Forensic Investigator Outlines BitTorrent Detection Technology

NewYorkCountryLawyer writes "In one of the many BitTorrent download cases brought by pornographic film makers, the plaintiff — faced with a motion to quash brought by a "John Doe" defendant — has filed its opposition papers. Interestingly, these included a declaration by its 'forensic investigator' (PDF), employed by a German company, IPP, Limited, in which he makes claims about what his technology detects, and about how BitTorrent works, and attaches, as an exhibit, a 'functional description' of his IPTracker software (PDF)."

Re:IPTracker Based on Shareaza 2.4.0.0

[JoshuaZ]

My understanding is that one is only required to give the source if one is distributing the product to other people. As long as the individual keeps the software for themselves, there's no requirement to make the source available.

I2P/Freenet

[nurb432]

Try tracking us there.

Good luck.

Re:I2P/Freenet

[nurb432]

Read up on how Freenet works and you will see its not just about data encryption. Due to how it routes, and that data chunks are scattered about It also hides the source and requestors to the point that even if you are on the same LAN and sniffing packets directly you wont know for sure. Sure you can be caught using it which could be a legal problem for you depending on where you live, but they wont know if you are doing the requesting of file parts or you are just passing requests along.

I2P i believe has something similar in place but i'm still learning how their stuff works.

Re:I2P/Freenet

[lister+king+of+smeg]

that is why there is garlic routing. garlic routing is a modification of onion routing used by tor, what it does is bundle packets together so as to make traffic analysis useless. it does have greater latency but should not be a problem unless you are streaming

Re:I2P/Freenet

[Znork]

Which is why some p2p software, such as WASTE, has modes where it will always load links wether or not there is real traffic.

If the arms race goes on, we'll end up with a constantly saturated internet with only random connections sending apparent random data, leaving any actual signal indistinguishable and drowned out by the massive amounts of random noise.

Read their software specs

I've read their software specs. Seems they have some typo,

The data can only be decoded and used by the responsible lawyer, only his software contains the deciphering method and this one one in this case also secret (called "public") key.

Seems at least that one typo. At least I *hope* that's a typo.

... it is not possible that an allocated GUID is allocated to another user again.

Same could be said about MACs, and cell phone ID numbers. No one ever clones those!!!

So it seems, by their reasoning, if you go on a P2P network and clone someone else's GUID, well, then I guess the other party must be guilty, no?

Seems that even if you use Bittorrent or similar to only download Linux distros or even WoW patches, someone can just clone that and use it and then they will just send the innocent the bill?

Re:private trackers solved this long ago

[nurb432]

Only takes one person to sell out an entire private tracker.

Re:Well

[j00r0m4nc3r]

the private copyright cops have no reason to lie or cheat

Sure they do. Since this is really just an elaborate extortion racket, the more IPs they deliver to their clients, the more they get paid. Their clients just file a bunch of John Doe lawsuits and hope for settlements. The more IPs they have, the more possible settlements -- false positives be damned.

Re:IPTracker Based on Shareaza 2.4.0.0

[Mashiki]

I dunno about that. If something is GPL'd and being used in the courts to prosecute me, hell, even if it's closed source I want to see the source so I can tell whether or not it's tampered with.

We already do this with other forms of evidence gathering tools, it should be the same with data gathering tools.