Torrenting exposes your public IP. In a country where government doesn't care, does that pose a risk?
I honestly don't believe I will have any legal trouble because I don't do anything like cp or worse, I just pirate media I like, not even porn. But across users of communities, or on public trackers, is IP exposure something to be concerned about?
It's good opsec to have a VPN when torrenting but thats largely due to the risk of being identified commiting a crime.(Or at the very least, having your ISP send you an angry letter about copyright infringement)
If thats not part of your threat model, then you dont need to worry.
Or you live in a country that purelly doesn't care about it to the point you can have a seedbox running 24/7 throught your network.
Bonus points if it also shows your "location" to be 100km away. To the point that it sometimes shows you to be in another country next to your.
Another point when it changes your public ip address dailly.
The general philosophy: they can't prosecute the entire populous.
If everyone is pirating, they focus on the ones who pirate the worst shit or the ones who pirate the most shit for profit.
In a sea of pirates, you don't get tagged.
If people stop pirating, the bar for too extreme or too much lowers.
They do pirate the most extreme and the most prolific pirates, however.
A story as old as time.
Wait, so the cops pirate the pirates?
So the pirated pirates, pirate the pirates stuff the pirates pirated from other pirates who could possibly be pirated pirates posing as pirates?
Pretty much.
Predictable.
dont give 'em anything to fuck with you down the road. seems a no brainer. "Mrs. TheHooligan95? ahh yes we are here to confiscate your home because your son TheHooligan95 illegally downloaded Ninja Kods 3 back in 2001. No, you cant talk to your son. He was already executed for corporate treason this reason."
This sounds accurate
People have and will be executed for dumber reasons.
White rich girl picked you out of the lineup. Don’t worry, DNA science won’t prove you’re innocent for another decade after justice has been carried out.
Also these
peoplelawyers are surely building large network graphs to identify p2p traffic so one might as well give them less information about where other people are seeding to or torrenting from.Use I2P guys. The more the better. It is Foss and is 100 times better then any VPN. It is only a bit slower sometimes.
Just use I2P? Can you access public trackers via I2P or do you have to use the crap internal ones?
Recent qbitorrent update supports cross sharing between public/i2p users.
But people have to enable the option, most public trackers aren't aware off and most private trackers are not into sharing their well builded closed piracy club money making scheme
Internal only sadly iirc
What do you mean by "the government doesn't care"? Do you mean that they are not enforcing copyright protection laws to your knowledge? Or that copyright protection laws don't actually exist in your country at all? If the laws exist but are not being enforced, there is always a possibility that they will be enforced in the future or that a change in government will lead to a change in approach. Your government could also potentially pass new laws in the future that make it easier for foreign entities to go after yourself and other pirates through your local courts.
You need to work out exactly what the law in your country says, what the government's attitude towards piracy is and whether there is a legal precedent in your country for the prosecution of pirates. For example, in Australia we have copyright laws and a government that is at least somewhat committed to upholding them, but we also had a significant court case a little over a decade ago in which it was ruled that the ISP being sued was not responsible for the piracy its users were allegedly engaging in. This essentially set a legal precedent within Australia that allows ISPs to turn a blind eye to piracy and makes it more difficult for foreign entities to prosecute Australian pirates. This is why most court-ordered anti-piracy action within Australia is limited to DNS blocks on websites. As a result, many Australians feel safe torrenting without a VPN because they believe it is very unlikely their ISP could be compelled in court to hand over their information or that there is even the will to attempt this following that high profile defeat in 2012.
In my country it is illegal to share, but not illegal to download, since when consuming you're not meant as a websurfer to know the source of that something. Should that law change, it cannot retroactively affect something that happened in the past. So I don't plan ever to share anything publicly, but only the very few things I'm very passionate about to the point I want to share them with communities of friends which you can access through invites only. Sharing a back up copy with your friends is not illegal either even if the EULA or whatever says it is, unlike for example in the UK.
I was specifically asking about cybersecurity in general.
But torrenting means you're also sharing.
Yes but you didn't create the torrent first
But who created it is irrelevant, the seeding is the legal issue.
I think that's not necessarily true. There's certainly some good reasons to have a distinction between the original uploader and all the rest of the additional seeders. It's going to come down to local law.
An analogy is if you buy some illicit substance and split it up with a few friends who pay you their share. Whether or not your local authorities considers you an illegal drug dealer could be highly dependent on scale, profitability, frequency, clientele, etc. Those details could be the difference between a slap on the wrist and some hard time.
