-it-for-the-good-of-the-swarm clients that require explicit user actions to prevent seeding. People don't choose to seed, they simply fail to choose not to seed.

As for the 2 to 1 ratio on seeds, the whole idea of BT is to make data distribution scalable and reduce the bandwidth needed by the seed (I say "seed" because there really needs to be only one, no matter how large the swarm, if this idea of mine were to be implemented). The idea is NOT to maximize the average download rate of the downloaders. Indeed, if my suggestions were followed, the average download rate would decrease because of asymmetric line speeds. But, uploading by the server/seed would be minimized, and much more importantly, the "game" (game theory terminology here) would be in a state of "economic equilibrium" also known as a "Nash equilibrium." What this means in English is that it is no longer possible to modify a client's behavior to get better results. Experts won't be a

Re:This Is Nothing New

[Spy+Hunter]

Several people have responded [...] Someone stated that [...]

I'm not going to defend other people's arguments here.

If every client had a "seed?" checkbox that was disabled by default, and everyone were rational, only those who are genuinely interested in distributing the information would seed. This is exactly the way it should be. The way it is now, users are tricked

Even in your hypothetical economically ideal system, the system could benefit from people being tricked into giving more than they intended. The client authors benefit from "tricking" the users. In a free market there's nothing wrong with attempting to trick people for your benefit; the fault is squarely on the shoulders of the people being tricked. In the case of BitTorrent, people are only "tricked" into "wasting" upload bandwidth that would otherwise have gone unused, so most users are pretty ambivalent about it and there is no reason to modify clients to remove automatic seeding. If ISPs moved to a pay-per-uploaded-byte system, you can bet BitTorrent clients would remove this feature.

Everyone will still request pieces from seeds, even if seeding is not necessary for the health of the swarm. My proposed solution makes seeds seed only when it is absolutely necessary.

Ah, now I understand. Your pet peeve with the BitTorrent protocol is that seeds always upload as fast as possible, when that isn't always necessary to get the file distributed. Well I think you have the objective of the BitTorrent protocol wrong. You think it is to distribute a file to as many people as possible while transferring the minimum possible number of bytes. I think it is to distribute a file as fast as possible with a fixed limit on seeding bandwidth. Speed is an important characteristic of the BitTorrent protocol. If nobody cared about speed, we'd all be using Freenet. On The Pirate Bay, they all just want the files distributed as fast as possible. With the objective of speed in mind, a seed can always distribute the file faster by uploading more. So an excess of requests doesn't matter; the seed is happy to fulfill all the requests it can.

Furthermore, even if the objective of seeders was to conserve total bandwidth, I don't think your scheme would achieve that in most situations, since it would require 3x the bandwidth for each useful byte transferred from a seed. And the speeds would be terrible. A seed on a symmetric connection would only use half of its upload at maximum, meaning slower downloads for everyone. A client could only download from a seed at half its upload, so downloading from swarms with mostly seeds would be vastly slower. Lots of bandwidth would ultimately be wasted.

I will say again, one of the most important attractions of the BitTorrent protocol to users and distributors is its speed. Hypothetically, *if* your system reduced seed bandwidth, it might appeal to a few bandwidth misers who wouldn't mind the complaints of users. But I think people would prefer the speed of BitTorrent as it is today.

As for Nash Equilibriums, I don't see how you've demonstrated that the current state of the BitTorrent protocol is *not* a Nash Equilibrium. As an expert, how have you hacked your client to download significantly faster than others?

Re:lol!

[user9918277462]

I've helped administer sites based on the torrentbits code. What you describe is almost always caught my mods or admins very quickly as it leaves a very obviously suspicious pattern of activity ("Oh look, a 3 day old user that no one's heard of that uploaded 75GB while downloading 500MB. See ya later cheater.")

So please grow up and contribute to torrent communities, it's not difficult and it makes everything work better in the end.

This is old old old old old

[OverlordQ]

This is nothing new, there's been client hacks for this for quite a while (http://www.00de.com/), there's also been ratio faking programs out for quite a while as well. So I really dont see anything additional that this 'xyflar' guy has added besides posting what's been known to pretty much every torrent user as well as pretty much every torrent site that uses ratios.

Re:This is old old old old old

[OverlordQ]

Ooops that should of been www.00de.de

obviousness, and where the vulnerability really is

[SuperBanana]

As much as many people will ask if disclosure was a good idea in this case, it's important to remember that if one person can find this vulnerability and make it public, an unknown number of people could have found it and be making use of it in the background.

Anyone who has even so much as glanced at the protocol specification can see that the client is trusted to return an accurate count for how much it has uploaded. This wasn't a "disclosure" or a "vulnerability announcement"- it was a statement of the patently obvious.

The problem is not with BitTorrent. The problem is with BitTorrent trackers and sites which trust that value returned by the client. There are dozens of open-source clients, including the original- and all it takes is adding one operation that multiplies the real upload by whatever number you desire.

The functionality of BitTorrent depends on clients seeding copies of the file back into the network after having downloaded, and a vulnerability like this in a significant amount of trackers could easily cause serious damage to the operation of many torrents.

How did this pseudo-intellectual first-post get modded insightful? You clearly don't understand how the BitTorrent network is designed. Clients evaluate only how much data they receive directly from another client, and how fast. Nothing else factors into their decisions of who to upload. There is absolutely NO mechanism for the client to query the server to see how much you've uploaded, nor is there even a way to ask other clients. Why? Because both sources would be unreliable. Each client CAN only rely on direct "experience", unless they're engaging in a reputation system of their own hacking- if they are, best of luck to them, Bram wasn't an idiot for not trying that.

The "vulnerability" only affects trackers which "enforce" an upload ratio, and only to the extent of letting people bypass that ratio. Ratios is a concept that is pretty stupid with BitTorrent. The more you push back, the more you get, unless there is plenty of bandwidth. About the only "benefit" I see to ratios is that it might keep files available with seeds longer.

I hear a lot of crying about leechers on BitTorrent, but the network is self-regulating. Don't upload? You won't get much back. I think the perceived problem is also because reporting of the stats is unreliable- in the case of Azureus, for example, I can download a big file, upload 3x as much, and then if I get a connection error when my client stops, I "loose" all that uploading. I then look like a leecher, when it is exactly the opposite.

