SEARCH

How-To Geek

BitTorrent for Beginners: Protecting Your Privacy

lock and chained computer

Photo by Benjamin Gustafsson

Anytime you’re making connections to anything outside of your network, security should be a concern, and this is doubly true for users of BitTorrent, who are getting data from all sorts of unknown sources.  Here’s how to protect yourself.

Note: This is the third part in our series explaining BitTorrent—be sure and read the first part of the series, where we explained what BitTorrent is and how it works, and then the second part, where we explained how to create your own torrents.

Security Threats

It’s important to understand what types of threats are out there in order to effectively block them, so let’s take a look.

Viruses and other forms of malware are the most basic of threats.  The files you download are foreign and you should treat them as such; scan them promptly after downloading them.  Most major anti-virus programs have the ability to add folders for auto-scanning, which is probably the ideal solution if you either don’t have time or don’t want to waste effort doing things manually.

Computer Security

Photo by fitbloggersguide

On the more serious side, it shouldn’t be any surprise that your IP address is very easy to trace.  While many people have never had problems, that doesn’t mean you shouldn’t worry about things.  In addition to people just eavesdropping on your connections, your downloads can also suffer.  There are increasing incidents of “bad traffic,” peers who send corrupt data in response to BitTorrent calls, forcing users to have to re-download those sections of their files.  Users who transfer copyright-infringing material also have to worry about getting caught via these same methods.  We at How-To Geek don’t condone piracy, of course, but we do support security, and the best way to stay secure is to stay informed.

Encryption

One way to help alleviate these problems is to enable encryption for your connections.  This prevents the data sent between two peers from being understood by onlookers, although it doesn’t prevent them from seeing their IP addresses or certain details from the tracker, such as amount of data transferred.

This is not a perfect solution, however.  Encryption has to be supported by your peers as well, and they may not have their clients set to use it.  Some trackers don’t even allow encryption, but if yours does, it’s not a bad idea to enable preferring encrypted connections, but allowing unencrypted transfers if none are present.

Enable Encryption in uTorrent

Open uTorrent, go to Options > Preferences, and then click where it says BitTorrent on the left.

sshot-29

Under where it says “Protocol Encryption,” choose Enabled and click on Allow incoming legacy connections.  This will allow outbound encryption but still accept non-encrypted connections when there are no encrypted connections available.

Enable Encryption in Transmission

Open Transmission and click on Edit > Preferences (Linux) or Transmission > Preferences (Mac OS).  Then click on the Privacy tab (Linux) or the Peers tab (Mac OS).

Screenshot-Transmission Preferences-1

Under the “Encryption mode” dropdown box, select Prefer encryption.  This will still accept unencrypted connections when there is a lack of encrypted connections available.

IP Blockers

Another thing you can do is use an IP blocker.  These programs run alongside an existing firewall (you DO have a firewall, don’t you?) and your BitTorrent client and they filter out IP addresses based on blocklists.  Blocklists compound ranges of IPs that contain known problems, such as monitoring and bad packet transfer.  How well they work is up for debate, and there is no consensus on whether they do anything at all.  Websites and trackers that are fine sometimes get blocked, and you have to manually allow them.

If you’re a cautious person, however, it’s not a bad idea to run an IP blocker just in case.  The most well-known ones are PeerBlock for Windows and Moblock for Linux, and Transmission for both Mac and Linux has the ability to use a blocklist.  PeerBlock, once installed, allows you to download and update blocklists and automatically starts to block IP addresses.

