Monday, May 15, 2006

Blocklist Balderdash

Use a blocklist? Think it makes you safe, allows you to share with impunity? Think again. I will say this now, up front, and clearly.

The amount of overall protecton given by a blocklist is minimal at best.

Oh, don't get me wrong, for certain things, IP blocks are usefull, but for most things, they're not. Why, you might ask, and the answer is simple. If you wanted to read the news site The Register, you would go to www.theregister.co.uk, you wouldn't go to 212.100.234.54, which is its IP. Or rather, which is currently its IP. And there we have it. IPs CHANGE, that's why we have domain names. Certainly, some places will have fixed domain names, but only those who've actually bought their groups of IP addresses. Home users are not what we'd call fixed IP.

Well, what does this mean? It means that anyone can use a home connection pretty safe in the idea that these blocklists won't affect them at all. This might not seem like a big deal, but its their major weakness. There is absolutely nothing at all, stopping the head of anti-piracy for some company going home, and using the DSL connection he has there. he can log there as easily as he could at work. There is, after all, no rule saying copyright enforcement can only be done on a corporate network. Heck, he could even then charge the ISP costs to the company, citing it for work. Doesn't grab you? Why don't they then use the other common resource in a busy office building - telephone lines. They can easily get some dialup modems and use them in the office. A free AOL CD or two, and they have a connection. Doesn't matter that dialup is slow, its not the transfer of data they're interested in, its who's doing it.

Think I'm joking - take a look at the people connected to you next time you are using your favourite P2P app.
It may well say 86.137.220.74 on port 6356 (an IP picked at random from a knoppix DVD torrent) - that comes out to be a BTcentral.com user, but who is that person, and who do they work for? Can you be sure that the AOL peer in your list is not an investigator for the BPI, MPAA or any other such body? They all know the tricks and the limitations of such software as well as anyone, if not better (it is their job, after all, to know about them). Don't be mislead by the actions, and press releases, their technicians and loggers are very competant, and advanced - its the lawyers and PR people that give the impression of a eunoch running a family planning clinic.

Indeed, in some cases using lists can work against you. After all, who uses such lists, is it the kid downloading the very occasional song, or the hardcore downloaders? Why, the latter of course, the slight/casual user doesn't know, or worry about it that much. So, the ones that download heavily are the ones to target. Alas, theres no way to tell from a torrents userlist which group, light or heavy, they are in, since every torrent is seperate from each other. Solutions? Well, you could scan every torrent out there, and look for recuring IP addresses, but that has two drawbacks.
1) its very time consuming, and resource intensive. and
2) we're back to the dynamic IPs again - without a court order to the ISP, theres no way to tell if the same person was using the same IP on both monday and thursday. They might have had a power cut on tuesday night, and their modem obtained another IP.

Thankfully, blocklists to the rescue!. The easiest method is use the blocklists themselves to identify the heavy users. Its very simple and uses two groups of systems (doesn't have to be a group, can be just one system in each). One group uses IPs on the blocklist, the other doesn't. Collect peer data from both, and after a while, compare lists. the major differences will be the blocklist computers will be on only one list. Voila, IP addresses obtained. Your 'protection' has been turned into identification.

Of course, that's just the main disadvantage of the system. There is a second one, and thats best described with the old computing acronym - GIGO. In other words, the quality of the list is only as good as the person thats compiled it. Any personal bias, or other skew will similarly skew the list into ineffectiveness. I wrote about a fine example of this just over 2 months ago.

Well, thats the big minus points in such a system, there are some advantages however. Such lists, used as a hosts file, for instance, can stop annoying and irritating popup ads. They can also prevent some of the torrent poisoning that goes on, although most torrent clients should manage to deal with that on their own. These are only minor pluses, however, and not really much of a benefit.

There is one simple thing to remember in general. If something is publicly downloadable, like a blocklist, it's effectively useless. Can you see, use and edit the blocklists? What stops copyright enforcement people getting the same lists and altering their strategies to work with these lists? Absolutely nothing. A high speed connection might be usefull for downloading, but a dialup connection is all that's needed to log people infringing copyright. The only way a blocklist can be effective, is if it blocks all potential 'snitch' IPs. Alas, that means blocking every single ISP in the world, and then you've blocked yourself from any sort of transfer anyway.

Just as a side note - I remember discussing the merits of the comparative method back in 98, when I was a copyright enforcer. That was 8 years ago, if you still think blocklists are a good idea, and worthwhile, you go right ahead, and can I also interest you in this fine bridge?