Non-Ratio Site

[SumDog]

I tend to use public sites that don't keep track of ratios of individuals--honor system an all that--and I still always try to keep at least a 1.0 on all torrents, many of them usually end up at 2.0 ~ 3.0 just because ratios build up very quickly on popular torrens overnight on broadband connections.

It seems like from the posts the BT community has known about this for a while and it really doesn't seem to matter too much. Most downloaders who have at least a basic understanding of how torrents work will keep those downloads going caust it's just a nice thing to do.

Re:Non-Ratio Site

[TeknoHog]

It seems like from the posts the BT community has known about this for a while and it really doesn't seem to matter too much. Most downloaders who have at least a basic understanding of how torrents work will keep those downloads going caust it's just a nice thing to do.

I agree completely, I don't see what the fuss is. The good side-effect is that it's mostly private sites that will suffer from this, and torrent action will hopefully move into the public sites where nobody's counting.

In the project website, BT is introduced as as "free speech tool". Ratio counting sounds more like capitalism than free speech.

Exploiting Ratios is easy

[AngryScot]

Easy way to get your ratio up is to join a site that only allows you two slots on the tracker at first. Either download two small files and seed them or upload two of your own torrents and stay connected to the tracker so you are using your two tracker slots.

Using azeurus (or any client which stores peer IP's) stop on of your seeding files and connect to a large file you want to download, let your client pick up some IP's or until you are getting the file at a decent speed.

Now stop your download and begin seeding again, when you restart your download you will connect to the clients and your download will be resumed but the tracker will not be updated with the data you are download. AFAIK users who you are leeching off will still be given credit for all the data you upload.

Worked on elite torrents and some of the sites I use now.

Re:Exploiting Ratios is easy

[omry_y]

you call this easy?
just change the code of the client to report x*20 for the bytes you send.
the stats are sent via simple http request.

Not Getting Them All

[Terran+Zwart]

You're only detecting the small fraction of the cheaters that don't realize they're being obvious. If you look at my post above, I explain how it is very easy to trick trackers. You just use a random number generator to generate 1-2x the amount you've downloaded. It'll look totally legit.

Re:Not Getting Them All

[user9918277462]

My point is that it's only possible to cheat undetected if you limit your cheating to insignificant amounts, or wait until after you've already established a decent ratio and/or reputation. Significant cheating (like what you describe, 2x the upload) will be caught 90% of the time. The torrentbits code has a lot of behind the scenes tools to track user behavior and catch cheaters.

By the way, I'm talking about smallish torrent sites (<50,000 users or so) where the account turnover is low enough that new users can be noticed by mod staff. Huge sites with six figure userbases and hundreds of signups a day would obviously be much easier to cheat on.

Re:Not Getting Them All

[SeeTheLight]

What if the "significant cheating" is really due to the user having a faster broadband link now than they had before? Are you going to ban people for seeding faster?

Why Firefox?

[porneL]

Since when Firefox is more appropriate term for HTTP than HTTP?

Re:Why Firefox?

[blindcoder]

Since eMule is more appropriate than eDonkey for the eDonkey network.

This is new?

[Elad+Alon]

I've been using Bittornado and Rufus for some time now, and with both, I get away with uploading at 3KBps and downloading as fast as I can manage. I have ADSL, so this means about 60KBps short of my 180KBps upper limit for downloading. But I've been known to download at 180KBps. (It's not that I'm a prick by nature, it's just that with my connection, I can only upload at around 12KBps, and the faster I upload, the slower I download.)

Re:This is new?

[obarthelemy]

It is recommended that you cap your max "torrent" upload at 80% of your max real upload bandwidth. A test is available at broadband.com to determine that (attention, bits bytes). You need the other 20% to send back acknowledegements about your downloads.

Putting aside the moral / community considerations, you will experience faster downloads the more you upload, unless of course you're leeching like mad and saturating your bandwidth all the time.

Re:This is new?

[Elad+Alon]

I find that my downstream speed drops significantly once I start uploading at more than half my upstream capacity - 12KBps. As for the the faster downloads for big sharers - either the difference between uploading at 3KBps and 6KBps is so negligible that I haven't noticed it, or it's been completely erased by the drop in download speed).

Meh..

[EiZei]

Being a formet BT tracker admin we knew of this well over a year ago.

Just download the original client and change the source code if you want to automate the process.

I Knew It

[RAMMS+EIN]

I just knew the Bittorrent protocol would somehow trust the clients for keeping statistics on downloads and thus be vulnerable to spoofing. The problem is that it's fundamentally impossible to gather statistics about processes on other machines are doing in a reliable way.

What's more interesting to me is how other services (ed2k?) do it, and if this makes them more/less/equally vulnerable.

A scheme I've thought of is where you submit packet length and a checksum (calculated from the packet contents) to the tracker, and the receiver of the packet sends the same data, and the tracker counts only packets for which it receives matching pairs from sender and receiver. This can help identify both cheating senders and cheating receivers, but, ultimately, doesn't provide any real protection, while still introducing quite a lot of complexity.

Re:I Knew It

[SeeTheLight]

That idea would also exponentially increase the load on trackers. Sending checksums in a tracker request could end up making the tracker requests go from being less than 500 bytes per request to being almost the size of the .torrent files or larger on each request.

Re:I Knew It

[obarthelemy]

that doesn't really work either, not as soon as someone has 2 PCs, which we all do, right ?

that's why the core, data-exchange protocol only believes what it sees (sorry, receives), and the stats on the tracker are just not reliable, who cares, they're only used by some site admins who just always wanted to be gradeschool teachers.

Easy to detect cheaters

It is very, very, very easy to detect cheaters on private torrent sites -- which are the only sites where ratios really matter anyway.

Globally, across an entire torrent, the amount of data uploaded can't be greater than the amount downloaded. Think about it for more than three seconds and its rather obvious. Every single client reports their usage to the tracker. Every byte you upload must have been downloaded by another client, who also reports their usage.

And hash fails are counted as downloads by the client, so thats not a factor.

If the torrent admin looks through a torrent and sees Joe Cheater claiming to have uploaded 3.6GB, and it just so happens that the amount uploaded is 3.6GB more than that downloaded...its not hard to work out who's spoofing their stats.

