Why wouldn't it be? You're not actually hosting a tracker in this case, only looking at incoming connections. And even if you do run a tracker, hard to make the case that the tracker itself is illega. Hosting something like opentrackr is like hosting a search engine, how they respond to legal takedown requests is where the crux is at, and whatever infra sits around the tracker, so police and courts can see/assume the intent. But trackers are pretty stupid coordination server software, would be crazy if they became illegal.
jekwoooooe 7 days ago [-]
Is this legal isn’t a useful question. The better question is how likely are you to get sued? With civil lawsuits it doesn’t matter if it’s legal you can be sued and harassed by lawyers if you get on their radar.
chaboud 6 days ago [-]
This is definitely the right pragmatic take. A lawyer friend of mine once laid it out for me: "in litigation, if you go to court, even if you win, you lose". The reality is that court sucks, and getting sued sucks for all but the ultra-wealthy (who can absorb the cost). For those of us with less than $100MM, court is a universe to be avoided.
busterarm 6 days ago [-]
Don't underestimate this.
My family members sued each other over a small inheritance. 5 kids fighting over a couple million dollars. Case has dragged out across almost 4 decades. Lawyer fees dwarfed the size of what was being fought over several times over. Some family spent time in jail for contempt of court... Family members then put up all their personal assets to keep fighting. Then they lost and were faced with a judgment that left them destitute well into their retirement years with no way to earn new money. Some family members are still appealing and fighting adjacent court battles (property seizure, etc). This process has consumed the last decades of their lives and everything they worked their whole lives for.
Not only would I say never end up in court, I'll extend you one further. Never get the government involved in your personal relationships.
andai 4 days ago [-]
Well, that seems a bit silly!
>Never get the government involved in your personal relationships.
Amen! You can't tax friendship.
FirmwareBurner 6 days ago [-]
>A lawyer friend of mine once laid it out for me: "in litigation, if you go to court, even if you win, you lose"
In my country we have a phrase for this exact scenario: "the punishment is the process".
When the government or a powerful person wants to fuck with you, all they have to do is drag you endlessly through the court system, even knowing they'll loose. Because the experience will be 100x more painful for you to win than it is for them to loose.
It's what the UK government did to the postal workers in the Fujitsu scandal.
koakuma-chan 6 days ago [-]
Is there a limit how many concurrent lawsuits can be thrown at one person?
Which is why, ideally your access to the court system should NOT be dependent on your wealth.
gruez 6 days ago [-]
Access to it isn't. You can theoretically sue in federal court with a few hundred dollars in filing fees. It's not cheap, but not exorbitantly expensive either. It's representation that's expensive.
legohead 7 days ago [-]
No need to sue. Send a cease and desist and your average hacker like OP will take it down in a hurry...
daneel_w 7 days ago [-]
In this case not even a cease-and-desist was needed. Just seeing 1.7M peers crying out in the void for company was enough. Living in a country overly friendly with Hollywood and its money, I do understand him.
account42 6 days ago [-]
Yes, prime example of a chilling effect where the fear of a lawsuit stops people from engaging in perfectly legal activities. It's unfortunate that copyright law does not concern itself with collateral damage like this.
Suzuran 6 days ago [-]
This is not collateral damage, this is the intended effect - decreasing their competition, legal or otherwise.
account42 6 days ago [-]
I think the point is that you can't count on that and need to assume that you are going to attract actual lawsuits. DMCA provides easier take down options for copyright owners but AFAIK does not compel them to make use of those options before going to court.
GTP 6 days ago [-]
I think companies will try with a strongly worded letter first, as this would save them money over straight going to court. But I get that the risk may not be worth it for many people, I myself would be very scared if I received a letter threatening a lawsuit for a ridiculous amount of money, even knowing that they are exaggerating the scale of damages just to scare me.
driverdan 6 days ago [-]
Unfortunately what they will do is file a DMCA with the hosting provider. Most will immediately shut you down, none of them defend their customers.
autoexec 6 days ago [-]
Considering the obscene fines courts have granted the media industry who claim losses with zero basis in reality it's only to be expected. Would you be willing/able to defend your customers when faced with billions in fines and a court system that has been aggressively favoring your opponent?
bilekas 7 days ago [-]
I’m not sure if that’s true actually, you might get a takedown notice, but to sue, and maybe I’m wrong but you have to claim damages, all op has to do is not announce out?
IE he can see the peer pool but they don’t announce the peer list.
dymk 7 days ago [-]
The RIAA doesn't have to sue to make OP's life miserable. They have enough lawyers on the payroll to drown him in perfectly legal demand letters. Go one step further and assume the demand letters are harassment - what's OP going to do, sue the RIAA?
Retric 7 days ago [-]
Nahh, for a bunch of annoying letters take them to small claims court. Cheap for you, expensive for them, and you win if they don’t show up.
account42 6 days ago [-]
This is a cool feel good theory but can you show an example of this working?
Retric 6 days ago [-]
It’s not the kind of thing that generally makes the news. One example that was is a guy who was making good money doing this to spam callers. His case was bolstered by asking to be put on their no call list and then them ignoring that, but the point is the vast majority of people don’t do it even if in theory they could.
However the important bit isn’t winning in a harassment case but having documentation to get them to stop in the future.
dymk 7 days ago [-]
haha, no, this is not their first rodeo
Retric 6 days ago [-]
Sure, but that’s why they avoid this kind of harassment in the first place.
You made a hypothetical assuming they would do something they wouldn’t because it puts them at risk.
7 days ago [-]
account42 6 days ago [-]
Exactly, you might just get a takedown notice. Or you might not if someone decides they want to burn you in court. This is how chilling effects from copyright laws can suppress perfectly legal speech.
jekwoooooe 7 days ago [-]
Suing isn’t just going to court it means subpoenas, depositions, motions, letters, etc. all this stuff costs a ton of money without you even stepping foot in a court. The system is so broken
ranger_danger 7 days ago [-]
> Is this legal isn’t a useful question
Why do you say that?
I think even seemingly "useless" questions can lead to valuable discussions and insights... and it might also be possible that your perspective is not the only valid one.
What's useful (or not) to one person is not always the same for others.
diffeomorphism 7 days ago [-]
You may want to adjust your LLM settings. Your post seemingly dropped everything but the first sentence from the context window and then wrote vapid fluff that makes no sense in context.
ranger_danger 6 days ago [-]
I do not use any LLM, thanks
gpm 7 days ago [-]
Because knowingly helping people commit crimes generally counts the same as committing the crime yourself. I.e. federally in the U.S. under 18 USC 2a https://www.law.cornell.edu/uscode/text/18/2 The software you're running being "simple" isn't a defence for doing illegal things with it - like aiding others commit crimes.
There are a few internet/copyright safe harbor provisions (in the US) that might maybe (probably not) make it not a crime, I don't know, I'm not a lawyer. But your general thought when you hear "helping someone else commit a crime" ought to be "that's probably a crime itself".
rockskon 7 days ago [-]
Wouldn't particular knowledge be required? I'm sure Google devs know in the abstract that Google search is used by criminals to help them in committing crimes, but that clearly is not illegal in and of itself.
gpm 7 days ago [-]
There's definitely a mens rea requirement here, that you know that a crime is being committed and that you intend to facilitate it. I doubt it requires particularized knowledge that "this specific request" is for a crime... I'm still not a lawyer.
