Slashdot Mirror

← Back to Stories (view on slashdot.org)

Site Offers History of Torrent Downloads By IP

Posted by Soulskill on from the exposing-the-obvious dept.

tsu doh nimh writes "You may have never heard of youhavedownloaded.com, but if you recently grabbed movies, music or software from online file-trading networks, chances are decent that the site has heard of you. In fact, you may find that the titles you downloaded are now listed and publicly searchable at the site, indexed by your Internet address. So far, youhavedownloaded.com has recorded more than 50 million unique Internet addresses belonging to file-sharing users. The site is searchable by file name and by Internet address. When you visit, it automatically checks and lets you know if your Internet address is in the database."

36 of 340 comments (clear)

  1. Honeypot? by Anonymous Coward · · Score: 4, Interesting

    Beware all you clickers!

    1. Re:Honeypot? by marcosdumay · · Score: 4, Insightful

      I was thinking on some sort of phishing scam...
      Honeypot for catching what? Visiting such a site is not evidence of piracy.

      --
      Rethinking email
    2. Re:Honeypot? by lorenlal · · Score: 4, Funny

      That site doesn't care...

    3. Re:Honeypot? by shaitand · · Score: 4, Insightful

      They don't need evidence they just have send a letter to your ISP saying you are a pirate.

    4. Re:Honeypot? by MichaelKristopeit400 · · Score: 4, Insightful
      i don't "do file-share"... i visited the site... my current dynamically assigned IP wasn't on the list.

      you're an idiot.

    5. Re:Honeypot? by sinij · · Score: 4, Insightful

      I visited site out of curiosity. I don't pirate, yet they say I downloaded a bunch of shows (CSI Miami? Please, who watches that? Well, not me.) I am starting to think that site is not at all legit.

    6. Re:Honeypot? by sinij · · Score: 4, Insightful

      Not every Win PC (like my gaming rig for example) is automatically compromised and infected with bots. While it is possible, I see it as rather unlikely, since I have enough expertise to prevent anything that is not specifically target at me.

      Much more reasonable assumption is that a) I didn't notice recent IP shuffle b) Database is randomly generated c) Database is not randomly generated, but might as well be due to methodology flaws.

    7. Re:Honeypot? by Totenglocke · · Score: 5, Informative

      The best part is, the site wants you to log in using facebook to "prove you're human" - that way they can pin an IP address to an actual name and email address. If you don't use the facebook link, they provide something like a 26 letter long captcha (which as far as I can tell, will never let you in, thus forcing you to log in via facebook if you want to view the site). This site sounds like an extreme scam.

      --
      "The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants." ~Thomas Jefferson
    8. Re:Honeypot? by AmiMoJo · · Score: 5, Informative

      It looks like they scrape popular torrent sites like TPB and then list every address in the swarm. Problem one is that legal torrents are on there too, and problem two is that trackers list fake random IP addresses to make the data unreliable in court.

      My home IP address is listed with torrents I never touched, and so is my mobile one. That is despite that fact that Vodafone blocks BitTorrent and I have never used it on my 1GB/month plan.

      The whole site is a troll, clearly they either don't understand the data they are collecting or they are deliberately misrepresenting it.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. Re:Geez, we're down to scare tactics now, huh by InsightIn140Bytes · · Score: 5, Insightful

    MPAA? It's just some russian guys. Besides, all of that data is already visible and copyright infringement companies are probably gathering much more data than some guys who made that site.

    It's not scare tactics to let you know what data there is out about you. Unless you want to be ignorant and feel happier if you don't know it.

  3. indexed by your Internet address by smoothnorman · · Score: 5, Funny

    But my Internet address is not here. It's in Joe's house, that's right next to mine. And in the Kennedy house, and Mrs. Makelin's house, and a hundred others.

    1. Re:indexed by your Internet address by iluvcapra · · Score: 4, Informative

      Obscure, but I got it.

      --
      Don't blame me, I voted for Baltar.
    2. Re:indexed by your Internet address by _0xd0ad · · Score: 4, Funny

      With a username like "iluvcapra", I'd certainly hope you got it.

  4. Re:Geez, we're down to scare tactics now, huh by ZackZero · · Score: 5, Informative

    Except there's also a disclaiming "Don't take it seriously" link at the page; essentially, they've only made a proof-of-concept.

  5. Re:Inaccurate by InsightIn140Bytes · · Score: 5, Insightful

    They obviously can't get information about who uses what IP at what times. But don't worry, when court orders come and you're going to be sued, your ISP has that info and will be able to find you.

