BitTorrent has plenty of legitimate uses but much of the traffic that passes through can be linked to copyright infringement.

This is true on all regular Internet providers but also on university networks. Unlike consumer ISPs, however, educational institutions are required by law to prevent copyright infringement to the best of their ability.

In 2010 the U.S. Government added a new requirement for colleges and universities to stop illicit file-sharing on their networks. This legislation puts a defiant school at risk of losing federal funding if it doesn’t do enough to stop illicit file-sharers on its campus.

Schools across the country responded appropriately to the new rules and some institutions have spent hundreds of thousands of dollars to install anti-file-sharing systems on their networks. While these efforts may have been somewhat successful, college piracy hasn’t been completely eliminated.

With help from the BitTorrent monitoring outfit Scaneye we were able to see the presence of individual universities on the popular file-sharing protocol. Scaneye looks at the IP-addresses that are sharing files on BitTorrent, and records every encounter as a “hit.” More hits therefore means that BitTorrent usage is more prevalent on the network.

As can be seen on the table below, the Massachusetts Institute of Technology leads the list with 1809 “hits” since January 1 of this year. Rutgers University follows in second place with 986 hits.

The rest of the top five is made up by New York University, the University of Houston and Texas A&M University.

Compared to last year the University of Illinois made the biggest jump from the 41st place to 6th. Conversely, The University of California, San Diego, was in 19th place last year and has since dropped out of the top 50.

Since BitTorrent can be used for many legitimate purposes we took several samples of the content being downloaded on the university networks, and the majority is clearly infringing.

While students and staff are certainly pirating movies, software and music, it is certainly not rampant. Especially when you take into account that some universities have hundreds of thousands of students, and that a single student can generate several hits.

To put things in perspective, most residential ISPs have millions of hits every month, and even the Department of Homeland Security has hundreds of pirates in its organization.

Below is the full list of the top 50 universities ranked by (absolute) BitTorrent usage in 2013. The older 2012 ranking of universities based on the student population is available here.

Universities ranked by BitTorrent usage

#	2012	University	Hits
torrentfreak.com
1	(1)	Massachusetts Institute of Technology	1935
2	(2)	Rutgers University	1851
3	(3)	New York University	1401
4	(4)	University Of Houston	1088
5	(6)	Texas A&M University	900
6	(41)	University of Illinois	850
7	(12)	Northeastern University	826
8	(…)	Georgia Institute of Technology	741
9	(15)	Columbia University	722
10	(13)	Michigan State University	702
11	(39)	University of Washington	699
12	(10)	University of Maryland	689
13	(5)	University of Southern California	679
14	(7)	The George Washington University	671
15	(37)	University of California at Berkeley	613
16	(8)	University of Minnesota	613
17	(16)	Boston University	591
18	(…)	University of California, Los Angeles	580
19	(21)	Ohio State University	561
20	(1)	Ohio State University	558
21	(…)	Rochester Institute of Technology	550
22	(30)	Purdue University	522
23	(17)	Vanderbilt University	521
24	(27)	University of Colorado	518
25	(46)	University of Utah	494
26	(…)	University of Chicago	482
27	(…)	Stanford University	434
28	(14)	Wayne State University	411
29	(49)	Duke University	410
30	(…)	University of North Texas	405
31	(…)	State University of New York at Stony Brook	398
32	(23)	Case Western Reserve University	388
33	(11)	Tennessee State University	378
34	(…)	University Of South Florida	373
35	(42)	Georgetown University	366
36	(…)	University of Oklahoma	364
37	(33)	Lindenwood University	364
38	(26)	The Pennsylvania State University	359
39	(…)	Virginia Polytechnic Institute and State Univ.	359
40	(48)	University of Pennsylvania	351
41	(45)	University of Wisconsin Madison	343
42	(9)	State University of New York at Buffalo	339
43	(22)	University of Michigan	334
44	(…)	Claremont University	334
45	(…)	University of California, Santa Cruz	326
46	(…)	Iowa State University	324
47	(40)	Fordham University	320
48	(18)	North Carolina Central University	318
49	(36)	Grambling State University	318
50	(…)	University of Texas at Arlington	309

Source: College Pirates? U.S. Universities Ranked by BitTorrent Usage

When it comes to keeping their privacy, many file-sharers like to think of themselves as a secretive bunch.

The ever popular VPN is showing no signs of decline and as time goes on the interest in joining private torrent communities grows.

Last month we took a look at the large amounts of data being stored by private torrent sites on their users, alongside the question of whether that information could be better handled in future.

