Slashdot Mirror
Encrypted Torrents Growing Fast In the UK
angryphase writes "The British Phonographic Institute (the UK's RIAA) has noticed a significant increase in the amount of encrypted torrents — from 4% of torrent traffic a year ago to 40% today. Whether it follows a trend for hiding suspicious activities or an increased awareness of personal privacy is up for (weak) debate. Either way, this change of attitude is catching the eye of ISPs, music industry officials, and enforcement agencies. Matt Phillips, spokesman for the UK record industry trade association explains, 'Our internet investigations team, internet service providers and the police are well aware of encryption technology: it's been around for a long time and is commonplace in other areas of internet crime. It should come as no surprise that if people think they can hide illegal activity they will attempt to.'"
Maybe it's because all the more recent clients are supporting encryption by default?
Life, the Universe, and Everything... in my image.
Maybe its because they aren't doing anything illegal yet they are being prosecuted?
why anyone thinks the encryption will be effective? Since the RIAA (for example) catches torrenters by downloading the file from them in order to prove that they were 'making copyrighted content available', it doesn't really seem to matter whether or not it's encrypted. You're sending the RIAA a file that won't be encrypted on their end....
I'm curious. Do we all have a right (by DMCA in US) or otherwise to the encryption we put on our data? Does it take a court order or other legal instrument to lawfully break encryption? IANAL, but I would think that decrypting the traffic would be unreasonable search and invasion of privacy myself.
... or is this yet another hit on the use of privacy-protecting encryption?
I use encryption all day long in a very legal, legitimate form. (ssl/ssh/mcrypt) It's a core part of my operating principles - I don't even allow unencrypted connections to my production systems - EVERYTHING IS SSL ENCRYPTED.
So it really annoys me when the case is made that (encryption == criminal). Yes it can be used for illegal purposes. So can cars, guns, and tennis rackets. It's not the tool that identifies the crime, it's the crime that identifies the crime.
I have no problem with your religion until you decide it's reason to deprive others of the truth.
If Comcast is going to disrupt Bittorrent traffic, all users will see benefit from using encrypted Bittorrent, just to keep Comcast's systems from sending the RSTs to them. Even a UK user, talking to an American system. Legitimate traffic or otherwise.
Doing the Right Thing should not be preempted by making a buck.
Why why why why is it automatically assumed that encryption by non-government entities is in actual fact an attempt to cover up illegal activity?
I believe that in general, western societies have set up laws that generally respect the rights of an individual to whisper a secret in the ear of a friend and not be forced to reveal the message to anyone else. If I choose to encrypt email and torrent files, there is no reason that I should be thought guilty of some crime... fscking idiots.
It would entertain me greatly for them to find out that these illegal encrypted downloads were in fact, a Linux distribution.
Support NYCountryLawyer RIAA vs People
They are trying to avoid packet-shaping?
you know how antibiotics have a huge downside, in that the infection can evolve and become resistant? There's a similar downside to the RIAA's tactics with regard to torrents- now that everything is heading towards being encrypted, it's going to create a (somewhat) safe haven for child pornography to skip through undetected. If the traffic can't be monitored at all, then people you really are trafficking something terrible are going to be able to do it more easily.
From my research into the daily actions of differing people I meet and know, I would say that legal actions are hidden more closely than illegal ones. I grew up in a "mob town" of Rosemont, Illinois, and saw that most illegal activity was out in the open, relatively known by common citizens and the police department (both corrupt and straight). In the town I live in today, the drug dealers, prostitutes and other "criminals" are relatively out in the open also. Sure, there are a lot of criminals who attempt to obfuscate their identity or actions to try to get ahead of the law, but in reality, the best way to perform a crime profitablly is to just pay off the overseers of the law. Problem solved, and you can expand your market because you can be more open about it.
Yes it is the LEGAL activities that surprise me at how much people try to hide. Look at slashdot. My name, my real name, is right here. You can look me up and call me or visit my home. I hide nothing, why should I? Yet most of you are hiding your identities for whatever reason -- and how many of you are doing something illegal by posting here? Browse the blogs, too, and see how many people use their real names.
We hide more than that -- I brought up the question of sex (marital) with a friend, and he freaked when I asked him about his sex life. As if sex when you're married is immoral or illegal, but still people hide behind the idea that we need privacy about such matters.
