|
TorrentPrivacy secures your BitTorrent traffic
|
|
The following comments relate to this news article:
article published on 12 August, 2008
TorrentPrivacy is a new product from the guys at Torrentreactor.net designed to keep your BitTorrent downloads and shares private. The product is a combination of an SSH tunnel tool, a pre-configured uTorrent client and remote privacy services. We'll take a quick sneak preview into how does it actually work.
Installation:
After registering yourself at TorrentPrivacy.com you'll be able ... [ read the full article ]
Please read the original article before posting your comments.
|
|
xtago
Senior Member
|
14. August 2008 @ 09:52 |
Link to this message
|
Quote:
Quote:
Originally posted by TPrivacy:
Originally posted by susieqbbb:
Ok sounds great minus one issue..
If you block your isp from looking at your network address on your computer the isp will automaticly ban your account this is true not only with comcast but even with qwest and others.
Let me correct you - you don't block your ISP from looking at your network. You just encrypt the bittorrent traffic like VPN or SSH session. ISP sees the session, but he doesn't know what's happening inside.
Azureus does that for free anyway.. never mind..
How does it block your IP from the tracker. Short tests have shown that our test IP is still appearing in the swarm. It does masquerade an IP as far as the modem, but outside ip remains the same.
Please read more about Azureus features and about Torrentprivacy ones and you will realise that encryption which some bittorrent clients have is only to circumvent traffic throttling and not for security while SSH protocol has strong 128 bit encryption All data sent and received during the connection via secure SSH tunnel is extremely difficult to decrypt and read.
This will be poor, SSH can be de-crypted easily.
You simply packet sniff the connection to grab the keys for the packets once you have that you simply de-crypt the packets, there's software you can get for free that will handle the sniffing the finding the keys then opening up the packets then placeing any info you want into a folder for going over at a later date.
Seeing as you have only have X amount of connections for the SSH connections it'd be quite easy to just sniff through the tunnels made.
SSH isn't intended for extended packet streams it's made so that the 1 packet that holds your credit card number etc will be harder to find and then grab from the packet, a check-out session works prefect for SSH connections because you'll have heaps of packets with usless info and only 1 encrypted packet will hold the right data.
but again you can get this data if you packet sniff the whole session, though using SSh for a check-outs with millions of streams and only 1 packet holding the data would be pointless for most people so they wouldn't bother going through the effort unless they are after that data.
Your idea is all tied to a central connection and then a bittorrent session can last for days so wouldn't be hard to pick up keys and then grab data and files out of a session.
At least with a current bittorrent session your some what protected in that your sending packets all over the place at the time so people can't get a good chuck of data where as SSH would allow for this to happen as your tunneling in and out the 1 tunnel.
The TOR network has the extact same problem it's all encrypted inside the network but the packets have to come out into the open and people simply packet sniff the entry/exit TOR servers to see what people are doing.
Everything is logged and can be tracked online, your clearly kidding yourself if you really think a SSH tunnel will stop media sentry from packet sniffing your connection they already do that on the other network and to an extend on the bit torrent trackers.
|
|
Advertisement
|
 |
|
|
Senior Member
|
14. August 2008 @ 16:56 |
Link to this message
|
@xtago:
I think you underestimate the security of SSL. You can't just "grab the keys" and decrypt the stream. SSL uses a public key infrastructure that allows anyone to encrypt information to send to a party, but only allows that party (who has the private key that corresponds to the public key) to decrypt it.
But that's kind of a moot point for most people here, since the big issue is not concealing what's being transferred, but who's transferring it.
|
|
xtago
Senior Member
|
19. August 2008 @ 03:31 |
Link to this message
|
Originally posted by nonoitall:
@xtago:
I think you underestimate the security of SSL. You can't just "grab the keys" and decrypt the stream. SSL uses a public key infrastructure that allows anyone to encrypt information to send to a party, but only allows that party (who has the private key that corresponds to the public key) to decrypt it.
But that's kind of a moot point for most people here, since the big issue is not concealing what's being transferred, but who's transferring it.
Hate to break it to you, but yes you can crack it and you can get programs which will do it all for you.
See the Server key [secured digital certificate] for the server is produced by the server which ends up being the same for everyone and it can be verified but only by a seprate party.
A server trusted certificate will last for a few hours or a year or two, the server owner slects how long it will last for, these also need to be vilidated everytime a new one is produced other wise it won't be viliad anymore.
These 3rd parties are called trusted certificate authority, these are verisign etc.
The Server owner basicly pays money to these companies to simply say yep, the server's IP and web address and key are the correct at this time, as the server keys can be spoofed if they arn't checked and make any browser think it's at the correct server even though it's not.
