BitTorrent Client Offers P2P Without Central Tracking

Shiwei writes "While BitTorrent is the most popular P2P protocol, it still relies on several centralized points for users to find the files they are looking. There have been several attempts at making BitTorrent more decentralized, and the latest Tribler 5.3 client is the first to offer the BitTorrent experience without requiring central trackers or search engines. Tribler offers some very interesting technologies; the latest version enables users to search and download files from inside the client. Plenty of other clients offer search features, including the ever-popular Torrent, but Tribler's results come from other peers rather than from a dedicated search engine. Users can search and download content without a server ever getting involved; everything is done among peers, without the need of a BitTorrent tracker or search indexer."

What

[AnonGCB]

Slashdot UTF fail. muTorrent, or utorrent, not Torrent.

Re:What

[asvravi]

He is talking about a million uTorrent.

Re:What

[Anachragnome]

"A hug."

Hilarious, heart-warming and creepy, all-in-one.

To clarify

[PhrostyMcByte]

The summary (and TFA) is misleading. This client isn't the first to support trackerless downloading. Most clients support DHT and PEX, and have for some time. You just need a single peer to bootstrap yourself, and you're good to go.

What Tribbler has done is created a P2P torrent search engine. I'm not sure if they're the first either (I swear I remember reading about some other client with P2P search a couple years ago), but it does appear they put some thought into making their feature set more user-friendly, with categorization ("Channels") and such.

Re:To clarify

[DamienRBlack]

Wouldn't this experience be a lot like the old eDonkey 2000 experience. The problem with no centralized servers is that no one pays attention to ratio and the like. In fact I don't think most eDonkey users ever thought in terms of ratios. Also, there is no place to go to request stuff and ask for new seeds. The reason I switched to torrents, (and it took me a long time), is because of the centralized tracking. Sure, the popular stuff is usually available, but try to get something obscure that you can only find online and you are probably screwed. At least that is how eDonkey always was. Now eDonkey had some servers, but my point is that I feel like the experience would be the same as sharing on the eD2k network. No comments, no tracking, no ratio enforcement, no one pulling fakes and spam. eD2k was a hazardous wasteland but of mines. How would any of this be addressed with peer-to-peer torrents?

Re:To clarify

[Dunbal]

While the ratio concept is a good one, it's totally borked by ISPs providing things like 3Mbps down and 64kbps up. No matter how hard you try, you'll never get a good ratio.

Re:To clarify

[Nursie]

Bootstrap is the interesting issue.

You can't have a situation with no server involved, ever, unless you're distributing the software on a friend-to-friend basis. There *has* to be a root node or selection of root nodes that the software knows about when it's installed, unless they have sufficiently advanced technology that it's indistinguishable from magic. Or they use some sort of brute force search....

Sure, once a node is online and given enough other nodes stay online enough of the time, it would be possible to have a persistent network.

I suppose you could do something like search google for random torrents, join in, test the folks you connect to for being part of the decentralised network, grab network info from there etc. It still uses google as a central reference point but it would be more robust than having some sort of hard-coded 'peer tracker' server, or using any sort of brute-force port scan of the internet.

Re:To clarify

[SilentChasm]

I would say the advantage of eDonkey2000 (or eMule now) is the lack of ratios per file. You share large numbers of files and download large numbers. What gets uploaded is what's needed and requested by others, not necessarily a specific torrent you want to get a higher ratio on.

The no comments/fake filtering/requests/reseeds can be mostly solved the same way as Bittorrent has solved it, with a link site/forum community.

The other major advantage of ed2k is that there won't be two separate swarms for the same exact file like Bittorrent. Bittorrent really needs some kind of standardized hashing method per file, even if it's just added data in a torrent with the original Bittorrent hashing remaining intact. A problem I've seen a few times is where two separate (old/rare) torrents are of the same file but they both have no seeds, only partial availability, so neither one finishes even if together they would have the whole file.

I've actually had better luck with rare stuff on ed2k than Bittorrent because of that lack of (unnecessary) duplication.

eMule Collections (file with list of links) or Magnet Links (uri with hashes/filenames) are kind of my ideal, a hash based system for finding stuff not dependent on any site staying up.

Re:To clarify

[icebraining]

Have you tried changing the ports and forcing encryption (disabling legacy connections)?

Re:To clarify

[discord5]

Bootstrap is the interesting issue.

