Originally Posted by
chrisbeebops
The simple truth is that few people in p2p care about real security or even know what real security means.
Most users want something for free, and want to put minimal effort, time, and money in order to get it. This means the number of ratioless trackers opening is on the rise as users no longer see the point in saving up ratio credits to download older content. Users are buying cheap servers for a month or two, buffering a TB of credit, then hit&running on everything in perpetuity, adding no benefit to the site and hurting retention.
Staff meanwhile are concerned chiefly with what they can get for themselves, and the prestige of their site. New sites opening monthly, with staff immediately requesting (and funnily enough receiving) invites and VIP status places previously out of reach. Older sites plagued by inactive user bases are content with letting their sites slowly die as handing out invites (or *gasp* open signups) would hurt their own site's prestige (kudos to HDBits for actually purging some deadweight and allowing at least a few new members). Not to mention site owners taking money from the site's account for their own, personal use. Sites with bugs in the
To be honest, there is no such thing as security in p2p. Absolute security means that you can trust beyond a shadow of a doubt every single member of a site. I don't know the nicks of 99% of the people on a site and neither do you. I don't know any of them IRL. I have no way of knowing if a given person on a site is a legitimate p2per like me or an informant until it is too late and I am already in trouble for my actions. And with the current design of bittorrent, anyone can join a swarm I am a member of and pull my IP address.
There is some truth in the saying, security through obscurity. Being a member of a smaller tracker and fewer trackers does make it harder to bust you. But all it does is increase obsurity... not security. MPAA/RIAA like to go after the big targets for the big headlines, but there is no reason they could not go after you as well.
p2p protocols are inherently insecure, and if you are looking for security and peace of mind, you are in the wrong place. Security means you place inherent trust in everyone you can and do connect to (this means every member of every tracker you are actively using for leeching or seeding. Despite anyone's best wishes, it is not possible to know or trust every single person in a tracker, and to trust that every single person will be responsible with his invites, and his invitees will be responsible, and so forth.
The only thing that could remotely come close to security is to force everyone to use anonymous proxies and/or VPN's in countries with lax anti-piracy enforcement. But this even itself has inherent disadvantages (added cost, decreased speeds, increased difficulty in staff finding and removing bad users).
If you want true security, look into F2F (friend-to-friend) protocols. They work by allowing you to specify the exact set of users you wish to connect to. Through this, groups of friends can spider out to connect everyone indirectly. If you and I aren't friends, but share a mutual friend, you can still download files I am sharing, but connections will be routed through mutual friends (or whatever chain of friends connect us together).
This likely decreases speeds, available content, and bandwidth usage efficiency. But it is definitely the most secure. You can't have your cake and eat it too.
Bookmarks