Granted, the situation becomes worse when multiple people are cheating, but it's not too hard to track users who are on multiple torrents and pick out usernames who always appear to be on the torrents with the discrepancies.

I've seen it happen on private sites before, and it will happen again.

The short answer is -- you can fudge your stats all you want. But unless you can find a way to fudge someone elses stats to minus the discrepancy, you'll get caught. And rightly so.

Re:Easy to detect cheaters

[Cramer]

This assumes perfect communications between all the peers and tracker. If a single update gets lost, then the numbers won't add up. It's far, FAR too likely for peers to be cut off from the tracker during their session. They'll continue to upload and download from any connected peers in the interim. And the tracker will continue to report them to new peers until they timeout (varies from tracker to tracker.)

Add into the mix the clients that find other peers away from the tracker (*cough*BitComet*cough*) [DHT, peer exchange, plugins, etc.] and this method falls on it's face.

There are just as many ways to detect cheating as there are ways to cheat. Unfortunately, none of them are completely free.

Re:Easy to detect cheaters

[timotten]

The short answer is -- you can fudge your stats all you want. But unless you can find a way to fudge someone elses stats to minus the discrepancy, you'll get caught.

It wouldn't be so hard to get a peer to collude with you on fudging statistics. A few scenarios:

* I install one client at home and one at work. The one at work is a shill for the one at home -- the two never exchange real data, but they report that the client at home has uploaded to the one at work.

* A small group of people agree to scratch each other's backs by shilling for each other.

* An auxiliary protocol provides automated shilling among peers that are otherwise unaffiliated. Such a protocol can use tit-for-tat behavior (if you shill for me, then I'll shill for you).

Re:obviousness, and where the vulnerability really

[moonbender]

Ratios is a concept that is pretty stupid with BitTorrent.

Right, stupid as in "people routinely saturate their downstream when ratio is enforced because everyone keeps seeding after having downloaded" and as opposed to smart, non-ratio trackers as in "people often get crappy speeds especially when they're on asymmetric connections because everyone kills the client after having downloaded the file".

BT is kind of self-regulating, upload more and you download more. But the self-regulation only goes so far and offers no incentive whatsoever to actually seeding files. Since a vast majority of the peers are on asymmetric links (e.g. ADSL), there obviously is a need for pure seeds to keep network speed at a high level, because otherwise the maximum network speed would be limited by the total upload speed of the asymmetric links.

Try Cheating

[Terran+Zwart]

First of all, I don't use private torrent sites, so don't think I'm a cheater.

However, I can easily get 0.2 to 0.3 on most torrents when I'm done downloading. (I try to get a share ratio as low as possible, and not because I'm an asshole, read my post outside this thread for an explanation) And the thing is, each individual peer has no way of knowing that I'm not uploading lots of data to someone else, so just because my ratio to a given peer is low, does not necessarily mean my overall ratio is low. So, my false upload value reported to the server is not verifiably false, even if you have several "spy" peers that are connected to me and are not getting as much as they upload.

This idea is actually similar to the way plausible deniability works in the current version of Freenet. It is impossible to prove, no matter how many connections you establish to a member, that that member is not actually connected to another member that is requesting the data.

I suggest you take out a book on game theory and try cheating. You'll realize that if everyone were to act like an asshole (and not give away data unless they get the most they can get in return), the system will reach an equilibrium in which, for large swarms, NO seeding is needed.

Here is my little crappy tool

[arcanumas]

I discovered this "vulnerability" myself a few months ago and wrote a crappy Python tool to cheat automatically.
You just give it the torrent, how much to "upload" and how much to wait between start and stop updates.
it's in SVN in my home PC so, it may not stay there for long if you abuse my DSL.

Just go where you want to install it and type:
svn co svn://arcanum.homelinux.org/cheatbt cheatbt

./chtk.py is a TK GUI (no file selector, too bored for that)
./cheatingBastard.py is a PyQT GUI (with fileselector but a Threading issue)
./cheatbt.py is the "command line" tool. use it as such:

./cheatbt.py mytorrent.torrent seconds_to_wait bytes_to_upload

Please, no complaints about the code... i know :)

Re:Here is my little crappy tool

[Carthag]

./chtk.py is a TK GUI (no file selector, too bored for that)

Obviously not bored enough to make it! :)

Discredits RIAA/MPAA evidence

[cpu_fusion]

If anyone gets hauled to court over their use of BT and these "amount shared" statistics are used as evidence against them, having the data be easily forged should help the defendent.

Re:Discredits RIAA/MPAA evidence

[Cramer]

I've been preaching this for years. Client reported stats are not trustworthy -- they never have been. Unfortunately, lawyers and judges aren't the most technically savy people around.

ratios not compatible w/ BitTorrent's mission

[TheSHAD0W]

BitTorrent was designed as a data DISTRIBUTION system, not a data SHARING system. In taking the place of a non-P2P upload (http or ftp), any amount of upload is better than none, and clients that upload zero don't get as good performance downloading as clients that contribute.

Trackers were never meant to try and enforce upload ratios; it's too easy for clients to lie about how much they've shared, and too complicated and exploit-prone to work out a system where peers report on each other.

A way for MPAA/RIAA to kill Bitorrent

[Danathar]

I've always thought that the best way for the MPAA/RIAA to kill bittorrent would be to break the protocol such that cheaters could leach without giving much back.

If you look at other systems where the amount leechers far outstrip people giving back the system pretty much gets bogged down.

Bram had always said his system works because every client is out for it's own interest. Researchers who have tried to "improve" BT usually have done something to break this model.

If I were the RIAA/MPAA I'd hire a bunch of crack programmers to try and create a "cheat" and then release the source code to that people would get to download with little or no uploading. That would effetively KILL many bittorrent swarms

Re:obviousness, and where the vulnerability really

[NMZNMZNMZ]

About the only "benefit" I see to ratios is that it might keep files available with seeds longer.

I think that's what the GP was saying. If people have this hack to get around the upload ratio requirements they won't stick around to seed, destroying one of the most important aspects of BitTorrent (the trust that people will seed once they finish downloading).

This does not work with trackerless torrents?

[Danathar]

So what if you don't use trackers but connect exclusively via trackerless torrents?

It would seem to me that the "vulnerability" only exists if you are sending data to a tracker.