In a browser this is simply the lock icon, people don't check the keys themselves, just assume the lock means everything is correct and safe and for big companies this would normally be correct but sometimes it's not the case for little companies nor phishing/spoof sites.
So for you to get the server key you have to have the trusted certificate in the first place to start SSL, and in the first or close to the first packet your browser will send your end user key to the server, if a trusted certificate authority doesn't check the server certificate, you'll be asked if you wish the accept the server key/trusted certificate before you can start a SSL session.
As I said before your credit card details won't be in the packet with your end user key but another packet that could be 10,000 packets after your end user key was sent to the server.
So basicly with SSL what your replying on is that someone hasn't grabbed the 2 keys( well your end user key at least as the server key is easy to get) at the start but if they did start sniffing packets that they have started after your keys were sent around the net, thus the packet with your credit card details is all encrypted and even if they got that packet hopefully they can't decrypt that 1 packet.
but if you packet sniffed for say 2 months straight trust me with the right programs you'll have plently of credit card numbers etc fairly easy you would need the data space to hold all that info though.
SSL is only basic protection for web shops basicly your SSL session should be only long enough to send your private data+credit card data, basicly say it's only 100 packets long not gigs and gigs of packets that you'd get using torrents also everyone would require your keys etc to get the data anyway.
As someone said before the encryption option in torrent client programs is somewhat based on SSL in that the encryption is the same across all programs bar a couple where you can select what encryption you want to use.
it's just doesn't use 128bit keys.
Though as you say all they need is the IP at the end of the day.
|
Senior Member
|
19. August 2008 @ 05:20 |
Link to this message
|
The key that one would need to decrypt the stream is never transferred, so how would a packet sniffer grab it? I'm not implying that SSL is the solution to anonymity problems at all, but I've written network and cryptography functions before and your approach to compromising an SSL stream doesn't make sense to me. (Anyway, I think we're getting a little off-topic here. :-P)
|
|
Killfly
Newbie
|
22. August 2008 @ 12:30 |
Link to this message
|
|
I can't jump into the tech discussion, I don't know, but this discussion should be on fire.
Where'd the TPrivacy guy go?
Do you techies see the BTGuard service using 256bit AES as being a better solution? They really offer little info on thier service.
They are a small amount cheaper.
TPrivacy have you abandoned this discusion?
The private trackers I am member to would draw very little attention of law enforcement with thier very old and odd offerings in films so I'd just use an uncloaked utorrent for those.
Public trackers are indispensable though. I (we) can't all get those hot exclusive memberships and often hard to find software is only on the public trackers. I've been member to many of the best but if there's no Parking alowed I've long lost my membership never to regain it.
One off topic question, briefly, is Demonoid considered private at this time?
Feedback of users of the service appreciated greatly.
|
AfterDawn Addict
1 product review
|
22. August 2008 @ 15:04 |
Link to this message
|
|
I'd use TorrentPrivacy even when downloading from private trackers. You can never be sure who's a member there. Even if the servers are raided your IP is still cloaked on their logs.
|
|
barry6521
Newbie
|
24. August 2008 @ 14:42 |
Link to this message
|
|
OK after having read the comments ,can any one say if this really works like it says and is worth the money?
|
AfterDawn Addict
1 product review
|
24. August 2008 @ 17:45 |
Link to this message
|
Originally posted by barry6521:
OK after having read the comments ,can any one say if this really works like it says and is worth the money?
When they start accepting paypal for "micro payments" I'll try it out.
|
|
varnull
Suspended permanently
|
25. August 2008 @ 01:25 |
Link to this message
|
I dunno Mike.. there seems to be a trust issue here which is larger than the matter of data security/encryption.
My associate paid a month just to test it out which we have. The speed hit we observed was worrying as these days you really want to hit and run on public trackers instead of hanging about for days with the way the ISP's are logging everything. You can bet they have the resources and software to crack simple public key encryption.. it just takes enough processing power (how big is virgin medias potential cluster?) thrown at it and there you have it... plus even through a proxy your IP (or it's hash) is still in the header so the proxy server knows where to send the packets ;) I have software to reverse engineer IP's from server hashes, and I'm sure the ISP's do too.
|
|
spiders96
Newbie
|
31. August 2008 @ 22:01 |
Link to this message
|
|
I just purchased the first month of this service, and I seem to have everything up and running as indicated on the TorrentPrivacy website. I'm a non-technie when it comes to networking, so I don't really know if this is worthwhile or not.