It is indeed. The bittorrent DHT solution is based on Kademlia (or the BEP for Bittorrent specifically). If you google a bit you'll find a few papers and some interesting things, including attack vectors. I'm implementing a version of Kademlia at the moment to have nodes in a network find other nodes for accepting work in a distributed environment, and bootstrapping the thing is "the weakest link". You could set up multiple bootstrapping nodes, but suppose that a network failure takes out your access to the bootstrapping nodes you're basically humped when you want to join the network.

Sure, once a node is online and given enough other nodes stay online enough of the time, it would be possible to have a persistent network.

What you're referring to is known as "churn" and provided the network is large enough it becomes less of an issue. There's actually an interesting paper on churn in Kademlia, but I'm sorry to say I can't seem to find it anymore. As it turns out, Kademlia is quite resistant to churn provided there are enough nodes in the network. Not really surprising, but it's a nice read if you want to know how resilient the network is without having to test it yourself.

I suppose you could do something like search google for random torrents, join in, test the folks you connect to for being part of the decentralised network, grab network info from there etc. It still uses google as a central reference point but it would be more robust than having some sort of hard-coded 'peer tracker' server, or using any sort of brute-force port scan of the internet.

My current solution involves trying multicast and if that fails a broadcast to find other nodes if the bootstrap servers are down. This usually allows you to find other nodes on the LAN (depending on the network configuration) and once you have a single node in the network you can start doing lookups. Few admins like the idea of you "scanning" the network to find other nodes, understandably. Of course, this method of discovering nodes has disadvantages as well, for instance you could have a segment blissfully unaware of another segment in the network until the bootstrap servers come back online.

However for typical bittorrent use I doubt that this particular strategy will work. The work I'm doing has little to do with bittorrent, or how P2P is traditionally seen by the bulk of its users. I doubt that the implementation I'm working on is directly usable for another problem than the one I'm working on.

Ok, but.

[MrQuacker]

But how does moderation work then?

With a large public tracker like PirateBay there are mods and members who weed out and delete the malware, spam, and bad torrents that are on the tracker. Wouldn't a distributed system like this actually make it easier for "bad" content to get uploaded? Its like Limewire all over again.

The idea here seems to be that "you cant stop the signal". But I am not sure how they get around the fact that you don't have to kill the signal, just garble it.

Re:Ok, but.

[mysidia]

But how does moderation work then?

Throw in web of trust?

Send in $1 to get your 'reviewer' certificate signed by some trusted entity. Sort search results by number of signed positive reviews; and then number of downloads which "reviewer nodes" saw occuring.

Re:Ok, but.

[Chuck+Chunder]

You don't need a single "trusted entitity", a web of trust is based on your own prior experience and what others around you will vouch for.

If you have downloaded a torrent signed by someone before and been happy with it your software might be happy downloading more from them without warning. If you haven't seen anything from that person before your software might poll your peers to see if they will vouch for it and ultimately give you a choice one way or another.

Various key servers could be set up to serve trust information but would not present a critical point of failure or (for dodgy torrents) be at much legal risk because they wouldn't be serving anything remotely related to other peoples copyrighted information.

Re:Ok, but.

[Dr_Barnowl]

The experience with email and PGP just proves that most people are boneheads. The only places I see PGP (well, GPG) signatures are on software development mailing lists.

"email" is the wrong metaphor. It misleads people into believing their messages are secure, because they are used to their mail being enclosed in an envelope - just like the one that basically every email program with a GUI depicts somewhere. It's more like a postcard. One that gets delivered via a network of disreputable postmen, some in the employ of enormous and sinister organizations, some just out for themselves. Encryption is the envelope, but people are happy to just keep sending postcards.

I have the right tools installed, but honestly? The only time I even *sign* messages is to get a little kudos on those developers mailing lists. I don't bother encrypting mail because in general for the vast majority of recipients you're going to have to

• Explain to them why email is insecure (it can be hard to persuade them of this)
• Find PGP compliant tools that integrate with their chosen email solution (since most people use webmail, this is going to be hard)
• Talk them through installing the tools
• Talk them through key generation
• Talk them through key management, distribution, and trust
• Explain to them that yes, if they forget their password, they are *never* getting those mails back
• No, I can't decrypt them, even though I encrypted them, because they are 'crypted with YOUR key
• Explain public-key crypto

If your chosen correspondent doesn't give up at some stage of this process, then you are either very persuasive or you have something important to hide. Or they are technical. It's an excellent measure of how much people value their privacy - most do not value it enough to have to expend significant mental effort to protect it. It remains to be seen how much this perception will be effected by the ongoing corporate harvesting of what would, in a "real world" social network, be considered private material.