Re:This does not work with trackerless torrents?

[Spy+Hunter]

The "vulnerability" only works if you are sending data to a tracker which tracks ratios, which is not most trackers. This is a stat-tracking problem and as such is only relevant in members-only BitTorrent communities where stat tracking is done. If you use public trackers like those mostly found on The Pirate Bay or Mininova you are not affected. And of course trackerless torrents don't track stats either.

Pretty simple cheat...

[guardianfox]

This cheat DOES work... but it's rather suspicious to the admins when you do it. Like a thirty-second leap from a terrible download-upload ratio to a godlike ratio won't go unnoticed... That said, I had no problem TESTING it, but I contacted the admins of my favorite tracker and told them what I did, why, and got them to reverse it. They'll be watching for it now and banning anyone who tries it.

allready know about it.

[indy_Muad'Dib]

use it on boxtorrents and we will ban your entire ISP for a month. we know about it, we know how to monitor for it.

Re:allready know about it.

[DinZy]

WTF. If someone cheats you will ban a whole class of users?! IN my last two hometowns, Boston MA and Urbana IL, there was/is only 1 cable ISP for tens of thousands of customers in a given community. Do you really think it is fair to ban the entire cable internet using portion of a major metroplitan area?

Re:allready know about it.

[Creepy+Crawler]

Thats what you end up with "kiddies" running a webserver/tracker.

Re:allready know about it.

[heelios]

Oh lord! Please scare us more!

Re:allready know about it.

[indy_Muad'Dib]

tough luck. ask anybody at UCLA last december how well that arguement worked for them.

Re:allready know about it.

[tribes]

...as the torrent haters happily cross boxtorrents off of their list, courtesy of a distributed monthly cron job. Sadly, as an admin you often have to reach for the MegaLART to solve problems...attempting to reason with the userbase is often futile and always frustrating.

Re:allready know about it.

[indy_Muad'Dib]

it starts being a problem when only 67% of the uploaded data can be accounted for. so out of the over quarter million registered users and the 2 million unregistered IPs that connect every day almost 750000 of them are faked. omlet, breaking a few eggs, you get the idea.

Re:allready know about it.

[NoNameAnime]

I Love boxtorrents. I leeched over 2tb from there and spoof my stats just fine. Well over a year there and nobody is the wiser. I really dont care if admin does ban entire ISPs. My most popular proxies are on earthlink, cox, rr and comcast. Ban if they must. Countless more .edu proxies. Quite easy getting public proxies. Yes, I'm bragging cause its just a stupid way to so call 'punish' their users via threats. Anyone able to spoof, sure as hell knows how to proxy fine.

Re:allready know about it.

[The+Master+Control+P]

Assholes like you are what eventually ruin everything. You ruin driving on surface streets, you ruin driving on highways, you ruin E-Mail with spam, you ruin online gaming by cheating. Did it ever occur to you, asshole, that there are other people besides you in the world who are negatively impacted by your being an antisocial dick? You are an asshole that shits all over everything, and you are emminently deserving of being thrown in a small jail cell with Mr. Tiny.

People like you make me wish there were a hell so I could savor knowing that you'll go there. OK, I'm done ranting.

Re:obviousness, and where the vulnerability really

[rolandog]

Ha, indeed. I care a lot about my stats, always tried to have a 2+ ratio 'just in case'. Perhaps there should be a workaround as in having the clients to periodically report their progress in uploading.

you're missing the point.

[TheSHAD0W]

This exploit twiddles tracker statistics, but the "self-interest" part of BitTorrent is built into the P2P protocol. Peers upload more to other peers that upload more to them, and there's no way around it. Most BitTorrent trackers don't try to enforce ratios, and I personally think it's stupid to try.

Re:you're missing the point.

[Danathar]

I pretty much agree with you. I don't see how it could be done. Then again, many people do things others think impossible.

Personally I use trackerless torrents with Magnet URI addresses. It would not surprise me to see that as being the future ot BT.

And they call this news?

[Nitra]

Must be a lack of news today, this isn't by any means a vulnerability. Wow someone just noticed that you could make your browser report directly to the tracker. Most of the sites have anti-cheats that will catch such bogus crap. Might show that any site running on that code is subject to the problem, but mentions nothing about ways the site-ops deal with this problem.

upload = download (nearly)

It's very easy to detect cheating in a swarm. If a client reports that it's uploaded ten megabytes, but the remainder of the swarm has only downloaded one megabyte, there's obviously something askew. Of course, not everybody will get their stats counted accurately, due to disconnection and tracker outages, but things should average out reasonably (*). If these community-based ratio-monitoring sites simply count the number of times a given member is part of a swarm with a mismatched overall upload:download ratio, greedy leechers will be identified quickly. Can I recommend the paper "How to cheat BitTorrent, and why nobody does"? It's a lot older than this article. http://www.cs.unibo.it/pub/TR/UBLCS/2005/2005-12.p df (*) Obviously I've never measured this or anything :)

Re:upload = download (nearly)

[jetmarc]

> It's very easy to detect cheating in a swarm. If a client reports that it's uploaded ten megabytes,
> but the remainder of the swarm has only downloaded one megabyte, there's obviously
> something askew.

While your approach might solve the problem of reporting inflated stats to gain a better reputation in the eyes of the tracker, it opens up another hole:

Clients can deliberately destroy the reputation of other well-behaving clients. They can simply lie to the tracker about how much data other clients have uploaded to them, tricking the tracker into thinking that those other clients are lying. Those other clients then end up banned.

This can be used to attack torrents. All the attacker needs is "lots of" virtual clients, that maintain high bandwidth traffic with the clients under attack. The more traffic they have, the more "lye margin" they generate (to overcome uncertainity tresholds on the tracker). And, the more virtual clients the attacker simulates, the more "votes" he's got to convince the tracker.

When the main seeders of a (young) torrent are banned on the tracker, the torrent becomes non-functional.

Investing bandwidth to silence a torrent might be worth-the-deal for a MPAA-style entity.

So, I'm convinced that your suggestion, as is, increases the overall vulnerability.

MOD PARENT DOWN!!!

[justforaday]

Mod this tripe down! This has been covered several times throughout this discussion. The only thing this affects are a set of numbers which have absolutely nothing to do with the functionality of the protocol itself.