  6. Facebook data harvesting tool by carlhirsch · · Score: 5, Interesting

    Well, at least we know how they're monetizing this admittedly slick database; they won't allow you to submit a removal request until you provide your facebook credentials. To even reach the text below, you need to unblock Facebook in NoScript:
    ______
    Removal Request

    What’s the matter? You’re brave enough to steal music, movies and programs but only because you thought you weren’t going to get caught? Well whoever told you that was completely wrong and now your information has gone public. Are you afraid of media companies finding out that you’re a pirate or are you afraid of your friends finding out exactly what you’ve been downloading? Whatever your reason may be, the internet is no place for secrets. Even if you use every precaution in the book, there’s always a chance that someone like us will figure out what you’ve been up to. Because, the reality is, if man made it...man will get around it...and man will figure out how to exploit it. It’s just human nature.

    Anyway, like we said before, luck is on your side today because we’re actually nicer than we let on. I never said we wouldn’t bust your chops about it, but at least we’re offering you a chance to redeem yourself — The details can be found after logging in to your Facebook account.

    --
    . We've got computers, we're tapping phone lines, you know that ain't allowed - Talking Heads, "Life During Wartime"
    1. Re:Facebook data harvesting tool by TheSpoom · · Score: 5, Interesting

      Said Facebook data will be fed into their publicly available Facebook database, to be released in a week.

      --
      It's better to vote for what you want and not get it than to vote for what you don't want and get it.
      - E. Debs
  7. Re:Not so much by jedidiah · · Score: 4, Interesting

    Ditto. This thing pegged me as downloading something from "Lil Wayne" while not correctly identifying the things that I have actually torrented. Although I usually stay away from stuff that RIAA or MPAA have any jurisdiction over.

    So they aren't going to publically shame me over downloading Centos? I'm so dissapointed.

    --
    A Pirate and a Puritan look the same on a balance sheet.
  8. Zero results by IANAAC · · Score: 4, Informative
    I tried it. Came up with zero results or me. I download a lot too.

    I don't do anything out of the ordinary to otherwise secure or anonymize my downloading using either Transmission or Vuze, for what it's worth.

    1. Re:Zero results by Hadlock · · Score: 5, Funny

      Yep (AC here - sorry!) Both myself and my neighbors (we share a connection) are pretty heavy BT users (we use Azureus or "Vuze Classic") and the IP didn't show up anything. We've had the same IP for at least 18 months. Either they're inflating their numbers drastically (who says they aren't lying horribly? This is the MPAA/RIAA after all) or only using encrypted trackers seems to have some effect.

      --
      moox. for a new generation.
    2. Re:Zero results by Hadlock · · Score: 5, Funny

      Hah. Uh, always hit preview when posting as an AC!

      --
      moox. for a new generation.
    3. Re:Zero results by Hadlock · · Score: 4, Insightful

      Uh, that's how it's always been, ever since 2001 or so. I've tweaked the hell out of my account settings over the years, and when they did that awful 2.0 update earlier this year I think (when the option later became available) I set the discussion style to "Classic Discussion System (D1)", which may allow that option. But I guess that's the pitfall of posting without a net!
       
      P.S. the stock D1 settings are terrible, adjust your score modifiers accordingly:
       
      Insightful +1
      Offtopic +1
      Flamebait +1
      Troll +1
      Informative +6
      Redundant -4
       
      Friend +6
      Fan+6
      Foe +6
      anonymous Modifier +1
      New User Modifier +1
      Small Comment Modifier1, -1
      Long Comment Modifier 1, +1
       
      And then browse at a threshold at +3, Threaded, Oldest First, Index Spill 600 and Reparent Highly Rated Comments as "True". Also helps if you have a healthy friends/foes list. Anybody willing to stick their neck out as an expert in a particular field and making a particularly informative post usually gets an add.

      --
      moox. for a new generation.
  9. Illegal by Anonymous Coward · · Score: 5, Interesting

    And if they track any IP address from Switzerland, they are breaking the Swiss data protection laws and can be sued for damages for collecting the IP and breach of privacy.

    See http://arstechnica.com/tech-policy/news/2010/09/switzerland-gathering-ip-addresses-from-bittorrent-sites-illegal.ars

    What happened to another IP slurper...
    "But Switzerland, which is not an EU member, has decided that it can't sanction Logistep's behavior. The country's Federal Data Protection and Information Commissioner, Hanspeter Thür, took Logistep to court and this week won a major victory. The Federal Supreme Court ruled that IP addresses are in fact personal information and that companies like Logistep can't go about slurping them up for mere civil cases like file-swapping lawsuits. Logistep must cease all current copyright infringement data collection.

