Why You Shouldn’t Run BitTorrent Over Tor
A note to Tor users:
If you didn't already know, Tor is a distributed anonymity network that allows anyone to use the Internet to both browse the web and publish information without giving away his or her identity. It's a wonderful step in the direction of privacy and it serves an increasingly important role in today's world. As far as usability goes, Tor clearly has more potential than any anonymity network that I've ever seen. Tor could very easily be the most powerful tool that we as everyday people have to combat the gradual removal of our personal rights and freedom.
However, as of right now its most likely cause of death is not an organization or government, but rather its own users who in some cases, perhaps out of ignorance, take advantage of privacy the Tor network affords them by hiding behind it to steal software, movies, and music. I'm not going to sit here and claim that I haven't pirated my fair share of all of the above; that's not what this is about. Before you use BitTorrent on Tor, please stop and consider the effect this has on the Tor network.
When you use BitTorrent on Tor, you're placing an incredible amount of burden on the network and sucking up the bandwidth that could have otherwise been used for the purpose of freely spreading information. You're discouraging people from donating their bandwidth to running the exit nodes that allow the Tor network to function. You're destroying everyone's ability to publish information without being persecuted by their government. You're destroying the privacy that so many people worked so hard to give us.
Besides, if you want to download files from a torrent, there are much more efficient and much faster ways of doing it. See this article for example. Using Tor for your BitTorrent download will undoubtedly take much longer than any other method around.
A note to Tor Exit Node administrators:
You have the power to prevent people from using your exit node to waste your bandwidth and destroy Tor. Simply add the following lines to your exit policy and restart your exit node. This will in no way impact people who are using Tor for legitamate reasons.
ExitPolicy reject *:1214
ExitPolicy reject *:4661-4666
ExitPolicy reject *:6346-6429
ExitPolicy reject *:6881-6999
A note to all BitTorrent users:
It is, in theory, possible to slow down the abuse of Tor by configuring your BitTorrent client to block traffic that's going to or from Tor exit nodes. This will in turn slow down torrent download for people using the Tor network and will discurage people from abusing Tor in that matter. This is something I'm currently researching. What I'd like to do is offer a BT client-compatible block list that auto-refreshes based on known Tor exit nodes. This would allow BitTorrent users to block all torrent traffic to Tor users. If anyone has a better idea on how to combat torrent-related Tor abuse, by all means, please let me know.
Let's all work together to preserve the wonderful privacy Tor and the EFF has allowed us to enjoy!
Thanks for listening.
Monday, July 10th 2006 at 12:59 pm
Agree with everything you’ve said above. With the exception of the description of copyright violation as ’stealing’. Theft and infringement are not synonymous, and claiming that “pirating software”, itself a term created for the sole purpose of demonising the natural and defensible tendency to rebel against artificial scarcity, is equivalent to theft, is both factually incorrect and despicably conformist.
Monday, July 10th 2006 at 1:04 pm
“It is, in theory, possible to slow down the abuse of Tor by configuring your BitTorrent client to block traffic that’s going to or from Tor exit nodes… What I’d like to do is offer a BT client-compatible block list that auto-refreshes based on known Tor exit nodes.”
If you did this, wouldn’t that disallow anyone who runs an exit node from using bittorrent?
Monday, July 10th 2006 at 1:29 pm
An intelligent post that should not go without mentioning.
Monday, July 10th 2006 at 3:16 pm
Good point, I never thought of it like that. I’ve used Tor through azureus a few times, but never realized the prolonged use of high bandwidth was so detrimental. You got to figure the majority of Tor users are mainly using it as an http proxy, so someone using bittorrent really puts the bandwidth use out of proportion.
Monday, July 10th 2006 at 4:00 pm
If you give us a link with all of the exit nodes then uTorrent users can use ipfilter.dat to block them.