Re:Peers Peering Particularly at Profitless Peers.

[biryokumaru]

You really should get an account... like PizzaAnalogyGuy or something.

Wow. p2p is turning net into a huge cloud

[unity100]

this, dns-p2p, and etc are turning the internet into a truly decentralized, uncontrollable, REAL cloud as it should have been from the start.

i, for one, am not suprised that the ones to save net freedom, are ending up being people who have been accused of piracy. after all, if it is not detrimental to the control of private interests, why villify something in mass media, right ...

Re:Wow. p2p is turning net into a huge cloud

[icebraining]

Why can't you do it on an application level, based on allocated IP lists? Back when we had a distinction of national and international traffic here in Portugal (international capped to 10GB, national unlimited) somebody made a eMule fork called Blowfish which had an IP based filter, and would let you download only from you isp or nationally.

The same system could be used to give priorities instead of simple blacklisting.

Excellent Work You've Invented Gnutella

[phantomcircuit]

Giant waste of time, bittorrents benefit is from the community bitching about bad torrents, you cant do that without a web of trust or a trusted third party.

Re:Excellent Work You've Invented Gnutella

[aiken_d]

Are you kidding? Once I get my hacked client together to return Rick Astley videos for every search any peer does, there will be even more complaining.

Re:Another Victory

[biryokumaru]

Yes, because the only reason anyone would ever create anything is to get a paycheck.

Re:Back in Time.

[Yvan256]

You mean the legitimate publisher who wants to leech my limited monthly cap for their own purposes?

I'm glad Blizzard gives us the option to disable that in their games.

The future.

[onefriedrice]

It's becoming ever so popular to complain about ICANN or otherwise feel that a decentralized internet is the solution to our problems. I'm not a prophet, but even I can see the future on this one. The ones who will benefit the most from a completely decentralized DNS and/or P2P system are the ones who control the biggest botnets within the network. The rest of us will be so inundated with garbage that the internet will essentially become completely useless.

That's not to say that ICANN and especially the RIAA et al. aren't problems, but I don't see this becoming a viable solution. So I'm a skeptic, for now.

Re:The future.

[Pentium100]

No, centralized control of the internet is a bad thing. Also, why should the US be in control, why not $VeryReligiousMuslimCountry, China or North Korea? I'm sure they would like to shut down some sites too.

And botnets can cause problems in the current situation too. However, I still think that properly implemented decentralized DNS is a good thing. A completely decentralized P2P system that's actively in use will make torrent sites obsolete and make it harder for US companies to take down the files.

We have garbage even now, but currently it's harder to get around it, since the garbage is part of the centralized system (domain takeovers of WikiLeaks, some torrent sites etc).

Criminals can abuse almost any technology, but that does not mean that everybody else should be prevented from using it:
Do you use encryption to do your banking? Do you know that terrorists use encryption too?
How about anonymous networks (tor etc)? Terrorists also use them.
A knife is useful to cut food. It is also easier to kill someone with a knife than just bare hands.
A car is useful for going long distances. It can also be used to deliver illegal drugs or run someone over.

Re:Back in Time.

[pavon]

So you are saying that Napster never got very popular?

The reason that Bitorrent became popular was because it was a faster protocol, and thus worked better for large files like videos and games. It had nothing to do with people being turned off by integrated search.

Re:Back in Time.

[hoggoth]

No Bittorrent client will be complete until it has an email client built in. A flight simulator would be nice too.

Re:Back in Time.

[Surt]

Yes, they use a torrent based distribution system for their patches. So, yes, while you are gaming, you are typically using some of your upstream bandwidth to help deliver patches to others.

Re:Indulge me with the answer to this, please...

[Magada]

Because you can't rely on google or the website being there when you need them. The Wikileaks conspiracy is a case in point. Their DNS provider, their money transfer companies and their hosting company tried to make them disappear. So far, Google is working as intended, but for how long? Also, organizations with fewer resources might wither and die under such attacks.

Re:Back in Time.

[Anachragnome]

"Tribbler is also Open Source so the government cant shut it down..."

I more concerned about Big Business getting their fingers in the pie.

From Wikipedia:
"After a dozen downloads the Tribler software can roughly estimate the download taste of the user and recommends content.[4] This feature is based on collaborative filtering, also featured on websites such as Last.fm and Amazon.com."