I can't speak for every obscure jurisdiction that might exist, but I've never heard of that being a factor.
I don't know the laws that well, but there is a distinction in Canadian law between uploading and downloading. I'm not entirely sure how applicable to torrenting that is, but I think there's a reasonable argument that if you are the original uploader, you must have uploaded the content in it's entirety, whereas that's not necessarily true for anyone else downloading the torrent, and certainly not provably so.
@TheHooligan95@lemmy.dbzer0.com Lol. Torrenting is sharing. And for now you haven't been visited, but I'm certain Hollywood will pay a visit to your local enforcer chief to explain to him the technicalities over fine wine & dinner.
The risk is still there. Keep your share ratios to 3 so you don't look like a big problem as @Melkath@kbin.social put it. And when you get a letter from somebody complaining, it's time to start looking into a VPN.
The second best thing to do is your own research into your country's laws, and subscribing to e-mail alerts so you can know if the law will change. At least a google alert at a minimum.
By torrenting, you are sharing by default as it’s P2P. Even if you choose not to seed after downloading, you’re still sharing while you are downloading as other people who download after you are downloading chunks of the data from your partially downloaded data too.
So technically you are still committing a crime here.
Not necessarily. Very tyrannical governments don’t care and will tread on your rights even going backwards before the law was enacted if they so desire to do so.
Most laws don’t apply retroactively, but some can and do.
In some countries private law firms chase down infringers on behalf of copyright holders. They then attempt shakedowns with the threat of legal action if you don't pay. They have a financial interest to catch people, and moral compasses vary.
Also, mistakes can happen (you, your family, guests using your wifi, in the courts, in the ISPs, in the law firms, in the tech they are using to identify people). Shit happens.
And if (when) it happens, then you would still have to deal with it, costing you time and money.
Understand the risks and make choices to minimize them if you can.
Sorry, I misunderstood what you were asking then since IP monitoring is a commonly used by copyright trolls.
Don't apologize, your answer was the most informative
In other words, your computer is downloading stuff from other computers, that's potentially receiving stolen property, but a potential argument might be that you didn't know that it was stolen. It's not a good argument, but it's an argument. So you're an individual who potentially broke the law. Depending on how much money you have, you might get a knock on your door.
But then, you also distribute that potentially stolen property to other computers, because that's how BitTorrent works, and now you're part of a distribution network dealing with stolen property. The chances that once you've discovered you come away with just a slap on the wrist are slim to none.
How do they find you?
Through your IP address.
How?
By figuring out who owns that address, who loaned it to you to get online at that specific time. One packet at a time the research will bring them closer to knocking on your door.
So, is it a big deal that your public IP address is linked to torrenting? Yes it is.
Is this the whole story? Not by a long shot, but it's not my job to teach you how to break the law.
It sounds like it's literally not against the law where this person lives. Like The Pirate Bay when it began, they responded to US lawyers sending them takedown requests by pointing out that US law didn't apply to every country on the planet.
That could change in the future, sure, but I think that this person probably has a better idea of whether that's a possibility in their home country than we do.
Meh. I don't know about OP but where I live ISPs are forced to relay the legal notice, but nothing more happens. There is no prosecution and nobody will knock on my door.
I have been torrenting on and off since the protocol exists and never once hid my IP. My ISP relays me the threats from the industry, I ignore them, and continue what I was doing before. Same for everyone in my country. Those that end up paying for a VPN and hiding their IP are just intimidated onto doing so, because of the threats. But again, aside from getting that threatening email, nobody will knock on your door for torrenting here.
In Australia an ISP went to extreme lengths to have a ruling, spending four years in litigation:
https://torrentfreak.com/iinet-isp-not-liable-for-bittorrent-piracy-high-court-rules-120420/
That's excellent for their clients. I'm guessing it set a precedent and the industry stopped trying anything else.
I didn't follow the most recent developments here in Canada but AFAIK, a decade ago the industry tried to sue individuals that were "pirating", and lost because they couldn't proof that an IP could be associated with a single person, or something like that. Then the industry pretty much stopped trying to sue individuals from that point. They still send the threatening letters, but they don't do anything else because past experiences with our courts didn't go well for them.