    In a press release issued yesterday, Thür praised the court's decision. He sees Logistep as trying to "assume tasks clearly in the State's domain." Only the state can violate personal privacy, and only when pursuing criminal cases."

  10. Don't take it seriously by Frederic54 · · Score: 5, Interesting

    From the site:

    The privacy policy, the contact us page — it’s all a joke. We came up with the idea of building a crawler like this and keeping the maintenance price under $300 a month. There was only one way to prove our theory worked — to implement it in practice. So we did. Now, we find ourselves with a big crawler. We knew what it did but we didn’t know how to use it. So we decided to make a joke out of it. That’s the beauty of jokes — you can make them out of anything.

    However, if you have a better idea — don’t hesitate to contact us.

    --
    "Science will win because it works." - Stephen Hawking
  11. My Car by TheNinjaroach · · Score: 4, Funny

    Ha! They didn't catch me in the act of downloading my car.

    --
    I went to eat some animal crackers and the box said, "Do not eat if seal is broken." I opened the box and sure enough..
  12. Re:Already defeated... by forkfail · · Score: 5, Funny

    Already defeated By-Tor

    Yes, the Snow Dog did.

    --
    Check your premises.
  13. Re:Not so much by Mordok-DestroyerOfWo · · Score: 5, Funny

    I swear, I was downloading Ubuntu for a friend. I'm a Fedora man through and through!

    --
    "Never let your sense of morals prevent you from doing what is right" - Salvor Hardin
  14. Re:Not so much by PerlJedi · · Score: 4, Interesting

    I'm with you on that. I was disappointed when I went there and they didn't list all the linux distro's I'm constantly seeding.
    I do find it funny though, they do list Pioneer One. That's right, shame on me for sharing a TV show that was made to be shared.
    lol.

  15. So that's how they'll figure out who to sue by SuperBanana · · Score: 5, Insightful

    Well, getting people's personal data voluntarily (well, okay, via semi-blackmail) is one way to reduce the workload for your legal staff.

    Seriously, who would be stupid enough to login to facebook and FURTHER link themselves? This is just asking to be sued.

    --
    Please help metamoderate.
  16. Well... by Ben_R_R · · Score: 4, Funny

    Slashdoting is one way to solve the problem.

  17. Do take it seriously by AceJohnny · · Score: 4, Informative

    From the "Contact Us" page (which, among other things, lists a postal address in an Antarctic research base):

    This site is a joke. But its data is not.

    --
    Misleading titles? Inflammatory blurbs? Keep in mind that Slashdot is a tabloid.
  18. Site Only Lists the Foolish .. by DiabolicallyRandom · · Score: 5, Interesting

    ... And that's assuming their dynamic IP was even theirs at the noted time. Most people who download torrents on a regular basis disable DHT - and since their method of finding information is via DHT, then disabling BHT lowers any chance of showing in their lists to zero.

  19. Because it's totally accurate... by MacGyver2210 · · Score: 5, Interesting

    Hi. We have no records on you.

    This means you are using a private torrent tracker or, of course, you may not be a torrent user at all!

    I torrent a ton. On that IP. I don't use private trackers. I am even seeding now.

    Their detection method is clearly terrible.

    --
    If the only way you can accept an assertion is by faith, then you are conceding that it can't be taken on its own merits
  20. Re:Geez, we're down to scare tactics now, huh by Anonymous Coward · · Score: 5, Funny

    Here I come sunny Somalia!

  21. Wow by CapnStank · · Score: 4, Informative

    I sort of tire of the ol' Slashdot jumping to conclusions but here's how it works:

    1. They visit public tracker websites.
    2. They query the tracker for a list of peers given a torrent hash (not difficult)
    3. Dump all data into the database that can be searched through their website

    That means your data is not on there if you're a torrent user because you're using a tracker they aren't indexing or you have a dynamic ip that they haven't categorized yet. In the same way this is why you can get false positives. All this B.S. about honey pots or fear mongering is dumb considering how straight forward this website is.

  22. It's a facebook account/details farming scam by tommyhj · · Score: 5, Insightful

    Gathering torrent IP's from popular sites isn't difficult.

    But they clearly want people very badly to sign in with their facebook accounts. First they're scaring people to sign in by promising removal from their database. If you visit the site again they provide you with a choice - an impossible (!) captcha or facebook. It's social hacking.

    First off - don't let them scare you. Copyright holders has all the info anyway. Second, don't ever give away your facebook credentials to a third party that you don't trust. Third, don't trust these people.