Install and Configure PeerBlock on Windows

Download PeerBlock from their website.  The beta is pretty stable and provides the most useful features, and is compatible with Windows XP, Vista, and 7 (all versions).

sshot-30

Installation is a breeze, and once it’s finished and you open up PeerBlock, it will start the configuration wizard.  Hit Next.

sshot-31

On this screen, you can choose which types of blocklists to subscribe to.  You can see here that we chose P2P, and threw in Spyware for good measure as well.  If you’re new to this sort of thing, it’s probably best to choose Always Allow HTTP as well, since it allows all traffic through that port.  If you don’t choose this option, your browsing may be affected, and you’ll find yourself having to manually allow certain websites.  Click Next when you’re done.0

sshot-32

Next, you can choose to schedule what and how often to update.  The default are perfectly fine here, so click Next.

sshot-33

You’ll see a pop-up and your selected blocklists will automatically update.  Once they’ve finished, the Close button won’t be grayed out and you can click it.

sshot-35

You’ll be greeted with the main PeerBlock screen, where you can view the history of blocked attempts to access your computer, manage your lists, check for updates manually, and so on.  You can exit via the icon in your system tray.

Blocking IPs on Linux and Mac OS

Moblock is a little more powerful and complicated, and although there is a GUI by the name of Mobloquer available, it’s not a walk in the park to set up.  Furthermore, it only works on Linux, and there aren’t a wide variety of comparable tools available on Mac OS that work as well.  Serendipitously for us, however, Transmission can download and utilize blocklists very easily!

Open Transmission and click on Edit > Preferences (Linux) or Transmission > Preferences (Mac OS).  Then click on the Privacy tab (Linux) or Peers tab (Mac OS) once again.

Screenshot-Transmission Preferences-2

Click the checkmarks next to the Enable blocklist and Enable automatic updates boxes, and then click the Update button.  Transmission will automatically download and utilize the P2P blocklist and will display the total number of rules being followed.  That’s it!

Private Trackers

Staying safe is important because you don’t know who (or what) is out there.  But, what if you had a reliable source?  Private trackers serve as an ideal long-term solution because of a few key reasons:

  1. A closed, trusted community:  The tracker requires registration and there is a screening process.  Breaking rules can lead to being banned, and in many cases, if people you invite into the community do something to get banned, you also get banned.  While this may seem like a looming storm-cloud, as long as you’re careful you’ll be safe from most threats and so will everyone else.
  2. Strict connection rules:  Only approved clients and methods are allowed.  This cuts down on users faking ratios, leeching, etc. and simultaneously dictates how connections should be made to maximize speed and safety.
  3. Standards for torrents:  Uploaded files have standards as to quality and format, as well as being virus and malware free.  Most trackers require previews for disambiguation of similar torrents.
  4. Ratios:  Each user is required to maintain a certain ratio of uploads to downloads.  This is often judged via total amount in MB, although add new torrents can give you a bonus, or there may be donation-based perks.  This ensures that files have a high availability and helps with speed, although this admittedly varies based on the individual torrents themselves.

As you can see, this forms a pretty good long-term solution to a lot of issues you could potentially encounter while using BitTorrent.  You get a lot of perks when you join a private tracker, and there are many out there.  The main downside is that you have to wait for registration or else find someone who can send you an invite, which can take some time.


If you’re the cautious type, it wouldn’t hurt to combine these strategies to mitigate security and privacy threats.  With cybercrime a very real danger, it’s a good idea to take control of your computer’s security through tools like these, without compromising your internet activity too much.  The most important thing you can do, however, is make smart decisions, both in what you download and where you go, and stay informed of what’s out there.  Doing your research is the best way to stay safe.

Edit: The tab under Preferences for Transmission on Mac OS was fixed. It now correctly refers to the Peers tab.

Yatri Trivedi is a monk-like geek. When he's not overdosing on meditation and geek news of all kinds, he's hacking and tweaking something, often while mumbling in 4 or 5 other languages.

  • Published 10/27/10

Comments (27)

  1. Rose

    I can see the privacy tab in Transmission on Linux but not on Mac OSX. The tabs available are General / Transfers / Groups / Bandwidth / Peers / Network / Remote.
    Could you tell me where to find the privacy settings within that please?

