Researchers ID Skype, BitTorrent Users 180
itwbennett writes "Researchers have figured out a way to link online Skype users to their activity on peer-to-peer networks like BitTorrent. The team was able to sift out the nodes through which Skype calls are routed and determine the user's real IP address by sniffing the packets. To correlate the identified Skype users with files shared on BitTorrent, the researchers built tools to collect BitTorrent file identifiers, a BitTorrent crawler to collect IP addresses on the network and a verifier to match an online Skype user with an online BitTorrent user (PDF). 'As soon as the BitTorrent crawler detects a matching IP address, it signals the verifier, which immediately calls the corresponding Skype user and, at the same time, initiates a handshake with the BitTorrent client,' they wrote."
Scary (Score:1)
Re: (Score:2)
Privacy is but an illusion.
Yep. RIAA & MPAA dollars at work? If not, I bet they are keenly interested. Very keenly.
Still bugs me, 15+ years on that a lot of spam and other mischief on the internet hasn't been shut down. All the information is there.
Re: (Score:2)
Re: (Score:2)
Quick! (Score:1)
Unplug the internet!
Re: (Score:2)
Pickaxe?
Researchers? (Score:1, Flamebait)
C'mon!
Where do they get off calling these guys researchers, when they are clearly criminals attempting to invade the reasonably expected privacy of Skype users and BT users? These guys are peeping toms at best and identity thieves at worse.
Hold the organizations that employ these guys accountable.
Re: (Score:3)
Re:Researchers? (Score:5, Insightful)
If they were criminals, wouldn't they keep their methods secret in order to blackmail or otherwise monetize it in some way? Research like this is the only way that security gets better.
can't tell if you're serious (Score:4, Insightful)
If the researchers can do it, the bad guys may already be doing it.
Re: (Score:2)
If the researchers can do it, the bad guys may already be doing it.
If you mean RIAA or MPAA, they usually don't bother with this level of stuff, they just kick down your door, grab your stuff and up-end their Bucket o' Lawyers on your.
Re: (Score:2)
Re: (Score:3)
Re:Researchers? (Score:4, Informative)
Re: (Score:2, Informative)
If bittorrent data is arriving at your machine then somebody's got your IP address. Period. No way around it.
Re: (Score:2)
C'mon!
Where do they get off calling these guys researchers, when they are clearly criminals attempting to invade the reasonably expected privacy of Skype users and BT users? These guys are peeping toms at best and identity thieves at worse.
Hold the organizations that employ these guys accountable.
I can only hope that my taxpayer money hasn't gone to fund this "research".
Re: (Score:2)
Like you have control over it. Whatchya going to do? And what good will it do ya?
Re: (Score:2)
Feel free to suggest a legal procedure that has a chance of working. Failing that, dream on.
Re: (Score:2)
invade the reasonably expected privacy of Skype users and BT users?
For Skype users you might have a point but bittorrent works by publicly broadcasting your IP to the swarm. That's like standing outside shouting your name and social security number and claiming you had an expectation of privacy.
Re: (Score:2)
reasonably expected privacy
In other words, you'd like everyone to see this issue the way you do, so you call your expectations reasonable and anyone who disagrees with you is unreasonable.
Privacy costs. Not necessarily money, but it costs. Sure I avert my eyes if I run into someone's private moment, but if I really want to be private, I consider it my own responsibility to take precautions to achieve that.
Re: (Score:2)
Is it a public service for the researcher to walk inside and help themselves to your wife and your beer? Absolutely not.
Nothing of the sort has happened, unless I'm missing something.
Re: (Score:2)
reasonable expectation of privacy: An objective, legitimate or reasonable expectation of privacy is an expectation of privacy generally recognized by society
You are repeating your beliefs instead of addressing my point.
Re: (Score:2)
Once upon a time society also generally recognized that the earth was flat, that the world was created by God, and that homosexuals should be tortured and burned. Popularity contests are no way to decide morality.
Re: (Score:2)
In the situation you described, measurable damage is actually caused.