Ben Jones

[Editors note: Thanks to kdsde for pointing out some of the typos in this piece]

49 comments:

  1. A big sack of potatoes.

    ReplyDelete
  2. Whats the possibility of blocklists actually working? What if anti-p2p organizations are being fustrated by blocklists and decided to pay people like you to say blocklists dont work?

    ReplyDelete
  3. "Whats the possibility[...]"
    "What if anti-p2p[...]"

    How likely is it, you haven't fully understand what the author explained to you with respect to anti-p2p organisations and what they are doing?
    Answer: 99.99%

    ReplyDelete
  4. Ok Mr.Anti-P2P.

    what do you use that's so good?

    ReplyDelete
  5. file sharing has never, and will never be safe, but we are pirates

    being a pirate has never been safe

    aaaar

    ReplyDelete
  6. i've been wondered that even i add some IP's into my blocklist/ip-filter, and thus don't have to exchange trash data with them, could they still be able to see my IP on their peer list?

    that means, a blocklist is only a headband covering MY OWN EYES~~~ LOL

    ReplyDelete
  7. Well, they can grab lists of peers and ports from the tracker no problem, but that's not proof you've downloaded anything. As far as I know, accessing a tracker's URL (that's how announce requests work) with certain GET args does not constitute piracy.

    ReplyDelete
  8. most of what you said about dynamic IPs is true in the US, almost every other country with broadband or fiber optic connections use fixed IP.
    this is true for some asian countries including Japan and about all of Europe.
    grab a 6 year old log, if my IP is on it, I am still the person who own that IP.
    I use other precautions : I got a file server on my lan with on the fly disk encryption (aes-cbc-essiv VERY secure using dm-crypt not the crappy cryptoloop) and I bought a Fonera (http://www.fon.com/en) so I can always pretend I didnt do anything.

    ReplyDelete
  9. @the user above me
    >90% of the DSL/Cable Providers in Germany uses dynamic IPs...
    So far concerning the Europe=fixed IP Part

    ReplyDelete
  10. 90% of India has dynamic Ips too.
    But honestly, do you ever think all the pirates are ever gonna be caught?
    Aye? In a big raid to show that they arent eunuchs, they might catch one or two, but obviously they cant lodge complaints again millions of p2p users.

    ReplyDelete
  11. All cable connections in the UK are movable. Fixed mostly, but change sometimes.

    ReplyDelete
  12. ummm

    PeerGuardian2

    Google it!

    ReplyDelete
  13. As a UK user I must say that nearly all IPs are dynamic here to varying degrees. adsl connections, such as British Telecom change constantly, while cable is more stable, As a torrent site staff, I can say most of the world has dynamic IPs for home connections. Asia probably has the fastest changing ones, in general, particularly third world countries such as Israel and Iran,

    ReplyDelete
  14. You have a fixed IP adress? You want to change it? Try this: delay payment to your monthly fee a day so they suspend your account. Then pay it and voila, the next day you have a new IP adress. That works on ADSL. You don't have to do that evrey month. Every 4-6 months will suffice. So in time you don't appear to AntiP2P a "heavy leech"

    ReplyDelete
  15. just use newsgroups with an ssl encryption problem solved.

    ReplyDelete
  16. Look here for "blocklists don't work":

    http://arstechnica.com/news.ars/post/20071010-p2p-researchers-use-a-blocklist-or-you-will-be-tracked-100-of-the-time.html

    ReplyDelete
  17. I dont necessarily disagree with the opinion expressed byt he author, but most of his arguments are just silly.
    As someone else said, connecting to a tracker using a GET does not constitute copyright infringment. You must actually upload to (or possibly download from) the person checking for copyright infringement for you to be *infringing the copyright. Therefore, blocking IPs of corporations reduces all the checking going on that is NOT done from home IPs (which could be a large piece). TO prove that you are *sharing* copyrighted material, the checking parties must obtain data sent from you and verify that it is indeeed part of the infringing file, otherwise they can prove nothing.
    Secondly, using the blocklist to find users is, once again, useless. Just because someone is using a peer blocking program does NOT mean that they necessarily pirate at all. Someone who doesnt pirate could potentially use this software anyway, and although its unlikely, its still possible, making this method useless.
    I'm not saying that the blocking is perfect, far from it, but I am saying that it's not quite as useless as you seem to think it is.