Of course, there is a very very slim chance that the industry will try to sue a few individuals to scare others and create a new precedent, but it's going to be a civil suit because it's not even criminal here.
it did, basically in Australia content owners are free to demand restitution for the actual loss suffered (ie the cost of a dvd) and if you ignore them, they are free to take you to small claims court over it, wearing the cost of doing so. so it essentially ended copy claims
Yeah i agree I torrent only occasionally and I haven't ever received an ISP angry letter but that's sounds right to me ...
The only thing I never understood is if I use a VPN my traffic is passed encrypted to a remote server somewhere else but from there on its unencrypted so the servers owner ISP should notify him about my inlecit traffic and it make sense he will notify me back so what's the point in relocating an angry letter... ?
Torrent on public access wifi from McDonald's, the local library, your neighbor's unsecured router, etc...
“I’m going to offload my need to be technically literate in order to pirate to my local library and let them deal with the problem because I’m an entitled asshole who shits where I eat and doesn’t realize I’ll get in trouble anyway.”
If you think that will protect you, there is a lot for you to learn..
Pray tell how they would find the user from an IP address that will resolve to a location other than where they live that they connect to anonymously?
I think McDonald's makes you make an account these days to use their WiFi, I could be wrong, however. This means you now have identifying information about you and your connection on McDonald's servers, which can be subpoenaed in an investigation.
Local libraries generally require you to have a Libary Card, which is associated with your library login. Because lots of people need library computers, they need to be able to get people to leave the computer without having to physically remove them. One of those ways is with tracking who is connecting by associating their account with a library card and disconnecting them automatically after a period of time. Your library usually wants you to live (or at least exist in) the neighborhood, and will have your name and address on file. This can also be subpoenaed in an investigation.
MAC address spoofing is trivial, sure, but a lot of folks don't know to do it, and in any one of these cases, if they used the MAC address that was burned in when the product was sold, they have a real opportunity to nail down which specific device connected. They would subpoena the manufacturer for records of where that device was sold, they would subpoena the records of the local retail outlet, and have information on the sale of the device used to connect.
In your neighbors case, you could just be condemning them to civil or criminal liabilities, depending on the laws in your jurisdiction. That's a pretty "not nice" thing to do.
I'm sure there's plenty of others. Those are just off the top of my head. Most of the reasons involve "companies keeping information about who uses their services and how," often called "logs."
There's a lot more information than just an IP being sent in a TCP packet.
To be clear, I'm not the person you were responding to originally and I think OP is fine if piracy is legal where they live, you just asked how it would be possible and so I tried to think of ways related to the suggestions you made. Cheers.
What if my neighbor is an asshole who deserves it tho? :p
lol ya got me
A lot of businesses and libraries block the ports needed to torrent or do much of anything beyond basic web access. Some places, especially libraries, will also have web filters in place to further complicate access to torrent sources. Even if by chance you could find a place that has those ports open and can get past the filters, as others have said, it is still possible for them to have enough information to identify you.
I accidentally turned off my VPN for like a few minutes while torrenting and Comcast immediately wagged their finger at me. Cover your ass.
You need a killswitch. When my VPN goes down it terminates the BitTorrent process
What happens if you start the torrent client without the VPN already running?
Bind your torrent client to the VPN interface, then you won't even need a killswitch.
Word to the wise.
Worse than CP?
NM, I don't want to know.
Really disturbing offhand remark from OP ya
Best to log off the Internet for the last time then, before it's too late.
Assuming the government defs doesn't care and wont cooperate with lawsuits.
Yes and no. Knowing your IP is sort of like knowing a PO box you rent. It can be used to try and transmit stuff to you, it can also be crudely geolocated, or if the person you're buying it from gives you up it can be traced directly to you as a person.
If someone wanted to, and you had terrible safety practices (such as opening mail you aren't expecting, the digital equivalent would be having software listening to ports) they could send you something harmful but this is probably not very likely unless you are pissing powerful people off (e.g. you're using that IP to distribute anti mossad documentaries or something :P). Your biggest threat is that somebody finds out who you are by going to your ISP and making them give you up.
If you are confident that this is very high effort and you are a small fish it's not much of a risk.
If you do use a VPN for torrenting, ensure it supports port forwarding. You won't be able to seed if the provider doesn't allow port forwarding. Sharing is caring :)
AirVPN is currently one of the best VPNs that support port forwarding, but there's some others that do, too. NordVPN doesn't support it. There's an old list here: https://old.reddit.com/r/VPNTorrents/comments/s9f36q/list_of_vpns_that_allow_portforwarding_2022/
Torrenting/seeding works great with Mullvad, which doesn't have port forwarding
How though? People that want the torrent can't connect to you if you're not forwarding a port.