You get a D-. Go study chapters 3 and 4 again.
Re: (Score:2)
Oh yeah? Tell us more about that.
Re: (Score:2)
When is the term 'Identity Theft' used before any damage is done?
Re: (Score:2)
If i ever get the chance, I will ask a hacker that. I've never heard 'victimless crime' when talking about Identity Theft. Learn something new every day.
Privacy (Score:1)
Re: (Score:2)
What's illegal about it? What federal or state statute have they violated?
Re: (Score:2)
What's illegal about it? What federal or state statute have they violated?
They have wiretapped your Skype calls for identifying information. Is that enough for you?
Re: (Score:2)
No they haven't. They've.only figured out the ip address. They aren't tapping the call.
Re: (Score:2)
Re:Privacy (Score:5, Interesting)
What's illegal about it? What federal or state statute have they violated?
Wiretapping. Conspiracy to collect information assumed to be private, via technological means.
Robocalling (the Skype phone, duh). Wardialing (same thing).
They've violated a boatload of communications regulations... and the fact that they did it as part of a multi-researcher study means it was premeditated, and they conspired to do it. Conspiracy to commit a misdemeanor is a felony.
The problem here would be that anyone who tries to have them arrested and/or takes them to civil court will be presumed guilty of something, because why else would we care if someone can tie our online activities to our real-world identities?
Re: (Score:2)
Since when is your ip address assumed to private when you are publicly broadcasting it all the time?
Re: (Score:2)
How many people do you know, other than us slashdotters, that realize they have an IP address when their equipment has a connection to the internet?
How many even know what an IP address is?
Re: (Score:3)
An ip address you.publicly broadcast is personal information?
Re:Privacy (Score:4, Insightful)
It should be considering it is the path to the machine that holds all of your personal information.
When you get a key duplicated, a key maker can easily sell a copy of that key, and link it to your name. What if your name is Bill Gates? "This key here is for Bill Gate's personal safe, and this one is for his house, perhaps you would like a copy?"
Just because its available, doesnt mean its not private, or doesnt come with some expectation of privacy. I dont expect the key maker to sell a copy of my key to someone who intends to harm me.
Re: (Score:2)
"Personal information gathered without an investigators license is against the law."
Only in certain states. There is no Federal ruling on this issue that I am aware of.
Re: (Score:2)
Personal information gathered without an investigators license is against the law. Correlation of a skype phone number with an IP address and data mining for that correlation is acting as a private investigator without a license.
Your argument is what? That an IP is semi-public info?
What does that have to do with the price of tea in china?
Dude, don't be an idiot -- look up public domain at your nearest law library before you go trolling again.
Re: (Score:2)
So what's this old thing we used to call privacy? Is this even legal for them to be doing? Or will it, like everything else, fall into that gray area and be used against everyone?
You don't put private information on computers that are connected to other computers that you don't control, because the information will not stay private. There is no expectation of privacy on the internet, any more than there is an expectation of privacy in a theater, or at a sporting event, or in a restaurant, or rolling down the street as a passenger on a public bus.
Tell me -- would you conduct confidential business at a restaurant, or store your private records under your seat at the theater, or go ov
Packet sniffing (Score:2, Interesting)
Seeing as how this relies on packet sniffing of an unaware party's network traffic, I'm pretty sure any application of this without a warrant would constitute wiretapping. Correct me if I'm wrong, but that's my understanding of it.
Re: (Score:3)
People are actually unaware that they are broadcasting their ip address when on the internet? Really? Especially those using bittorrent that works through broadcasting yourself to the swarm.
Re: (Score:3)
So your complaining that they are doing nothing different than every bittorrent client does?
Re: (Score:2)
"Example: satellite TV signals are being broadcast at you all the time, but it's illegal to receive and decrypt them without paying the provider."
Not according the the FCC which made rulings on OTA signals being intercepted. If it hits your property, you're free to intercept.
This is how police scanners are legal.
Re: (Score:1)
In other words, if you stand outside my window, talk on your cell phone, and I hear you, it's not eavesdropping.