Monday, July 10th 2006 at 4:06 pm
Thanks for the great article. I’ve always wondered about the disadvantages of Tor
Monday, July 10th 2006 at 5:25 pm
ExitPolicy reject *:1214
ExitPolicy reject *:4661-4666
ExitPolicy reject *:6346-6429
ExitPolicy reject *:6881-6999
——————————————–
Given the fact that the latest bit torrent clients can use what ever port you choose randomly, blocking certain known ports may not work.
For eg, my BT port is 15789… and most of the client can encrypt the header, so if you plan to read the header packets, that will not work as well.
May be you guys shud find out how the cable companies shape the bandwidth, and use it in your networks, not sure whether there is an open source alternative for that.
-Jay
Monday, July 10th 2006 at 5:26 pm
[…] Then, BitTorrent comes out. All your customers start sharing enormous video files. They take days to download, and fill the upload and download speeds of all your connections. Your bandwidth costs increase. You’re not making money. What do you do? […]
Monday, July 10th 2006 at 6:18 pm
Great Idea for a ban list for Torrent Clients.
“Let’s all work together to preserve the wonderful privacy Tor and the EFF* has allowed us to enjoy!”
*And the US Navy and DARPA, right? http://www.onion-router.net/History.html
Also, unfortunately, the EFF no longer has the means to fund TOR, so please donate:
http://tor.eff.org/donate.html.en
Monday, July 10th 2006 at 8:23 pm
It’s good that you don’t allow BitTorrent clients using those ports, but those are only the default settings for some clients; what about new ones, like Azureus 2.4 that use higher ranges? Wouldn’t someone tech-savvy enough to use BT over Tor change their port configurations?
Monday, July 10th 2006 at 9:03 pm
Isn’t there a way to get a list of all the current nodes while running tor as well?
Couldn’t you add these IP’s to the ip filters that most BT clients have.
It should be as simple as polling the tor client/server you’re running and output the IP’s to a page somewhere?
Tuesday, July 11th 2006 at 8:44 am
There is not enough accuracy in your post. It is possible to use Bittorrent with TOR without overloading the TOR network, if you only use TOR for the communication between BT clients and tracker. In this case the data communication between peers remains outside the tor network.
See section 4.1.1 in this document http://azureus.sourceforge.net/doc/AnonBT/Tor/howto_0.5.htm
J.
Tuesday, July 11th 2006 at 5:45 pm
[…] read more | digg story […]
Tuesday, July 11th 2006 at 9:56 pm
Jose,
What’s the point of that? The communications that are intercepted by copyright protectors are the p2p ones.
Wednesday, July 12th 2006 at 5:17 am
Ahah.. The EFF has a (python) script that will grab the IPs if you run a tor server? (and/or client? Not sure on that one)
http://www.theonionrouter.com/cvs/tor/contrib/exitlist
Wednesday, July 12th 2006 at 9:44 pm
Mark,
I guess they can save the tracker for greater good by routing the tracker comm thro TOR
Thursday, July 13th 2006 at 12:03 pm
[…] read more | digg story […]
Wednesday, August 23rd 2006 at 10:06 am
As Jose said, there’s no reason to block tracker communications via Tor, only the peer data transfer. I’ve found that I cannot communicate w/ certain trackers due to some heavy handed filtering by the Great Firewall of China. Using Tor for tracker communications means I don’t have to rely solely on dht.
Thursday, October 19th 2006 at 2:45 pm
Hi
Instead of complaining on torrent users smogging the tor network, try to solve the problem of allowing/supporting torrents instead — especially since that’s seem to be such a common and obviously desireable service.
In that case I’d guess a lot of people would use it and that could then make everyone happy.
Anyway, I think the article is excellenty written and with a wonderful tone. Thank you
Monday, November 27th 2006 at 11:11 am
Fred, instead of using P2P services, why don’t you learn about USENET?
