Slashdot Mirror

← Back to Stories (view on slashdot.org)

BitTorrent and End to End Encryption

Posted by ryuzaki0 on from the end-runs-and-other-oddities dept.

An anonymous reader writes "As ISPs like Shaw and Rogers throttle their bandwidth to counter the growth of BitTorrent, BitTorrent developers are fighting back with end to end encryption. Oddly enough, Bram Cohen, the original brains behind BitTorrent, doesn't support this direction. Is there really anything he can do about it?"

18 of 494 comments (clear)

  1. Encryption isn't the solution we need, or want.. by takeya · · Score: 5, Insightful

    The bigger problem is customers paying their ISPs, many of whom hold a local monopoly, and then the ISPs go around and turn their backs on the customers, leaving them without services like bittorrent that have a clear and growing legal use. Perhaps a boycott of ISPs that do that would be in order... except for that whole monopoly thing.

  2. The Goodness of Open Source by imoou · · Score: 5, Insightful

    Bram said he suspects that some developer has gotten rate limited by his ISP, and is more interested in trying to hack around his ISP's limitations than in the performance of the internet as a whole.

    Isn't this what Open Source is about? The ability to make changes to a software to suit one's need? And if there are enough users, followers, developers and contributors (see Ubuntu from Debian), the new branch because a thing of its own.

    So the day Bram opened his code, BT is subject to the same kind of treatment and only users can decide which way it will go.

    Aren't there cases where someone compiled a BT client to act like a seeder with high ratio but is an ultimate leecher?

    --
    Uncensored Google results requested and delivered by email
  3. Re:Encryption isn't the solution we need, or want. by Dr.+Evil · · Score: 5, Insightful

    ISPs are happy to lose those customers.

  4. Sniffing shape-able streams by Jon+Luckey · · Score: 5, Interesting

    FTA:

    "...a wire protocol which transfers a lot of data bidirectionally and consistently looks like line noise with no header is only marginally more difficult to identify then one which uses fixed ports."

    Sounds like a call to camoflage the traffic as several pipes between peers. Not just one tcp/ip connection, but several, with a jitter function to pick which pipe is used at the moment so it does not look consistant

    --
    -- 3 events that reshaped the world in the 20th century: WW1, WW2, and WWW
  5. Encryption won't work anyhow by LunaticTippy · · Score: 5, Insightful
    The ISPs will simply throttle anything encrypted unless it pays extra, or something similar. If we accept this situation, or find short-term workarounds it will become worse and worse.

    My connection is severly throttled by my pathetic aDSL upload speed, but that's another bitch entirely.

    --
    Man, you really need that seminar!
    1. Re:Encryption won't work anyhow by Yaztromo · · Score: 5, Insightful
      The ISPs will simply throttle anything encrypted unless it pays extra, or something similar.

      And how is the ISP supposed to be able to detect the difference between encrypted and non-encrypted binary data? What detection routine do you use to detect between, say, encrypted BitTorrent data, unencrypted VOIP data, an FTP file transfer, and random data?

      Traditionally, you can filter the ports -- but nothing prevents software from changing what ports it uses, and there are several applications which can handle a dynamic port exchange. How barring just blocking or filtering on specific ports, how do you detect that data is encrypted, when the purpose of encryption is to make the data appear to be random to an outside adversary?

      Yaz.

    2. Re:Encryption won't work anyhow by Anonymous Coward · · Score: 5, Informative

      Traffic analysis systems are available that detect traffic *patterns*. The determining factor for what defines traffic as being VoIP, or Bittorrent, is the patterns flows follow. For instance, a VoIP connection is a very consistent stream of data to one host, where anything file sharing related will be far from smooth, and will be talking to many hosts.

      Even in the case of changing ports, this is easily detected. I work for a medium sized broadband ISP, and we extensively use the layer7 module for iptable which detects flow type based off of a "fingerprint" of traffic; a fingerprint simply being made up of several unique characteristics of a particular packet type.

    3. Re:Encryption won't work anyhow by interiot · · Score: 5, Insightful
      Answer: Easy.

      As TFA notes: encrypted or not, you're still pushing a massive amount of upload and download traffic. That in itself is enough to get noticed.

      Second, the more data there is to analyze, the easier it becomes to distinguish noise from data.

      Third, Again as TFA notes, if a lot of connections are being made, they can analyze the first chunk of data sent by both sides. If it's an unencrypted connection, you'll see a roughly consistent set of data being sent across at the beginning. If even the headers are encrypted, and you use BitTorrent a lot, eventually it will be pretty obvious.

  6. Here's my take on the whole Bram Cohen thingy... by perigee369 · · Score: 5, Insightful

    Bram may not like it, but one of the best things about sharing the source code, is that the 'market' so to speak will determine now where this protocol goes. If Bram doesn't like it, that's his right, but I expect the masses are going to use the program that best offers the features they want. And uTorrent and Azureus are the two 'big boys' on the block right now. And if someone can improve it further on down the road, the whole bittorrent history has shown that users will try it, especially if they aren't happy with the 'old' program they use.

  7. BitTorrent and Who? by Anonymous Coward · · Score: 5, Funny
    BitTorrent and End to End Encryption

    Who is "End", and why are they partnering with BitTorrent to end encryption?

