Feeds

P2P eavesdrop 'guilt by association attack' developed

Free BitTorrent countermeasure released

Intelligent flash storage arrays

US engineering researchers say they have identified a new privacy threat to users of peer-to-peer (P2P) networks such as BitTorrent and (perhaps) Skype. Obligingly, however, they have freely released a protective plugin designed to work with a popular torrent client.

According to Fabián Bustamante, computer science prof at Northwestern Uni, BitTorrent users - without realising it - form identifiable "communities" over time, in which their computers connect much more often to certain other users' machines.

"This was particularly surprising because BitTorrent is designed to establish connections at random, so there is no a priori reason for such strong communities to exist," Bustamante says.

However, he and his colleagues found that identifying the spontaneous torrent communities would be a "powerful threat to user privacy", described by the researchers as a "guilt-by-association attack". It would allow an organisation monitoring P2P traffic to reliably identify groups of users showing similar behaviour - for instance with relation to particular copyrighted works - much more swiftly and economically than would normally be the case.

According to the Northwestern researchers, clued-up eavesdroppers would be able to pick out groups of clients of interest to them 85 per cent of the time by analysing just 0.01 per cent of the total users on the network. Normally, P2P users tend not to worry too much about monitoring - there are so many users that the chance of being identified and targeted is slim.

Not so much now, according to Bustamante. A relatively minor surveillance effort will allow the RIAA or whoever to pick just the people they're after, ignoring the countless thousands of ordinary users. Quite apart from pigopolists tracking down media sharers of particular interest to them, the Northwestern researchers hint that this could also be a very handy technique for feds, spooks or whoever listening in on P2P VoIP services such as Skype. Listeners wouldn't need to crack any crypto or tap anyone's home line: they could simply establish a few thousand active Skype clients themselves - a trivial matter for an agency such as the NSA - and identify "communities" of interest with ease.

That said, the Northwestern group's research so far has been confined to the BitTorrent network; their mention of P2P VoIP is speculative.

But fear not, says Bustamente - or at least, fear not if you use Vuze/Azureus. He and his colleagues have developed a client plugin they call SwarmScreen, downloadable here, which will prevent a user being picked out in a "guilt by association" torrent trawl.

"With P2P networks increasingly under surveillance from private and government organizations," say the researchers. "SwarmScreen provides a practical and effective solution to disrupt [guilt-by-association] attacks".

SwarmScreen works by downloading random stuff from across the wider P2P network, as well as the things a user has told his or her client to collect. This means that a traffic monitor won't identify that client as part of any given "community".

The downside, of course, is that this wastes bandwidth. However Bustamente and Co have included an "intuitive tuning knob to control the privacy/performance tradeoff - higher privacy may result in some performance loss as some of your bandwidth is allocated to hide your real traffic". Or you can turn down the privacy and accept a greater risk of being fingered in exhange for faster downloads.

Problem solved, at least in the case of BitTorrent. However, the truly paranoid will be unconvinced, noting the source of funding for Bustamente's group in this project. Yes, you guessed it - none other than the US federal government itself. ®

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.