Most of what the law officers do is hidden, with even FOIA acts not bringing much information to light. This is supposedly legal operations of people who serve me, and yet I have no ability to discern what they're doing, and if they're doing their jobs right. Again, hidden yet probably legal actions.
The more I look around my life, the more I am amazed at how private people are, because they're afraid that some of their actions may be construed as immoral, or immature -- yet most of the people in my life are doing the exact same thing as others, and just hiding it. We post on forums and blogs, but we feel we must keep our names private because others might see what we write, even if others are thinking the same thoughts, or if those same others pretend to believe in freedom of expression but may secretly use it against you.
In terms of encrypting torrents, I do. I run a video sharing site for church videos, and all our torrents are legal and public domain. Yet we encrypt it because unencrypted torrents seem to run slower (I'm sure there is a reason for this, but I never really inspected the protocol specs). Therefore, we encrypt not to obfuscate the legality of what we're sharing, but because the market's limitations on torrent sharing give us a need to encrypt so we can provide a higher bandwidth for the sharing of legal, public domain content.
Are most torrents legal? I have no idea, but I do use torrents to send large files to multiple people every day in a variety of markets I do business in. For me, the torrent is an awesome solution to a problem I've had for years dealing with large files.
I'd just like to point out that "if you've done nothing wrong, you have nothing to hide" does not hold up. Apart from the myriad of things which, while not wrong, any sane person would want to hide, we need to keep it clear in judges minds that hiding something does not mean one was performing illegal activities. The comment by Matt Phillips hints at a worrying application of just that principle, and I can quite easily imagine the BPI or RIAA suing someone who they think was sharing copyrighted material, and using an encrypted torrent (which could contain anything) as evidence of that activity.
Nobody has enough resources to monitor everyone, all the time. Cracking down on public P2P networks resulted in encrypted, invitation-only networks. If the pressure is still on, pretty soon we'll have office "potlucks" where everyone brings their music and movies to swap. Once people get completely pissed off about DRM, they will not mind analog copying with microphones and camcorders to get around it. If nothing else, it is possible to simply exchange movie discs or even portable players without even necessarily breaking the law. The end result is the same though - only one person in 10 will actually pay for the content they are viewing.
The solution? Unencumbered, reasonably priced, possibly watermarked legal product. Even Radiohead strategy yields 1/3 of the downloaders paying.
This reminds me of an old quote,
"The internet interprets censorship as damage and routes around it."
Recording Industry associations: You are now being routed around. Congratulations.
Paul Anderson
"I drank WHAT?!" -- Socrates
I had a talk about P2P networks recently with someone who is very non-tech (his son has a computer, and he won't go near it without a good reason and maybe some holy water to dispell the bane that resides within, despite being anything but a religious person). We had a talk about illegal filesharing and lawsuits, and it culmunated in his question "why don't they just outlaw that crap?"
I was kinda taken aback by that and had quite some trouble retaining my calmness at the question alone. But he was dead serious. Outlaw that crap and the problem is gone.
His train of reason was that he can't check what his kid does on the computer, whether he engages in the sharing of copyrighted files and thus it's easier for him if it was just outlawed. What doesn't exist can't be a problem.
That was quite an eye opener for me, especially why crap like our current legislations can happen without any kind of resistance. Actually, there are people supporting it. Mostly because they don't know jack about the situation at all. My question why he would like to incriminate his son automatically when he uses the program was answered with "If it is illegal to have it, he can't get it". It took quite a while to explain to him that the internet is international and that it's no problem to get it from abroad.
I received a horrified blank stare at this revelation. And the quite insecure question "He can get it from abroad? He doesn't have a credit card, he can't get stuff from there."
I'm not kidding you, this is not made up, this is real. Those people do exist. They don't realize that borders are meaningless on the internet, that national laws prohibiting the possession of software don't affect a thing, except to criminalize people who did nothing wrong. I had a very hard time convincing him that a law against P2P would only harm his son, not solve the problem.
I think this was the moment when I learned that I have to reconsider my strategy for getting support against such BS laws. First of all you have to explain to people that laws like this only criminalize the ones they want to protect, their kids, but laws like this don't protect their kids from breaking the law, intentionally or unintentionally. They want to protect their kids by eliminating the problem rather than trying to solve the problem. They do not want to deal with it.