Saturday, December 30th 2006 at 8:39 pm
Hmm, in my opinion the blocking of bittorrent+tor users sounds contradictory. You want to censor certain traffic of a network, that has the great feature of bypassing censorship? I agree with Fred, that it would be a lot more beneficial to get it working with every sort of traffic. And maybe it is at this time a bit utopic(especially for the not yet implemented udp-traffic), but I would let the user decide, what to use tor for. Informing of the riscs is the right step, but not the blocking. Therefore I don’t now, if I should delete the reject policies or not…
I’ve asked myself, if every tor user would offer parts of his or her bandwith or would donate a certain amount of money to extend the network, would it than be possible to use it with bandwith-dragging applications? Or is it a problem of the ‘architecture’?
Greetz Texter
PS: Nice article, make more publicity for tor and keep on the discussions about anonymity!
Sunday, February 25th 2007 at 6:05 pm
nice site keep it on
Wednesday, April 11th 2007 at 3:20 pm
What if there was anouther network created just for bittorrent comunity which runs parallel to the existing one. Where as the the producers of said BT programs can all agree to use the new network in the future development of there programs. I like to use BT and think that would be an ultimate edition to the online community.
Thursday, May 10th 2007 at 8:30 am
Hi Chris…Thanks for the article on Bittorrent abuse over TOR. I have implemented the exit policy amendments you suggested and hope others take note. Good Luck.
abbynet TOR Exit node GB
Wednesday, September 19th 2007 at 3:12 am
That was an excellent article. Well written, with many valid points. A little judgemental and self-righteous though. Just because the “information” that other people choose to “freely spread” differs from what you believe to be worthy of distribution through TOR, doesn’t constitute abuse on their part. That being said, I too have implemented the exit policy changes you suggested. Just remember that legitimacy is an opinion and not a fact.
Saturday, October 6th 2007 at 5:45 pm
The anonymizing network Tor divided to countries
englische Übersetzung
This text was translated from german into english. Native Speakers, please help me by reporting grammar mistakes.
The anonymizing network Tor divided to countries
The anonymizing network tor continues to grow. It grew from…
Thursday, October 25th 2007 at 10:19 am
[…] And this is where things like OiNK come in. OiNK was an “extralegal” method of protecting our perceived rights. But it wasn’t secure enough. Now, to protect those perceived rights, people could then resort to better, more technologically savvy methods. Tighter, “more private” trackers. Tighter file-sharing communities. WASTE networks. Maybe even (gasp) BitTorrent over Tor. […]
Thursday, November 1st 2007 at 12:54 am
As much as i empathize with your cause, the ideals are not going to work, but i can tell you something that will. This is going to be used for torrentz and the best you can do is try to ask people to not do it. But u’ll never succeed in the long run. Even if u try to find work arounds, there are too many people wanting free software and movies who will find other work arounds to yours. te bet you can do is delay the inevitable, and how much you delay will likely be insignificant. why not spend your time instead trying to convince TOR makers to MAKE people give up as much bandwidth as they use!? You should punish leechers, not punish people for the information they want. Besides, trying to limit specific information is going to be impossible unless you don’t want the privacy that TOR is promoting. ideals are great, but we must not cloud ourselves with what WILL happen, and then inevitable attack the realism of the situation.
Sunday, December 23rd 2007 at 2:45 pm
IdiotIdealist:
As much as I identify with your logic, it is flawed and can never work. The tit-for-tat bandwidth quota-throttling model cannot be applied to the entire internet, no matter how many people want free software and movies. Should we force everyone to upload bogus content equal to each google search they perform? Or perhaps everyone’s reply emails should be exactly equal in length to those written to them (including spam they downloaded through an anonymized IMAP connection)?
Or perhaps you would advocate that we treat every curious Chinese child as a member of the western education system, and require that they submit a position paper back to Tor which is exactly equal in byte-length to each ‘Wikipedia’ or ‘Democracy Now!’ article they read.
For that matter, shall we rewrite the protocol RFCs just for Tor, such that all packet headers are bidirectionally the exact length? Gotta keep that traffic equal! Can’t have people leeching news and weblog postings…
So, you advocate lobbying the ‘TOR makers’ to ‘MAKE people’ do things? Err?? That makes no sense. What they *could* do, is make Tor slower and less effective by adding a bunch of code to give Tor nodes the same packet-shaping abilities that ISPs use to hose BT for their customers, thus eliminating ‘work-arounds’ and wasting cycles on the nodes to block abusers.