The problem is that collaborative filtering drives everyone in the same general direction--it is essentially distilling down one's tastes to the bare minimum. If too many people focus on these "suggestions", less popular torrents will die of neglect. The conspiracy theorist in me says that this exactly the idea--kill torrents, not all, just some. From the perspective of most media outlets, the only good torrent is a dead torrent.

There is also the possibility of gaming the system of collaborative filtering to intentionally steer interest in specific torrents.

I'll stick with TPB. Seed/Peer counts speak volumes.

Re:Back in Time.

[icebraining]

Torrentz is a free, fast and powerful meta-search engine combining results from dozens of torrent search engines

www.torrentz.com

Re:Back in Time.

[Kjella]

The reason that Bitorrent became popular was because it was a faster protocol

A lot of that wasn't really the protocol as such, it's that you actually got faster downloads for faster uploads so people turned off all their caps. Napster etc. didn't really reward uploads much, you got the files at pretty much the same speed no matter what. Proper incentives are everything.

Re:Back in Time.

[Dr_Barnowl]

Yes.

In fact, some games (Lord of the Rings Online, I'm looking at you) install a content distribution service (Pando) where you basically agree to be part of their content distribution network, all the time, and not just while you are gaming. Unless you switch it off in the service panel, of course.

Re:nice

[thijsh]

You have been disconnected from the interwebs until further notice for suspected possession of copyright infringement technology.
Infringing technology detected on your PC (by method of our complementary rootkit) includes (but is not limited to):
- FileZilla
- Putty
- TrueCrypt
- PGP
- And last but not least: mTorrent (the evilest)

We hope you enjoy your offline existence banned from the interwebs.
Frankly, we think you got off easy and deserve much worse you terrorist pirate scum.

Regards,
MAFIAA lawyers

P.S. Hahahahah, suckers, you thought this was a game... Thanks for helping us get all this $$$$$ at the price of your freedom!!!

Not new

[Per+Wigren]

From what I can see, it's pretty much OneSwarm, but without the anonymity.

Sounds very remenicant of Kazzaa/limewire

[lastrogue]

Dunbal already mentioned this, but I didn't see anyone commenting on this. Isn't this just LimeWire or Kazzaa in another skin? Seems kinda like a good way to spread crap malware. Is my logic flawed?

Democracy needs P2P

[chipwich]

Thomas Jefferson said, "Information is the currency of democracy". The WikiLeaks drama is showing us how readily our own politicians will abandon core values of democracy in order to avoid embarrassment. It also clearly demonstrates that we live in a world where our personal communications can readily be disrupted at the whim of private corporations under pressure from these same politicians. The entertainment industry has tried to criminalize peer-to-peer technologies for years, but what is happening with WikiLeaks makes it more essential *now*, than ever before, that we adopt open source peer-to-peer technologies on a large scale. Perhaps the most important of these is The tor project which permits private and anonymous communications. Democracy cannot exist if people cannot speak freely without fear of reprisal. The more TOR relays that exist around the globe, the more immune we all are to the government/corporate censorship we are witnessing. Do your part in ensuring your digital rights by running a relay and becoming part of the network.

Re:Back in Time.

[Raenex]

The reason that Bitorrent became popular was because it was a faster protocol

No, it became popular because Napster was sued out of existence.

Re:Back in Time.

[Hatta]

I disagree. Having separate trackers with their own community was a big part of BitTorrent's success. It brings people together, they actually talk about what they're sharing, and they can organize to put together big projects that just didn't happen before bittorrent. It's not exactly the lack of integrated search that did it, but the lack of search pushed people to the web which is a much better platform for collaboration and communication. If this client doesn't even let people make and read comments on a torrent it really is a step backwards.

Re:Still IP data available

[Asic+Eng]

Maybe each client could accept requests to transfer bytes from another client. The requests would have a format like "please get me byte x for torrent y from peer z". When you download a file, then for each byte your client would randomly pick another client to make the request.

This way if you serve a file you'd have no idea who actually downloads it - you'd only get requests from random clients which are not actually downloading the file.

You can further complicate this by not making the request directly, but instead add a counter to the request. Each client decrements the request counter by one and forwards the request to another randomly chosen client. Only when the counter is zero will it actually request the byte from the server.

Of course that would add a lot of overhead - probably better not to make it on byte boundaries, but rather use larger blocks. Also the file server isn't really protected. I suspect there are probably lots of better techniques available already.

