Slashdot Mirror

← Back to Stories (view on slashdot.org)

Privacy In BitTorrent By Hiding In the Crowd

Posted by CmdrTaco on from the even-kids-can-still-find-waldo dept.

pinguin-geek writes "Researchers at the McCormick School of Engineering and Applied Science at Northwestern University have identified a new 'guilt-by-association' threat to privacy in peer-to-peer (P2P) systems that would enable an eavesdropper to accurately classify groups of users with similar download behavior. While many have pointed out that the data exchanged over these connections can reveal personal information about users, the researchers shows that only the patterns of connections — not the data itself — is sufficient to create a powerful threat to user privacy. To thwart this threat, they have released SwarmScreen, a publicly available, open source software that restores privacy by masking a user's real download activity in such a manner as to disrupt classification."

20 of 240 comments (clear)

  1. Ahh, great, just what we needed by galorin · · Score: 5, Funny

    Now my downloading of Linux ISO's and pre-release movies is going to be mingled with horse porn. Just what I always wanted.

  2. Re:only works with by Akido37 · · Score: 5, Insightful

    Vuze (azureus), which I dropped because of how bloated it is. Why java? utorrent is the way to go.

    Vuze's bloat problem isn't Java.

    It's feature creep. Sometimes I just want to download a torrent.

  3. I Know Where This Is Going by Anonymous Coward · · Score: 5, Insightful

    RIAA Lawyer: We obtained a warrant to search the defendant's home when traffic was identified as being characteristic of SwarmScreen. When the defendant's machine was recovered, we discovered they indeed had SwarmScreen installed--a program only used to subvert our techniques of classifying thieves. That, ladies and gentlemen of the jury, should be enough for indication of guilt.

    The endless cat & mouse game continues ...

  4. Re:only works with by 0100010001010011 · · Score: 5, Funny

    Utorrent, which I dropped because of how bloated it is. Why GUI? rtorrent is the way to go.

  5. Re:only works with by Rip+Dick · · Score: 5, Funny

    Yeah, it's 4,500K memory footprint is ridiculous.

  6. Legitimate uses by olddotter · · Score: 5, Insightful

    Can companies that use bit-torrent to do legitimate work speak out in its defense? I fear the "guilty by association" is much more along the lines of "you use bit-torrent, therefore your guilty".

    Frankly if this improves upon that, it might be a help to bit-torrent users that aren't pirates.

    --
    Think Deeply. ...
  7. Re:Here's an idea... by holychicken · · Score: 5, Insightful

    It does not necessarily have to do with stealing. It is a privacy concern. Do you want someone being able to watch you without you knowing and getting a ton of information about you by doing so? Whether or not I am stealing, I do not want that. I suspect you do not want that either.

  8. Re:only works with by courseofhumanevents · · Score: 4, Funny

    I wish there was a +1 Correct mod. This isn't exactly insightful or interesting.

  9. Re:So now not only am I guilty being a linux nerd by castironpigeon · · Score: 5, Funny

    Help! Help! I'm being repressed!

    --
    mmmm...forbidden donut
  10. Download random data from BitTorrent by JeffSpudrinski · · Score: 5, Insightful

    Okay...

    According to TFA, their software will download random data from BitTorrent to your system to hide what you really wanted to dowload within a cloud of random downloads.

    Are you SURE you want to allow random data from BitTorrent to be downloaded onto your computer? There's a LOT of stuff out there that I wouldn't want even the remote chance (e.g. being selected randomly) of having it on my computer.

    Just sayin'.

    -JJS

    1. Re:Download random data from BitTorrent by Kjella · · Score: 4, Interesting

      If you actually read the details you will find that it's not really random, but random from a set you give it. So, if you give swarmscreen a site w/, legal software, then it would only download from there.

      Unless there's a significant overlap between both sources causing confusion on whether you're downloading legal or illegal content, I don't see how it can work. If it's as distinct as they say it should be easy to create a signature of legal sites and subtract any connections to them from your total bittorrent presence, effectively dissolving the smoke screen.

      --
      Live today, because you never know what tomorrow brings
  11. Summary of Story by manekineko2 · · Score: 5, Insightful

    Here's a summary of their findings, because the one provided by Slashdot doesn't really do a good job in my opinion of describing it.

    BitTorrent downloaders apparently fall into "communities" that have very similar downloading patterns. In light of this, they think that it would be possible for an argument to be made, that if one member of a community is downloading X, that the behavior can be imputed through guilt-by-association onto all other members of that community. Therefore, you wouldn't necessarily need evidence that a given member of a community actually engaged in the downloading, due to the high degree of correlation between community member downloads.

    This strikes me as a bit of dubious reasoning from a legal standpoint, as just because you hang out with a bunch of mobsters all day, and there's a high correlation of that with committing theft, doesn't mean they can try you for robbery just through guilt-by-association without more evidence that you're a robber. Still, courts have made weird conclusions in the past simply because computers and the Internet are involved.

    For now, their software and idea mostly seems like a neat proof-of-concept. Until someone actually tries to deploy this legal argument in a court somewhere, I don't think I'll be losing too much sleep over this. Might be worthwhile for someone in a totalitarian regime that for some reason needs to be downloading over BitTorrent, but I don't know how realistic a concern that really is.

  12. Re:only works with by drchoffnes · · Score: 4, Informative

    (From the one of the software authors) UTorrent doesn't support plugins and is closed source. If that were to change, we'd happily develop for it.

  13. Re:only works with by KenMcM · · Score: 5, Informative

    That'd be +1 Informative.

  14. .... alright... Why terminal? Raw socket is the wa by SmallFurryCreature · · Score: 5, Funny

    ...alright...why terminal? Raw socket is the way to go!

    --

    MMO Quests are like orgasms:

    You may solo them, I prefer them in a group.

  15. Re:only works with by AliasMarlowe · · Score: 4, Funny

    Vuze's bloat problem isn't Java.
    It's feature creep. Sometimes I just want to download a torrent.

    I'd call it malfeature creep with a commercial bent, in an unnatural union with a hideously malformed GUI.
    I installed Vuze innocently and optimistically enough, but as soon as I started it and saw the abomination appear, its days - nay, minutes - on my system were numbered. It was utterly expunged after a quick kill.

    --
    Those who can make you believe absurdities can make you commit atrocities. - Voltaire
  16. Re:.... alright... Why terminal? Raw socket is the by c0p0n · · Score: 5, Funny

    Unless you can interface directly with the network media using a battery and a metal pin, STFU.

    --

    Your head a splode
  17. Only protects from profiling ISPs by bjamesv · · Score: 5, Insightful

    By firing up random connections, this only protects you from an ISP that is profiling your use. The MPAA can still go fire up a bitorrent client, join a swarm downloading content they claim copyright on and start writing down the IP of everyone who is participating. And then they call up your ISP. this 'masking' technique doesnt actually 'mask' anything very well.

  18. Re:.... alright... Why terminal? Raw socket is the by Mister+Whirly · · Score: 5, Funny

    I can get WiFi on the fillings in my teeth.
    Oh, hang on a sec, downloading an attachment!

    --
    "But this one goes to 11!"
  19. Re:only works with by Mister+Whirly · · Score: 5, Funny

    Exactly. What is the point of having your CPU idle? Wouldn't the ideal be to use as much resources as you can all the time? I have never understood why people build these massive computing machines and then never do any serious computing.

    --
    "But this one goes to 11!"