We must not cloud ourselves by whining about how unfair it is that the solution is not the correct solution technically. Ideals are only part of the issue.
Wednesday, December 26th 2007 at 3:55 pm
[…] It is possible to configure BitTorrent traffic over the Tor network. It’s not a recommended alternative to anonymous BitTorrent, however, it does work. This causes a strain on the entire Tor network and all users that share it. Here’s an article that explains why it shouldn’t be practiced. […]
Wednesday, January 16th 2008 at 4:01 pm
[…] Mentioned previously, it is possible to configure BitTorrent traffic over the Tor network. It’s not a recommended alternative to anonymous BitTorrent, however, it does work. This causes a strain on the entire Tor network and all users that share it. Here’s an article that explains why it shouldn’t be practiced. […]
Friday, January 18th 2008 at 11:50 pm
The Tor Torrent situation is simply a tragedy of the commons.
I have a few comments that not everyone might not like, but are true.
First, we can whine and cry about the recent exploitation of TOR in the use of P2P, but that will not curb any P2P efforts. The simple fact of the matter is TOR can be used to anonymize the sharing of - lets say - “sensitive” files which thus decreases the risk and ramifications associated with downloading these files. And it is fair to say any rational individual who could obtain movies, music for free without any risk or threat is going to do so. This is why I - i am sure i’m not the first - predict an enormous entry of P2P bandwidth into TOR, once more people figure out this can be done.
Whether the use of P2P with TOR is right or wrong is irrelevant, one can be idealistic about the optimal use of TOR but that indubitably subjective. I think it is best to take a pragmatic view on TOR and P2P.
Instead of trying to control or restrain individuals behavior - which cannot be done. The increased TOR bandwidth associated with P2P, in time, will only create a more efficient TOR system with respect to speed and anonymity. I believe in the long-run, P2P efforts will prove a great addition to TOR.
Saturday, February 16th 2008 at 2:48 am
J:
Your assumption is only true if those P2P-users are running tor _exit_-nodes and not just internal tor nodes (or even worse only entry-nodes/clients). At lot of internal tor bandwidth doesn’t help much, if the bandwidth of the exit-nodes is a bottleneck (as it is already).
A combined bandwidth of all internal tor nodes beyond approx. 3 times the combined bandwidth of the exit-nodes doesn’t really help anyone. If the data can’t enter/exit the tor-network fast enough through the exit-nodes, a fast internal bandwidth is useless and meaningless.
It’s alot like on a LAN. If your connection to the Internet is only 1Mbit/s, it doesn’t really help you that you have a gigabit-LAN, does it?
Most of the P2P-users who download copyrighted material would rather use their bandwidth themselves to:
1) Leech the files as fast as possible.
2) Upload just enough to keep their ratio. (If they’re using trackers where ratio matters, that is. Otherwise they don’t care about ratio and just stops the BT-client ASAP.)
I don’t think it’s very likely that they would use a lot of their bandwidth as a tor (exit)-node.
Personally, I don’t care if people download copyrighted material through my exit-node, if they think that the files will somehow bring them (or others) freedom or democracy.
Actually, it could be an excuse if someone claims that I have downloaded something copyrigthed. “I run a tor exit-node. It must have been someone else.”
What I do care about is this: Let’s say I have configured my tor node to use at most 1Mbit/s total. That’s 512Kbit/s upstream and 512Kbit/s downstream. If someone uses my tor node to download a 1GB movie, he’s using my tor node _alone_ for roughly four and a half hours. During that time _no one else_ can use my tor node.
On the other hand, 4.5 hours is 270 minutes. During 1 minute, you can download 3.75MB on a 512Kbit/s connection.
What do you think I would prefer?
A) ONE user who uses all the bandwidth allocated to the tor node all by himself for four and a half hours for his own selfish needs.