And that's the underlying problem.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
This caught my eye...
"It should come as no surprise that if people think they can hide illegal activity they will attempt to."
'People' also means groups of people, which can also include Microsoft, who has long since denied any wrongdoing of growing their collection of software and inventions since their inception. Yet... they insist that they are protecting their Intellectual Property by hiding the source code to Windows and other Microsoft softwares. How can we know for sure (in the public eye) that they themselves have not stolen software from others over the years. Law is about absolutes. It is enforced with absolute counter-measures, unless a payoff can lessen a punishment and the bribe can be hidden from others eyes that care about such matters.
So this goes for corporations as well as common citizens, no?
And another thought....
And I always thought the death of Gary Kindall, was a bit fishy.
http://www.ipopisp.com/marksofesteem18.asp
Perhaps he could have shut down the operations of a particular large monopolistic software company with some carefully placed testimony that closed source software could not conceal?
Maybe he got hit with a thrown chair at the bar and died?
I certainly hope this did not happen. But mafia-types tend to protect their profits in unlawful and immoral ways. (Did you ever see the Godfather movie series? If my comments are considered slander, I blame it on watching the Godfather as a kid and seeing "the Pirates of Silicon Valley." )
---
The power of an open internet... showing mankind itself for all it is...
Like a certain Canadian ISP is doing now.
This is easily detectable and rejectable.. Unless they are going to have different certificates for each site they are intercepting, and are willing to forge (and the CA is willing to forge) the certificate info to mask what is really happening.
It's also probably illegal, and definitely unethical, to circumvent the network security this way.
You misunderstand how HTTPS works.
When I connect to a https site, during the handshake the remote site gives me a copy of its certificate. I (my browser) do two things with that certificate: I validate that the domain name embedded in the certificate matches the name of the website I was asking to connect to, and I verify the signature on the certificate using the public key of the signing authority.
Unless the ISP has private key of the signer, there is no way that they could possibly generate a false certificate on the fly - so I *know* I am talking to the server I wanted to connect to, not to an intermediate proxy server.
once that handshake is complete, I and the remote site have a private encryption key which we both use to encrypt/decrypt traffic between us. The ISP can't do anything with that traffic but pass it through (or block it).
The *only* way that an ISP could get in the middle would be for them to block ports 80 and 443 and insist that you configure your browser to use *their* proxy server. If you ever come across an ISP that does this, don't walk, run, to another ISP.
You understand how HTTPS works, but not how a proxy works for HTTPS.
When your browser connects to a proxy for an HTTPS method, it makes a CONNECT request. The proxy makes a TCP connection to the IP address and port requested and passes the traffic both ways unchanged and uncached. The browser then performs the usual certificate validation on the contents received from the remote web site.
An ISP could force the use of a proxy. An ISP could disable HTTPS through their proxy. An ISP could slow down HTTPS through their proxy. An ISP could monitor your traffic volume through their proxy (or their routers). An ISP could record every encrypted bit going both ways. An ISP could also corrupt the encrypted traffic bits. But an ISP cannot interpret the bits in your encrypted traffic, nor modify them, in any meaningful way, without cracking the encryption.
now we need to go OSS in diesel cars
> The real world security breaches have shown the need.
I don't know if it's "security breaches" per se. After all, encrypting the torrent does NOTHING to prevent anyone who knows that that torrent contains copyrighted material from finding your IP from the tracker and going after you legally.
The ONLY thing it does is bypass some ISP-level throttling aimed at BitTorrent traffic. In other words, the ONLY reason people use it is because it makes the torrents go faster, rather than being stuck at low speeds.
That said, more people are probably doing it because it's on by default. And the reason it's on by default in more clients is because it's faster.
So yeah, the spokesman here is an idiot. Encrypted torrents will NOT help you evade responsibility for sharing copyrighted materials. Not even a little bit. This guy is a dumbass.
It took some looking. The article has a link to the extortion letter. The letter has the URL for the settlement support center. The URL in the PDF is not clickable.
The page with the link to the letter is here; http://consumerist.com/consumer/riaa/the-riaa-p2plawsuit-letter-sent-to-college-students-241054.php
The Settlement demand letter is here; http://consumerist.com/assets/resources/2007/03/riaaletter.pdf
https://www.p2plawsuits.com/ Settlement support center link is here.
The truth shall set you free!