You can connect to them though. Peers that have their ports open can allow seeders to connect to them
Do seeds actively connect to peers even when the download is complete? I haven't used BitTorrent in a very long time, but it didn't used to do that.
I am not sure, possibly not. Of course this isn't the ideal scenario, this is why port forwarding is still recommended, but you probably still get away without using it, if you download mostly freeleach and popular torrents. That way you can 1:1 the ratio during the download.
You can connect to people who have their ports open but not people who don't, when your ports aren't open
Is the legal environment tomorrow going to be the same for you as it is today? Are they going to change the law, (or the interpretation of it) tomorrow? Have they already done so, but that news hasn't reached you yet? If they have changed it, does a hostile entity have your information already logged?
To answer your question, yes, you should be concerned about exposing your public IP address.
Oh man, normally I don't respond to these kinds of posts because I'm always worried I'll just be helping someone that does CP. BUt, since you 100% definitely don't, which I think is really cool that you don't btw, I'm going to give you the advice that you shouldn't be concerned about IP exposure.
they could still be recording your IP, with intent to build a case against you, even if that requires one day in the future that your government randomly decides to bend the knee to the US. I still think that's a long shot though.
is your country a member state in WTO? are your copyright laws compatible with that of the US? does your country recognise foreign copyright claims from the countries that your pirated media comes from?
your worst risk as someone who just pirates safe media for personal consumption is getting a letter from your isp and that only happens if there are laws against it on the books and your isp feels threatened. if your country simply doesn't enforce its copyright laws it's unlikely you'll be chosen to be punished to set an example (they'll most certainly target notorious distributors) and your chance of getting sued by a media company amongst thousands of potential defendants in what i assume is a third world country is almost non existent.
I'm in the same boat. There have been numerous copyright lawsuits that have been thrown out by the courts in my country; however, I pirate because I'm poor AF so I can't afford a VPN anyway.
inb4 someone recommends a cheap VPN: No.
Cheap VPNs typically are cheap for a reason, and those reasons typically make them not worth the savings (like logging data and selling it)
Of course if your country doesn't care then sail away brother and be sure to seed
My country unfortunately cares a lot so a VPN is mandatory for me
I am selfhosting VPN for 2.49$ a month. Speed is up to 700 mbps in my case and I have additional services like PiHole + unbound.
If you're "self hosting VPN" then both your ingress and outgoing VPN servers are showing THEIR I.P. address publicly, which is then tied back to you through DNS/Hosting services, so, Lucy, splain that to me
Simple: make friends with someone with high speed internet who's not very savvy, keep up the charade until they allow you to borrow their computer. Then you install a headless vpn server with logging disabled. Boom, high speed local VPN that doesn't point to you. Just buy them a $2.50 beer once a month to keep up pretenses in case you need to do maintenance.
lulz
To find out my real IP address, you need to contact a hosting provider that is registered in a country with laws that allow it not to cooperate with authorities.
If you're self-hosting a VPN that you're using for piracy, you'll still have an unique IP associated with you, and your hosting provider knows that you're using that IP. Doesn't that defeat the purpose?
But if the server is located in a piracy-friendly country, doesn't that solve the problem?
How on earth do you selfhost a VPN?? I've never heard of that
The majority of VPNs are self-hosted. The most common use cases for a VPN are things like connecting to an employer's network when working from home, or connecting to your home server when away from home.
Commercial VPNs that route all your traffic through them aren't the usual VPN use case. They've become common mostly because people don't know how to use proxies, and they make it easy to ensure everything is routed via the VPN. A lot of use cases that people use VPNs for could really be solved with proxies.
TIL! Thanks!
You still need someone else's computer. Making a cloudflare proxie or other cloud platform is useless and not secure, specially if you're torrenting or trying to hide your IP.
I'm pratically sure they even block the torrent protocol and do not allow port forwarding on most cloud VPS.
Yeah proxies are great, but only if you have somewhere to route your traffic.
A proxy is no less secure than a VPN, assuming it's using encryption like TLS. It's not as good for torrents since you can't port forward, but fundamentally people that use commercial VPNs are using then just like a proxy. Some providers like NordVPN do offer HTTPS proxies in addition to their VPN service.