Running a service primarily for legal purposes that some criminals can take advantage of is pretty different with regards to intent than reviving an old domain name that you know is primarily used by old illegal torrents as a tracker.
> Finally, the possible liability for an “incidental facilitator” – such as a firearms dealer who knows that some customers will use their purchases for crime – is noted but not resolved. Thus, thankfully, there is still some fertile ground for hypotheticals with which we practicing law professors can bedevil our students.
drob518 7 days ago [-]
IANAL, but I would think you’d also have to have specific mens rea. That is, it’s not illegal to use a torrent or facilitate a torrent, because it’s just a protocol that can be used for good or bad. If you were hosting movies and songs, whatever the protocol, that’s when you’re specifically engaging in piracy. It’s sort of like driving a car isn’t illegal, but being the getaway driver for a bank robbery is, even if you never enter the bank. The car isn’t the problem, it’s what you are using it for. It’s also not illegal to sell a car to a bank robber, even if that’s a possibility, unless you reasonably believe that the particular person you were selling it to is a bank robber and will be using it to commit a crime. The mere fact that somebody could use your tracker for piracy doesn’t loop you into the conspiracy unless you specifically know that they are committing piracy. This is why the telecom companies all have carve outs for this sort of thing. Carrying packets or voice traffic of someone planning a crime doesn’t loop the telecom company into the conspiracy.
gpm 7 days ago [-]
I'm not saying it's illegal to "run a torrent tracker". When Blizzard use to (pre 2015) update Starcraft via torrent I assume they ran their own tracker for that, and that was totally legal. Even if there was some way for a pirate to take advantage of the Blizzard tracker.
Here it's not the "mere fact that somebody could use your tracker for piracy". It's that you're literally observing that a bunch of old mostly-piracy torrents are pointing at this domain, and then deciding to turn this domain back into a service which assists in that piracy.
KomoD 7 days ago [-]
> It's that you're literally observing that a bunch of old mostly-piracy torrents are pointing at this domain, and then deciding to turn this domain back into a service which assists in that piracy.
He doesn't know if they're mostly piracy or not, all he sees is a hash and the peers.
gpm 7 days ago [-]
He did not choose the domain name by chance. He chose it because he observed it was previously in use as a tracker for copyright infringing torrents.
The police/courts/jury is not obliged to put blinders on just because you would prefer if they did.
The mere fact that the domain name was previously used for this is almost certainly probable cause to get search warrants that will almost certainly provide the requisite proof beyond a reasonable doubt that he has in fact intentionally both committed himself, and aided others in committing (because he knew what the domain name was, or at least recognized it as similar to demonoid and could guess), copyright infringement. And that's without the blog post... (which I assume in the hypothetical where he chose to keep running this he would not have posted).
necovek 7 days ago [-]
They explicitly used it to download "Linux isos", which are highly likely not copyright infringing (they are usually free to distribute).
Edit: I missed the "uh," in the OP: I stand corrected.
notpushkin 6 days ago [-]
They explicitly used it to “download ‘Linux isos’”, indeed!
But yeah, I don’t think Canonical would use open.demonii.si as a tracker for their torrents.
immibis 6 days ago [-]
They wrote "download Linux ISO"s" yet they're using an old piracy tracker domain, which Linux ISOs don't use. The court is not stupid.
ranger_danger 6 days ago [-]
For the purposes of a criminal case, yes, they are intentionally stupid... it's up to the prosecution to prove "beyond a reasonable doubt" that something they did was illegal and that they knew it and chose to do it anyway. What a judge/jury thinks about this person, or "linux ISOs", is irrelevant... their job is only to interpret the information given to them.
immibis 5 days ago [-]
There is no reasonable doubt that the domain used is for piracy and the defendant knew as much.
"Beyond a reasonable doubt" doesn't mean you can just say "no that's not true" about anything and have it not count. It's beyond a reasonable doubt, not beyond any doubt. It's not reasonable that this tracker address was gotten from a Linux ISO. Perhaps the defendant could claim they got it from a list of trackers, but they already admitted they didn't, so that's not reasonable either.
ranger_danger 5 days ago [-]
> There is no reasonable doubt that the domain used is for piracy and the defendant knew as much.
Even if that were proven as true, so what? There's nothing illegal about using the domain itself.
> It's not reasonable that this tracker address was gotten from a Linux ISO
Sorry but you don't get to be the judge of that, the judge does.
drob518 7 days ago [-]
Exactly.
rvnx 7 days ago [-]
Well Google has knowledge about it, but once you reach a certain scale you become safe (e.g. OpenAI with copyright infringment)
justinclift 6 days ago [-]
And Facebook/Meta, for the same.
awesome_dude 7 days ago [-]
IANAL, but I would think that Google's customers are overwhelmingly using the service for "legitimate" activities, and Google makes attempts to limit use of their tools in the commission of a crime.
It's kind of like Kim Dotcom's defence of his systems where he was saying that he was making attempts to remove content from his systems in compliance with DCMA requests. That is, the claim is his systems were legal because even though people were using them for illegitimate purposes, he was actively working to prevent that from happening.
immibis 6 days ago [-]
It's based on how much money you have. Google can hire expensive lawyers, so it's fine.
diggan 7 days ago [-]
> knowingly helping people commit crimes generally
Right, that makes sense. Is running a tracker "knowingly helping people commit crimes"? I feel like that's a huge jump, there is a wide range of content coordinated by trackers and the DHT.
gpm 7 days ago [-]
It's not like he just started a random new torrent tracker... he took over an old domain that was previously in use by people pirating stuff after observing that torrents were still pointing to the tracker and ran a tracker on that domain. That's a pretty direct line to "he knew this would be used for copyright infringement".
Dylan16807 7 days ago [-]
What kind of threshold do courts tend to put on that, for the percentage of illegal activity? Because pretty much any service that connects lots of people together is guaranteed to have some.
ranger_danger 6 days ago [-]
I've read most of these comments and I think it's clear most people have no idea how criminal court cases work.
For one, a judge/jury does not infer things they are "supposed to know", such as whether torrents are mostly used for piracy or not... they only operate based on the evidence presented.
There is a very large burden of proof in criminal cases, requiring that their intent to facilitate a crime be proven "beyond a reasonable doubt".
Trying to say "everyone knows linux ISOs is code for piracy" or claim that "a judge would see right through that" is simply not how things work... decisions cannot be made based on any type of prior knowledge like that.
The entire point of a criminal court case (as a prosecutor) is to convince a judge/jury that the defendant is guilty using evidence and testimony, which means they must prove that there was clear intent to commit/facilitate a crime, i.e. they knew it was illegal and did it anyway.
Simply running a torrent tracker in and of itself doesn't prove any of that.
os2warpman 7 days ago [-]
[flagged]
7 days ago [-]
hoseja 7 days ago [-]
Why did people just accept this is a crime at all? You don't appear to be a zoomer.
7 days ago [-]
FabHK 7 days ago [-]
> Because knowingly helping people commit crimes generally counts the same as committing the crime yourself.
Oh boy, are the crypto bros in trouble.
senko 7 days ago [-]
But the OP states he was using the tracker for lawful purposes:
> So I was, uh, downloading some linux isos, like usual.
Nothing to see here, move along.
Seriously though, the OP makes the same argument and concludes that:
> I was spooked. [...] I shut down the VPS and deleted the domain quickly after confirming it works.
IANAL but this clearly shows the OP didn't intend to facilitate crime and shut it down after seeing that was what may have been happening.
gpm 7 days ago [-]
I, and I think OP, were both addressing the hypothetical in which he continued to run the service, not the reality where he quickly shut it down.
> But the OP states he was using the tracker for lawful purposes:
That quote is a confession that he was committing copyright infringement. Courts and juries and not obliged to ignore the ", uh," part.
Probably (in the very unlikely event where he is charged) the best defence would be "this was a joke" not "I didn't literally confess to committing copyright infringement". Even then I'm pretty sure this quote would weigh against him substantially in just about any jury's mind.
senko 7 days ago [-]
> That quote is a confession that he was committing copyright infringement.
I know, "linux ISOs" has always been a joke "rationale" :)
I do think we're in agreement.
numpad0 7 days ago [-]
Because music & movie industries hate P2P in general? That basically killed P2P dead in 2000s as it was becoming the next generation of decentralized Web.
Maybe it's about time to revisit it? It's just the matter of how to enforce DRM. They shouldn't care in this day and age with plenty ways to get licensing sorted out.
geon 6 days ago [-]
Dead? It is as alive as ever.
leijurv 7 days ago [-]
OP did actually host a tracker.
"I then started the tracker. After about an hour, it peaked at about 1.7 million distinct torrents across 3.1 million peers!"
KomoD 7 days ago [-]
(IANAL) It can be both legal and illegal
If you don't respond to takedowns, that's probably leaning towards being illegal*
If you respond to takedowns and blacklist the hashes, you're most likely fine*
*obviously depends on the jurisdiction and on whether matching hashes to IP:PORT is considered distribution/facilitation/whatever (take TPB's case as an example)
I know someone who ran a pretty large tracker for years, when he received a takedown he just blacklisted the hashes and he's been fine so far.
jedberg 7 days ago [-]
Do you think the police understand this nuance? Especially since most of the traffic that will go through there is probably copyright infringement?
They'll just see tracker and assume it's illegal.
SXX 7 days ago [-]
> Especially since most of the traffic that will go through there is probably copyright infringement?
Copyright infinging materials dont go "though" trackers. Trackers only keep torrent hashes and lists of peers.
jedberg 7 days ago [-]
I'm well aware of how trackers and torrents work. But again, do you think law enforcement understands the nuance of that?
Also the government and private companies have argued in the past that the hashes and lists of peers is inducement and enablement for copyright infringement.
jeroenhd 7 days ago [-]
So do torrent websites like the pirate bay. That doesn't protect pirates from getting sued to hell and back or even receiving prison sentences from the court.
geon 6 days ago [-]
Torrent sites also keep metadata. Often detailed, telling exactly what media is getting its copyright infringed.
dahrkael 7 days ago [-]
I would argue the pirate bay was an index apart from a tracker, and indexes is what gets you in trouble mostly
Qwertious 7 days ago [-]
Tell them it's for training a corporate AI model, then.
bmacho 6 days ago [-]
It's okay to watch pirated movies if you sell fanart based on them later
hungryhobbit 7 days ago [-]
Do you think the police are actually policing the internet?
Even if you didn't mean your local police, and meant a national body like the FBI, the truth is they focus on other crimes (eg. child abuse), and even then they are woefully unable to handle even most of those crimes.
The vast, vast majority of copyright enforcement comes from copyright holders ... not the internet copyright police.
jedberg 7 days ago [-]
Of course not. But first a copyright holder tells the police, and then the police enforce it.
The police rarely find crimes on their own -- they are almost always acting on a request from someone else.
swat535 6 days ago [-]
Nitpick but police follow the courts, not the copyright holders.
vintermann 6 days ago [-]
Traffic doesn't "go through there", that's the whole point of P2P. All a tracker does is let people find each other.
jedberg 6 days ago [-]
Traffic still goes through it. A seeder attaches and says "I am here and have these hashes". The a leecher connects and says "who has these hashes".
So yes, data "goes through it". Do you think law enforcement understands the nuance of metadata vs actual data?
anilakar 7 days ago [-]
Yeah. There are trackers (hosts used for coordination between bittorrent peers) and there are "trackers" (sites used for hosting .torrent files and magnet: URIs). Takedowns have been targeted exclusively at the latter.
eli 6 days ago [-]
The Anti-Circumvention Clause in the DMCA says "No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology [...] is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title [or] has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title"
myrmidon 6 days ago [-]
It seems difficult to argue that this would apply, because what would the "technological measure to control access" be that a bittorrent client (or tracker) is circumventing?
I also don't know of any precedent where bittorrent software/client itself was ruled illegal (but am not a lawyer).
lacoolj 6 days ago [-]
The technological measure to control access is probably a crawler looking for standard download links for lawyers to send out C/D letters.
Good question though, would love to know what specific tech is in use (or if it's just "finding it on search engines organically")
Now I'm wondering: with the wide range of bittorrent clients out there, and the fact that many are written in unsafe languages, could it be possible for some of them to be exploited through a malicious tracker? It would not surprise me if some of these clients misbehave if fed malformed data from a tracker.
treyd 7 days ago [-]
Most torrent clients that people use (though not all) are actually wrappers around libtorrent, which is very well tested and has even been audited.
dafugg 7 days ago [-]
Libtorrent even has fuzzers specifically for communications with trackers and DHT peers. Obviously this isn’t perfect but it gives me much more confidence than other implementations do.
delusional 7 days ago [-]
It's worth noting that there are at least 3 variants calling themselves "libtorrent" and to my knowledge they don't have a lot in common implementation wise.
I've written hobby-quality clients and I think the answer is yes. First, you're dealing with input from a server you don't control, and second, you're doing quite a bit of interaction with the filesystem. It's hard enough to write a functional client in a memory safe language, getting it correct in C or C++ is bound to be pretty tough.
ethan_smith 7 days ago [-]
Transmission had a remote code execution vulnerability (CVE-2018-5702) through DNS rebinding that allowed attackers to execute arbitrary commands - tracker exploitation is definitely a real attack vector.
udev4096 7 days ago [-]
Using a container sandbox such as gvisor would definitely help. Or even using firejail for normal systemd processes
cookiengineer 7 days ago [-]
Data is encoded via bencode so it's a byte wise format. Known malicious trackers usually inject stuff in the sense that e.g. there is a payload to all known PDF files appended with a payload that targets the clients' OS.
The announcement related APIs are fairly easy to implement, but I wouldn't bet on it being implemented in a fuzzed testing environment. Transmission, for example, had multiple vulnerabilities over the years. Not sure about the other client implementations.
Sophira 7 days ago [-]
Don't torrents have a checksum hash, though? Or is it one of the broken hashing algorithms like MD5?
cookiengineer 7 days ago [-]
That's correct. Most clients revalidate stuff after the download has been completed. Depending on how well they can redownload chunks (e.g. web seeds sometimes don't allow that if the web server does not support 206 Partial Content headers) you might have to redownload the file completely afterwards.
I had different experiences with different clients, so I guess it's work in progress on what a client does when the cache was poisoned.
Hashing algos are mostly SHA based ones that are used. No idea if someone managed to inject stuff and found collisions for SHA1 yet though. I know that there has been PoCs in the past for hash collisions of PDF files.
Possible but unlikely. The protocol is relatively simple, and what clients are out there have already been subjected to tons of untrusted input.
fshafique 7 days ago [-]
That's what I was hoping the author would explore.
AzzyHN 7 days ago [-]
Think about how many other programs are written in not-rust. You're worrying over nothing (or, alternatively, you should be worried about just about everything)
jauntywundrkind 7 days ago [-]
I actually ran a very-short-lived private use tracker briefly, for some exploration doing p2p watch partying. But it was a toy, never got serious enough to look deeper at how the tracker worked (was using the rust Aquatic tracker, which kindly added webtorrent support on request! https://github.com/greatest-ape/aquatic )
Does the tracker know what it's tracking? Is there any attempt to make the tracker unaware of what peer rendezvous it's doing?
My gut is that it seems some kind of hash/magnet that folks are asking to peers on. And that the magnet itself is sufficient, and doesn't have to include anything identifying (although I believe many magnet links included some human readable description). The tracker could likely try to download this hash from the peer itself, to get the torrent info, but wouldn't really know what the torrent is or what's in it without doing the download itself.
Does that check out? How much of the magnet link is key to rendezvous? Could a tracker ignore human friendly fields, block them at ingress, to shield it's eyes?
daneel_w 7 days ago [-]
The trackers only deal with torrents' info hash. No names, no descriptions, no list of contents, no nothing. opentracker, to use OP's chosen software as example, can run in both white- and blacklist mode (or whatever equivalent terminology it uses today). The former is self-explanatory, and the latter allows all hashes except the blacklisted ones. All open trackers, such as torrent.eu and opentrackr.org to name a couple, always operate in a blacklist fashion in order to openly accommodate any users to congregate for (almost) any content.
qingcharles 7 days ago [-]
The tracker knows what it is tracking. I used to run a TV show tracker. It would keep track of all the users upload/download ratios.
aeyes 7 days ago [-]
The blog post is about a public tracker. What you describe is a private tracker which embeds a client identifier into the announce URL of the torrent.
On a public tracker the only way to identify a user is the IP address and that's not reliable.
In other words, you can DDoS any ip for the cost of registering a domain and publishing a specific DNS record.
57473m3n7Fur7h3 7 days ago [-]
Is it really going to be all that bad?
The BitTorrent clients I’ve used all seemed pretty polite, backing off for like 60s at least for each tracker they can’t connect to.
If you buy one of the dead tracker domains and point it at an IP of someone else, but their services aren’t even listening on the port client wants to connect to (and don’t speak BitTorrent even if the port happened to coincide), I can’t imagine that even with a million BitTorrent clients wanting to connect it would really be all that much of a problem.
Careful. This guy doesn't like HN and you'll get a picture of a testicle if you click.
graealex 6 days ago [-]
I do like the commitment of registering a whole domain for no other purpose as to be able to spam a single picture, though.
57473m3n7Fur7h3 4 days ago [-]
Everyone else that visits the site from other places get the actual content and not the testicle. So it’s not just that one image. That only shows up when your referrer is HN.
jldugger 6 days ago [-]
Whoops, i thought i tested that and it didnt do that for me anymore. must have been a cached response
ChoGGi 6 days ago [-]
Better than goatse
mouse_ 6 days ago [-]
what a guy
immibis 6 days ago [-]
So that's one request per 60 seconds - times 3,000,000 or so clients. See the problem? That's 50,000 requests per second.
7 days ago [-]
daneel_w 7 days ago [-]
Common clients' announce interval is pretty long (usually 30 minutes). Then again, 3M peers makes for some volume...
ircop 6 days ago [-]
More harming I think is that you can redirect all the DMCA complaints that come from aggressive intellectual property holders at a residential IP address. ISPs will just cancel your account, despite how legal running a tracker may be.
udev4096 7 days ago [-]
You mean redirect all the traffic to any IP the author intends to theoretically DDoS? Never thought of it, definitely scary with 3M peers
jedberg 7 days ago [-]
This is like when cloudflare picked up the IP address 1.1.1.1. They saw a ton of traffic to it as soon as it went hot, because a bunch of people had scripts pointing at it.
waymon 7 days ago [-]
How did they get that address?
jedberg 7 days ago [-]
“ APNIC's research group held the IP addresses 1.1.1.1 and 1.0.0.1. While the addresses were valid, so many people had entered them into various random systems that they were continuously overwhelmed by a flood of garbage traffic. APNIC wanted to study this garbage traffic but any time they'd tried to announce the IPs, the flood would overwhelm any conventional network.”
On a separate note, why was cloudflare given the ownership of 1.1.1.1?
rs_rs_rs_rs_rs 7 days ago [-]
It is explained in that blogpost from Cloudflare
'We offered Cloudflare's network to receive and study the garbage traffic in exchange for being able to offer a DNS resolver on the memorable IPs'
ck45 7 days ago [-]
My first thought is, how many BitTorrent clients have vulnerable parsing code?
Could a malicious actor register the domain and infect clients?
EvanAnderson 7 days ago [-]
I'm thinking of the Jon Evans novel "Invisible Armies" and the "bug" / backdoor in the P2P software that it's author users to pwm machines.
CactusRocket 6 days ago [-]
I don't really think so. The tracker is just a tiny part of the whole Bittorrent setup, and it's only really used by clients to get a list of peers. It's basically just an HTTP call to the tracker, returning a response. The only thing that I can quickly think of is returning some malformed bencode which could cause a memory exhaustion a client written by a novice.
The peer protocol (and variants, like uTP) are much more interesting to attack, and you don't need to host a tracker for that, you can just get peer IPs from trackers or DHT, connect, and do your magic.
SSLy 7 days ago [-]
utorrent v2.1 is still widely used by too many people, and it certainly is exploitable.
mystraline 7 days ago [-]
That's easy. Register the domain in Russia, China, Iran, or similar country. Run the website in Alibaba.
Let them attempt to send legal toilet paper to Russia or China. I'm sure that will end well.
graealex 6 days ago [-]
Yes - the solution to run any illegal activity on the internet: just register the domain in "Russia, China, Iran, or similar country".
You should tell the TOR folks about your findings, they can finally shutdown the darknet and just move their stuff to China.
I think there have probably been more. There are definitely more that had civil suits with MPAA etc suing for damages.
It may be somewhat harder to make the case in the US, but a tracker where a great majority of what's listed is copyrighted, I'm pretty sure it can be shut down in the US.
NoMoreNicksLeft 7 days ago [-]
Was that the actual tracker and tracker only, or was there a web front end that hosted all the torrent files and forums and so forth? Because the latter will make you a big target.
God I miss rarbg. And KAT.
komali2 7 days ago [-]
A lot of the best torrents are now on private trackers in my experience. I'm not clear why, but observing the communities involved, members seem to take great pride in e.g. well formatted e-books, well organized audiobook files, creating different resolutions and compression rate variations of a movie or tv show, and I suppose want to keep those in the community?
jrochkind1 7 days ago [-]
I'm curious the nature of the US laws that would make the web front end illegal (or subject to civil penalties?) but not the tracker?
aidenn0 7 days ago [-]
A tracker is ostensibly a content-neutral middleman. Your ISP isn't illegal (and until recently was not thought to be subject to civil penalties; now there is at least one ongoing case) either.
A lot of these websites were "come here and pirate lots of shit," often had tools to make it easier to specifically search for infringing content, and would remove torrents that were not tagged correctly. In many cases some of the people running the sites were also seeding.
That makes it hard to argue "we're just passing packets"
anal_reactor 7 days ago [-]
> God I miss rarbg. And KAT.
I miss shit being worth torrenting. Maybe things have changed, maybe I grew up, but:
1. Most utility software you need is free, save for a few programs you can easily find on Russian torrents.
2. Most games and other media are slop.
Torrents didn't die because US law enforcement made them die. Torrents died because most companies realized that providing slop with ads and lootboxes for free is a much better business model than trying to get people to pay for something of quality.
Imagine trying to tell someone in year 2000 that Windows will natively display ads, EA will lose lawsuits related to FIFA being actual old-fashioned gambling, and music industry will push for AI-generated content. Yet somehow we accept this as completely normal in 2025. No wonder nobody ain't torrenting shit.
rjh29 7 days ago [-]
Torrents died because you can basically just download anything off file hosting sites now, or bootleg OneDrives/Google Drives.
There is still plenty of quality stuff in 2025, and a lot of slop, just how it was 40 years ago.
seb1204 7 days ago [-]
Well, I myself consider many of today's TV shows slop and not worth the need to watch them through a torrent source. Low quality content en mass for streaming services is a thing now.
But that's a personal view.
lossolo 7 days ago [-]
I remember the day they shut down ET. It was because they released some major blockbuster movie before its premiere.
ZYbCRq22HbJ2y7 7 days ago [-]
VPS is from https://cockbox.org/ (as referenced in the article), which says it is based in Moldova?
trinix912 7 days ago [-]
There used to be a large public tracker running on .si, used widely in Slovenia where .si is from. Almost everyone who's been online in the last 20 years in Slovenia knows of or has used it. It also didn't disappear because of legal notices.
zaik 7 days ago [-]
I wonder how many anti-torrent groups are doing this covertly.
sweeter 7 days ago [-]
Definitely a few. Media companies often send out infringement notices to ISPs to be forwarded to the user and I would guess this is how they get those IPs
komali2 7 days ago [-]
When I moved out of my apartment I needed to transfer the Comcast account to my roommate. In the process of logging into their web dashboard for the first time since I'd started the service, I found out I had an @comcast.com type email address, apparently registered for me. The webmail UI indicated I had thousands of unread emails. I was curious what kind of spam gets sent to an email address that's so far as I'm aware never out on the internet anywhere, so popped it open.
Thousands of DMCA requests. Full filenames. Over the course of a year they had apparently notified Comcast of thousands of alleged violations, and nothing more than an email ever came of it.
Impossible to know which roommate was allegedly torrenting files of course. Or perhaps people visiting using our wifi. Who knows!
mdaniel 7 days ago [-]
My understanding is that mere swarm membership is sufficient, no need to host anything
That's my understanding of why private trackers ban folks who upload private .torrent files to public trackers because the infohash is a rendezvous point of private and public consumers via DHT
accrual 7 days ago [-]
It's kind of like walking into a room of people with full or partial copies of a copyrighted pie, but there's one person in the corner (the copyright holder or someone on their behalf) taking notes of everyone who comes and asks for a slice.
Interestingly they put the infohash of the show in the URL. So one can use that website to pick which show to download just by using the hash + DHT
Edit: Nope I'm wrong, different type of hash it seems...
edude03 7 days ago [-]
huh, weirdly it has stuff I did download and stuff I didn't download within minutes of each other ... should I be worried?
_factor 7 days ago [-]
Many trackers will add dummy data to prevent profiling. There is no validation to claims. It’s nice to look at, but not reliable.
6 days ago [-]
lossolo 7 days ago [-]
Stop using DHT and/or public trackers and you will be safe. They scan public trackers and the DHT network.
NoMoreNicksLeft 7 days ago [-]
>Stop using DHT and/or public trackers a
Public trackers are the only trackers most of us can reasonably use. He should get a VPN.
edm0nd 7 days ago [-]
private trackers and warez groups are the plentiful (IPTorrents, Speed, etc) if you are a good seeder and can maintain good ratios. anyone using a public tracker in 2025 deserves anything their ISP catches them doing imo.
public trackers and torrent sites are also just 90% malware and RATs.
NoMoreNicksLeft 7 days ago [-]
>private trackers and warez groups are the plentiful (
Sure. It combines all the fun of pledge week with a fraternity with the wrong-headed attitudes that became part of the culture when ftp servers were the height of technology. And you just have to schedule an interview and learn the secret knock/handshake. Don't ever invite anyone, because if they're the wrong type, you get banned for their behavior too.
>public trackers and torrent sites are also just 90% malware and RATs.
It's an mkv file. Don't double click exes.
DaSHacka 7 days ago [-]
> anyone using a public tracker in 2025 deserves anything their ISP catches them doing imo.
Or you could just use a VPN, which you probably should for private trackers too anyway.
dahrkael 7 days ago [-]
it is my understanding that some private trackers dont allow you to use VPNs or risk a ban
edude03 7 days ago [-]
Sorry, should have been more specific - I don't care if people know what I downloaded - I just wonder how stuff I definitely didn't download is attributed to my IP address. Can't be that my dynamic IP address changed, because of the small time between stuff I did download and stuff I didn't. So then, is the scanner wrong, or do I have rouge device(s) on my network?
heraldgeezer 7 days ago [-]
Use a VPN? Like a public one. Mullvad recommended.
Scoundreller 7 days ago [-]
Is there a chance if someone bought suprnova’s domain (if available), which closed in 2004, someone could finish their download if a seed were still active? Does it matter if this was pre-DHT, or does DHT go historical to cover old stuff?
parliament32 7 days ago [-]
Yes DHT is "historical", in the sense that it doesn't care about when your torrent was created, just the infohash.
However, most torrents created for private trackers have the "private" flag enabled, which excludes them from DHT and PEX and a few other things. You can remove this flag yourself, but you're depending on a seeder doing the same for DHT to work.
nneonneo 7 days ago [-]
DHT works as long as the client is configured to use it, so if that old seed upgraded their client they might end up automatically sharing the metadata over DHT.
qingcharles 7 days ago [-]
Yes, this should work, in theory.
sergiotapia 7 days ago [-]
Bittorrent is such a beautiful technology, solves a real problem easily, and helps many many people. It's a shame it's been stifled so much by lawyers.
udev4096 7 days ago [-]
It doesn't matter. Bittorent will live on as long as humans exist. It definitely helped a lot in creating extremely important p2p and decentralized software such as ipfs, bitcoin, etc
ByteDrifter 6 days ago [-]
Kind of amazing how many clients kept pinging a tracker that had been offline for years. It shows how some parts of the internet just keep going in the background long after we stop noticing. There's something oddly persistent about that.
Cthulhu_ 6 days ago [-]
Yeah, I can imagine there's loads of people that set up a seedbox somewhere and just... forgot about it, or never bothered to tidy it up.
dspillett 6 days ago [-]
Many torrents are on multiple trackers and, via the almost ubiquitously supported announce-list extension, have multiple trackers listed in the torrent file itself. So those 3M clients are unlikely to have been sat doing nothing because this tracker had vanished, they would be participating in the swarms around the other trackers listed in the metadata for each torrent.
NelsonMinar 6 days ago [-]
This reminds me of the time I ran an NTP pool server, then withdrew it. The IP address kept getting NTP requests for months. It was no big deal, NTP is a lightweight protocol, but it was a reminder that IP addresses keep reputations for a very long time. Same thing with domain names, I guess.
rickcarlino 7 days ago [-]
Why didn’t they use a protocol like Gnutella to serve as a non-centralized tracker? Or did they?
lucascacho 7 days ago [-]
Seems like the perfect opportunity for a FBI honeypot
jasonjayr 7 days ago [-]
Isn't that one of the first things they do when they identify + take down a site hosting CSAM?
iaaan 7 days ago [-]
I wonder if there are any known vulnerabilities in various torrent clients' handling of tracker responses, e.g. buffer overflows. One could potentially amass a pretty large botnet.
xyst 7 days ago [-]
Not illegal. But most people without resources to fight off the thinly veiled, strongly worded legal letters would probably fold under this light pressure.
Interesting, but I suppose it’s not surprising to see clients still holding references to old/defunct trackers. Those peers this person discovered once the tracker was resurrected are more than likely to be seed boxes. Maybe a few real clients if they found an old .torrent link and have left it open.
Thanks to DHT (trackerless peering), trackers have become mostly defunct.
prettyblocks 7 days ago [-]
Not a lawyer, but I think intent is a big part of legality and I hope that doing something like this for research purposes should be relatively safe.
This was a typical fake entry in captive portals, or a temporary gateway.
They described (cannot find the blog post right now) the various traffic they were getting, across many services (default ports)
WithinReason 7 days ago [-]
Can you do this to create a database of torrents for a torrent search engine?
DaSHacka 7 days ago [-]
There are existing services like btdig that do this via DHT, I believe.
sweeter 7 days ago [-]
You don't even have to go that far, you can just use torsniff. But be aware there is a lot of nsfw material and potentially illegal material for all I know.
thunderfork 7 days ago [-]
Easier to just trawl the DHT, like btdigg
yieldcrv 7 days ago [-]
You can pay for seed boxes with Monero
Lawsuits are civil and wont have all the power to find you in all way, compared to a criminal suit or intelligence agency
So the privacy vectors necessary are more limited
jmyeet 7 days ago [-]
I have a theory that BitTorrent is used as a command and control mechanism for botnets.
We've seen various methods of botnet and malware control like rotating domain names that were successfully reverse engineered and used to trigger a kill switch for WannaCry, famously [1].
BitTorrent is known to be resilient, particularly if you use multiple trackers, proxies, etc that are all built into the infrastructure.
Replace that Dynadot link with your referral code! I interface with a lot of domain registrars and they are one of the good ones.
udev4096 7 days ago [-]
Could this be used to exploit peers if they connect to an intentional malicious tracker?
7 days ago [-]
7 days ago [-]
jensenbox 7 days ago [-]
As far as I am aware, there are legitimate uses for this technology.
everyone 6 days ago [-]
Imo one the tragedies of filesharing is though the legal bullshit from MAFIAA didnt make a dent in big public trackers like TPB serving Marvel movies and other popular shit, it did manage to kill off many of the smaller specialised trackers serving exquisitely collected and curated torrents of stuff you cannot buy anywhere anymore.
schlauerfox 6 days ago [-]
Or maybe those just got better at hiding?
ivanjermakov 7 days ago [-]
I think some commenters here missed the point.
Of course hosting a tracker is legal, but what about "hijacking" inactive resource?
ascendantlogic 7 days ago [-]
The word "hijacking" in this scenario would only be applicable if the domain was still registered and active and he forcefully took the domain away. That is not the case. The fact OP was able to register it quickly and easily indicates it was unused and to call this "hijhacking" would imply permanent ownership of domains even after previous owners knowingly let the registration lapse.
The legality of hosting a tracker isn't obvious, and as pointed out elsewhere the nuance is less about concrete legality and more about having the resources to deal with lawyers harassing you with lawsuits.
Nemo_bis 6 days ago [-]
I would at least mask those IP addresses from the blog post...
yeah turns out Dynadot enforces a 7 day wait on deleting the domain and it's only been 6 days. should be free for registration on June 18 (i assume in 3 hrs if they mean UTC)
abigail95 7 days ago [-]
interesting choice of hosting provider...
fine_tune 7 days ago [-]
You bought a house that had a murder X years ago and are wondering if your guilty for the murder, probably not - aslong as you don't do more murder in it.
I suppose real life is more interesting though, the guy who picked up the domain to stop the global ransomware crisis was picked up after Defcon if memory serves.
Ironically your probably at more risk from the GDPR for leaking those IP addresses that connected to the box via your blog post.
I'm not a lawyer/solicitor though, don't take my advise.
markasoftware 7 days ago [-]
the guy (marcus hutchins) wasn't arrested for registering that domain, he was arrested for allegedly creating an unrelated piece of malware.
zht 7 days ago [-]
I think it's more like you buy an abandoned house where people used to go buy drugs
you buy the house and people are still coming knocking on your door asking you if you have any drugs to sell
you're not doing anything wrong, but if the police notice people constantly coming to your house to buy drugs they may do something about it
rvnx 7 days ago [-]
Other perspective: It's more like you reopen a public place where people were known to publicly harm copyright owners and you provide technical help so they can do it again.
7 days ago [-]
KomoD 7 days ago [-]
> I suppose real life is more interesting though, the guy who picked up the domain to stop the global ransomware crisis was picked up after Defcon if memory serves
That dude developed and sold banking malware, that's why he got arrested.
gpm 7 days ago [-]
This guy didn't just buy the haunted house that previously had signs directing serial killers to where the victims are, he also reinstalled the signs and opened it back up to the public knowing that the serial killers were still around and reading the signs.
I mean, it's a bit absurd to compare copyright infringement to murder, but that's where your analogy started. He didn't just by the domain and do something innocent, he actually started running the software that helps people pirate things strongly suspecting that pirates would use it to help them pirate things... and then when he observed that was reality he (smartly IMO) shut it down.
nektro 7 days ago [-]
why did you shut it down?
waynesonfire 7 days ago [-]
wow, brilliant.
joanneil305 1 days ago [-]
[dead]
aaron695 7 days ago [-]
[dead]
Noelia- 7 days ago [-]
I used to think those old trackers were long dead, but it’s wild to see them still pulling in millions of peers. P2P may have faded from the spotlight, but the infrastructure never really went away.
noobermin 7 days ago [-]
I guess...the question is...who? Surely people have to pay to keep these peers just running. 3.1 million is how many millions of dollars in infra per month? I guess it's distributed amongst millions or thousands of people, sure, or may be most of them are bots.
Nemo_bis 6 days ago [-]
It only takes 17000 bittorrent users with 100-200 old torrents each in their clients to get here:
> it peaked at about 1.7 million distinct torrents across 3.1 million peers
Most people don't regularly prune their torrent library.
be87581d 7 days ago [-]
[dead]
Rendered at 19:19:05 GMT+0000 (Coordinated Universal Time) with Vercel.
Why wouldn't it be? You're not actually hosting a tracker in this case, only looking at incoming connections. And even if you do run a tracker, hard to make the case that the tracker itself is illega. Hosting something like opentrackr is like hosting a search engine, how they respond to legal takedown requests is where the crux is at, and whatever infra sits around the tracker, so police and courts can see/assume the intent. But trackers are pretty stupid coordination server software, would be crazy if they became illegal.
My family members sued each other over a small inheritance. 5 kids fighting over a couple million dollars. Case has dragged out across almost 4 decades. Lawyer fees dwarfed the size of what was being fought over several times over. Some family spent time in jail for contempt of court... Family members then put up all their personal assets to keep fighting. Then they lost and were faced with a judgment that left them destitute well into their retirement years with no way to earn new money. Some family members are still appealing and fighting adjacent court battles (property seizure, etc). This process has consumed the last decades of their lives and everything they worked their whole lives for.
Not only would I say never end up in court, I'll extend you one further. Never get the government involved in your personal relationships.
>Never get the government involved in your personal relationships.
Amen! You can't tax friendship.
In my country we have a phrase for this exact scenario: "the punishment is the process".
When the government or a powerful person wants to fuck with you, all they have to do is drag you endlessly through the court system, even knowing they'll loose. Because the experience will be 100x more painful for you to win than it is for them to loose.
It's what the UK government did to the postal workers in the Fujitsu scandal.
IE he can see the peer pool but they don’t announce the peer list.
However the important bit isn’t winning in a harassment case but having documentation to get them to stop in the future.
You made a hypothetical assuming they would do something they wouldn’t because it puts them at risk.
Why do you say that?
I think even seemingly "useless" questions can lead to valuable discussions and insights... and it might also be possible that your perspective is not the only valid one.
What's useful (or not) to one person is not always the same for others.
There are a few internet/copyright safe harbor provisions (in the US) that might maybe (probably not) make it not a crime, I don't know, I'm not a lawyer. But your general thought when you hear "helping someone else commit a crime" ought to be "that's probably a crime itself".
Running a service primarily for legal purposes that some criminals can take advantage of is pretty different with regards to intent than reviving an old domain name that you know is primarily used by old illegal torrents as a tracker.
I spent a few minutes googling, and it seems like that at least as of a decade ago the exact bounds here weren't well defined: https://www.scotusblog.com/2014/03/opinion-analysis-justice-...
> Finally, the possible liability for an “incidental facilitator” – such as a firearms dealer who knows that some customers will use their purchases for crime – is noted but not resolved. Thus, thankfully, there is still some fertile ground for hypotheticals with which we practicing law professors can bedevil our students.
Here it's not the "mere fact that somebody could use your tracker for piracy". It's that you're literally observing that a bunch of old mostly-piracy torrents are pointing at this domain, and then deciding to turn this domain back into a service which assists in that piracy.
He doesn't know if they're mostly piracy or not, all he sees is a hash and the peers.
The police/courts/jury is not obliged to put blinders on just because you would prefer if they did.
The mere fact that the domain name was previously used for this is almost certainly probable cause to get search warrants that will almost certainly provide the requisite proof beyond a reasonable doubt that he has in fact intentionally both committed himself, and aided others in committing (because he knew what the domain name was, or at least recognized it as similar to demonoid and could guess), copyright infringement. And that's without the blog post... (which I assume in the hypothetical where he chose to keep running this he would not have posted).
Eg. Canonical distributes Ubuntu via BitTorrent too: https://ubuntu.com/download/alternative-downloads
Edit: I missed the "uh," in the OP: I stand corrected.
But yeah, I don’t think Canonical would use open.demonii.si as a tracker for their torrents.
"Beyond a reasonable doubt" doesn't mean you can just say "no that's not true" about anything and have it not count. It's beyond a reasonable doubt, not beyond any doubt. It's not reasonable that this tracker address was gotten from a Linux ISO. Perhaps the defendant could claim they got it from a list of trackers, but they already admitted they didn't, so that's not reasonable either.
Even if that were proven as true, so what? There's nothing illegal about using the domain itself.
> It's not reasonable that this tracker address was gotten from a Linux ISO
Sorry but you don't get to be the judge of that, the judge does.
It's kind of like Kim Dotcom's defence of his systems where he was saying that he was making attempts to remove content from his systems in compliance with DCMA requests. That is, the claim is his systems were legal because even though people were using them for illegitimate purposes, he was actively working to prevent that from happening.
Right, that makes sense. Is running a tracker "knowingly helping people commit crimes"? I feel like that's a huge jump, there is a wide range of content coordinated by trackers and the DHT.
For one, a judge/jury does not infer things they are "supposed to know", such as whether torrents are mostly used for piracy or not... they only operate based on the evidence presented.
There is a very large burden of proof in criminal cases, requiring that their intent to facilitate a crime be proven "beyond a reasonable doubt".
Trying to say "everyone knows linux ISOs is code for piracy" or claim that "a judge would see right through that" is simply not how things work... decisions cannot be made based on any type of prior knowledge like that.
The entire point of a criminal court case (as a prosecutor) is to convince a judge/jury that the defendant is guilty using evidence and testimony, which means they must prove that there was clear intent to commit/facilitate a crime, i.e. they knew it was illegal and did it anyway.
Simply running a torrent tracker in and of itself doesn't prove any of that.
Oh boy, are the crypto bros in trouble.
> So I was, uh, downloading some linux isos, like usual.
Nothing to see here, move along.
Seriously though, the OP makes the same argument and concludes that:
> I was spooked. [...] I shut down the VPS and deleted the domain quickly after confirming it works.
IANAL but this clearly shows the OP didn't intend to facilitate crime and shut it down after seeing that was what may have been happening.
> But the OP states he was using the tracker for lawful purposes:
That quote is a confession that he was committing copyright infringement. Courts and juries and not obliged to ignore the ", uh," part.
Probably (in the very unlikely event where he is charged) the best defence would be "this was a joke" not "I didn't literally confess to committing copyright infringement". Even then I'm pretty sure this quote would weigh against him substantially in just about any jury's mind.
I know, "linux ISOs" has always been a joke "rationale" :)
I do think we're in agreement.
Maybe it's about time to revisit it? It's just the matter of how to enforce DRM. They shouldn't care in this day and age with plenty ways to get licensing sorted out.
"I then started the tracker. After about an hour, it peaked at about 1.7 million distinct torrents across 3.1 million peers!"
If you don't respond to takedowns, that's probably leaning towards being illegal*
If you respond to takedowns and blacklist the hashes, you're most likely fine*
*obviously depends on the jurisdiction and on whether matching hashes to IP:PORT is considered distribution/facilitation/whatever (take TPB's case as an example)
I know someone who ran a pretty large tracker for years, when he received a takedown he just blacklisted the hashes and he's been fine so far.
They'll just see tracker and assume it's illegal.
Copyright infinging materials dont go "though" trackers. Trackers only keep torrent hashes and lists of peers.
Also the government and private companies have argued in the past that the hashes and lists of peers is inducement and enablement for copyright infringement.
Even if you didn't mean your local police, and meant a national body like the FBI, the truth is they focus on other crimes (eg. child abuse), and even then they are woefully unable to handle even most of those crimes.
The vast, vast majority of copyright enforcement comes from copyright holders ... not the internet copyright police.
The police rarely find crimes on their own -- they are almost always acting on a request from someone else.
So yes, data "goes through it". Do you think law enforcement understands the nuance of metadata vs actual data?
I also don't know of any precedent where bittorrent software/client itself was ruled illegal (but am not a lawyer).
Good question though, would love to know what specific tech is in use (or if it's just "finding it on search engines organically")
2. libtorrent-rakshasa (rTorrent) — https://packages.debian.org/sid/libtorrent-dev
What’s the third one?
The announcement related APIs are fairly easy to implement, but I wouldn't bet on it being implemented in a fuzzed testing environment. Transmission, for example, had multiple vulnerabilities over the years. Not sure about the other client implementations.
I had different experiences with different clients, so I guess it's work in progress on what a client does when the cache was poisoned.
Hashing algos are mostly SHA based ones that are used. No idea if someone managed to inject stuff and found collisions for SHA1 yet though. I know that there has been PoCs in the past for hash collisions of PDF files.
Context: [1] https://shattered.io/
Does the tracker know what it's tracking? Is there any attempt to make the tracker unaware of what peer rendezvous it's doing?
My gut is that it seems some kind of hash/magnet that folks are asking to peers on. And that the magnet itself is sufficient, and doesn't have to include anything identifying (although I believe many magnet links included some human readable description). The tracker could likely try to download this hash from the peer itself, to get the torrent info, but wouldn't really know what the torrent is or what's in it without doing the download itself.
Does that check out? How much of the magnet link is key to rendezvous? Could a tracker ignore human friendly fields, block them at ingress, to shield it's eyes?
On a public tracker the only way to identify a user is the IP address and that's not reliable.
The BitTorrent clients I’ve used all seemed pretty polite, backing off for like 60s at least for each tracker they can’t connect to.
If you buy one of the dead tracker domains and point it at an IP of someone else, but their services aren’t even listening on the port client wants to connect to (and don’t speak BitTorrent even if the port happened to coincide), I can’t imagine that even with a million BitTorrent clients wanting to connect it would really be all that much of a problem.
https://blog.cloudflare.com/announcing-1111/
'We offered Cloudflare's network to receive and study the garbage traffic in exchange for being able to offer a DNS resolver on the memorable IPs'
The peer protocol (and variants, like uTP) are much more interesting to attack, and you don't need to host a tracker for that, you can just get peer IPs from trackers or DHT, connect, and do your magic.
Let them attempt to send legal toilet paper to Russia or China. I'm sure that will end well.
You should tell the TOR folks about your findings, they can finally shutdown the darknet and just move their stuff to China.
https://thenib.com/mister-gotcha/
Dont feel too special. Gotcha!
In other jurisdictions it most certainly is not, and the VPS maybe in a different jurisdiction and the .si TLD definitely is.
I think there have probably been more. There are definitely more that had civil suits with MPAA etc suing for damages.
It may be somewhat harder to make the case in the US, but a tracker where a great majority of what's listed is copyrighted, I'm pretty sure it can be shut down in the US.
God I miss rarbg. And KAT.
A lot of these websites were "come here and pirate lots of shit," often had tools to make it easier to specifically search for infringing content, and would remove torrents that were not tagged correctly. In many cases some of the people running the sites were also seeding.
That makes it hard to argue "we're just passing packets"
I miss shit being worth torrenting. Maybe things have changed, maybe I grew up, but:
1. Most utility software you need is free, save for a few programs you can easily find on Russian torrents.
2. Most games and other media are slop.
Torrents didn't die because US law enforcement made them die. Torrents died because most companies realized that providing slop with ads and lootboxes for free is a much better business model than trying to get people to pay for something of quality.
Imagine trying to tell someone in year 2000 that Windows will natively display ads, EA will lose lawsuits related to FIFA being actual old-fashioned gambling, and music industry will push for AI-generated content. Yet somehow we accept this as completely normal in 2025. No wonder nobody ain't torrenting shit.
There is still plenty of quality stuff in 2025, and a lot of slop, just how it was 40 years ago.
Thousands of DMCA requests. Full filenames. Over the course of a year they had apparently notified Comcast of thousands of alleged violations, and nothing more than an email ever came of it.
Impossible to know which roommate was allegedly torrenting files of course. Or perhaps people visiting using our wifi. Who knows!
That's my understanding of why private trackers ban folks who upload private .torrent files to public trackers because the infohash is a rendezvous point of private and public consumers via DHT
Edit: Nope I'm wrong, different type of hash it seems...
Public trackers are the only trackers most of us can reasonably use. He should get a VPN.
public trackers and torrent sites are also just 90% malware and RATs.
Sure. It combines all the fun of pledge week with a fraternity with the wrong-headed attitudes that became part of the culture when ftp servers were the height of technology. And you just have to schedule an interview and learn the secret knock/handshake. Don't ever invite anyone, because if they're the wrong type, you get banned for their behavior too.
>public trackers and torrent sites are also just 90% malware and RATs.
It's an mkv file. Don't double click exes.
Or you could just use a VPN, which you probably should for private trackers too anyway.
However, most torrents created for private trackers have the "private" flag enabled, which excludes them from DHT and PEX and a few other things. You can remove this flag yourself, but you're depending on a seeder doing the same for DHT to work.
Interesting, but I suppose it’s not surprising to see clients still holding references to old/defunct trackers. Those peers this person discovered once the tracker was resurrected are more than likely to be seed boxes. Maybe a few real clients if they found an old .torrent link and have left it open.
Thanks to DHT (trackerless peering), trackers have become mostly defunct.
[1]https://www.justice.gov/archives/opa/press-release/file/1507...
https://torrentfreak.com/demonii-torrent-tracker-shuts-down-...
https://torrentfreak.com/mpaa-we-shut-down-ytsyify-and-popco...
This was a typical fake entry in captive portals, or a temporary gateway.
They described (cannot find the blog post right now) the various traffic they were getting, across many services (default ports)
Lawsuits are civil and wont have all the power to find you in all way, compared to a criminal suit or intelligence agency
So the privacy vectors necessary are more limited
We've seen various methods of botnet and malware control like rotating domain names that were successfully reverse engineered and used to trigger a kill switch for WannaCry, famously [1].
BitTorrent is known to be resilient, particularly if you use multiple trackers, proxies, etc that are all built into the infrastructure.
[1]: https://www.wired.com/2017/05/accidental-kill-switch-slowed-...
Of course hosting a tracker is legal, but what about "hijacking" inactive resource?
The legality of hosting a tracker isn't obvious, and as pointed out elsewhere the nuance is less about concrete legality and more about having the resources to deal with lawyers harassing you with lawsuits.
Not really? OP seems to want to sell it for $10000: https://www.dynadot.com/market/user-listings/demonii.si
I suppose real life is more interesting though, the guy who picked up the domain to stop the global ransomware crisis was picked up after Defcon if memory serves.
Ironically your probably at more risk from the GDPR for leaking those IP addresses that connected to the box via your blog post.
I'm not a lawyer/solicitor though, don't take my advise.
you buy the house and people are still coming knocking on your door asking you if you have any drugs to sell
you're not doing anything wrong, but if the police notice people constantly coming to your house to buy drugs they may do something about it
That dude developed and sold banking malware, that's why he got arrested.
I mean, it's a bit absurd to compare copyright infringement to murder, but that's where your analogy started. He didn't just by the domain and do something innocent, he actually started running the software that helps people pirate things strongly suspecting that pirates would use it to help them pirate things... and then when he observed that was reality he (smartly IMO) shut it down.
> it peaked at about 1.7 million distinct torrents across 3.1 million peers
Most people don't regularly prune their torrent library.