If you download files using a BitTorrent client, you’re probably being spied on. This is the conclusion that Tom Chothia and his team at the U.K.’s University of Birmingham have come to.
Chothia presented a paper on the findings at the SecureComm conference in Padua, Italy this week. The paper detailed the team’s review of existing coverage on indirect monitoring as well as its implementation of “features that detect direct monitors, and provide the first ever measurements of direct monitoring.”
Chothia’s team set up a faker server as part of a BitTorrent swarm—a group of BitTorrent users who are all sharing pieces of (often pirated) music, movie and other files.
Within a short time, Chothia detected monitoring presences in the server. Further investigation showed the monitoring was widespread, recording the IP address of any user who downloaded or shared one of the top 100 most popular torrents on the Internet’s largest torrent aggregator, The Pirate Bay.
“(T)his implies that copyright enforcement agencies are monitoring only the most popular content on public trackers,” Chothia wrote.
The researchers further found that those BitTorrent users “sharing popular content are likely to be monitored within three hours of joining a swarm.”
Those doing the monitoring, according to the study, were copyright enforcement authorities, such as Peer Media Technologies; labs, and computer security consultancies.
As Paul Marks notes in New Scientist, “Given the vast numbers of people whose IP addresses will have now been logged, the finding raises the question over what enforcement outfits now plan to do with their harvested data.”
Chothia pointed out one reason these firms may want to track BitTorrent users, though: marketing. “The data shows what content is popular and where,” he told the BBC.
Photo by Eli Brown/Flickr