Re:MOD PARENT DOWN!!!

[Mateo_LeFou]

mmm... magnetic fields and that's one of my favorite songs (mod irrelevant, but also i agree with you)

Maybe it's just my ADD talking..

[markass530]

but that seems like a lot of work for not much return. I admittedly am not that good at sharing with limewire, and the like, and I almsot like bittorrents just becuse they force me to do so, and I do sleep a little better at night. I'm quite happy with the balance of "power" with torrents and although I love downloading lots of crap, I wouldn't stoop to such levels to increase my leeching ability. Also if a bunch of shitheads utilize this, People will just stop seeding such torrents, and use torrents with a different source.

Re:Sloppy coding.

[v1]

The problem with that solution is twofold. Already beaten ad-anusium is the issue of two clients collaborating to cheat, which cannot really be compensated for.

The other issue less addressed is bandwidth. The tracker is the one weak link in BT, and if you recall back a year or so ago there was a problem with the trackers where they would send data on ALL peers, to all peers. (trackers now cap at 50 entries, randomly selected usually) This bug caused swarms that doubled in size to quadruple tracker traffic, because now there's 2x the peers, each requesting 2x the data. (so 2x the peers = 4x the traffic) This brought several large swarms to their knees as the trackers buckled under the weight.

Increasing the traffic between the client and the tracker, especially to this extent, would be devastating to BT. Right now all they report is data up and data down. That's like two numbers. Now imagine you're in a swarm and connected to say... 60 peers. That's 60 ups and 60 downs. Anyone can see that is an insane increase in traffic.

Right now things are set up correctly - the main enforcement on leeching is peer to peer review. You don't send me data? I'm not going to send you very much. This is traffic between peers, not between peers and the tracker, which is the best way to manage any distributed system.

Simple Fix

[Alereon]

A fix that several of the larger trackers I've used have put in place is to track both upload and download stats for everyone on the torrent. It quickly becomes obvious that someone is cheating if the total amount of uploaded data is greater than the total amount of downloaded data. This makes it rather trivial for admins to track down and ban people who cheat in this manner.

This system could certainly be broken by having clients intentionally amplify reporting of the amounts they upload, but there's no incentive to do this. Amplifying your uploaded amount or shrinking the downloaded amount is the only form of stat cheating that confers any sort of benefit.

Re:Simple Fix

[karmatic]

It quickly becomes obvious that someone is cheating if the total amount of uploaded data is greater than the total amount of downloaded data. This makes it rather trivial for admins to track down and ban people who cheat in this manner.
Um, it's called "seeding" after you finish downloading. Usually, that's considered a _good_ thing, because if nobody uploaded more than they download, the files couldn't be distributed.

Re:Simple Fix

[Alereon]

Um, it's called "seeding" after you finish downloading. Usually, that's considered a _good_ thing, because if nobody uploaded more than they download, the files couldn't be distributed.

I was referring to the totals for an entire torrent, not an individual user. There's no possible way for the total amount of uploaded data to be greater than the total amount of downloaded data. If it is, you know that someone is padding their upload stats.

Re:Simple Fix

[Zerth]

Actually, this is only true if all clients successfully announce every time. Many clients don't bother to retry if you hit quit and the last announce fails, leaving their final upload/download count "hanging".

It would be easy enough to make a client that would look at the ratio of a torrent that was near expiring and then announce it was responsible for any excess upload capacity.

Re:Simple Fix

[karmatic]

It's most certainly possible. It's called uploading the same chunk to 2 different people. Again, this is called seeding, and is usually considered a good thing.

Re:Simple Fix

[Alereon]

It's most certainly possible. It's called uploading the same chunk to 2 different people. Again, this is called seeding, and is usually considered a good thing.

Either you don't understand how bittorrent works or you don't understand my point. The only way a client can download data is if it is uploaded by another client. Thus, the total amount of data downloaded on a torrent will ALWAYS precisely equal the amount of data downloaded, as every altruistic seeder is balanced by a selfish leecher. The ratio for the torrent as a whole will ALWAYS be 1:1. If it isn't, you know that someone is falsifying their stats.

The lazy way is the best way

[horza]

You could try the exploits, which only damages the system and will get you eventually banned from your favourite torrent sites, or you could just get half a dozen downloading and go to bed.

Phillip.

Bittorrent and ISP policy

[smeenz]

The problem with the 'you share with me and I'll share with you' concept that bittorrent is based on is that it doesn't fit well with the commercial reality of ISP plans these days.

For example, here in New Zealand, the fastest speed you can get is 2mbps ADSL, and depending on the plan you choose, when you hit 10GB of traffic (that's traffic in both directions added together), you either start paying excessive data charges designed to be so high as to force you to stop, or your bandwidth is reduced to 64kbps.

The latter option is obviously the one that the huge majority choose, and to the uninitiated, 64kbps seems like not such a bad idea. The problem is that the ISP acheives 64kbps by heavily dropping packets, and that results in much much worse performance than you would have got with a dialup modem connection.

I, for example, would be happy to leave BT running 24/7, seeding files, but I simply can't afford to do that, because at 2mbps, I can chew up 10GB in just 11 hours (actually less, because you have to include transmitted traffic too), and unless I want to have unusable internet access for the remaining 30.5 days of the month, I have to strictly control the amount of traffic I transmit and receive.

Re:Bittorrent and ISP policy

[Tsian]

So perhaps BT isn't the best distribution method for you to use when alternatives are available.

Re:Bittorrent and ISP policy

[smeenz]

yes, you're quite right, but the more people that applies to, the less people there are out there seeding torrents.

Re:Bittorrent and ISP policy

[smeenz]

Wow. I didn't think I'ld laid any flamebait, yet you seem to have found a need to flame.

Today, in Auckland, we have had heavy rain, heavier rain, wind reaching record levels, lightning, power cuts resulting from said lightning, oh, and bright sunshine. And it's only 1.15pm so far.

In order to work around the problems, I shape my torrent to 1kbps upload, and leave it going like that. After a weeks, I had downloaded about 600mb, and uploaded about 4gb, so my sharing ratio was great, but I can't sustain that because it means within 2 weeks, my 10gb limit has been reached.

Australian ISPs have similar policies, but I can't speak for them directly.