    ReplyDelete
  18. Additional things that help. SEVERAL THINGS have to be done TOGETHER

    1) Use TOR and PRIVOXY. They are not one hundred percent perfect anonymity, but make it a hell of a lot harder for the RIAA looyahs to come after ya.

    3. Use removable drives so you are getting some from when you are at work, some at home, some at the random wireless network of someone's home, some at the wireless coffeehouse, etc. As long as you are DRM - free your collection can be assembled from a variety of sites.

    4. Google for 'megaupload + (artist name)' Go to these blog sites. Dowload only .rar files,then use winrar (if dumb enough to use windows). If you use Linux, find a tool on SF to unpack it and then you can get an album at a time.

    5. WE ARE NOT THE PIRATES. THE RECORD COMPANIES THAT HAVE TRADITIONALLY SCREWED THE ARTISTS AND THE PUBLIC AT LARGE, ARE THE REAL PIRATES. NEVER FORGET THAT. ALWAYS REMEMBER THAT. TELL ALL YOUR FRIENDS.
    he
    6. If you *STILL* think that WE are the pirates, read this link, it will change your life:

    http://www.demonbaby.com/blog/2007/10/when-pigs-fly-death-of-oink-birth-of.html

    ReplyDelete
  19. the full name of that blog since the link got cut off...

    When Pigs Fly: The Death of Oink, the Birth of Dissent, and a Brief History of Record Industry Suicide.

    ReplyDelete
  20. you don't seem to get it:

    what he is saying and I think it's true is that they will track your download habits from unlisted ip's (obtaining one is easy for them because they also have the blacklists :) and compare them with ip's that avoid the blacklisted ip's. So they get a list of downloaders (with evidence because you downloaded from the unlisted ip's) that use blacklists. Chances are, somebody going trough the trouble of using blacklist filters is much more than a casual p2p-er.

    Get it?

    ReplyDelete
  21. Suspicious article and mostly wrong in it's method of approach.

    Ben: "There is absolutely nothing at all, stopping the head of anti-piracy for some company going home, and using the DSL connection he has there."

    Wrong, one person can't just make a list at home it has to be forwarded and duly logged.

    Ben: "They all know the tricks and the limitations ... its the lawyers and PR people that give the impression of a eunoch..."

    Ah, so those lawyers we do see can't do the job they trained for but those hidden away are higher caliber? Random nonsense conclusion. You write tricks but the trick isn't getting an IP #, as you illustrated if they can change IP # so might any IP # they have, change or be used by other than the account owner.

    Ben write that they can contiually change IP # but then they won't do automated scanning of all torrents becaues it's time and resource intensive. Well Ben, so is continually changing IP number.

    Ben writes they could use dialup. No Ben they can't, because you can't just have a list of numbers, the content itself has to be downloaded and compared. A list of IPs connected to each other is not evidence of code sharing, only of that IP # previously connecting to the source of the number. Can you say PING?

    Ben writes that they'll use one blocklisted computer group and one not blocked to do comparisons of those using blocklists, as if those making blocklists would opt not to put the 2nd group on the list when they did with the first. Blocklists are always dated but do arrive from monitoring of suspicious activity.

    Ben: If something is publicly downloadable, like a blocklist, it's effectively useless.

    Nonsense. It's certainly not foolproof by any stretch but not being 100% protection doesn't make it useless either.

    Ben: The only way a blocklist can be effective, is if it blocks all potential 'snitch' IPs. Alas, that means blocking every single ISP in the world.

    No, you don't have to block a potential IP you only have to block actual resident IPs a good % of the time to be considered effective. Do you lock your front door at home to prevent people from just walking in? Is that 100% effective at preventing people from getting in? Of course not, but you do it under the same logic as that under which an IP list is made. It mitigates the risk. RIAA is not looking for some master filesharing criminal because there isn't one, rather they're making examples of people and looking to recoup at least a small portion of the cost in doing so.

    Why are you trying to slant the truth Ben? You made a deliberate effort to do so. I suppose you're trying to be clever by saying nothing is absolute. OK you do have some points but not absolutes in real use, now show us all the absolutes in life - they are few and far in between.