Bittorent Without tracker...

[mrops]

...welcome back to 2005 and enjoy Gnutella

Re:Another Victory

[mcgrew]

Tell that to Cory Doctorow. I've slightly edited the quote for brevity, and the emphasis is mine. If you want to read the whole text, it's in the forward to Little Brother. The link is to the entire text of the book.

I recently saw Neil Gaiman give a talk at which someone asked him how he felt about piracy of his books. He said, "Hands up in the audience if you discovered your favorite writer for free -- because someone loaned you a copy, or because someone gave it to you? Now, hands up if you found your favorite writer by walking into a store and plunking down cash." Overwhelmingly, the audience said that they'd discovered their favorite writers for free, on a loan or as a gift. When it comes to my favorite writers, there's no boundaries: I'll buy every book they publish, just to own it (sometimes I buy two or three, to give away to friends who must read those books). I pay to see them live. I buy t-shirts with their book-covers on them. I'm a customer for life.

Neil went on to say that he was part of the tribe of readers, the tiny minority of people in the world who read for pleasure, buying books because they love them. One thing he knows about everyone who downloads his books on the Internet without permission is that they're readers, they're people who love books.

People who study the habits of music-buyers have discovered something curious: the biggest pirates are also the biggest spenders. If you pirate music all night long, chances are you're one of the few people left who also goes to the record store (remember those?) during the day. You probably go to concerts on the weekend, and you probably check music out of the library too. If you're a member of the red-hot music-fan tribe, you do lots of everything that has to do with music, from singing in the shower to paying for black-market vinyl bootlegs of rare Eastern European covers of your favorite death-metal band.

Same with books. I've worked in new bookstores, used bookstores and libraries. I've hung out in pirate ebook ("bookwarez") places online. I'm a stone used bookstore junkie, and I go to book fairs for fun. And you know what? It's the same people at all those places: book fans who do lots of everything that has to do with books. I buy weird, fugly pirate editions of my favorite books in China because they're weird and fugly and look great next to the eight or nine other editions that I paid full-freight for of the same books. I check books out of the library, google them when I need a quote, carry dozens around on my phone and hundreds on my laptop, and have (at this writing) more than 10,000 of them in storage lockers in London, Los Angeles and Toronto.

If I could loan out my physical books without giving up possession of them, I would. The fact that I can do so with digital files is not a bug, it's a feature, and a damned fine one. It's embarrassing to see all these writers and musicians and artists bemoaning the fact that art just got this wicked new feature: the ability to be shared without losing access to it in the first place. It's like watching restaurant owners crying down their shirts about the new free lunch machine that's feeding the world's starving people because it'll force them to reconsider their business-models. Yes, that's gonna be tricky, but let's not lose sight of the main attraction: free lunches!

Universal access to human knowledge is in our grasp, for the first time in the history of the world. This is not a bad thing.

In case that's not enough for you, here's my pitch on why giving away ebooks makes sense at this time and place:

Giving away ebooks gives me artistic, moral and commercial satisfaction. The commercial question is the one that comes up most often: how can you give away free ebooks and still make money?

For me -- for pretty much every writer -- the big problem isn't piracy, it's obscurity (thanks to Tim O'Reilly for this great aphorism). Of

Re:But wasn't this problem solved before?

[SilentChasm]

I think it's because of the number of downloads at a time.

You typically have only a handful of torrents running vs many files on the other networks.

One at a time downloading: you see nice fast speeds. Lots of files downloading: you see slow speeds all around even if you're going at the same total speed for all files as torrenting would.

That and the somewhat verifiedness you get from a torrent you get from a trusted source as opposed to searching in the other clients. The thing I don't get is why people assume that just because the search is there, it's the only thing that can be used. I would argue ed2k/magnet links and the like are easier than torrents in that they are just links rather than files. You click on the link, it downloads. Find a trustworthy indexing site (comparable to a bittorrent indexing site) and you've got a fairly reliable system that doesn't go away when the tracker does.

It's also not limited to the people who downloaded the exact same torrent as you but to everyone who is looking for a file with the same hash. Why did they use blocks instead of file hashes in bittorrent?

Torrents don't seem to last as long either. They start out fragmented and, rather than sharing everything they have, only a few are active at a time. It's worse for the general availability of files. Per torrent ratios I think mess things up: uploading to get a 1:1 on a file with 1000 seeds is not nearly as important as uploading anything on a file with 0.