That article prompted an individual, ‘X’, to contact us with information on what is perhaps the private tracker scene’s dirtiest and relatively open secret.

For those unaware, ‘X’ was talking about the phenomenon whereby losing an account or misbehaving on one torrent site can affect a user’s status on another. It’s been going on for some time now but it’s definitely worth mentioning in light of current concerns over data privacy.

X asked to keep him anonymous, and for good reason. He is the former sysop, admin and coder of at least two well known private torrent sites and the founder of another. He asked us simply – what do we know about how much information is being passed between torrent sites?

“I could take a username/email address/IP address and get information about any matching users on 30+ different sites. Some of it was automatic, some of it was request ticket based,” X explained.

So what kind of information is being shared? According to X, a staggering amount.

“Once a user was banned on one of the member private trackers, every IP they ever used for the site, RSS feed/API, and announces (even transversing HTTP proxies if they didn’t properly hide their origin IP), their email address, and their username was used to build a profile of them by combining shared data between the collective sites,” he revealed.

X told us that the databases are so rich in information that it’s possible to build detailed profiles of users, some of which are associated with more than a thousand IP addresses including access dates and times, plus a hundred usernames/email addresses and details of their supposed misbehavings.

“Everything from being a dick, being/acting suspicious, cheating/trading, letting someone else use their account, to staff running off with donation money could get a user on this database,” X said.

So how does this PRISM-like system work? According to X, it’s professionally constructed.

“All of these user profiles were accessible by all member sites via API, and quite a few sites kept their own copy of the database, pulling down information updates at regular intervals, and sending profile updates/creations on matching or requested information,” he revealed.

The security implications of holding local copies of full databases are a serious concern.

“If any of these sites got raided or hacked, data about users who never even used the site would be in the hands of the invader.”

We’ve discussed the reasons why these kinds of systems are in place in previous articles. Private sites have an ‘economy‘ to preserve and need to be able to keep tabs on damaging users in order to keep their sites healthy.

Of course, this is the kind of reasoning also employed by the NSA when it tries to justify spying on everyone. Are these excuses acceptable or not? Does the end justify the means?

“The NSA leaks have shed a new light on what I regularly did at my post [X says he wrote some of the code allowing the sites to communicate], and while I can’t deny the good it did in keeping [our site] from falling to shit, the way the information is handled and the secrecy behind this are things that need to be exposed and reworked,” X concludes

It is unlikely that the participating trackers will give up their intelligence systems just like that since the information they provide is a crucial part of keeping their sites healthy. But equally, these kinds of databases could become hugely problematic should they fall into the wrong hands.

What happens next is up to the sites running the operation but coordinating change and introducing a better system could prove almost impossible.

Source: Private Torrent Sites Run Their Own Mini-PRISM to Share Data on Users

In many countries across Europe users visiting many of the world’s leading torrent sites are greeted with messages informing them that the domain is no longer available.

These court-ordered blockades requested by the music and movie industries are becoming widespread, but even more common are tools to circumvent them.

One of the most straightforward and popular ways to unblock a site is by using a reverse proxy. There are dozens of them online and they are as easy to use as a regular website. So what makes these sites tick and what motivates their operators to keep them online?

TorrentFreak caught up with dhxr, an operator of PirateReverse.info, one of the largest torrent site proxies.

Censorship – necessary evil or something to be fought against?

“Personally I am against censorship at all levels bar extremities. Essentially there should be no censorship of the internet except for content such as child pornography. These views extend to mediums such as books and other publications,” dhxr explains.

“In the UK the IWF maintains a list of such content that has been blocked for a number of years – but as with every other instance this can be abused and used to block content on political or copyright grounds.”

Dhxr notes that in some cases censorship is acceptable, at work for example when you’re there to a job and not sit around on Facebook all day. But when we get home and are paying for what is now becoming a limited service, things change.

“One might say the definition of being able to access the internet is having the ability to at least connect to all 4,294,967,296 IPv4 addresses and 3.4*10^38 IPv6 addresses if your ISP provides IPv6,” he says.

As each week goes on, however, it’s clear that’s not what we’re getting.

What motivates to create and keep anti-circumvention tools online?

“For me, it was the realization that censorship of this level is wrong and cannot be tolerated. Why should we have some corporate interests govern what we can and cannot see?

“Unfortunately that is the way it is going – because fundamentally it is all about money, despite the many studies that claim blocking sites has little to no effect on record label and film company profits.

