Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Tool Promises To Passively ldentify BitTorrent Files

Posted by timothy on from the checks-for-the-evil-bit dept.

QuietR10t writes "A new technique has been developed for detecting and tracking illegal content transferred using the BitTorrent file-trading protocol. According to its creators, the approach can monitor networks without interrupting the flow of data and provides investigators with hard evidence of illicit file transfers. 'Our system differs in that it is completely passive, meaning that it does not change any information entering or leaving a network,' says Schrader." I wonder if it can specifically identify legal content, too.

8 of 265 comments (clear)

  1. hmm by Anonymous Coward · · Score: 5, Interesting

    More restrictions on content? More encryption.

    Better cracking techniques? Better encryption.

    Tyrannical government? Revolution.

  2. Completely Biased and Worthless by RingDev · · Score: 5, Interesting

    Another drawback is that the system cannot cope with encrypted files. "Today, about 25 percent of BitTorrent traffic is encrypted," says Schulze. If such a tool became widely used, then anyone with something to hide would almost certainly switch to using encryption, he says.

    If you make breathing illegal, only criminals with breath.

    -Rick

    --
    "Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
  3. Yawn by happyemoticon · · Score: 3, Interesting

    From the article:

    Then the system looks at the files' hash, a unique identifying code used to coordinate the simultaneous download of hundreds of file fragments by different users. If a hash matches any stored in a database of prohibited hashes, then the system will make a record of the transfer and store the network addresses involved.

    I mean, you could easily scrape some torrent sites for hashes, but it seems like this system would be fairly easy to circumvent. All you'd have to do is come of with some system for changing the hash on a peer-specific basis.

  4. Re:Encryption? by jandrese · · Score: 3, Interesting

    TFA specifially says that it doesn't work on encrypted traffic. In fact the whole thing seems to have some rather bogus qualities to it.

    It uses a FPGA, but is stuck at a rather pokey 100Mbps. All it does is compare the encoded hash value in the Bittorrent header against a list of known illegal hashes. Hashes you have to program manually.

    I've seen commercial boxes that you can already buy that do a lot more than this and faster. He made a big deal about it not disturbing the network, but that's a standard feature. Unless this thing is dirt cheap or something, I don't really see the application.

    --

    I read the internet for the articles.
  5. Re:Carrier Status? by click2005 · · Score: 3, Interesting

    How would you start lobbying congress about making it reality? Common Carrier status in exchange for Net Neutrality.

    When the phone companies switch to a fully IP based network like BT is doing over here in the UK, will they lose the common carrier status?
    The difference between Telco & ISP is so thin these days already that i'm surprised the law has never been updated.

    I'm not asking you specifically, just anyone who might know.

    --
    I am a free slashdotter. I will not be modded, blogged, DRM'd, patented, podcasted or RFID'd. My life is my own.
  6. Re:Encrypted traffic... by Sloppy · · Score: 4, Interesting

    That's a lot of "we could"s. How about just using the global OpenPGP WoT, and stopping the problem in its tracks?

    Once you have a distributed authentication system (which is what lets you exchange keys safely), email is just one of the applications you can build on it. Sounds like you guys have another. Whatever. The more things it's used for (the more people who connect to the WoT) the better it works for everyone.

    Quit building a redundant but also specialized infrastructure, and instead, join the original.

    --
    As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
  7. Re:Carrier Status? by Jane+Q.+Public · · Score: 4, Interesting

    This is a very good point and part of what I was saying. I see no ACTUAL difference between what were once known as "common carriers" and ISPs, EXCEPT that they seem to want to provide content.

    However, here in the U.S., the government (the FCC in particular) has historically been adamant about keeping carriers and content separate, largely because of the danger of monopolistic practices on the part of a corporation that was both the content carrier and the content provider. Another concern was that if carriers (which tend to be large and centric) controlled content as well, there would be too much control over services like news, for example. And I see no logical reason that policy should change, considering that the concerns are at least as valid today as back when the policy was first formulated, decades ago.

  8. Re:Encryption? by Dreadneck · · Score: 4, Interesting

    Right, because we all know that this technology couldn't possibly be used to analyze anything other than bittorrent traffic. It would be totally impossible to use it to inspect emails, right? That's just crazy science fiction - no way could it happen in the real world. Besides, we all know that only criminals use bittorrent. Who would possibly think of using it to distribute political documentaries or leaked government documents?

    --
    Power does not corrupt - power attracts the corrupt.