B) 270 users who each uses one minute to download a 3.75MB website with information, that somehow will help those users to get a benefit of democracy, freedom or “some other silly, useless stuff like that”.
I think most admins of tor nodes would prefer option B.
Not because the download in option A is copyrighted, but simply because it made the tor-node useless for alot of other users. Actually not just _that_ tor-node. Remember that tor-connections goes through three nodes, all of which would be affected by the download.
Next time you download something big (copyrighted or not) through tor, please remember this: Your download just contributed to the hindering of freedom for alot of other legitimate users. Who the **** are you? China?!
J, you wrote that “the optimal use of TOR is indubitably subjective”.
If I say that “your freedom is NOT more important that the freedom of others, so don’t abuse the system” is the optimal use of TOR, do you really still think that’s indubitably subjective?
Of course the statement holds for every tor user. It isn’t designed to discriminate against the users who wants the latest movie without paying, but at the moment the total bandwidth of the tor-network simply isn’t big enough to accommodate that wish, so please don’t do it.
If the total combined bandwidth of the exit-nodes is B bits/s and there are U users currently using tor, each user should try to use a bandwidth of at most B/U bits/s. Otherwise other users will be affected.
Since tor-connections goes through three tor nodes, the total combined internal bandwidth of tor should be atleast 3*B bits/s for this to work.
Wednesday, April 2nd 2008 at 12:05 am
Fuck p2p and fuck trying to use p2p with tor! There’s no need to do this! Just torrify wget and find good sites with software you want to download and do that! I avoid p2p at all costs!
When you use wget+tor+http:
1) you are not exchanging your IP with other people via p2p
2) you are remaining within tor during the download
3) you are not sharing this file (uploading) with anyone else other than the exit node’s cache of it should it not be an https link
Problem solved!
Who cares if the transfer is slow, it’s encrypted and you’re not swapping your real IP with a bunch of strangers who also have or want the same files as you.
Thursday, May 22nd 2008 at 3:41 am
Gareth Stack: You had me with “exception”!
Tuesday, May 27th 2008 at 8:14 am
I liked the post and read SOME of the comments. Basically, I hate the idea of some kid using all my tor bandwidth (I run a relay) for P2P. I dont think that banning exit nodes will help, at least not fairly, from BitTorrent side, since that means that people like me, who run a relay (which could be an “exit-node” to someone) will be banned from using BT. In the same way, I don’t block certain ports since from MANY points of view its inneffective.
Instead, what I try to do is to tell friends (and everyone who will listen) WHY we shouldn’t use P2P prgrams over Tor. One thing that *might* help would be to add some short explanation with the “bigger” P2P clients as to WHY we don’t want it done. I think that most ppl are like myself, not really wanting to hurt/piss people, and that many use P2P+Tor due to IGNORANCE, not malice. The other is to give an alternative. I’m not really sure if USENET is such a functional/easy one, but I agree that we SHOULD promote file sharing as much as we promote Tor. Perhaps some sort of model where downloading files direct from media content producers/companies at a REASONABLE price. I think that open source models have shown that it can be done. And yes, it is basically the same thing, ideas/information; some produce sound/images other produce software. I develop software, 80% open source, and I think I make a decent living. I think that artist can follow this model as well, having a symbolic income from files, but living from the SERVICES they provide. Middle-man is killing us all….
Anyhow, great post!
Wednesday, June 11th 2008 at 11:03 am
I’ve been reading about TCP/IP, ports, services, and etc for a couple of weeks now, obviously I am no expert when it comes to this but wouldn’t users of Tor be able to just block incoming requests for torrent client ports on their firewall. Maybe I am wrong but wouldnt the denial of those ports result in the traffic not even going through Tor?
Please reply back if I am wrong.