I have a question. Varnull reported on 8/12 in this thread that he had a setting in his security software that was essentially blocking proxy redirects. He said he could still see his IP address in the swarm until he fixed that setting. How can I go into the swarm to verify the absence of my IP address to make sure I'm not having the same problem?
BTW, I'm currently running through their Canadian site (I live in the Southern US). I've tried all 3 locations, and the speed appears to be a little better for me through the Canadian site. I'm also a little hesitant to run it through the US site anyway in case their servers are raided. Maybe I'm being too paranoid.
I'm currently using the service to upload and download torrents that are using Demonoid and TPB trackers.
Thanks for any info and updates. I'll keep watching this thread.
-spiders96
|
|
RoadRange
Newbie
|
16. September 2008 @ 15:55 |
Link to this message
|
Hmm... The torrentprivacy client is sending out UDP packets on port 2222 and I see machines out there trying to contact me on port 2222. I think this is DHT traffic so I disabled DHT and blocked outgoing port 2222 traffic in my firewall to see if it "goes away". I don't know what info is contained in DHT traffic but obviously my IP is leaking out.
:-(
I emailed them a couple hours ago but so far no response. I'll update you all if I hear from them and/or I verify that turning off DHT gets my computer to stop reporting my IP to the world.
|
|
RoadRange
Newbie
|
17. September 2008 @ 02:03 |
Link to this message
|
Hey again. I found out that uTorrent doesn't proxy DHT UDP packets so torrentprivacy's proxy never gets them - they go right out with your real IP. Disabling DHT should prevent your IP from being broadcast. Their proxy is a socks4 on 127.0.0.1 (localhost) and port 2222 (they also use port 2222 as the bittorrent port). I was able to get uTorrent 1.8.1 to use their proxy so I don't know why they insist on using that old 1.7.5 version?
|
|
spiders96
Newbie
|
17. September 2008 @ 07:01 |
Link to this message
|
|
RoadRange,
Thanks for the info. I went into the preferences and unchecked the "Enable DHT Network" and "Enable DHT for New Torrent" boxes. Are there any other special settings that need to be changed for this?
Thanks.
-spiders96
|
|
RoadRange
Newbie
|
17. September 2008 @ 11:01 |
Link to this message
|
Originally posted by spiders96:
Are there any other special settings that need to be changed for this?
I think that does it but I've only been looking at this for a day. I also noticed that the "incoming connection status" thing on the bottom that turns red, yellow, or green was modified in their version of 1.7.5 utorrent. In version 1.8.1 it is now a red circle that pops up as "listen error". If you change the port so it isn't the same as the proxy (2222) it goes to a yellow triangle. I suspect this service doesn't support incoming connections and they covered that up by messing with the indicator in their version of uTorrent. Between no DHT and no incoming connections things are gonna get a bit slow I think? No big deal for what I use it for - except on torrents with few peers and seeds DHT can often get it done when the trackers don't.
|
|
spiders96
Newbie
|
17. September 2008 @ 18:47 |
Link to this message
|
|
RoadRange, thanks for the help with this.
I've been using the service for about 2 weeks now, and the speeds seem to be OK. Some torrents have download speeds in excess of 150 kb/s, while others are much lower. The speeds seem to be relatively consistent with the speeds I was getting prior to using this service. It may be a little slower, but if it actually helps hide my IP then the slight speed sacrifice will be worth it.
-spiders96
|
|
RoadRange
Newbie
|
17. September 2008 @ 19:17 |
Link to this message
|
I was still getting a LOT of connection attempts on the uTorrent port - both the port I was presently using and the one I was using before I installed torrentprivacy. It would seem that once you've given out you IP to a tracker it continues to dish it out to the world for several days. I changed to a different port just so I could verify that my IP was no longer being "advertised" and my firewall has not seen anyone try to connect to my new port - Woo Hoo! I too am happy enough with the speeds I see. Even though I seem to not be accepting incoming connections via the proxy and have disabled DHT I seem to be getting as good as before.
BTW I also checked out http://www.relakks.com as they give you a free 30 day trial - they are a full VPN service so will work with DHT but I'm not sure if incoming connections work? There is also http://btguard.com but I'm not sure how that one works? The only problem with the VPN services is that I observed the Relakks VPN go down and uTorrent just went back to using my regular connection and thereby broadcasting my true IP to the world - not a good thing. Only takes a few seconds of that to "drop a dime" on yah. With torrentprivacy uTorrent just stops if the connection to them goes down. Also a VPN connection bypasses my hardware firewall and puts my competer right on the internet completely naked! Torrentprivacy doesn't expose you at all.
This message has been edited since posting. Last time this message was edited on 17. September 2008 @ 19:19
|
|
spiders96
Newbie
|
18. September 2008 @ 20:22 |
Link to this message
|
|
Great info RoadRange.