“I think most people who run proxy sites also share this realization and wish to help the effort. There can never be too many proxy sites,” dhxr observes.

Why are proxies and reverse proxies so important?

“Proxy sites are important because they are the easiest to use. There is no setting anything up for the user, just type in a URL and see the site you’re used to seeing. Their place in online society has only been formed out of necessity. If no torrent sites were blocked, then little to no torrent site proxies would exist. As it happens, with censorship rife in many countries, the need for accessible proxy sites is ever increasing, and with the more sites being blocked around the world, demand will continue to increase,” dhxr predicts.

Reverse proxies – how do they work?

“The term ‘reverse proxy’ relates to how the servers are configured. Typically a ‘forward proxy’ takes requests from clients (such as a web browser), fetches the content, and sends it back,” dhxr explains.

“An example of this is Immunicity. By requesting and relaying the content from an unblocked server, it allows unrestricted access to specific resources. On the other hand, a ‘reverse proxy’ does the same but rather than being setup in a web browser as a proxy, it is setup as a website, so all the user needs to do is type in a URL and the server requests content from the original site, then sends it back to the user.”

Maintaining a reverse proxy

“Daily maintenance is slim, it consists of checking everything is working as intended. Most other system admin tasks are automated. We don’t log so this removes a large maintenance hurdle of rotating the logs and managing disk space. We cache responses in memory because it’s faster than writing to disk, which is an important part of the process because without it, the proxies would be slow,” dhxr reveals.

Overcoming challenges

“As part of our almost daily routine, I check TorrentFreak and see if blocks against any new sites have been announced. Typically I like to get the domains sorted as soon as the sites are mentioned as candidates to be blocked, then I can get to work proxying them and ensuring they work fine, well ahead of when the blocks are due to be implemented. This can sometimes be challenging because from a technical level every site is different,” dhxr notes.

Interestingly there is one particular site that causes more problems than most.

“We don’t really know why, but Kickass’ servers compress all their content and you can’t ask for it uncompressed like most sites. This makes it very difficult, as many other proxy operators have experienced, to rewrite Kickass’ URLs so images and CSS load from an unblocked domain,” dhxr explains.

“At first we wrote a script that would manually ungzip content but it was slow and inefficient. Now, after much research and testing, we use Apache inbetween our web-facing servers and Kickass, which is configured to decompress content ready for the URLs to be rewritten so the site loads as the user would expect.”

Hardware – the thirst for more power

Initially PirateReverse used a small VPS server located inside the UK but that was soon moved to Sweden where it operated for several months. But due to an increase in demand, an upgrade was in order. Dhxr told us that two additional servers were obtained in Spain and the Isle of Man but a 16Gbps DDoS attack caused the site’s host to lose patience with the service.

“We took this opportunity to move onto our own dedicated hardware, which is what we’re still using today as it provides more than enough capacity which helps ensure our proxies are always fast regardless of how many people are using them. We currently have two web servers, each configured in parallel. There are other servers behind the scenes too that help keep everything running smoothly,” we were told.

PirateReverse are connected with the Immunicity unblocking service, so even more hardware is needed there.

“We have a few servers running the Immunicity website, the load balancer and configuration broker. Then we have two gateway servers, currently running in parallel.

“We have hardware pending installation, which when configured will replace the existing gateways. These new servers are more powerful and will keep Immunicity running for the foreseeable future at least, with 16GB RAM, 2TB HDD and 3.4GHz Intel Xeon E3 processors each,” dxhr reveals.

Looking to the future

Finally, what happens next month and next year? Dxhr says he’s not optimistic and fears for the health of the Internet.

“What was once thought to be open, has slowly started to become compromised by corporate interests. It is hard to predict specifically what will happen, but I think encryption will become a key element in what we do online in future,” he predicts.

“As for proxy sites, they can easily be blocked, and they are. Many of our domains for example are now blocked by UK ISPs. Whatever happens though, there will always be technical ways to circumvent censorship – success of these methods can often be down to the complexity, and the laws surrounding their use,” dxhr concludes.

Source: Censorship Busters: The Challenges of Running a Pirate Bay Proxy

December 2011, a month before the criminal proceeding against Megaupload became public, Kim Dotcom first revealed his plans to launch a new service to transform the music business.

At the time the project was called Megabox and the similarly named .com domain was seized by the U.S. Government. However, despite all the legal troubles, Dotcom continued development on the music platform.

