Thread: Risk of Torrenting

With all of the recent developments of SOPA, PIPA, MegaUpload etc, I believe it is safe to say that we will start seeing a crackdown on torrenting in the US (if not now, certainly in the years to come). Although we can never remove the risk, I am hopping to start a discussion on the actual level of risk (what are the odds), entry points of said risk (i.e. technical aspect of how an ISP can/does monitor traffic), and of course precautionary measures we can take to lessen it. Again I understand there will always be risk, just looking to hear about the legal side of things, and how you are covering yourselves.

Personally I employ the following methods:
Possibly the best idea IMO is of course getting a Seedbox in another country.
SSH Proxy when browsing, and downloading the .torrent files
SFTP when getting the content from seedbox
ONLY use good PRIVATE trackers - Thanks TI ; )

The reason I am starting this is that a friend of mine (very tech savvy) claims that ISPs can monitor any and all traffic that flows through their modem - regardless of encryption. Is this true?

Has anyone ever heard of seedbox users (not owners) getting targeted?

Also what other methods of protection do you use and why?



Grux

ISPs can always see the your traffic but if is encrypted they don't know what the data is.

That is why you should use https and when possible ssh with seedbox transfer.

VPN is a way of encrypting all traffic. I have been experimenting with them lately quite good.

Some of these measures are a complete overkill and might even get you banned from some trackers.
Your ISP is not trying to "catch" you and it's not going to do anything against you unless the law requires it.
A simple seedbox is enough most of the time.

if the data is encrypted you have nothing to worry about.

eg. if you have a code with your friends that yellow means blue and blue means yellow, to you yellow is = Blue, but for all the people that hear/read you saying blue all they know is that you said blue and not yellow.

so if its encrypted, even if your ISP tries to know what tha hell you are downloading, all they can see is "blue" and not "yellow"

So thats all you need.

and downloading .torrent files is legal as far as i know...

On the subject of ISPs snooping your traffic...I think it comes down to economics. With many millions of users, it's prohibitively expensive for any ISP to monitor everyone's traffic in any way that involves actual employees looking at data. To a certain extent, ISPs use automated "tools" like traffic shaping, bandwidth caps, port blocking, and all that stuff that we know about. Even those "tools" are not free, and that's why I think the ones that are common are not very sophisticated.

With those costs in mind, I don't think ISPs are interested in monitoring for anything in particular. I think they would rather spend their resources on users who are explicitly identified by other organizations.

If something like SOPA/PIPA passes, the costs of all this certainly won't change. I think the government will be more proactive in going after sites, but that it will still be prohibitively expensive to try to find individual users who don't "stand out." I think the big change will be that a lot more sites will get busted megaupload-style, in an attempt to make things harder for users.

Of course, bear in mind that this is all speculation. Who knows what will really happen?

anyone ever heard of a seedbox service provider getting raided? i'm curious

I've never heard of one being raided, and a quick search of torrentfreak confirms this. However, with the US's new strategy of going after the sites rather than the users it could become a reality soon. I would check on the logging policies of your provider if you're worried, or use a VPN. I always use a fake address and details just in case.

(To note, when I say "VPN" I mean a GOOD VPN that doesn't keep any logs. You can see Torrentfreak's investigations of which ones do and don't log. http://torrentfreak.com/which-vpn-pr...iously-111007/
I personally like AirVPN above the others.
I'm not an expert, but here are the ways I can think of.
Ways of being caught:

Home IP seen in swarm (common) : How to avoid: Use a seedbox, or a VPN to seed. Using a private tracker drastically reduces the chances of this happening.

Use a seedbox and it gets a court order to give up your info (will probably never happen): How to avoid: Only connect to the seedbox via VPN, pay with bitcoin and / or use a seedbox from a country that isn't America's bitch. For example my seedbox was in the Netherlands, and I believe personal filesharing is completely legal there.

Spy or court order in your private tracker who investigates usernames / email (Will probably never happen): How to avoid: Just use a different username than you have anywhere else, and use an email address that you made and check via Tor or VPN.

Spy or court order in your private tracker who investigates the IP's that download the .torrent files (Will probably never happen): How to avoid: Only connect through VPN

ISP sees what you are downloading (Very unlikely, but I believe laws are being passed about this in the US): How to avoid: Download from your seedbox via HTTPS / FTPS / SSHFS / any other encrypted download protocol. If you don't have a seedbox, only torrent through a VPN that encrypts all traffic (Preferably using a good protocol like OpenVPN)