Re:Bittorrent and ISP policy

[drsmithy]

I, for example, would be happy to leave BT running 24/7, seeding files, but I simply can't afford to do that, because at 2mbps, I can chew up 10GB in just 11 hours (actually less, because you have to include transmitted traffic too), and unless I want to have unusable internet access for the remaining 30.5 days of the month, I have to strictly control the amount of traffic I transmit and receive.

Yowza, NZ ISPs count uploads in your quota ? And I thought the Aussie ones were stingy.

Re:Bittorrent and ISP policy

[smeenz]

Yup, and thanks to Telecom's monopoly on ADSL, we have absolutely no choice about it either.

What's the big deal?

[d_jedi]

I don't see how this is a vulnerability. The bitTorrent protocol, as I understand, is based on a tit-for-tat principle which is worked out on a per-node basis (ie. if you upload to me, I'll be more willing to give you what you want).

I don't see how global ratios play into this in the least.. (each of the other nodes would say something like yeah, you've uploaded 10GB. Good for you. But what have you done for me?

Re:What's the big deal?

[Zerth]

Some sites try to prevent users from taking advantage of excess bandwidth by enforcing a ratio across torrents or provide a better experience for people with high ratios by refusing to add low ratio users to the tracker until 48 hours after the start of the torrent.

This isn't a vulnerabilty of the protocol, because the network will respond as it always has: people who upload get better speeds than leechers when download capacity is higher than upload capacity.

It is a vulnerability of the tracker, but only in the sense that trusting the user is a vulnerabilty.

Re:What's the big deal?

[d_jedi]

So some sites try to force (err.. persuade?) you to upload more than the BT protocol requires to download the file?

Interesting. Not something I'd be willing to use - BT sucks up enough of my (limited by ISP) bandwidth already - but interesting nonetheless..

This really isn't a vulnerability in the BT protocol, then, more of a vulnerability for these communities of BT users..

Re:Sloppy coding.

[Zerth]

>You're much less likely to lie about someone
>else's uploads than your own. What's the point?

You aren't evil enough.

With everyone focused on faked uploads, if you deflate your down instead of inflating your up, you make everyone else look like cheaters.

"It couldn't have been me cheating, look I didn't even get to download the whole file before the torrent expired. Do more about all those cheaters!"

Plus, it is easy enough to watch for the delay between clients announcing and then when a leech announces, report a large upload yourself before the true seeder announces. Bam, it looks like the true seeder is cheating.

Pirate sites

[TheStonepedo]

My favorite pirate site is full of slashdot-reading geeks who keep greed in check. Users who actually upload to get good ratios (favored by the moderators of pirate sites) made a forum thread regarding the problem. The moderators caught several members using the exploit and banned them. Some members of pirate sites are dishonest, so they were weeded out.

Greed, to an extent, is acceptable in a community based on sharing copyrighted material; lying and cheating are not acceptable.

Avoiding ISPs with lame policies

[billstewart]

Sigh. There are lots of different ISPs in the world, and some of them are much lamer and more annoying than others; in most places there's some option to avoid them, but in some places it's difficult. The two worst offenders in the developed world appear to be Telstra in Australia and most of the cable-modem companies in the US (treated as one entity, because they hang around together way too much), and in both cases it was largely for reasons that are now obsolete but is pursued and promoted to other companies with great fanaticism. Telstra are the big promoters of the monthly-bandwidth-cap cult, which made a slight amount of sense back when bandwidth to Oz was scarce and expensive - though they sometimes had different rates for connections within Australia and connections to the outside world, which was really just fine for Bittorrent and similar applications. The US cablecos have been big promoters of the "Cable Service is for consumer couch potatoes only, not for anything resembling a server, and the End-to-End design that makes the Internet work is a threat to our bandwidth and precious bodily fluids."

Here in the US, it's annoying that my cable modem company offers about twice the downstream bandwidth I get with ADSL, for about 1/2 - 2/3 the cost of decent static-IP open internet. I might be able to get faster service now that my telco has added 3 Mbps ADSL that my ISP could resell, but I'm far enough from the telco wire center that it may not really pay off, and even at 1.5 Mbps I'm usually not saturating my downstream connection except during occasional good Bittorrent sessions.

There are worse ISPs - VSNL in India, a variety of government-monopoly PTTs, almost anything in Africa. China's duopoly are difficult to deal with, but getting better, and many of their problems are driven by the censorship issues. Of course, China's also got diverse enough service that it not only has spammer-friendly hosting but also zombie-compromised broadband services.

I can't believe this crap.

[Terran+Zwart]

I can't believe this... my post gets "Flamebait" and this gets +5? >Globally, across an entire torrent, the amount of data uploaded can't be greater than the amount downloaded. Guess you've never heard of lost packets. >And hash fails are counted as downloads by the client, so thats not a factor. "CHANGE: Core | Download totals don't include hash fails and discards and aren't included in share-ratio calculation [Parg]" From: http://cvs.sourceforge.net/viewcvs.py/*checkout*/a zureus/azureus2/ChangeLog.txt?rev=HEAD >If the torrent admin looks through a torrent and sees Joe Cheater claiming to have uploaded 3.6GB, and it just so happens that the amount uploaded is 3.6GB more than that downloaded...its not hard to work out who's spoofing their stats. This assumes ALL of the following: 1) Nobody has canceled a download. 2) Nobody has falsified their amount downloaded. 3) No data is ever discarded and there are never any hash fails. 4) No one controls more than one client. >The short answer is -- you can fudge your stats all you want. But unless you can find a way to fudge someone elses stats to minus the discrepancy, you'll get caught. And rightly so. Because it's SOOO hard to get another IP address. Goddamn idiots! Learn something about computer networking before you post here, PLEASE!

Carriage Return Corrections

[Terran+Zwart]

I can't believe this... my post gets "Flamebait" and this gets +5?

>Globally, across an entire torrent, the amount of data uploaded can't be greater than the amount downloaded.

Guess you've never heard of lost packets.

>And hash fails are counted as downloads by the client, so thats not a factor.

"Download totals don't include hash fails and discards and aren't included in share-ratio calculation"

From:

http://cvs.sourceforge.net/viewcvs.py/*checkout*/a zureus/azureus2/ChangeLog.txt?rev=HEAD

>If the torrent admin looks through a torrent and sees Joe Cheater claiming to have uploaded 3.6GB, and it just so happens that the amount uploaded is 3.6GB more than that downloaded...its not hard to work out who's spoofing their stats.