It’s currently being prepared for a public launch, albeit under a different brand. Dotcom had decided initially decided to keep the new name a secret for a while, but after he resigned from Mega earlier this week there were several signs suggesting that it could be “Baboom.”

TorrentFreak presented the Internet entrepeneur with these findings, and Dotcom confirmed that the new service will indeed launch at Baboom.com.

Dotcom has already secured several millions in funding for the project and there are currently 22 developers working on it. Unlike Mega, Baboom will be operated by a company owned by the Internet entrepreneur himself.

With Baboom, Dotcom strongly believes that he can revolutionize the music industry and give artists full control over their music again.

“I am really excited about Baboom. I can’t wait for artists to see what i have created for them. Their entire career can be managed on Baboom. Artists never had more freedom, transparency and control,” he tells TorrentFreak.

The teaser below shows what Baboom will look like, although not all design elements are final yet. The completed project will be much more advanced than how the Megabox idea initially started, and Dotcom doesn’t plan to release it before it’s perfect.

Baboom teaser

Dotcom previously said that there are several “top artists” lined up for the launch, but those featured in the teaser above are just internal design placeholders, for now.

When it’s released Baboom will give the public access to free music, while compensating artists through advertising revenue. With this “free music” business model Dotcom believes he can decrease music piracy while giving artists proper compensation for their work.

In addition, Baboom is expected to have a paid version where music fans can pay for music and not be bothered by ads.

It is no secret that Dotcom has several prominent connections in the music industry and it will be interesting to see which artists join the project. In any case, there will definitely be plenty of attention for Baboom’s launch.

Whether Baboom will be able to challenge the mighty influence of the major labels will become clear in a few months’ time.

Source: Kim Dotcom Teases New Music Service… BABOOM

Yesterday one of the largest BitTorrent sites on the Internet slowly started to disappear from the Internet.

Without knowledge of the site owners, the nameservers had been wiped from the domain records. While some people were still able to access the site through cached DNS entries, more and more visitors reported issues as time passed.

TorrentFreak got in touch with the site’s owner, who initially thought that there was a DNS problem with the content distribution network. However, when he contacted Leaseweb, who manage the domain name registration, it turned out that the problem was more serious than that.

Leaseweb support informed H33t that the registrar had removed the nameservers after receiving a court order, which appears to be related to a copyright dispute.

“We asked our registrar why we cannot add the nameservers of LeaseWeb to your account. They informed us that they regretfully forced to temporarily disable the domain name due to receipt of a court order as the registrant had not reacted upon a request to remove certain files/entries from his service,” Leaseweb explained.

“They are currently analyzing the Court Order with the intent to have it lifted, but that may take a while. For more information, please contact the registrar who tried to contact you regarding this matter. LeaseWeb can not help you any further with this,” the company added.

The owner of H33t is surprised by the mysterious court order and told TorrentFreak that the site has received no correspondence regarding the matter.

“At this point we do not know who is making the complaint, neither do we know who the Leaseweb registrar is because they have not contacted us,” H33t’s Shelby explains.

H33t’s owner was contacted two weeks ago with a request to prove that the WHOIS data is real. H33t complied with this request by providing company documentation and certificates, but hasn’t heard back since.

The torrent site is also surprised that by the accusation that they failed to take allegedly infringing content down.

“H33t has a DMCA style takedown procedure linked on every page. we thought it was enough, apparently not. Today I learned that any site can be taken offline by a complaint without the need to contact the site,” Shelby says.

While H33t does indeed have a takedown policy, it has to be noted that they charge copyright holders an administration fee of $50 per takedown request. The site doesn’t comply with the DMCA, claiming that it falls outside US jurisdiction.

Whether the court order will do much to stop H33t from operating is doubtful. The site’s servers are still up and running and the admin is working hard on getting the site back up under a domain, H33t.eu.

“H33t.eu is firing up now and will be fully live within 24 hours as soon as the DNS changes propagate to your locale. The regular h33t tracker is also firing up on the new eu domain announce,” Shelby tells us.

While H33t is expected to make a swift return, the mysterious domain seizure does raise several questions. Is this a criminal matter or a civil case? Under what jurisdiction was the court order obtained?

In the past the U.S. Government has seized hundreds of domains related to copyright infringement and counterfeiting, but if this comes directly from a copyright holder then that’s certainly a game changer.

The positive news is that the unnamed domain registrar intend to fight the court order according to Leaseweb. To be continued.

Update: H33t is back under H33t.eu

Source: Mysterious Domain Seizure Takes H33t.com Down, But not Out