Thanks again for the help. I really appreciate it.
|
|
spiders96
Newbie
|
26. October 2008 @ 12:03 |
Link to this message
|
|
Has anyone else tried this service? I'm curious about the experience of other people.
|
|
speedpsyc
Newbie
|
13. November 2008 @ 16:38 |
Link to this message
|
I signed up because it sounded like exactly what I needed. I am tech literate but not an expert, so I'd love to hear other people's opinions on this.
The proxy does seem to hide your IP address to the tracker, I believe that, and also connects many of the peers through the SSH tunnel, but also seems to open a lot of connections to peers WITHOUT using the tunnel. Whether or not this is a problem I'm not sure, since the routes show up as not in use. I say this because of what netstat -n shows when I'm using the program:
TCP 192.169.1.100:2222 to 127.0.0.1:2222 ESTABLISHED
(which is their SSH tunnel traffic I believe)
TCP 192.169.1.100:2222 to xx.xxx.xx.xxx:xxxxx TIME_WAIT
(which is the alternate connections made, maybe not in use)
If I open their utorrent program, it also seems to connect to peers without the SSH tunnel interface running. So all in all, unless I have something set up wrong (they were defaults though), then I'm not sure what's up. I emailed them to ask and I'm awaiting response.
Maybe it'll be okay once peerguardian works in Vista. I've heard the RIAA just connects to trackers to get IPs, in which case you'd be okay, and even if they tried connecting to you PG could block it, so this might still work yes? :S
This message has been edited since posting. Last time this message was edited on 13. November 2008 @ 16:42
|
|
RoadRange
Newbie
|
13. November 2008 @ 17:06 |
Link to this message
|
|
speedpsyc, you have to go to "options", "preferences", "bittorrent" and uncheck "Enable DHT Network", "Enable DHT for new torrents", "Enable Local Peer Discovery",and "Enable Peer Exchange". Those use UDP data packets that are NOT proxied and give your IP directly to other peers. A future release of uTorrent is supposed to also proxy these UDP transactions if the proxy supports it - TorrentPrivacy is using a Socks5 proxy that is capable of UDP proxy if the TorrentPrivacy folks have it configured to support it on their servers.
|
|
speedpsyc
Newbie
|
13. November 2008 @ 17:53 |
Link to this message
|
|
I had tried disabling all the peer exchange/DHT etc, but I still found a few connections made (but they were on torrents I had already started, probably why).
But once I did that, no download anymore. They claim the client comes fully configured for their secure system, and it won't work worth beans with these disabled, so I'm starting to lose hope.
Oh, and with default DHT on, I never saw any UDP connections made to my computer anyhow according to netstat. A LOT of TCP SSH connections popped up, which I believe was peer connections through them. I guess I'm wondering if the TIME_WAIT connections which were direct are a problem (and the few established ones..).
-speedpsycho
This message has been edited since posting. Last time this message was edited on 13. November 2008 @ 19:40
|
|
RoadRange
Newbie
|
13. November 2008 @ 20:20 |
Link to this message
|
|
Yes, it takes longer to get the downloads started with DHT disabled, especially when there are few seeds and peers or the tracker(s) is(are) busy - have some patience, it will work eventually.
|
|
awdrifter
Newbie
|
14. May 2009 @ 20:56 |
Link to this message
|
|
Is this a full on VPN or just a proxy service like BTGuard? Also do they still have the server in Netherland? Thanks.
|
|
Advertisement
|
|
|
|
linkswap
Newbie
|
28. September 2009 @ 11:51 |
Link to this message
|
Surf anonymous and safe with [url=http://www.vpntunnel.se/en/][/url]
Surf anonymously with an encrypted VPN tunnel and vpntunnel.se. This is possible because all traffic between your computer and our servers is encrypted, we are neither the provider, employer can read this traffic.
Vpntunnel.se uses OpenVPN to achieve maximum security in the network.
From our servers located in redundant data centers with multiple Gbit connections, you will have full access to the Internet as usual, the only difference is that you now use our VPN service is fully anonymous on the Internet. There is a huge difference, because all your activities, or so-called electronic tracks no longer be linked to you personally.
We have chosen to protect the privacy of our users. We achieve this by not logging traffic that would show what a given user has at a given time. It makes that we can not disclose any such information to third parties. With this we can promise that you surf anonymously with us.
Unlike many other VPN services as we support port forwarding fully. Through the control panel, you can then monitor how much traffic you have used up, extend your account and much more.
We strive to be the best VPN service provider.
You get 100 GB of traffic for only $7.
|