This assumes ALL of the following:

1) Nobody has cancelled a download.
2) Nobody has falsified their amount downloaded.
3) No data is ever discarded and there are never any hash fails.
4) No one controls more than one client.

>The short answer is -- you can fudge your stats all you want. But unless you can find a way to fudge someone elses stats to minus the discrepancy, you'll get caught. And rightly so.

Because it's SOOO hard to get another IP address.

Goddamn idiots! Learn something about computer networking before you post here, PLEASE!

You're mostly right.

[Terran+Zwart]

>Even in your hypothetical economically ideal system, the system could benefit from people being tricked into giving more than they intended.

The system benefits, yes. And I'm sure that many people would choose to seed if they can spare the bandwidth, even if they get nothing out of it. The problem though is that some clients will allocate bandwidth for seeding even when there's another download in progress. Also, people might be mindful of the amount of data they're uploading. Maybe someone is on an ethernet LAN, and the seeding causes contention with other users. My point is that since seeding is usually of no benefit to the seeder, and since seeding can in some cases be detrimental, it shouldn't be forced on people by moralistic clients (and client developers).

>Your pet peeve with the BitTorrent protocol is that seeds always upload as fast as possible, when that isn't always necessary to get the file distributed. Well I think you have the objective of the BitTorrent protocol wrong.

You are correct in that we disagree on the primary use or "objective" of BT. Most people see BT as a (illegal) file sharing tool for an informal cooperative group, and that is why they get angry when someone doesn't seed. They say, "You're getting something for nothing here, the least you could do is seed!" Instead, I take the view of the researcher comparing this peer-to-peer architecture to the standard client-server architecture. There exists an individual or group that wishes to distribute information to a large number of people. The distributors care only about the health of the swarm. They want to spread their information as wide as possible. And they'd like to do it as cheap as possible. Then there are the downloaders, who just want to download the data as fast as possible, using only as much of their possibly precious upload bandwidth as possible. A good example of this situation would be a movie trailer. Note that I have nothing against illegal file sharing. To me it doesn't matter what the bits represent, only the manner in which they are distributed.

The behavior of the clients should reflect the goals of these "rivals." (economic term) The clients should not act in a way that their users would not want them to, because that creates an "unfair" (networking term) situation: those people knowledgeable enough to modify their clients could take advantage of the rest.

Using seeding and leaching algorithms that are in economically equilibrium is the only way to eliminate the "unfairness" described above.

I advocate maximizing the average download rate, but only with no unfairness. You seem to advocate maximizing the average download rate at any cost. This is actually not a bad thing, and I will not criticise you if that is the case. TCP congestion control has similar fairness problems, and there are two well-established camps: those who believe fairness is more important than speed, and those who believe speed is more important than fairness. While I am in the former camp, I do respect the opinions of the latter, so long as they know why they believe what they believe.

>Furthermore, even if the objective of seeders was to conserve total bandwidth

I believe seeders are really only concerned with distributing whatever data it is they are trying to distribute. They care about the health of the swarm, and will use upload bandwith if it will help the swarm. But if seeding will not help significantly, then it is better for them to do something else with the bandwidth, like seed for a more needy swarm.

>A seed on a symmetric connection would only use half of its upload at maximum

I said 2 bits for every 1 bit, but that could be changed to maybe 11 for 10, just enough to encourage peers to trade with each other as much as possible before asking for assistance from seeds. And while the maximum bandwidth would be slightly less, it would be used much more effectively, if a client is seeding hundreds of swarms.

>downloading from swarms with mostly seeds wo

Re:You're mostly right.

[Spy+Hunter]

BT really appeals to publishers of data, not because it gives great speed to downloaders, but because it is scalable.

BitTorrent appeals to publishers and consumers alike beacuse it *achieves* speed while *remaining* scalable.

You are still talking about the "unfairness" of the protocol, yet the only unfairness you've actually demonstrated is automatic seeding, which users generally don't mind. The only "exploit" made possible by automatic seeding is disabling it. Your solution is to disable it. I don't see how that helps anyone. You can already disable it in most clients through a config option; the fact that most people don't bother is proof that it is not important to them. You have not demonstrated that the current state of the BitTorrent protocol is otherwise not a Nash equilibrium.

You have brought up the issue of bandwidth distribution between multiple torrents from one seed. This is the one situation where your idea *might* actually help, by automatically distributing seed bandwidth to torrents which need it. However, there is still the problem of the doubled (at least) bandwidth consumption. Manual adjustment of seed bandwidth seems to work fine in practice without wasting all that extra bandwidth.

If you truly think automatic bandwidth distribution between multiple torrents is worth doubling seed bandwidth, then go for it: write your own protocol. Call it ByteSwapper or something. Do the testing in the real world, and see if it works. See if people adopt it.

Torrent Pro Encrease ratio

[evisoft]

I did in several hours program that automatically encrease ration without uploading downloading to peers. Here are installer. http://www.esanu.name/programs/ Good luck!

Reasonable doubt?

[HTH+NE1]

So why is the bittorrent protocol doing (essentially) this?

Because it's considered unimportant data?

Consider that the only people truly relying on the accuracy of the amount of data shared for any serious purpose are the people who want to prosecute you for any illegal works shared.

That the field can be inflated now becomes a defense against inflated charges based on the quantity of data allegedly shared illegally. The accused can claim he falsified the figure and the prosecution would have to go to a greater effort to prove the figure accurate. Can an accurate figure be calculated from tracker-side sources?

I wouldn't recommend relying on this as one's only defense. IANAL.

Re:Reasonable doubt?

[utnow]

Well let's assume that we're not talking about piracy, since we're suppost to assume that this new wonderful bittorrent technology has legal benifits to the world (mass distribution of large files of all sorts... legal and not).

So if we're talking about a legit protocol that's not being designed as a digital theft device, your argument flops. Suddenly we want a protocol that dosen't allow people to falsify their upload figures because we don't want the system to fail because everyone is falsly inflating their numbers. We want a system where everyone is getting a fair chance to get the file using the protocol in the way it was meant to function.

