Slashdot Mirror

← Back to Stories (view on slashdot.org)

Creepy Site Claims To Reveal Torrenting Histories (iknowwhatyoudownload.com)

Posted by EditorDavid on from the I-know-what-you-downloaded-last-summer dept.

Slashdot reader dryriver writes: The highly invasive and possibly Russian owned and operated website IKnowWhatYouDownload.com immediately shows [a] bittorent download history for your IP address when you land on it. What's more, it also [claims to] show the torrenting history of any specific IP address you enter, and also of IP addresses similar to yours, so you can see what others near you -- perhaps the nice neighbours in the house next door -- have downloaded when they thought nobody was looking...

There is also a nasty little "Track Downloads" feature that lets you send a "trick URL" to somebody else. When they click on the URL -- thinking its something cool on Facebook, Twitter or the general internet -- THEY see what they URL promised, but YOU get sent their entire torrenting history, including anything embarrassing or otherwise compromising content they may have downloaded in private... The website appears to offer an API, customized download reports and more to interested parties in the hopes of generating big cash from making other people's torrenting activities public.
It's not clear whether this site is really revealing the information it claims to -- or whether it can filter out the fake IP addresses provided by many downloaders. But putting that aside, it does raise an important question. Is it technologically possible to build a site that tracks and reveals torrenting histories based on IP addresses?

20 of 211 comments (clear)

  1. Nice little malware trick by TWX · · Score: 4, Informative

    There is also a nasty little "Track Downloads" feature that lets you send a "trick URL" to somebody else. When they click on the URL -- thinking its something cool on Facebook, Twitter or the general internet -- THEY see what they URL promised,

    And of course, it delivers malware that because you're trusted to the recipient, they'll infect their PC with, thus introducing a new vector in addition to the compromised ad servers and malware delivered via email...

    I very much doubt that the reason this site was created was for the reasons laid-out in the article summary.

    --
    Do not look into laser with remaining eye.
  2. Sure by Mr+D+from+63 · · Score: 3, Informative

    Just type in your IP address, why not narrow down their target list.

    1. Re:Sure by unrtst · · Score: 5, Informative

      If you went to their site, they already know your IP address. They let you type in other IP addresses in addition to your own, which every server knows whenever a client connects (barring tor or proxy usage).

    2. Re:Sure by wonkey_monkey · · Score: 5, Funny

      Hey! That's the combination to my tired old joke safe!

      --
      systemd is Roko's Basilisk.
  3. Ha! No. by AmiMoJo · · Score: 5, Informative

    Here's "my" list: http://iknowwhatyoudownload.co...

    Of course, that IP address is just a shared VPN endpoint used by who knows how many people. And sure enough, if you read the site they admit that they can't separate people on shared IPs, behind NAT, on dynamic IPs... So basically 99% of internet users are indistinguishable from each other on their site.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    1. Re:Ha! No. by richy+freeway · · Score: 5, Informative

      I checked mine, from my own IP that I do all my torrenting from. It came up blank.

    2. Re:Ha! No. by AmiMoJo · · Score: 2

      They only have access to public trackers (which throw in a few random addressed, just to fuck with people dumb enough to use them to subpoena ISPs and start suing people based on an IP address) so if you stick to private ones "your" record will come up blank.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    3. Re:Ha! No. by Hognoxious · · Score: 4, Funny

      It didn't even get the ip right. I know for a fact mine is 127.0.0.1.

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
  4. Re:those crazy Russians! by Anonymous Coward · · Score: 2, Funny

    No no, it's the Danes.

  5. dynamic ip address by Threni · · Score: 2

    Most home users have dynamic ip addresses, so it'll just show whatever the person who had your ip address earlier was downloading.

  6. I tried it, it works. by megahurts.gr · · Score: 3, Interesting

    I just tried this site, and it did in fact know of one download that I did like a month ago. But I have downloaded several more files since then, and it knew nothing of those.

    Also, the other day I came across a similar site which appeared to have even more information about my downloads. But I did not think to bookmark it.

    From a technical point of view, it is rather easy: you just set up a fake torrent peer which connects to various trackers and obtains peer lists, without actually receiving anything from them or sending anything to them. All it needs to do is record the IPs of the peers.

    --
    This guide is definitive. Reality is frequently inacurate. (from THHGTTG)
  7. Awesome site! by Okian+Warrior · · Score: 3, Informative

    I struggle to find new and interesting things on the internet, but not any more!

    The first of my "neighbors" IP addresses led me to Milftoon.com (NSFW, and not linked) which is totally what you think it is.

    Knowing everyone else's download history will make it easy to discover new and interesting things to see.

    Thanks, iknowwhatyouupload.com! You've saved me so much time.

  8. Not a new concept by ShaunC · · Score: 5, Interesting

    There was a site like this up several years ago called youhavedownloaded.com. There was a big to-do when people started plugging in IPs allocated to record labels and movie studios, and found that those people were pirating tons of shit.

    --
    Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
  9. no working by old+and+new+again · · Score: 2

    it's not working, i download TB of torents a month, it shows nothing

    --
    Live Electronic Music
  10. Torrentfreak article by Anonymous Coward · · Score: 5, Informative

    For if you want to read a real report on this site. They actually do real journalism by contacting the company who made the site and actually communicating with them!

    https://torrentfreak.com/i-know-what-you-downloaded-on-bittorrent-161223/

  11. Re:those crazy Russians! by ShanghaiBill · · Score: 2

    For my IP address, the site says nothing has been downloaded. I know that is not true because I have two teenagers, and they torrent stuff all the time.

  12. Re:those crazy Russians! by ShanghaiBill · · Score: 4, Insightful

    Maybe they use private trackers or a vpn?

    They are not that smart.

  13. Re:those crazy Russians! by FatdogHaiku · · Score: 5, Insightful

    Maybe it's just an attempt to collect IP addresses of people worried about their torrent activities. Nice way to build a subpoena list for use with ISP threats, demand letters, etc.. I would think someone would write a script to enter tons for IP addresses at random to pollute the stream, so to speak. Personally I have not used a torrent client in a long time, two ISPs (and actual addresses) ago...

    --
    You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
  14. Re: those crazy Russians! by orlanz · · Score: 2

    Pollute the stream?? Didn't we just do that by posting it on /.

  15. Correct URL? by Fieryphoenix · · Score: 2

    I could have sworn it was Trolltrace.com