That being said, Skype traffic is supposed to be encrypted.
Re: (Score:2)
Re: (Score:3)
A packet analyzer (also known as a network analyzer, protocol analyzer or sniffer, or for particular types of networks, an Ethernet sniffer or wireless sniffer) is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network.
http://en.wikipedia.org/wiki/Packet_analyzer [wikipedia.org]
Sniffing doesn't necessarily require opening the packets. Think of it this way: if you want to know who someone is sending mail to, and who they're receiving mail from, then all you need to do is look at the fronts of the envelopes in their mailbox - sender and receiver address information is there for all to see. You don't actually care what's written inside, you just want to know who they're talking to.
Of course, it's still illegal to tamper with the mail, but
Re: (Score:2)
As data streams flow across the network, the sniffer captures each packet and, if needed, decodes the packet's raw data, showing the values of various fields in the packet, and analyzes its content according to the appropriate RFC or other specifications.
The actually verify the packet is a Skype one you have to pull it apart more that if you were merely going to route it.
Re: (Score:2)
[To] actually verify the packet is a Skype [packet] you have to pull it apart more [than] if you were merely going to route it.
... unless you happen to know that the destination IP belongs to a Skype service node, in which case all you need to know is where the packet is going - especially since you won't (in theory) be able to decode any information in the packet in the first place. Skype packets are encrypted [skype.com], making packet disassembly a waste of time that could be used instead to correlate your internet traffic with individual components of a BitTorrent swarm and a known trafficker in Skype communications, without having to (or
Re: (Score:2)
I know, bad form to reply to my own post, but I neglected to include some information that I felt was important enough to warrant the breach of netiquette.
Firstly, I wish to point out that my original intent was to show you that packet sniffing was indeed used in the attack (or information-gathering methodology, if you prefer).
Second, I would like to explain that it is not necessary to decode or decrypt the information in the packets, themselves, as the intent is to identify an individual, rather than to id
Re: (Score:2)
Nope doesn't seem that it requires any kind of interception, just specialized local traffic analysis. It does require that you have accurate personal information in your Skype profile. Good luck finding me from that.
Skype incoming call... (Score:5, Funny)
Ring ring... incoming Skype call, it's the RIAA.
Re: (Score:2)
Re: (Score:2)
What? Skype has incredible audio quality.
Re: (Score:2)
Re: (Score:2)
Skype quality is extremely dependent on hardware and room acoustics. If we can compress, stream, and decode MP3s in real time, the technology is likely not the problem. Instead, I think people simply are unwilling to pay real money for a simple microphone. However, a lot of nicer webcams seem to come with very nice Mics.
Except we can buffer the MP3 stream to smooth out latency, jitter, packets arriving out of order, and retransmit dropped packets if need be. You can't do that with Voice over IP, as adding more than about 1/2-second.2 seconds latency is very noticeable.
http://www.voip-news.com/faq/voip-service-level-faq/ [voip-news.com]
Re: (Score:2)
Depends on your internet speed and what else is making traffic in your vicinity. I've had Skype calls so bad that I literally could not understand what information the caller was attempting to convey.
Re: (Score:2)
If you have bad quality on Skype, it's time to upgrade your box, or reinstall your OS.
I've had pretty much zero issues unless I'm on some bad wireless network.
Re: (Score:2)
Re: (Score:2)
2.6 GHz AMD Athlon64 X2 5200+, 1.5 GB RAM, 30 mbit down 5 mbit up cable. I only tend to have issues when using wireless networking.
You don't mention your OS.
Re: (Score:2)
Re: (Score:2)
I've got Windows 7 Home Premium 64-bit. No issues.
Video is fine.
OTOH, G+ hangouts work better, and you get up to 10 people for free in a video conference.
This years hottest horror movie (Score:3)
ring ring ring ... ... ... ... ... ...
"Hello."
"Hello? Is there anyone there?"
"We know what you downloaded last summer!!!"
Re: (Score:2)
ring ring ring ... ... ... ... ... ...
