It’s no overstatement to say that BitTorrent has changed the way people use the internet. The peer-to-peer file sharing system is so efficient that it excels at delivering large digital files to a wide audience, with near linear scaling. It’s perfect for anything from releasing your latest solo album project with almost no hosting costs, to distributing live streaming news coverage.
But what you might not know is that using BitTorrent (‘torrenting’) leaves traces of your activities all around the internet for all to see.
In this post, we’ll explain how you can mitigate this problem, and still enjoy sweet download speeds by choosing a top-class VPN.
From a Torrent to a Flood
The conventional way of distributing large files on the Internet is to throw servers at the problem, by hosting the data in data centers around the world. But if you don’t have the budget of Netflix or Google, you have to find another approach.
The magic of BitTorrent is that it lets you share others’ Internet connections to help download or share large files. By splitting each file up into lots of pieces and swapping the pieces individually, BitTorrent lets each downloader also become an uploader.
Remember we said that it’s a ‘peer-to-peer’ system? Well, that’s because each person downloading is a ‘peer’ in the ‘swarm’ of all people downloading the file. BitTorrent makes use of the underused capacity of their broadband connections to send data instead of just downloading it. Each peer can download chunks of data from every other peer. In this way, downloads actually get faster as more people try to join the network.
Once you’ve received all the chunks, the BitTorrent app stitches them together – good as new. It’s a remarkable technology. But it’s worth being aware of some of its potential drawbacks with regard to your privacy.
Tracking the Trackers
As we alluded to in the introduction, BitTorrent isn’t shy about talking to other computers. It needs to do this to share their bandwidth, and also to find other peers to download data from. Some torrents use ‘trackers’, which help in the discovery of peers, while others use decentralized technology to achieve the same purpose.
Whether you use a tracker or not, your BitTorrent client leaks a lot of information to anyone connected to the swarm, and of course to your ISP. This includes your IP address, the details of the content you’re downloading, and a lot more.
It’s commonplace for music and movie rights-holders, or their agencies, to connect to peer-to-peer networks in order to gather IP addresses. Just like any regular downloader, they connect to the network and start sharing – except they also take careful note of who is active in the swarm.
It’s likely that almost every user of BitTorrent is taken in by this kind of monitoring – not just the prolific uploaders of large amounts of content. A study by Birmingham University found that users were being ‘watched’ within three hours of connecting.
Unfortunately, as well as legitimate enforcement of legal rights over media, this kind of tactic has also led to ‘copyright trolling’ by firms. Perhaps the worst example of this practices is Prenda Law, who infamously targeted users on the basis of a ‘statistical guess’ at the likelihood of the users actually infringing. Though the firm was later sanctioned by the courts, the tactic of ‘John Doe’ litigation, where a law firm sues an anonymous user in order to force an ISP to unmask the identity corresponding to an IP address, is very much on the rise.
You can mitigate the risk of being caught up in IP address dragnets of this kind by using a good-quality VPN service. This is because the IP address that is active in the BitTorrent swarm belongs to the VPN provider, instead of your computer.
Bear in mind that each VPN provider’s policy on BitTorrent usage will vary. So shop around, and make sure your traffic won’t be capped or slowed down.
We mentioned earlier that BitTorrent creates a lot of connections to different parts of the internet in order to speed up downloads and uploads. Even when you’re using a VPN, this can create a potential vulnerability, since when the encrypted VPN tunnel transits your BitTorrent traffic onto the internet, the VPN provider becomes a legal choke point.
If the VPN provider keeps logs that tie each user to a particular VPN IP address at any particular time, then this information could be combined with information from the public swarm to determine which user was downloading or uploading a particular piece of content.
Clearly, the best approach is to seek a provider that does not log this information, or destroys it after a very short period. Legal requirements around the world for keeping these logs vary greatly, from fairly rigorous long-term record keeping requirements in most of Western Europe and Australia, to a more relaxed set of rules in Asia and Eastern Europe.
The key when shopping for a VPN provider is to check their statements on what kind of logs they keep. It may be that they keep a certain amount of information for troubleshooting purposes, but for a limited time. Some VPN companies offer connections with subsidiary companies in other countries that have more advantageous logging policies. This lets users switch their connection to a more suitable endpoint whenever they like.
Whichever option you choose, it pays to read the small print!
Kill Switch Engage
We’ve spoken about the many benefits of using a VPN for BitTorrent, but these advantages are only valid if the VPN is used properly. But we’re all only human, and it’s easy to make a mistake when setting things up – it happens to the best of us.
Once you’re used to browsing with a VPN on all the time, it may become so commonplace that you’ll forget that you’re using it. But what happens if the VPN connection drops? Are you sure that you’d notice?
The effect could be pretty subtle: your email and IM services would reconnect without much drama, and your BitTorrent client would take a few minutes to find peers again. But your personal IP address would be leaked out onto the network – and therefore to anyone paying attention.
For this reason, many top-of-the-line VPN providers include a ‘kill switch’ feature, which detects if the VPN connection drops for any reason. If a drop is detected, the feature blocks your entire internet connection in order to prevent any traffic leaking onto the public Internet.
You can set this feature up by using the VPN client program that your provider makes available on their website. The setting for enabling the ‘kill switch’ is usually located in the advanced settings area of the client program.
Again, you’ll have to shop around for this feature, because not all providers offer it. We highly recommend it, especially for beginners.
DNS Leakage Protection
Another even more subtle form of VPN vulnerability is DNS (Domain Name System) leakage. This issue occurs when you are connected to the VPN service, but your computer is still configured to query your internet provider’s DNS servers for the IP addresses of any servers on the network.
The DNS is like the phone book for the internet, and it’s how your computer turns a domain name into a useful IP address. So if your DNS requests ‘leak’ out, then although all your actual traffic is going through the VPN, your computer could be asking an ISP’s server for details of torrent-related websites or trackers.
This vulnerability could cause two different issues.
First, these DNS requests fall under your ISP’s logging policies, and could, therefore, be subject to legal action.
Second, depending on where you live, using your ISP’s DNS servers might prevent you from accessing the sites at all – as is the case in the UK, where many torrent sites are blocked.
Fortunately, there’s a simple remedy: use a VPN service with its own DNS servers. This way, all of your DNS requests are routed through the VPN connection and to the provider’s own servers. The requests are therefore covered by the VPN provider’s logging policies. And since your DNS traffic is then encrypted inside the VPN tunnel, they’re invisible to your internet provider.
A Simple Plan
In this post, we’ve covered a few of the potential privacy issues with BitTorrent, and how using a properly configured VPN service from a reputable provider can help to mitigate them.
We’ve just scratched the surface of the features offered by the providers. BitTorrent technology is always developing, and so are the tactics of those who set out to monitor the swarm. It’s always worth staying aware of developments in the torrenting world to make sure you are fully informed.
But armed with the knowledge here, and a little time to shop around, you should be all set to pick a VPN that keeps up with these demands, and lets you enjoy BitTorrent as it is supposed to be: fast, free, and fun.