  8. What are ISPs selling? by MrNougat · · Score: 5, Insightful

    So when I buy an internet connection from an ISP, who says the connection is 4mb down and 256K up, and then I actually want to use all of the bandwidth I have been sold - then the ISP wants to crack down and limit my usage?

    Someone should sue [insert favorite ISP here] for bait and switch. If what they're providing is 4mb/256K burst speed, with lower rates for continuous, then that's what they should say in their advertising. This is hardly a far cry from the shady camera outfits online (i.e. PriceRitePhoto). You pay every month for a service, and the service you're actually provided differs greatly from what you thought you purchased.

    --
    Web 2.0 == Giant Blogspam Circle Jerk
  9. Re:Wrong Solution by Hrothgar+The+Great · · Score: 5, Insightful

    Most people have only one or two choices for ISPs, and MAYBE three if they're lucky. In my area, I have one cable provider, one telco providing DSL, and I think there's some satellite company that is expensive and has extremely horrid bandwidth. Basically, your cute idea that everyone should just up and switch ISPs is a pipe dream at best.

  10. As a Rogers customer... by abscissa · · Score: 5, Interesting

    I would like to say I am totally fucking furious that Rogers feels it can do this.

    I appriciate that Bitorrent constitutes a gargantuan proportion of network traffic. I appriciate this is a problem.

    However, the reason that I feel this is unfair, which nobody seems to have mentioned yet, is that Rogers customers are limited to 60 GB of transfer total, both ways, each month. (Unless, of course, you upgrade to the $50 account + modem rental which is 100 GB). If you exceed this limit, it's not just a matter of waiting until next month -- it is a matter of having your account shut down.

    I think it is fair to do one or the other, but not both. I once wasted three days trying to figure out why Bittorrent wasn't working, only to find out it was thanks to Rogers. This was just as they had started shaping network traffic so I had no furious posts on message boards to turn to for the origin of the problem.

    Sadly, there is no alternative to Rogers for high speed access in my area. It's Rogers or dial up.

  11. Re:Who are "Shaw" and "Rogers"? by loconet · · Score: 5, Informative

    Shaw and Rogers are the two major cable providers in Canada.

    Does it affect a lot of people? You bet.

    --
    [alk]
  12. Also because by Sycraft-fu · · Score: 5, Interesting

    If Bittorrent goes out of it's way to become unthrottleable and hard to detect, it will lead to it being outright banned in many places, and the ban enforced through more draconian means.

    Like here on campus, we would prefer not to tell people what they can and can't do, however bandwidth is finite. We cannot afford to buy gigs and gigs of bandwidth just to allow people to P2P all the time, at least not without a tuition hike. The solution is to use a packet shaper, which puts P2P at a lower priority than other traffic. Usually, the line isn't maxed so P2P works as normal, however if the connection is slammed, non P2P traffic gets prefernce.

    Works very well, P2P works and is generally very fast, and other traffic doesn't get bogged.

    However, if it starts hiding from the packet shaper, things may be made a bit more compulsory like "You will make no use of Bittorrent unless it is for an approved research project. Failure to comply will result in a referal to the dean of students and possibly expulsion." Now I'd hate to see it go that way, but it will if it there's no reasonable way to keep P2P from clogging the network.

  13. Re:BitTorrent's image by lilmouse · · Score: 5, Insightful

    Nonsense. Is using ssh guarenteeing illegal activity? Not at all. If I want to use my ISP to download the latest Ubuntu (and I will soon), I damn well want it via BitTorrents. And if I encrypt it, that's my business too!

    --LWM

  14. Re:Encryption isn't the solution we need, or want. by Shinaku · · Score: 5, Interesting

    No.. No they're not. My ISP, TalkTalk, lied about the service they were providing me - even after I enquiered about p2p (GNUtella, Bittorrent) which they assured were totally unrestricted, they were quite happy to sign me up to a 12 month contract and totally restrict all traffic from the p2p clients. Don't worry, I've complained about a month ago and I'm intending to get out with out paying theur £70 cancellation fee. This is for users like me, who have been screwed over by greedy ISPs. And I welcome our new encripted overlords.

    --
    -- :>
  15. Re:Encryption isn't the solution we need, or want. by kenthorvath · · Score: 5, Insightful
    Let's imagine a water company which has two types of customers: some who use water when they need it and some who leave the water running all day, the sprinklers on the lawn all night, etc.

    Well, except that in this case, you're not paying the ISP for the water but for the capacity of the pipes. The water is coming from sources outside of the ISP and thus isn't a scarce resource. In fact, when you signed up for your pipe-service, you understood that you were paying for the maintenance and capacity of the pipes, which is often claimed to be "unlimited", but upon having them installed, you notice that the same pipe is feeding both your home and your neighbor's home, and their neighbor's home.

    you were the first type of customer, wouldn't you be annoyed if you found out you were paying the same as the second type? Wouldn't you expect them to pay more, or perhpas face some restrictions?

    If the first type of customer gets upset at the second type of customer, then they should also get upset at buffets that charge the same amount of money to every customer regardless of the amount that they intend to eat. But then, that is the whole concept of a buffet, isn't it? You enter into an agreement with the provider knowing that you are getting a service that you value appropriately enough to pay for. If you think you should be getting a better deal because some people consume more per unit price than you do, then nothing stops you from trying to make your own arrangements, but if the business is not willing to enter into such an agreement with you, then you are free to find another who will. This is the market place at work, and how other people choose to spend their money has no impact on how you should choose to spend yours.