Allowing users to inflate their upload numbers circumvents the proper functioning of the system as a whole.

It's a bug. If I were to use this too get access to the download in a greater proportion than I should be able to, then I would be exploiting that bug. Thus... I call it an exploit.

If this is "the way bittorrent works" then it needs to be changed. You don't just leave a bug there and call it a feature of the protocol... that would make you similar to a certain company generally derided for doing the same thing here at /.

Meritocracy or snobbishment?

[HTH+NE1]

We want a system where everyone is getting a fair chance to get the file using the protocol in the way it was meant to function.

Seems to me a truly fair system won't care how much any one user has shared; everyone would be served equally. The rate of download should be a function of the number of people sharing limited only by your own bandwidth cap. The amount any user shares is braggadocio points and should not have been relied upon to make trafficking decisions in the first place. A meritocracy that punishes latecomers leads to snobbery and those left out game the system at best and sabotage it at worst.

Anyway, it seems to be a basic tenet that unreliable data should not be relied upon.

Re:Meritocracy or snobbishment?

[utnow]

Unreliable data should not be relied on yes. In this case it's upload numbers provided by the user.

But one of the ideas behind bittorrent is that every user is able to download in proportion to what he/she is providing back to the swarm in the form of uploading to other users. Since there is no central upload server you simply cannot limit by the bandwidth cap because SOMEONE has to be upload the file to maximize the benifits of the system.

There is no snobbery and no punishment to latecommers. It's simply the rights involved with providing more to the system. If you give more, you recieve more. Thus everyone is willing to give in order to get their file faster. If you're not willing to give up your upstream then you don't deserve to have someone else's upstream.

Takers?

[phorm]

How many who could would bother though. Honestly I could probably whip this up pretty easily, but I've got much better things to do with my time than hack torrent ratios.

Most of the kiddies who would like to use this to leech probably couldn't script it, though I suppose they might find somebody else's script online.

Optimistic Unchoking

[Terran+Zwart]

While automatic seeding is *technically* not in equilibrium, you are correct that my argument would be rather poor if that were the only thing that differs between the current client implementations and the ideal which would always act in the downloaders' best interest.

There are many other ways in which the BT clients are "unfair." (again, I stress that this is a technical term) I can't go into all of them here, but one of the biggest that I can explain, since you do obviously have some understanding of this subject, is the problem of optimistic unchoking.

If you don't know what that term means, then Cohen's original economics paper gives a good explanation. Azureus, the best client I know of and the one I use, though there are still problems with it, will even let you see which peers you are currently optimistically unchoking.

Anyway, the problem is that EVERYONE does this, ALL THE TIME. I assume that you already know why. But, now assume that one person modifies their client so that it doesn't. He will still be optimistically unchoked by everyone he is connected to, and can therefore determine the upload rates of his peers, which is the whole reason why the clients do this. By disabling optimistic unchoking, the peer gains a slight advantage in that he can always be uploading to the best peers he knows of, instead of risking bandwidth to test out peers. We therefore conclude that in the current environment of everyone optimistically unchoking, it is in each individual's best interest to completely disable optimistic unchoking.

Of course, this leads to a problem. If all users do this, as we should expect them to, then the environment changes and now NO ONE optimistically unchokes. In this scenario, the best thing to do is once again risk some bandwidth to test peers by optimistically unchoking. Therefore, it becomes in everyone's best interest to optimistically unchoke, and we should assume that they will do so (given the fact that once a client is written that allows people to disable/enable OU, people won't have to know how to modify the source and recompile). This creates the previous environment, where everyone is optimistically unchoking. You would think, therefore, that people would be constantly switching OU on and off. But there is an equilibrium strategy: optimistically unchoke only a certain percentage of the time. Calculating what this percentage is would be difficult, as it would rely on many variables including the number of peers you are connected to, how often and how recently you have OU'ed them, your current download rate, the percentage of OU'ed peers that become permanent, and so on. What the clients should do is EITHER allow the user to choose a value for each of the variables I mentioned as well as a formula for how those values are to be combined, OR allow a plugin that will decide when to OU that the user can write in a high level language, OR both.

Hopefully, you can see now that my last year has not been wasted.

Re:Optimistic Unchoking

[Spy+Hunter]

Interesting. I can see that you have done some analysis here. However, I don't think your result is that impressive. Again, the system is technically not in equilibrium, but it is not a significant defect. Have you measured the actual advantage you can gain by not unchoking? If (as I expect) it is not large, then BitTorrent users have nothing to worry about. BitTorrent is not a theoretical system; it is a practical one, and small theoretical defects which can't be exploited for significant gain are not a real problem.

In many ways your argument is like advocating mergesort over quicksort because it's not asymptotically optimal. Quicksort and BitTorrent work great in practice. If you really have a significantly better solution then code it up and the world will beat a path to your door. If you can make a BitTorrent client that exploits your theoretical flaws to provide significantly improved download speeds, quite a few people would be interested I'm sure. You might even be able to sell it.

P.S. I really must comment here on an amazing fact: this is the first Slashdot discussion I have ever seen which progressed from throwing insults to calm discussion instead of the other way around. Kudos, sir, for showing restraint and preferring rational discourse to name-calling.

Reliable data? From an open source client?

[HTH+NE1]

Unreliable data should not be relied on yes. In this case it's upload numbers provided by the user.

By the user or by the client controlled by the user, it's just as unreliable because the user can have compiled his own client. It is after all open source. There is no "fix" so long as the client can lie, and any secret handshake has to be in the open source of every client. Either you try to catch the client in the lie or you just discard the data as untrustworthy and redesign around the problem.

Also, someone lying about their quantity of shared data may not be doing it selfishly but rather altruistically, seeking to get more of the file faster so that they can provide more parts to others. (Though an algorithm that limits the downloading of clients would probably also direct sharing to those with less of the file than those with the whole file to aid in their promotion.)

BTW, I refuse to call them "upload numbers" because there really is no uploading involved. P2P as it exists today--even bittorrent--is strictly downloading. Not even the seeder uploads; no files get transferred without someone choosing to download. If it were uploading, it would be pushing data to people that didn't request it, creating additional mirrors; a bittsunami if you will. (There is at least one system that does behave that way, but its purpose is not to increase the performance of data transfer.)