  2. asdf-chan

    Nice article. Since i don’t use torrent that much except for leeching my Linux iso files i don’t know much about it. Also if may give you a hint: It would be nice to recommend open source software which is comparable to some fancy closed source software, especially when it comes to privacy. As an example PeerGuardian

  3. YatriTrivedi

    @Rose I apologize; the proper tab for Transmission on the Mac is under Peer. You will find the equivalent settings there

  4. YatriTrivedi

    @asdf-chan: I selected PeerBlock as PeerGuardian is depreciated and they themselves recommended PeerBlock. Open source is the way to go, so if you find any alternatives, let us know!

  5. Fooghump

    Nice article. It does surprise me that you don’t talk about a very important part of P2P now which is the use of a VPN services for security / privacy.

    The majority are paid for (a few dollars/pounds/euros) a month and have the following benefits:
    -True encryption so no one can sniff what you are doing
    -The VPN provider hold no logs (or limited logs for fault finding)
    -The torrent providers / trackers will never know your real ip address.
    -Can bypass traffic shaping restrictions
    -Can bypass country restrictions.

    There are more benefits and people who are serious about torrenting should definitley investigate VPN’s – google the term “torrent vpn service” or similar should provide you with plenty of options.

  6. rino

    so how does one find and join private trackers?

  7. Kent

    uTorrent now has ipfiltering built in. Under Preferences, Advanced, the variable “ipfilter.enable” can be set to true and uTorrent will read C:\Users\%username%\AppData\Roaming\uTorrent\ipfilter.dat for its list of IPs to block. This has the advantage of only applying the filter to uTorrent and not the entire computer.

    I got the file “uTorrent IP Filter Updater.exe” packed in a .zip from somewhere. Not sure what ip list it uses, but it is a standard format. uTorrent forums have threads on ipfilter.dat.

    At any rate, it’s a feature to keep an eye on in future uTorrent releases as it gets easier to use.

  8. asdf-chan

    @YatriTrivedi
    It doesn’t seem like PeerGuardian is depreciated when i look at the sourceforge project.
    http://sourceforge.net/projects/peerguardian/files/

    pgl_no-GUI_2.0.3.tar.gz linux 107.5 KB 2010-09-12 6,170

    Of course it’s only the linux version but that doesn’t mean that there will be no port for Windows or Mac.
    To bad i can’t find any other project that is OSS :\

  9. cpx

    IP blocking software is complete bullshit because there’s NO privacy on the internet. Admit it, it is a myth and you won’t be able to hide even under the largest tinfoil hat you’ll ever find. Just stick to trusted private trackers, turn your encrytption on if you wish to and never even try downloading off the TPB or other public tracker/indexer.

  10. AcidSpoon

    @rino

    You basically have two choices: Be invited or pay. Demonoid is a well-known private tracker that is invite based. Most private trackers are. This means to get in, you have to know someone who’s in. So, basically its not what you know, it’s who you know.

  11. asdf-chan

    @cpx
    Not completely true, see bogon filtering

  12. jre

    @asdf-chan: Sorry, but pgl (PeerGuardian Linux) will not be ported to Windows, pgl is too Linux specific.So the Windows IP blocker indeed is PeerBlock. If there will be any port, then this will be PeerBlock to Linux.
    jre (pgl developer)

  13. Robert

    A timely article, since the Federal court just closed LimeWire yesterday
    after a 4 year battle. No doubt many new users will be installing uTorrent, etc.

  14. nikes

    recently i downloaded a vedio but it doesn’t play…..it asks to download a player to play the encoded vedio…..Is it ok to download it?

  15. asdf-chan

    @jre
    Thx for the info :(
    Will PeerBlock ever be OSS? *please say yes*

  16. jre

    Well, I’m not a PeerBlock developer and not a Windows user. But unless I missed something: PeerBlock is licensed like PeerGuardian 2: “zlib/libpng”, which is Open Source. You can get the source here: http://code.google.com/p/peerblock/source/checkout
    Contact the developers at peerblock.com.

