Delivery-Date: Thu, 30 Apr 2015 17:14:38 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 15A451E0C06
	for <archiver@seul.org>; Thu, 30 Apr 2015 17:14:36 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 2A22733F2B;
	Thu, 30 Apr 2015 21:14:32 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 0E88133EED
 for <tor-talk@lists.torproject.org>; Thu, 30 Apr 2015 21:14:29 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id yRrAJU1riF07 for <tor-talk@lists.torproject.org>;
 Thu, 30 Apr 2015 21:14:28 +0000 (UTC)
Received: from mail-wg0-x230.google.com (mail-wg0-x230.google.com
 [IPv6:2a00:1450:400c:c00::230])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id B607B213AA
 for <tor-talk@lists.torproject.org>; Thu, 30 Apr 2015 21:14:28 +0000 (UTC)
Received: by wgyo15 with SMTP id o15so75720664wgy.2
 for <tor-talk@lists.torproject.org>; Thu, 30 Apr 2015 14:14:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=message-id:date:from:user-agent:mime-version:to:subject:references
 :in-reply-to:content-type:content-transfer-encoding;
 bh=MOL+HKWTAkMJUHdNP5ZK2WqxGCDjjRaa1K9226hfTQc=;
 b=u5xR1dr2XhyLV+68byTZSvLnrlTcyyT4VIRya5hl19BJDutDaD6xgbD5ZmWOTNVVse
 cj4tM5RWFUOSVI6rBfxBWGR68J7vQeF1CWv0vDuyNMmUNAc1trEORogrc+rbOMCH3qJ6
 fpE6kewJe1SrgYYp6YnAh5yiL18vj9LnG04aHm6ilQhf+2BMfTyY16kgXEwV/Yzi4OZv
 e4LH8IjkSDJTTqq7PwI5de/bX+boU6HnWIsJkzJ1I7/QE0c5wkkse548a2VUmmYk3W3E
 f7mi+2Q3QH9KIFwTtvTMvT+zaFvAzjf2ezz3LtGOrr8s1UWOz5L5ODyw8M4q5jXR9FZP
 XGyg==
X-Received: by 10.195.17.232 with SMTP id gh8mr11836586wjd.145.1430428465911; 
 Thu, 30 Apr 2015 14:14:25 -0700 (PDT)
Received: from [192.168.1.10] (ANice-652-1-16-125.w86-193.abo.wanadoo.fr.
 [86.193.255.125])
 by mx.google.com with ESMTPSA id um5sm4967686wjc.1.2015.04.30.14.14.24
 for <tor-talk@lists.torproject.org>
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Thu, 30 Apr 2015 14:14:24 -0700 (PDT)
Message-ID: <55429B30.5070701@gmail.com>
Date: Thu, 30 Apr 2015 23:14:24 +0200
From: Aymeric Vitte <vitteaymeric@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.3;
 rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <CAHvMVPQtZ3tHWTAMyrsbTZoK_sEUWXf0cKULe==P2aD16MC+ww@mail.gmail.com>
 <554246CB.3000501@riseup.net>
 <CAHvMVPSapRwSqvMgFhV3DWmOxF4knAQ3MwAHK3a3SAYPL9dJuQ@mail.gmail.com>
 <55427887.7020405@riseup.net> <5542817B.70506@gmail.com>
 <55428E14.6020507@riseup.net>
In-Reply-To: <55428E14.6020507@riseup.net>
Subject: Re: [tor-talk] Full integration with bitcoin (suggestion / feature
 request)
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

I did not read this thread completely but keep it in my TODO list.

Your analysis is correct but can be summarized in one sentence: using bt
over Tor is a non sense because the size of the Tor network is
completely ridiculous compared to the size of the bt network.

As ridiculous as using bt over a VPN, which the bt VPN trolls don't like
to hear.

Disabling the DHT and allowing trackers only is at the opposite of any
privacy protection, because trackers are trivial to monitor and fake,
it's a little bit more difficult with the DHT, but still easy for
someone that can crawl it.

I have tried to explain all this in the FAQs here:
http://torrent-live.org and here: https://github.com/Ayms/torrent-live,
and related study, which for once does not focus on trackers and
monitoring the users, but focuses on the DHT and monitoring/blocking the
monitors, showing also how easily you can protect using the DHT only,
assuming that your bt client is willing to (like torrent-live)...

Tor does not handle UDP but you can tunnel UDP through Tor to some SOCKS
proxies, which, again, is ridiculous but just works.

And, again, a possible solution is the Peersm project (which before
using the DHT does envision new means for peers/content discovery) or
something similar, a P2P using the Tor protocol, not the Tor network.

Le 30/04/2015 22:18, Speak Freely a =E9crit :
> Hi Akater,
> =

> Traffic overload is still an issue, yes. This causes problems for
> everyone. That was my #2, being mean. Sorry for not clarifying that.
> Good read:
> https://svn.torproject.org/svn/projects/roadmaps/2009-03-11-performance.p=
df
> It's a few years old, but covers a lot and still relevant.
> =

> But the reason for not using BT over Tor is IMHO more than anything a
> security/anonymity issue.
> =

> Let's look at the reason why someone thinks they would want to use BT
> over Tor.
> - They believe it will provide them anonymity.
> =

> What benefit would Tor be to the user if their BT client of choice
> provided their actual IP address to the tracker and to each peer? The
> answer is mostly none. (There are certain circumstances where that's not
> completely true, for example ISPs that do DPI to throttle torrent traffic=
.)
> =

> Unless your ISP does DPI and throttles you, you will almost certainly
> always download slower, for several reasons I won't elucidate. This just
> gives interested parties more time to find you. If your ISP does do DPI,
> there are better ways around that. Tor is slow.
> =

> BT uses UDP and TCP. Tor doesn't do UDP, but it does TCP very well.
> There are ways to block the UDP, but most people would never think/know
> about that, and many users find that disabling UDP/DHT makes their peer
> count drop which makes them re-enable it immediately out of fear their
> download may take a little longer.
> =

> So, with a BT client that exposes your real IP address to the tracker
> and peers, and DHT through UDP being sent over clearnet, any concept of
> privacy/anonymity is broken.
> =

> Yes, you can disable DHT. You can block UDP connections. You could find
> a BT client that doesn't expose your real IP address. But then certain
> mis-steps and limitations within Tor also provide attack vectors for
> de-anonymizing torrent users.
> https://hal.inria.fr/file/index/docid/471556/filename/TorBT.pdf
> =

> =

> ... The reasons I say this is because I know someone who used Tor to
> download torrents, and his ISP kindly let him know that HBO provided
> them detailed logs that he downloaded specific episodes of one of their
> most popular shows. He thought he was being very smart and protecting
> himself, and was dumbfounded when his ISP contacted him.
> =

> =

> Matt
> Speak Freely
> =


-- =

Check the 10 M passwords list: http://peersm.com/findmyass
Anti-spies and private torrents, dynamic blocklist: http://torrent-live.org
Peersm : http://www.peersm.com
torrent-live: https://github.com/Ayms/torrent-live
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
-- =

tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