    ReplyDelete
  22. DOWNLOADING CAN GET YOU IN TROUBLE AS WELL!!! -- PROOF (fact i did not seed and they mention downloading as on of many ways to infringe upon their copyrights!!!

    i got a email from my provider a week ago stating to discontinue sharing 2 files which are the last 2 in the Bourne trilogy (ultimatum and supremacy). they included my IPA at the time (as i frequently change mine to reduce network traffic caused by trackers pointing to my listed IPA). I was very naive to think that just because i was only grabbing a few movies that no one would care. seems them map related entities watch for at least 3 things 2 of which i have personally verified and one another which is simply obvious. the 2 i verified is that the they are interested in those who are sharing NEW RELEASES and titles by SPECIFIC PUBLISHERS. The 3rd and most obvious would be those SHARING LARGE AMOUNTS of COPYRIGHTED MATERIALS.

    Here are some excerpts from the email i received followed by my last opinion and tips on how to be 100% safe.

    I have censored out any identifying parts so I don't get threatened by some creep later for posting this.

    Dear Customer,


    We are writing on behalf of Cox Communications to advise you that we have received a notification that you are using your Cox High Speed Internet service to post or transmit material that infringes the copyrights of a complainant's members. We have included a copy of the complaint letter. Pursuant to the provisions of the Digital Millennium Copyright Act ("DMCA"), which is codified at 17 U.S.C. § 512, upon receiving such notification, Cox is required to "act expeditiously to remove, or disable access to" the infringing material in order to avoid liability for any alleged copyright infringement. Accordingly, Cox will suspend your account and disable your connection to the Internet within 24 hours of your receipt of this email if the offending material is not removed.

    It is not permitted to share copyrighted material with anyone even if you purchased the media from an authorized site without expressed written permission from the copyright holder.

    Please be aware that the DMCA also provides procedures by which a subscriber accused of copyright violation can respond to the allegations of infringement and, under certain circumstances, cause his or her account to be reinstated. To do so, however, the response must meet certain criteria. Pursuant to section (g) of the DMCA (17 U.S.C. § 512(g)), you have the right to submit to Cox a counter-notification which, to be effective, must include the following elements:

    (a) a physical or electronic signature of the subscriber;
    (b) identification of the material that has been removed or to which access has been disabled and the location at which the material appeared before it was removed or disabled;
    (c) a statement under penalty of perjury that the subscriber has a good faith belief that the material was removed or disabled as a result of mistake or misidentification of the material to be removed or disabled;
    (d) the subscriber’s name, address, and telephone number and a statement that the subscriber consents to the jurisdiction of the Federal District Court for the judicial district in which the address is located.

    In the event that you submit to Cox a counter-notification that includes these elements, Cox will forward your counter notification to the complainant and advise them that Cox will cease disabling access to the allegedly infringing material in ten (10) business days. Unless the complainant notifies us that it has filed an action seeking a court order to restrain you from engaging in the allegedly infringing activity prior to the expiration of those ten (10) business days, Cox will reactivate your account.


    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Re: Unauthorized Use of NBC Universal Properties
    Notice ID: nn-nnnnnnn
    (one week after i downloaded the files) Mar 2008 t:t:t GMT

    Dear Sir or Madam:

    Please be advised that NBC Universal and/or its subsidiary and affiliated companies (collectively, NBC Universal) are the owners of exclusive rights protected under copyright law and other intellectual property rights in many motion pictures and television programs, including the title(s) listed below (the NBC Universal Properties). NBC Universal diligently enforces its rights in its motion pictures.

    It has come to our attention that Cox Communications is the service provider for the IP address listed below, from which unauthorized copying and distribution (downloading, uploading, file serving, file "swapping" or other similar activities) of the NBC Universal Property or Properties listed below, or portion(s) thereof, is taking place. We believe that the Internet access of the user engaging in this infringement is provided by Cox Communications or a downstream service provider who purchases this connectivity from Cox Communications.

    This unauthorized copying and distribution constitutes copyright infringement under Section 106 of the U.S. Copyright Act. Depending upon the type of service Cox Communications is providing to this IP address, it may have legal and/or equitable liability if it does not expeditiously remove or disable access to the motion picture(s) listed below, or if it fails to implement a policy that provides for termination of subscribers who are repeat infringers (see 17 U.S.C. 512).

    Despite the above, NBC Universal believes that the entire Internet community benefits when these matters are resolved cooperatively. We urge you to take immediate action to stop this infringing activity and inform us of the results of your actions. We appreciate your efforts toward this common goal.

    The undersigned has a good faith belief that use of the NBC Universal Property or Properties in the manner described herein is not authorized by NBC Universal, its agent or the law. The information contained in this notification is accurate. Under penalty of perjury, the undersigned is authorized to act on behalf of NBC Universal with respect to this matter.

