BitTorrent giving Hollywood migraines

vbimport

#1

I just posted the article BitTorrent giving Hollywood migraines.

BitTorrent has become the favorite filesharing tool du jour
with movie swappers. This has not gone unnoticed by the executives in Hollywood,
yet there doesn’t seem to be much they can do…

Read the full article here:  [http://www.cdfreaks.com/news/9570-BitTorrent-giving-Hollywood-migraines.html](http://www.cdfreaks.com/news/9570-BitTorrent-giving-Hollywood-migraines.html)

Feel free to add your comments below. 

Please note that the reactions from the complete site will be synched below.

#2

A little off in the details of how bit torrent works, but yeah, it’s definetly a force to be reckoned with :d


#3

But your honour, I only used Bit Torrent, on my Linux System. Guilty, says he! you broke the law and illegally downloaded files using this vile abomination and evaded the copyright regulations, you are a terroist for not using the legally approved and compliant redmond system. The sentence is to be “transportation to Port Arthur, Van Diemans Land for life” :X


#4

Bitorrent use some sort of high precision hash to secure the integrity of distributed piece which the tracker examines and relay to differeent leechers and seeders; it is almost impossible to sppof that kind of integrity check at realtime :wink: Not even mentioning Multi-tracker torrents.


#5

Warms the cockles dunnit?..makes me as happy as a dog with two dicks…don’t know which one to lick first…:X


#6

One could in thoery :wink: jacking more pieces than the tracker capable of handling and thereby render it ddos attacked; it only depends on how many of those tiny things you have and how fast you do it :wink:


#7

how exactly is seeding spoofed files impossible? anyone can create a torrent, and sure as heck plenty of peeps will start downloading it if it’s something attractive


#8

twit, most credible sites dont just let anybody ul to them.


#9

BitTorrent is a beast!


#10

It is true that bittorrent uses hashes (crc, md5, whatever). Spoofing is tougher I give you that, but not impossible. Why is that? Hashes are not unique. Compute a hash, create data containing this hash of the appropriate size and you can send bad data that the clients have no clue about.


#11

The RIAA and MPAA should have left Kazaa and whatever P2P alone. See the more the struggle the smarter people will get… I believe BitTorrent wouldnt have exploded if they didnt shut down the other crappy source to get files. :stuck_out_tongue: It’s like terminal cancer the more you probe it the worst it will get.


#12

True, it is possible to have same hash for different data, but not with the same size, the piece length is fixed in a bittorent though. Even if one can disguise piece with a fake hash value, it could only get pas the tracker and on the first leecher’s hash check, the piece will fails to propagate into other leechers and be discarded as corrupted data by the first leecher. File sppofing total unworkable. I have yet to found the first bad file fownloaded from BT. :wink:


#13

I believe you are wrong. Hash values are not unique for data of the same size. But, for the purposes of bittorrent, I am not certain how many hashes there are. Bittorrent data are sent as “parts” of “pieces” that form the file(s). What I am not certain of is whether the hash values are created for these “parts”. However, there are only a limited number of hashes possible, ~35^16 (not too sure) for 16 byte hashes, while files are binary data that have ranges far greater than that for each “part”, 2^(8*part_size_in_bytes). So if each part is 11 bytes, the range of unique hashes has been gone over twice already. If you have information on what I am not clear about, please do tell.
[edited by kras on 11.12.2004 08:56]


#14

But that has no effect on the legit ones.


#15

Each piece has a hash, and the whole package will have another hash. Hard to spoof both.


#16

Perhaps this http://bittorrent.com/protocol.html No need to guess how it works…


#17

Yes, but you’re screwing everyone if you can get someone to accept the bad piece. That person will continue to spread that piece. So when and if the entire torrent is rehashed when completed and doesn’t check out, they can’t do anything about it.


#18

So then there is no hash for the small parts of pieces. That makes it much easier to trick them if you can manage to send an entire piece.


#19

Still If that bad peice is sent to other clients they will probably reject it as bad data. alot of clients keep track of people sending bad data and ban them from sending or recieving data from you.


#20

Just to clear a few things up… It is true that a particular hash will be shared by many different pieces of data the same size, and it is also true that if you could create a piece of data with the same hash as the correct peice, then you could upload this piece to peers, and the piece would be accepted as totally legitimate (as it has the same hash). This piece would then spread through the swarm to more and more peers, which would “poison” the torrent very effectively from the MPAA/RIAA’s point of view. However, this cannot be done. This is because there is no algorithm for generating files which will have a particular given hash. This is a deliberate design feature of most hash algorithms (I think BitTorrent uses sha1 - according to the protocol specs); think of it like RSA - easy to compute a hash given a certain data, but computationally unfeasible to calculate appropriate data given a hash. It is fairly accepted that this is not doable, and if someone did find an algotithm to do this, BitTorrent would be the least of their concerns…