どのようにしてBitTorrentトラフィックをTorで匿名化できますか?


46

数年前のThis blog postは、TorではなくBitTorrentサービスを使用することは、いくつかの理由で悪い考えであることを示唆しています。ただし、これらの問題を解決するための修正も提案されています。

BitTorrentクライアントをTor経由で使用しても安全ですか?設定方法を教えてください。

56

The blog post is still accurate. Please don't do it.

Sending your BitTorrent traffic through the Tor network would overload it even more. It isn't designed to handle such things -- the Tor network has much less capacity than it has users wanting to use it. And since it's zero-sum, every person trying to BitTorrent over Tor means many more people in Syria who can't get to their Facebook pages.

We've even been exploring mechanisms for throttling "loud" users, to make it even less worthwhile to try to BitTorrent over Tor:

That said, it should be fine to just fetch the torrent files themselves over Tor. That's even what the Pirate Browser folks are trying to do. And it could even be OK to send the tracker traffic over Tor. The trouble there is that it's a slippery slope, and so far everybody who has made a check-box in their torrent software for just tracker traffic also makes a check-box right next to it for the bulk traffic. Since we don't want to get into the business of writing more usable (and more Tor-friendly) BitTorrent software, it's simplest just to tell people not to do it.

If you need alternatives, consider i2p, or gnunet, or just getting a VPN somewhere.


12

As Roger Dingledine wrote, please do not do it. He also described good alternatives.

Basically some torrent clients allow to communicate over a socks proxy so they can be redirected to a Tor client acting as a socks proxy. In fact in many cases there could be a lot of information leakage as described in this paper: Compromising Tor Anonymity Exploiting P2P Information Leakage so the effort and discomfort caused to other users could be useless.


11

As Roger and pabouk have said, just don't do it. It would hog too much of Tor's bandwidth, and probably for something that doesn't require that much anonymity. Just use a VPN, or (if it really matters) two or three chained/nested VPNs. It's easy to chain two VPNs with just one Linux VM (one in the host, and another in the VM). With good ISP speeds and good VPN services, you can get 10-20 Mbps each way!

Also, even if you totally block leaks (for example, by routing a TCP-based VPN tunnel through Tor) your traffic signal will stand out very clearly. It's like a snake eating a pig ;) Finally, it will be far too slow to be workable, even without specific throttling (which Tor really needs, by the way).


22

As others have said, this is something you shouldn't do. However, for the purpose of actually answering the second part of your question, you can do it fairly easily. In your Torrent client's configuration screen, look for a section called "proxy" or "network connection" etc. and set it up like the following example (using Deluge here):

Deluge configured for Tor use

The important part is just to use 127.0.0.1:9050 as the proxy. Also note that 9050 is the default port, but it may not be the same on your installation (or if you're using the browser bundle). You'll have to look up the orport value in your torrc file.

If you don't have separate options for different types of Torrent traffic, please don't do it. This will send all traffic (including peer-to-peer traffic) through Tor.


9

If you want to do this you should really try I2P. It comes with Bittorrent built in and I2P has many similarities with Tor.

https://geti2p.net/


5

Sending Torrent traffic over Tor is a bad idea for three main reasons:

  1. It doesn't make you anonymous. Torrent protocol wasn't designed with anonymity in mind and there are a million ways you're going to leak your actual IP address.
  2. Tor is a TCP only network.
  3. While this doesn't give you the anonymity you wanted, it will hurt the network for other users. (See @RogerDingledine's answer.)

Also make sure you read this official blog post: Bittorrent over Tor isn't a good idea


2

In theory, it doesn't compromise it any more than torrenting already does.

What you should be wary of is cross-contamination, fetching a torrent over Tor then loading into your torrent client. The torrent file or magnet link itself could be "tainted" to link the identity that downloaded the torrent file to the one that connects to the trackers/DHT.

Ensure you're using a fresh Tor Browser session by using New Identity before you ever do this, and use New Identity again once you're done to avoid cross-contaminating any anonymous or pseudonymous identities you might have with the identity participating in the peer-swarm.