    Please be advised that this letter is not intended to be a complete statement of the facts or law as they may pertain to this matter or of NBC Universal's positions, rights or remedies, legal or equitable, all of which are specifically reserved.

    Please send us a prompt response indicating the actions you have taken to resolve this matter, making sure to reference the Notice ID number above in your response.

    Mark Ishikawa
    c/o NBC Universal Anti-Piracy Technical Operations
    100 Universal City Plaza
    Universal City, CA 91608

    tel. (818) 777-4876
    fax (818) 866-2155
    antipiracy@nbcuni.com


    *pgp public key is available on the key server at ldap://keyserver.pgp.com
    ** For any correspondence regarding this case, please send your emails to antipiracy@nbcuni.com and refer to Notice ID: nn-nnnnnnn. If you need immediate assistance or if you have general questions please call the number listed above.
    Title: Bourne Ultimatum, The
    Infringement Source: BitTorrent
    Initial Infringement Timestamp: d Mar 2008 t:t:t GMT
    Recent Infringement Timestamp: d Mar 2008 t:t:t GMT
    Infringing Filename: The.Bourne.Ultimatum[2007]DvDrip[Eng]-aXXo
    Infringing File size: 735139794
    Infringers IP Address: 24.x.x.x
    Infringers DNS Name: ip24-x-x-x.blah.blah.cox.net
    Infringing URL: http://vtv2.sladinki007.net:6800/announce

    Title: Bourne Supremacy, The
    Infringement Source: BitTorrent
    Initial Infringement Timestamp: d Mar 2008 t:t:t GMT
    Recent Infringement Timestamp: d Mar 2008 t:t:t GMT
    Infringing Filename: The Bourne Supremacy[2004]DvDrip AC3[Eng]-FXG
    Infringing File size: 739457444
    Infringers IP Address: 24.x.x.x
    Infringers DNS Name: ip24-x-x-x.blah.blah.cox.net
    Infringing URL: http://tracker.torrent.to:2710/announce


    HOW TO PROTECT YOURSELF???

    If you want to be 100% protected then there are only 1 way to be 100% SAFE.

    Use someone else's Internet!!!

    Be it the free Internet from the public library using your laptop or by grabbing it from your unsuspecting neighbor's unsecured wifi. BUT if you do pirate your neighbor's wifi be sure to use the block lists with peer guardian JUST to have some better odds. so your neighbor is less likely to have their Internet connection suspended.

    Remember, you can argue legalities to you are blue in the face, but in the end all that wont matter. because those who monitor your activity will report your IP to your Internet provider and just because you changed your IP doesn't mean your USP has not kept a log of all the static or dynamic Io's your Internet provider has leased to you in the last several days or so as i believe is no required by some laws. Your USP is not about to go up to bat for you in court so you can be certain they will adhere to the threatening email they receive from those reporting your file sharing activities.

    So while encrypting your volumes, files and file names is a very good security measure, it is not something that will ever be of significance unless you are planning to go fight them in court. And still, they will have the logs with your asp's logs.

    So you ask, what about the case of the unsuspecting neighbor ? wouldn't he have full deny ability?

    The answer is SURE and he will most likely be instructed to secure his wife before being able to resume his Internet access with that same provider.

    So you too could so the same claim.

    Lastly there are proxies!

    I personally don't like them! They are usually SLOW and unreliable. In Theory using a frequently updated proxy list containing Anonymous proxy servers which hide your IP address and thereby prevent your from unauthorized access to your computer through the Internet. They do not provide anyone with your IP address and effectively hide any information about you and your reading interests. Besides that, they do NOT even let anyone know that you are surfing through a proxy server. The problem is not just that they are many times very slow but also that not all of them allow for use with torrent clients. It would also be ideal to have the ability to use a multi-proxy technique where-by rotating the available proxies used at the time based on their present speed ratings both in latency and throughput.

    There are also socks4 and socks5 options but I have yet to personally test their security. The most obvious test is to see if they are somehow forwarding client originating IP/DNS info.

    Last tip for those pirating wife, it helps if you are able to log into the router after you have managed to obtain access to the network and assuming the owner never changed the default lo gin/pass to the router to then change the settings to DISABLE LOGGING and maybe even change the password so they wont be able to log into it themselves to secure their wife without having to reset the router completely. I know that sounds a bit evil minded but HEY! you are already a pirate so whats the big deal!

    peace
    0160

    ReplyDelete
  23. "almost every other country with broadband or fiber optic connections use fixed IP.
    this is true for some asian countries including Japan and about all of Europe."

    Based on what? Your guess? Get your facts straight! There's still problems with IP's for everyone and IPv6 is still not implemented in the commercial arena, thus everyone cant't have "their" own IP address. Static IP for your inet connection, sure if you pay $8-10 or leave your computer running 24/7. None of the ISP's in Scandinavia (the region up north in Europe) offer static IP as basic service, costs extra. My guess is why would there be any difference in other countries in Europe and the world for that matter.

    Just my $0.2

    \TB

    ReplyDelete
  24. I gotta say that I always thought blocklists were useful for blocking ads from showing up in your browser. Otherwise, they're useless.

    ReplyDelete
  25. >>"You have a fixed IP adress? You >>want to change it? Try this: delay >>payment to your monthly fee a day >>so they suspend your account. Then >>pay it and voila, the next day you >>have a new IP adress"

    There's a much easier way to get a new IP address.

    In windows just enter the command "ipconfig /renew" into either a Command Prompt window or into the field that pops up when you do Start - Run.

    I'm sure there's a way to do it on a Mac or Linux box, just google.

    ReplyDelete
  26. "connecting to a tracker using a GET does not constitute copyright infringment. You must actually upload to (or possibly download from) the person checking for copyright infringement for you to be *infringing the copyright."

    Nonsense.
    If you know literally nothing about what is being discussed, why would you offer such an assurance ?

    Nobody just connects to a tracker. They connect to it for THE EXPRESS PURPOSE of reporting how much they've uploaded and downloaded. A fact that is confirmed when those stats change, when recording hash-authenticated data transferred. Okay?

    There is no human assurance about what you did which compares to the iron-clad guarantee the BT protocol itself provides.

    ReplyDelete
  27. Does the author really believe that the anti-p2p organizations will go to the extent that they would double or triple their costs by going after that 15% or so that use blocklists?

    The RIAA primarily uses the court system to scare other users away from P2P rather than only crack down on heavy uploaders, of which there are already enough who don't use blocklists. Why double or triple your efforts and costs to get a 15% more effect when you can ID 85% of users? Makes no sense.

    ReplyDelete
  28. Heres another good Idea. I have DSL W/Verizon. Everytime I reset / interrupt the modems power a few seconds, it restarts the connection with a new IP. I do it atleast once a day. I unplug it, wait 5 minutes and plug it back in. It resets the modems cash as well. When I am heavily downloading I do it a few times a day. This way their logs would not show a bunch of activity for one IP. NEAT HUH? They might see a little on monday's IP, but they dont no that tuesdays IP is the same guy. They dont get a name or anything from the ip until after a supena ( i no i mispelled it) therefore No 1 IP did a whole bunch of sharing and no one IP sends up a red flag, and hell, if they happen to monitor mondays IP they might not even be watching tuesdays. Some modems can be set to disconnect and reconnect at certain times themselves. I just got an Idea. I am gonna plug my light timmer into the modem and have it reboot evry 6 hours. Also I have slow uploads so I don't upload unless I have to on bitorrent or any other client, and no more then I have to. They seem to go more after the uploaders.

    ReplyDelete
  29. I do not agree that a blocklist is useless or harmful, I just think it's use is minimal.
    If we didn't run them we'd be making it easy for these anti-piracy groups.
    With so many of them being small businesses like internet sheriff? Yeah.. you need to make it as difficult as possible for them.

    ReplyDelete
  30. Block-lists are not just for anti-p2p. They have plenty of perfectly reasonable uses.

    One such example is to prevent annoying, yet necessary software from phoning home.

    They can also help with a lot of ad servers.

    IP block-lists are just a compliment to domain block-lists (eg HOSTS). There’s no reason not to use both in concert.

    ReplyDelete
  31. huh? I'm not gonna waste my time reading your long article because you are making it sound like that the blocklist won't work against dynamic IP, which it obviously can't.

    The blocklist works by blacklisting a range of IPs assigned to a domain (or nothing). For a company, organization, or government, changing static IP to another is not practical because it's too costly.

    Blocklist takes advantage of these inflexibility while the rest of us use dynamic (which is a lot cheaper).

    Bye.

    ReplyDelete
  32. You are an idiot and should not be "trying" to educate anyone on blocklists. Blocking _IPs_ is an effective way to block a remote machine, not by any sort of web address. Idiot. Also, FYI, in regards to domains, most domains _are_ assigned to a static IP unless you are on shared hosting in which multiple domains could all be assigned the same IP. You're welcome.

    ~J03

    And don't ever email me.

    ReplyDelete
  33. There is a way, if you use a blocklist, to have the DMCA protect you (under section 1201 no less) from the anti peer to peer crowd.

    http://zaphodb777.dyndns.org/DMCA.php

    is my version of the warning, and a more thorough description can be seen at...

    http://www.youtube.com/watch?v=zSInQi0oa9I

    Zap :)

    P.S. If you need a blocklist... try http://www.spambotsecurity.com/blocklist.php . I make a fresh one monthly.

    ReplyDelete
  34. Here's a better blocklist.. just block ALL U.S. IP's.

    ReplyDelete
  35. Before blanket bashing PeerGuardian (which has other uses, btw), please at least do some testing of your hypothesis. It is flawed both through experimental observation and theoretically.

    I quickly get a variety of anti-p2p and other IPs trying to access me when I download torrents. This suggests that the companies are relying on known IPs.

    Blocklists are continually updated and can be updated even if a dynamic IP strategy is employed.

    In the court system, the RIAA and MPAA have been proven to make many false positives, suggesting they really don't know what they're doing. In reality, companies are generally not as smart and diligent as you think they are.

    Your suggestions are peculiar and are not what would happen if they wanted dynamic IP ranges used by end-users. AOL discs? That's absurd. If you had actually ever tried an AOL try or even read about it on their website, you'd know it requires a credit card for the free trial, hence you can't do a trial more than once.

    They would just PAY for real accounts, why would they go through all that pain in the ass work? You don't seem to understand how corporate thinking works.

    You suggest that they'd just see the lists for themselves and work around them, but anyone running PG sees "hits" from them constantly. They are doing a bad job of it.

    They wouldn't get actual DSL/cable accounts, either, because it's ONE per household and then you've got that limited bandwidth (remember, you're monitoring numerous people). They'd need an expensive special arrangement with tons of DSL/cable connections. They would never do that.

    You know what they'd actually do if they tried? They'd pay the company directly to lease a large segment of their end-user IP space. It's much simpler and cheaper than your other proposals. This is assuming the ISP would let them muck around with and potentially get end-user IPs blocked on various services and assuming this doesn't get leaked.

    There is no evidence of this, of course. Assuming that they did that, you could update the block lists to reflect abnormally high usage end-user IPs with some expiration. It wouldn't be hard to write software that noticed some guy kept downloading stuff he already should have downloaded over and over. And if they are merely sending...well that's them giving away their own stuff. I suspect this may even be integrated into future torrent software to form a network of IP blocklists automatically formed.

    In conclusion, people should not be quick to throw out things just because they're not perfect. You don't get rid of the lock on your front door, so don't get rid of this.

    ReplyDelete
  36. Garble, Garble, Garble.

    I am a Technician for a major ISP for over 6 years now. Use whatever you can get your hands on. This year the ISP starting Tracing Torrent Downloading and would call the customer and warn them to stop or action will be taken. The ISP can see everything about the torrent / file. for example..The name of the file, the size, the episode, the season, the movie title. Anything and everything. So Garble, Garble, Talk all you want...!!!!!

    ReplyDelete
  37. No need to ramble on and on, If you don't like blocklist then don't use them. Don't try to discourage others from using them. It boils down to "Do blocklist help even in the slightest?" and considering some bad ip's are getting blocked then yes it does. If you block every IP you might want to consider a different blocklist or research how blocklist work. People don't use blocklist as a 100% fool-proof way of avoiding detection. Maybe that is where your logic is flawed. So when you get caught and I didn't because the odds sided with me (and you had no odds because you chose not to use them) maybe then will you regret not using them.

    ReplyDelete
  38. Nice entry. I do have one concern. If the copyright enforcers are downloading/uploading illegal files over p2p/torrent to catch illegal downloader's ip addresses, aren't they participating in the very same illegal act that they are punishing people for?

    ReplyDelete
  39. Nice tips.. Ben!
    I use a blocklist, It makes me safe, it really are. :)

    ReplyDelete
  40. What I use.

    http://www.torrentprivacy.com/?id=antip2p

    ReplyDelete
  41. so what agency do you work for and how many people have you helped catch for overpriced media. maybe if game componys gave a good demo then people wouldnt down them and not buy them ever. they would down an atiquite demo and then buy the game on its merrit not its hype. as long as these componys look at the commen user as easy target for revenue then pirates will be around to tell them hey your stuff isnt worth the 60$ i paid for a game done in 2 days. or hey i paid 60$ for the game and now i need to pay another 25 a month to play.

    ReplyDelete
  42. Wow, just wow. I don't mean to make seem like there's an echo in here but, the fact that something is not perfect does not make it worthless. If even a single "bad" ip is blocked by your software then it has done you a service. I believe the lock on a door analogy to be very good one. Just because it isn't perfect does not mean you should not use one, let alone actively encourage other people to do the same. Also as another individual pointed out, do you really believe that these people would go out of their way to identify us by the fact that we are not connecting to certain IPs and therefore must be using a blocklist and therefore guilty, when there are plenty of heavy uploaders who do not and can be easily caught. You sir, are not merely an idiot but something worse. You go out of your way to not only spread your idiocy but package it in such a way that everybody must be retarded for not having the same misconceptions that you do. You'll forgive us if I, and another few thousand people keep using our blocklists thank you very much.

    ReplyDelete
  43. What you're suggesting is kind of like saying.... "What's the point of a bullet proof vest? They can still shoot you in the head, or they might even use armor piercing rounds! Bullet proof vests are totally useless, you'd be stupid to use one."

    Yes, you're right that it is not, and nothing could be, 100% effective. But that doesn't mean they're useless. I use an IP blacklist, even when I'm not downloading anything, just as a supplement to my firewall. Aside from blocking different kinds of ads, spies, and possibly malware, I notice on several occasions that the blocked-connection log is full of blocked attempts by groups like MediaDefender, and even the DoD. They could just aim for my head, but if something can reduce my chance of being sued from 0.1% to 0.09%, then it's worth it.

    ReplyDelete
  44. There's a difference between a blocklist and a bulletproof vest though.
    There's evidence a bulletproof vest works. There's no evidence a blocklist works, and plenty of evidence that it doesn't.

    ReplyDelete
  45. The major hole in this argument is that it does not address the human element of the equation. 1) Executives do little, if any, of the actual work. 2) No one ever said Blocklists were 100 percent effective 3)I think an anti- P2P employee caught illegally downloading at home would face some serious questions at work the next morning! 4)When you have a corporate computer doing all the work, and you get paid regardless just to watch it,why the f%$#%$ck would you work at home?

    ReplyDelete
  46. Ok to adress in order

    1) Most antiP2P companies are small. When you think 'executives' you think the Pointy-haired Boss from Dilbert. However, when there's only half a dozen people in the company, EVERYONE works.
    2) Actually, that's EXACTLY the claim made by the providers of blocklists (and that they're the ONLY way to be safe at that)
    3+4) People work from home. I do. Pay my internet, and I can work in comfort, see my family, and I gain working flexibility. I've other friends that do it, and many's the night I've been sitting, drinking beers, while he works, and I keep him sane, then playing Rock Band or something else while a job is running (he's a DBA)
    It's easy to work from home these days, and telecommute. And we have actual examples of it in this industry too, (just look through the leaked ACS:law emails) Plus, certain places give you tax breaks, as it's considered 'green'

    ReplyDelete
  47. here is the biggest and most important factor the author missed out (which also backs up his claims) .....Anti-p2p companies still know WHO is downloading WHAT from the tracker/swarm data...
    - Blocklists simply block connections between you and them, they can still find out that your actually downloading the torrent and how much you have downloaded and shared back from tracker data they get from using modified torrent clients

    every man and his dog knows about blocklists so its for sure Anti-P2P orgs do too and will simply be running from various places to avoid detection... for e.g. at home..

    Blocklists are a WASTE of time when it comes to Anti-P2P blocking... they are good for blocking nasty websites though

    ReplyDelete
  48. ...I forgot too add...

    if you really want to protect yourself as much as possible then only seed back 1:1 and nothing more, regularly change your IP address by rebooting your router - like police after drug dealers; the Anti-P2P companies usually only go after those that are uploading a LOT as these are the people putting the files out for everyone to download - a sure win case for them in court, so to make it worth while in the thousnds it costs them they go for these people... rarely they will go for Joe Bloggs who downloaded 1 movie or song just to put try and scare the public from doing the same.

    ReplyDelete