Internet abuzz with BitTorrent bypass code
Draconian UK law gets SeedF**cked
A block of 86 lines of C# code is creating a buzz online following claims it may make BitTorrent downloads untraceable.
The code, sweetly named SeedFucker, is actually an exploit discovered last November that would allow a BitTorent user to fake the IP address of a server from where a file could be downloaded. It could also be used to flood a BitTorrent with dozens of fake peers. The sudden interest in the exploit follows measures in a new UK law, passed last week, where ISPs may be obliged to provide IP addresses to the authorities of files that are said to be infringing copyright.
Since the Digital Economy Bill passed in a heavily criticised “wash-up” process in the final Parliamentary session before a general election, coders have been working hard on developing a new generation of download software that will make it impossible even for ISPs to identify where files are being stored.
It is unlikely that SeedFucker in its current form would achieve that goal, but the exploit itself has coders excited about the possibilities of a truly anonymous downloading system.
Of course, this is not the first time that heavy-handed action on the part of the authorities has caused a rapid evolution in software used to spread files around the Internet. Most famously, Napster was shutdown by the music industry because it allowed people to share and download music files. The weak point in that case was Napster’s own servers which made the connections between users and files.
No sooner had Napster been taken down than a new method of file sharing, BitTorrent, was rapidly adopted. BitTorrent allows people to share files held on their hard drives across the Internet in very small pieces, with every person downloading each piece also becoming a source for download so long as they maintain an Internet connection. (The Napster shutdown also led to a big increase in size of the so-called Dark Net where private Internets are set up and taken down outside the view of any authorities).
The BitTorrent iteration led to extensive efforts to shut down websites that held the initial seed files needed to start a download, with mixed success. The Pirate Bay became the target of international pressure after it thumbed its nose at both the music and film industries after broadband speeds made the exchange of video files a practical reality. The organization’s website was briefly taken down after a raid by the Swedish authorities.
With companies now determinedly lobbying governments to force the providers of Internet access themselves – ISPs – to provide details of exchanged files, coders are working on ways to further anonymize the process.
How successful that approach will be, or whether it is an inevitability given enough time, we shall have to see, but watching the enthusiasm surrounding SeedFucker, it is certain that if a solution is found it will rapidly make a mockery of the laws hurriedly passed without sufficient democratic review last week.
And after that, where then? Legally enforced requirements for software to use specific port numbers? Mandatory use of iPads so only Steve Jobs can decide what you can use the Internet for? Who knows? ®
Sponsored: Becoming a Pragmatic Security Leader