"Hello."
"Hello? Is there anyone there?"
"We know what you downloaded last summer!!!"
"Um. My house was burgled who curiously didn't break a window, lock or leave fingerprints anywhere. Prove me wrong!"
Re: (Score:2)
"We have a recording of your voice eminating from your Skype call at the IP assigned to your modem ... muwahahahahaha"
This is not research. (Score:5, Insightful)
Re: (Score:2)
All it is is data mining packets from skype nodes and comparing them to open torrent peer lists. This is not really surprising or scary to me. There are other 'researchers' who can link alot more data to you then this.
All the better reason to lock down your wireless network.
Re: (Score:2)
All it is is data mining packets from skype nodes and comparing them to open torrent peer lists. This is not really surprising or scary to me. There are other 'researchers' who can link alot more data to you then this.
All the better reason to lock down your wireless network.
... to make absolutely certain that the traffic they're sniffing couldn't possibly come from an outside agent?
Way to paint a target on your forehead.
Re: (Score:2)
All it is is data mining packets from skype nodes and comparing them to open torrent peer lists. This is not really surprising or scary to me. There are other 'researchers' who can link alot more data to you then this.
All the better reason to lock down your wireless network.
I have mine unlocked thank you. I have a Netopia Wireless router which advertises two SSIDs. One is wide open for visitors and only has access to the internet. The other SSID can access both my internal network and the internet. This avoids my daughters friends having to ask what the password is every time they visit, and gives me some plausible deniability if I ever get questioned.
Encryption? (Score:1)
Are there any BT clients out there that don't encrypt their packets these days?
Re: (Score:2)
You are still broadcasting your ip even when using encryption. How else do you think you create connections to others in the swarm?
Re: (Score:2)
Well if all they're doing is matching up IP addresses between two databases, what does it matter what protocol they're using? For that matter, why is this even newsworthy? The encrypted payload, and how they're tracking encrypted BT (or perhaps, more imporantly how they know the encrypted packet is a BT packet) packets without violating the DMCA is what I'm curious about.
Re: (Score:2)
How is crawling a bittorrent swarm violating the dmca? You do realize that your IP address is publicly broadcasted, right?
Re: (Score:2)
True, encryption defeats wiretapping, but not swarm monitoring.
Re: (Score:3)
Yes but you shouldn't run BT over Tor. It will be slow as shit for you and you'll be hogging the network. I encourage Tor node operators to block bittorrent over Tor (in fact I think it's blocked by default in recent releases).
Re: (Score:2)
Most are set not to force encryption by default. That said I've forced outgoing encryption on my seedbox and the uplink stays pegged all day. I've been thinking of forcing incoming encryption to see how it goes, pretty much all BT clients do support encryption.
CLEARLY authoritative (Score:4, Insightful)
Re: (Score:2)
If the IP traces back to a verizon dsl modem, then its authoritative enough to know its either you or your mom. Just because there is some edge case out there doesn't change the fact that this CAN be used to sniff users out with high reliability a large percentage of the time.
Re: (Score:2)
or a guest at your home
And if that torrent is up for 3 months? At what point does guest become "resident"?
or a neighbor using your unsecured wireless signal.
My wireless is not unsecured.
Only in America does an IP address equal a person.
Nobody said it equalled a person. But it gets you close enough to a person often enough that you can't shove your head in your ass and pretend that your safe or immune from being looked at.
If someone is shot with a gun registered to you, that doesn't prove you pulled the trig
Re: (Score:2)
For us poor linux users with poor Skype performance and and such, I've used SIP instead. Just recently the SIP provider IPPI.fr has added a skype gateway that appears to work great.
I rarely use Bit Torrent as FTP is much faster for legal files, even if I was talking to someone on Skype while using BT, It would not show a connection. The Skype connection would be an IP in France.
I use SIP instead of Skype. i can connect it to a telephone with an old Vontage adapter or a Linksys PAP2T. With IPKall, I have
Re: (Score:2)
Because NAT and UPNP wouldn't make a random Skype user and a different BitTorrent user appear to be coming from the same IP address..
