[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Full integration with bitcoin (suggestion / feature request)



Hi Akater,

Traffic overload is still an issue, yes. This causes problems for
everyone. That was my #2, being mean. Sorry for not clarifying that.
Good read:
https://svn.torproject.org/svn/projects/roadmaps/2009-03-11-performance.pdf
It's a few years old, but covers a lot and still relevant.

But the reason for not using BT over Tor is IMHO more than anything a
security/anonymity issue.

Let's look at the reason why someone thinks they would want to use BT
over Tor.
- They believe it will provide them anonymity.

What benefit would Tor be to the user if their BT client of choice
provided their actual IP address to the tracker and to each peer? The
answer is mostly none. (There are certain circumstances where that's not
completely true, for example ISPs that do DPI to throttle torrent traffic.)

Unless your ISP does DPI and throttles you, you will almost certainly
always download slower, for several reasons I won't elucidate. This just
gives interested parties more time to find you. If your ISP does do DPI,
there are better ways around that. Tor is slow.

BT uses UDP and TCP. Tor doesn't do UDP, but it does TCP very well.
There are ways to block the UDP, but most people would never think/know
about that, and many users find that disabling UDP/DHT makes their peer
count drop which makes them re-enable it immediately out of fear their
download may take a little longer.

So, with a BT client that exposes your real IP address to the tracker
and peers, and DHT through UDP being sent over clearnet, any concept of
privacy/anonymity is broken.

Yes, you can disable DHT. You can block UDP connections. You could find
a BT client that doesn't expose your real IP address. But then certain
mis-steps and limitations within Tor also provide attack vectors for
de-anonymizing torrent users.
https://hal.inria.fr/file/index/docid/471556/filename/TorBT.pdf


... The reasons I say this is because I know someone who used Tor to
download torrents, and his ISP kindly let him know that HBO provided
them detailed logs that he downloaded specific episodes of one of their
most popular shows. He thought he was being very smart and protecting
himself, and was dumbfounded when his ISP contacted him.


Matt
Speak Freely
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk