Friday, December 5, 2008

Bittorrent: Start to Finish Encryption

Goal

The goal for this article is to enable downloading content with the bittorrent network, with all parts of the process encrypted from server to client. This prevents any snooping from any 3rd party ISP. A proxy cannot be used either.

Tools

uTorrent, latest version
A torrent tracker or scraper that supports HTTPS. Examples are
https://thepiratebay.org/
https://isohunt.com/

Limitations

Not all torrent files are compatible with this method. Torrent files with the private flag cannot be used, due to the blockage of DHT and Peer Exchange. This also removes the ablity for the tracker to keep statistics on how much you have downloaded and uploaded. This also removes the ability for your ISP to use packet inspection to lower the priority of Bittorrent traffic, in exchange for VOIP for example.

Process


First, browse to your favorite HTTPS tracker. Make sure that "https://" is in the URL. Then copy the link to the torrent. You can save the file to your desktop if you want.



Second, check your uTorrent settings. On the Bittorrent panel, enable DHT Network, enable Local Peer Discovery, enable Peer Exchange, set Protocol Encryption to Forced and disable Allow incoming legacy connections.



In the Directories panel, enable the setting to Always show dialog on manual add.



Click the Add torrent from URL button. Ensure the url of torrent contains "https://"



Now click Advanced and remove all the items in the Trackers box that do not contain "https". This usually will be all of them. Then check that DHT and Peer Exchange are enabled. If not, your torrent is private and cannot be downloaded under full encryption.



Once your torrent starts, check under the Trackers tab to see that it finds peers via DHT and Peer exchange after a few minutes. If not, your kinda out of luck.




Opinion

Personally, I believe this is the best way to download torrents until privacy is stated as secure by your ISP. Until ISP's decided to update their policies and accept the new age of content delivery, I refuse to hear their woes of bandwidth shaping and having their networks flooded with unidentified traffic. I personally don't support the idea of private torrents and forums for content that should be public. I do not wish you to accept my view, but offer you the option to consider it.