Thanks
Tuesday, June 24th 2008 at 12:49 pm
Maybe I am overlooking something here, but if a person using torrents restricted their P2P client to a low bandwidth (I typically restrict my bandwidth to 50kb/s download and 50 kb/s upload), and set up their computer to run an exit node providing a greater total bandwidth for Tor (at least 100kb/s), wouldn’t they in theory be producing a neutral effect on the network? And if they set up their exit node to provide even more than that minimal bandwidth, wouldn’t they be contributing to increasing its efficiency?
Saturday, July 5th 2008 at 5:53 pm
If you run a tor node and people share through it, could you successfully blame your own sharing on people who use your node?
Wednesday, July 23rd 2008 at 11:11 am
[…] Mentioned previously, it is possible to configure BitTorrent traffic over the Tor network. It’s not a recommended alternative to anonymous BitTorrent, however, it does work. This causes a strain on the entire Tor network and all users that share it. Here’s an article that explains why it shouldn’t be practiced. […]
Monday, August 11th 2008 at 9:12 am
Provide a way to run Bittorrent through the blockers of countries that prevent legitimate usage. Also, the ISP’s in the USA that flag your use of bittorrent even if it is to download Linux. TOR is the answer.
Thursday, January 8th 2009 at 5:58 am
[…]It is, in theory, possible to slow down the abuse of Tor by configuring your BitTorrent client to block traffic that’s going to or from Tor exit nodes.[…]
—
I’d like you to consider dumping Tor Exitnode list https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=0.0.0.1
And transforming it into peerguardian etc readible form.
That way you can use it with your bittorrent client.
Tuesday, March 3rd 2009 at 7:27 pm
I disagree with your blog. Just because some people use torrent clients with TOR to download huge files it doesn’t mean you should block all torrent traffic. Why not encourage people to use TOR - AND run an exit node.
That way everyone’s a winner.
TOR get another exit, the torrent lover doesn’t get a nasty fine, and they might tell their friends to do the same.
Data is data - just because it’s a bit bigger it doesn’t make it wrong.
If you take bandwidth, give more back and help TOR grow.
Simple.
Wednesday, April 22nd 2009 at 10:46 am
The problems with tor are:
(1) It is really slow
(2) Just running tor makes you a target
(3) there are not enough relays & exit nodes to make it truly anonymous.
So since I don’t seriously need strong anonymity I don’t run it. However I do support the aims of the project. It seems to me that more people want to pirate movies than are dissidents then since pirate downloads also want privacy then surely the pirates can be used to build a fast and truly anonymous network. Someone needs to build a bit torrent client which automatically acts as an exit node and where bit torrent trackers can be run as tor hidden services preventing people running trackers from being arrested.
The motivation to get free movies and music builds the network and people who really need privacy such as political dissidents get a faster and bigger load of traffic to hide in.
Thursday, April 30th 2009 at 7:43 am
My country is currently trying to pass a law that will basically allow some kind of higher authority to check everything you get from the internet.
Anyway, whil I’m not too worried yet, I keep myself aware of what my solutions maybe. This article enlightened me on some things however you link to another article that seems to have disappeared:
“Besides, if you want to download files from a torrent, there are much more efficient and much faster ways of doing it. See this article for example. Using Tor for your BitTorrent download will undoubtedly take much longer than any other method around.”
I would very much like to read this as well, can you put the article back online ?
Thanks
Saturday, May 9th 2009 at 7:33 am
I agree, the future french law will allow a private organization (HADOPI) to cut Internet access to people downloading protected files. No judge, no proof of illegal sharing/downloading, only an IP found on a tracker.
If I use Tor only to change my IP on the tracker, what’s wrong? Do I overload the Tor network?
On my Linux OS, when I run Tork (KDE guy for Tor), and I start KTorrent (KDE Bitorrent client), my Tor IP appears on the tracker. It’s the way it’s works.
As long as HADOPI does’nt look for more than an IP on a tracker, I think I’m protected.
Sunday, May 10th 2009 at 3:08 am
Anyone runnin bittorrent over tor should be taken out back and shot. There are hundreds of faster and more anonymous ways to get torrents than through tor. Die anyone downloading torrents over tor, die!!