Pirate Bay moves to the cloud to confound copyright cops
Police left with very little to seize
The Pirate Bay went down for about five minutes on Tuesday night as the group retired almost all of its servers and shifted onto the cloud.
"So, first we ditched the trackers. Then we got rid of the torrents. Now? Now we've gotten rid of the servers. Slowly and steadily we are getting rid of our earthly form and ascending into the next stage, the cloud," the group said on its Facebook page.
"The cloud, or Brahman as the Hindus call it, is the All, surrounding everything. It is everywhere; immaterial, yet very real. If there is data, there is The Pirate Bay."
On a more down-to-earth level, the move has been prompted by concerns over recent rumors of another raid on the site's systems, the team told TorrentFreak. But there's also the sheer hassle of running the site's hardware systems. Earlier this month, The Pirate Bay was down for almost two days when a power distribution unit had to be sourced and installed at the site's hosting company.
The service is now hosted on virtual machines in two countries, using separate cloud networks, and it has the ability to switch to a new provider pretty much instantly as needed. Shifting to cloud providers will save time and money, help lock down user privacy, and should make The Pirate Bay pretty much unraidable, since the load balancer and transit routers are the only hardware that can be seized.
"If the police decide to raid us again there are no servers to take, just a transit router. If they follow the trail to the next country and find the load balancer, there is just a disk-less server there. In case they find out where the cloud provider is, all they can get are encrypted disk-images," the crew said.
"They have to be quick about it too, if the servers have been out of communication with the load balancer for 8 hours they automatically shut down. When the servers are booted up, access is only granted to those who have the encryption password."
Cloud providers will not know that they are hosting the site's virtual machines, as all the site's traffic will go through the diskless load balancer in RAM and will be encrypted before transmission. Since the load balancer is never in the same country as the cloud provider, there's no way for the cloud provider to monitor IP addresses or user data without breaking the encryption.
The move may also throw a bit of a wrench in plans by AT&T and other US network operators to implement a "six strikes and you're out" policy on piracy, which is due to take effect by the end of the year. Tracking IP addresses of Pirate Bay users is going to be key to the RIAA and MPAA's enforcement efforts, and that task looks to have become significantly harder with the latest Brahman bootstrapping. ®
Sponsored: Becoming a Pragmatic Security Leader