No, it wouldn't. "Random" implies that they wouldn't necessarily know each other, whereas "same ip" implies they have knowledge of one another, since they are operating from the same physical network address.
And Why Are We Happy About This? (Score:2)
Re: (Score:2)
The problem, despite my other posts in this thread, is not privacy. It's a lack of sane legislation.
Copyright has become a joke, completely unenforceable for nearly any digital content. It has become more and more illegal to do things that would have been considered "fair use" just a few years ago. Adding to this is the fact that digital media can't be "loaned to a friend", which increases the feeling of being treated like a criminal, which causes the users to be less and less inclined to actually follow th
Moral of the story... (Score:2)
Dont use Skype.
Re:Moral of the story... (Score:4, Interesting)
I think this is the real issue here. It all has to be coming from problems with skype's security and nothing else. Skype should take this as a huge warning and encrypt their packet information NOW. I don't care what this is used for, people sniffing packets and being able to tell who someone is on a program like skype that is often left on 24/7 is a huge security risk for the person involved! This should NOT be happening and it's all skype's fault.
You guys are getting to hung up on the bit torrent aspect of this and should realize that it's really a major skype fuck up.
d
Re: (Score:2)
SIP.
IAX.
XMPP
Re: (Score:2)
A telephone, cellphone, smoke signals, there are a lot more communication modes other than skype.
From TFA (Score:2)
to determine the current IP address of identified and targeted Skype user (if the user is currently active)
Moral of the story - make sure you are logged off from Skype before file sharing.
Re: (Score:2)
to determine the current IP address of identified and targeted Skype user (if the user is currently active)
Moral of the story - make sure you are logged off from Skype before file sharing.
... because there's no way they can acquire the Skype identification at "random time A", and then correlate that with the BitTorrent traffic at "random time B"...
get a new IP address (Score:2)
Right, at least for those users whose ISP gives them a dynamically reassigned IP address. Log off Skype, disconnect from the Internet and then reconnect, hopefully getting a new IP address (I remember one Slashdot user who kept getting reassigned the same "rand
Re: (Score:2)
I pity the guy who ends up with your recycled IP address, though.
Better yet, live in a country that recognizes that IP addresses do not correlate to specific people.
Re: (Score:3)
If I am understanding the method properly, then anything that generates traffic can be used to correlate data, indicating that the BT user is also a user of (insert internet-using software here). Skype happens to be useful as an immediate indication of the identity of the user.
The question might then become, "What (legitimate) internet software might I be running, to cast doubt on whether I was using BT to acquire digital content illegally?"
For example, World of Warcraft uses BitTorrent to distribute patche
Interesting but doesn't necessarily mean anything (Score:2)
But let's not confuse an IP address as being a person. Just because a Skype user is behind an IP doesn't mean the torrent user is the same person. Fortunately (and unfortunately for the media industry) the law, in America at least, is gradually beginning to make that distinction.
The bar is low with this one (Score:2)
So collecting IP addresses now qualifies as research? Will I become a security researcher if I post the IPs of my peers?
Re: (Score:1)
People need to shift to decentralised distributing systems.
That's precisely what Bittorrent is...
Re: (Score:3)
Decentralizing doesn't really help, since it doesn't change the fact that Bittorrent works by advertising the IPs of the nodes and the torrents they're downloading/seeding.
What you'd need is something like onion routing, where it's hard to know who you're sharing with, even with centralized trackers.
Luckily, that exists in the form of Bittorrent over I2P [i2p2.de].
Re: (Score:3)
I've looked at BT over I2P. It's completely incompatible with regular Bittorrent. It's a great idea but there just aren't enough users on there to make it a replacement for regular Bittorrent.
Re: (Score:2)
Re: (Score:2, Funny)
Fortunately I reconfigured my computer so that it doesn't broadcast an IP addr
[NO CARRIER]
Re: (Score:2)
At least until the authorities come knocking because someone was downloading child pornography through the exit node you're running.