  17. Transviloquist

    nikes the answer is NO NO NO NO NO NO NO !

  18. steuck

    Good article. Can I request one on how to spot fake trackers?

  19. nikes

    so isn’t there any way that i can play the movie or know before hand that it asks to download or anything like that? it’s really infuriating to see that the movie which u have downloaded after hours just doesn’t play…:(

  20. Abhishek K. Pandey

    @Nikes: Had you already downloaded the movie? Then, first of all, scan it. If its genuine, its ok. For playing it you can use VLC, if you don’t have.

  21. Abhishek K. Pandey

    @YAtri: Any Suggestions for Torrent PRIVACY !!

  22. ION

    Good Article but now I have more doubts =P
    do i really need an ip blocker program/feature if I’m using the opendns service?
    They guys from opendns say that they already block spyware and more stuff
    so i wonder if that also covers privacy with utorrent.

    Also..keep writing more articles about torrents.

  23. Elizabeth

    these articles are truly awesome and to add software to assist me is even better :)
    I also read what others have to say for that also teaches me ,,,,

    I have a few questions : When I set up a torrent to send files to my friends, I had to disable the outgoing protocol however, this article says to enable it.
    What do I do since I must be running torrents in order for my files to be seen by my friends correct ? How
    do they get to see my files ? and what instructions do I give them to be able to download my files :-)

    thanks a bunch !!
    xoxo
    Elizabeth

  24. Elizabeth

    **** CORRECTION ****

    NOT DISABLE OUTGOING PROTOCOL BUT ‘FORCED’ IS WHAT THE INSTRUX INDICATE TO DO WHEN CREATING A TORRENT…….SORRY ABOUT THAT !

    thanks again !!
    Elizabeth :)

  25. Anon

    PeerGuardian2 has been running on Windows for years now…
    Bogon filtering is good, and yes most lists can help. Dont listen to people saying it does nothing.
    @Eliz, 1. create torrent as you’ve already read. 2. Send .torrent file to friends. 3. Receive bacon.
    As for encryption, when you create your own torrent to run on your own tracker (you send your own file), you want encryption because you are seeding, you control the bit flow… When using public or private trackers (you receive files), you should not force encryption because you could end up alone on a torrent because the other peers do not use encryption…
    And dont think any antivirus will detect new viruses in your files. They just dont have signatures for the “home made” viruses planted in torrents…
    Think before you do, and stay safe.

  26. poppahuddy

    very informative and concise article; it explained exactly what i needed & wanted to know in a direct concise clear manner;i now understand totally it’s popularity, pros and cons regarding the whole topic of P2P file sharing and bit torrents; my children have know about this option for years, for me it’s a brave new digital era and media world out there whoaaaa… me I’ll do my part… =0) both download, seed and buy… i truly believe that if you or i have brought Cd’s in the pass, and oh by the way having payed way too much for some let’s see i would say conservatively over 700cds not including VHS and DVD, movies. Or whatever and we want to share them with our cyberbuddies then it’s our right as consenting adults who have payed for them out right to be enjoy as we like commonly referred to as ownership $9.95 … just think of the possibilities its all truly amazing the internet and the enormity of information/media available at the click of a button globally WOW!

  27. WEP_HACKER

    IMO, it is better to use a public tracker with FORCED encryption. Think about it, if you use a private tracker, yeah only they know that you are doing any torrenting, but if their records are ever subpoenaed, there is a complete log of everything you ever torrented and when; then you’re hit like dog SH*T! If you use a public tracker, sure anyone may be able to see that you are torrenting, but with FORCED encryption, they cannot tell WHAT you are torrenting, and there is no log of it. Torrenting is not illegal, its the CONTENT that is being shared that is illegal or not, so if they cant see what it is you have no worries :)

Enter Your Email Here to Get Access for Free:

Go check your email!