A proxy operates on the application level; a VPN on the OS level. Both the VPN and the proxy are susceptible to OS-level threats. The proxy is also susceptible to application-level threats that the VPN is not. A misconfigured or exploited torrent client, for example, could ignore the proxy and expose your public IP. With a properly functioning VPN, that faulty application can only expose the public-facing end of the VPN tunnel.
A VPN can also have a faulty config. Everything depends on correct configs :)
You sure about that? I mean, to use a VPN your need some kind of application that could potentially be vulnerable or have some zero day exploits.
In contrary, a proxy is as simple as to forward your traffic to another computer through a SSH tunnel which doesn't specially need some kind of application but only relies on lower level package.
Maybe I misunderstood your comment but If I'm wrong I'm agear to learn something new.
Self hosted VPNs are not suitable for sailing the seas. Self-hosting a VPN server only provides remote access to your local network. It does not provide any sort of privacy benefits, because the tunnel exit is an IP address traceable to you.
If they are paying for it, it's either not self-hosted, or they are paving a licensing fee for the VPN software they are running locally.
Ah ok, that makes sense, thanks!
Yes, very easy to create the VPN, but hard to hide your identity when your billing is attached to both ends.
It's a security risk but it's not a legal problem
VPN: Don't go online without it.
VPN’s are the rubbers of the internet
If you actually need privacy you should use something like tor, or a box which you have access to that can't or wont be traced to you (e.g. you have access to someone else's by covert means, you bought a server with cash in the mail, you bought a server in a nation that will never cooperate with the nation you're antagonising) which you tunnel to and use as a proxy.
A VPN is not necessarily very secure and doesn't mitigate the most serious threats like phone home programs that will ID you over the clearnet later. Trusting a VPN is extremely dicey and should absolutely not be relied upon to keep you out of gaol. It's better than nothing, but shouldn't be over emphasised.
A condom also doesn’t solve all your problems but it’s a good foundation lol
Using a condom doesn't require trusting a third party to keep you out of gaol, and has lots of regulatory industry around it guaranteeing quality.
VPN companies are not ideological projects, they are businesses bound by the laws in the countries they operate in optimising for profit. They will abuse your trust if it makes them money or frees them from criminal liability.
My dude you are over interpreting this. It was just a fun little joke. I have a lot more than a VPN guarding my system.
People read this stuff, get mislead, and get fucked up for the crime of wanting to watch a film from 60 years ago.
If you use a reputable VPN like Proton or Mullvad to torrent the occasional movie/show and don’t torrent without it it’s incredibly unlikely you’ll get caught. Beyond that it’s completely about what you’re doing online and VPN’s are not magic bullets for all things. But for torrenting, it’s good enough 99.99999% of the time.
If you’re constantly torrenting hundreds of things a month, especially new releases, yeah you should do more. But that’s not some dude grabbing a 60 year old movie one time. For your example a VPN will get the job done and their ISP will be none the wiser.
If someone bases their entire piracy knowledge on my one liner that’s on them and I’d be shocked to see that on this instance. I’m all for making sure we acknowledge all experience levels but you’re taking that a little too far here. I made a condom joke dude.
I lived in Cambodia and the gov doesn't really care about pirating media and games so I can pirate as much as I wanted but ironically they arrested one of the pirate bay founder here and deported him back to Sweden
I have questions:
Does the government just "not care" or is piracy specifically legal because there aren't local laws against it?
While you say they don't care right now, do you think there is a possibility that they might care in the future? Because governments often capture lots of information on their citizens with the knowledge that they can then target people that they dislike. Piracy is one of many things governments can use against a person if they really dislike them or what they're doing.
If it's explicitly not illegal and won't be in the near future, I wouldn't be too worried.
However, it might be a good idea to avoid public trackers anyway and focus on slowly growing a good reputation on private trackers. That might take some time, especially if you have a slow connection, which is quite possible in a country that doesn't care about this sort of thing.
You won't necessarily need a VPN for a private tracker, but it gives you a small amount of protection since at least the members of a private tracker are a (supposedly) vetted, trusted community instead of just any random person grabbing your IP.
It's more up to the isp. I torrented VPN free for a couple years when I lived in Burlington, Vermont and used the Burlington Telecom ISP. No copyright letter, no fees, and no legal issue.