Anonymous file sharing. BitTorrent over I2P

 

Anonymous file sharing. BitTorrent over I2P

Hornbeam
17 min

In a trivial file sharing scheme, there are users and a server that accepts a file from one user and allows others to download it. There are two weaknesses in this scenario: the network bandwidth of the distribution server and the centralization factor. The network channel of the server can provide good download speeds for several users, for example, a hundred, but if you imagine that thousands of users are downloading from the server at the same time, alas, the download speed for everyone will become depressing. You can also mention the speed of the server's hard drives, which in some cases contributes to a drop in download speed no worse than a weak network link. All this is the consequences of a centralized architecture, the main danger of which lies in the fact that the server's exit from the network is tantamount to a complete loss of the ability to download the file that it stores.

BitTorrent is the most widely used protocol for peer-to-peer file sharing, i.e. directly between users without dependence on a central server.

BitTorrent

BitTorrent supports several modes of operation, which in most cases are combined together: work through the tracker , PEX (Peer EXchange) and DHT (Distributed Hash Table). About everything in order.

First you need to clarify the basic terminology related to the participants in the torrent distribution:

  • Peer (peer) - a general designation for a participant in the process;

  • Seed, seeder (seed) - a peer that has the entire file. The user who creates the distribution is uniquely called a seeder, since at the initial stage only he has the entire file. That is why there is usually only one seeder in a new hand. If you have downloaded the entire file and have not left the distribution, then also become a seeder;

  • A leecher is a peer who downloads a file but has not yet downloaded it to the end. He can also distribute fragments that he has already downloaded to other peers;

  • Superseed (SuperSeed) - a seed in a special distribution mode, when it gives each downloader only unique fragments of files, thereby forcing the other participants to be more active (exchange the missing parts among themselves).

A tracker is a server to which distribution participants access to publish information about themselves and obtain information about other participants in the exchange. A user who has not yet downloaded the file, after receiving a list of peers, knocks on them with a request to give out part of the file. To implement the possibility of fragmented file download (rather than sequential from the first to the last byte in a row), the torrent distribution contains the hashes of the fragments of the final file. This allows you to download a file in separate parts from different users and check their integrity. The mission of the tracker is to accumulate information about the distribution participants and provide this information to the participants themselves. The torrent tracker does not in any way touch the final file, the exchange of which provides, it only brings the distributors and downloaders together.

To minimize the consequences of the failure of a torrent tracker, several trackers can be specified when creating a distribution. In addition, anyone can withdraw distribution to a new tracker. Thus, interruptions with one of the servers do not make it impossible to download and distribute.

PEX (Peer EXchange) is an extension of the BitTorrent protocol for exchanging member lists. The implementation is straightforward: in addition to file fragments, users exchange additional messages that carry lists of participants who have connected and disconnected from the distribution. This helps new users to quickly integrate into the file upload process, since there is no need to wait for the distribution node to contact the tracker, where it will receive a list of newcomers. Also, for the downloading participant, there is a new source of peers in addition to the torrent tracker.

Although simple in design, some BitTorrent clients have their own implementation of PEX that is not compatible with others. In addition, PEX is not a panacea, as it can only help those users who are already connected to the distribution (because PEX messages go through the usual BitTorrent protocol in the form of additional packets).

DHT (Distributed Hash Table) is a protocol that allows BitTorrent clients to find each other without using a tracker. DHT is fundamentally similar to PEX with the main difference being that it operates separately from the main BitTorrent protocol.

Each connected BitTorrent client is a separate node in the DHT network. It has its own unique ID (identifier), randomly selected from the same 160-bit space as torrent infohashes. Each node maintains a routing table containing contact information for many of the "closest" nodes to it, and a few more distant ones. The "proximity" of two nodes is calculated from the "similarity" of their IDs, and has nothing to do with their geographic proximity.

When a node wants to find peers for a given distribution, it compares the infohash of that distribution with the ID of the nodes it knows, and then sends a request to the node whose ID is most similar to this infohash. The next node, in turn, returns the address of the node whose ID is even closer to the infohash of the torrent. Thus, requests from clients participating in a torrent feed with a particular infohash gradually trickle down to nodes whose IDs are most similar to the seed's infohash. These nodes remember the previous requests of participants for a particular torrent and all subsequent requesting nodes will return the addresses of previous peers from the same distribution.

The DHT database is stored by the torrent client regardless of active distributions and is maintained until it is turned off or restarted, regularly accepting requests from other participants and checking nodes from its list for activity. The DHT database is replenished at any opportunity: when receiving a list of participants from torrent trackers, or from other peers via PEX or DHT.

Through DHT, an alternative way to publish a torrent without specifying a tracker is implemented. As a rule, such distributions are distributed as a text link instead of a torrent file. The string is called a magnet link and it necessarily contains the infohash of the distribution, which allows you to find the participants in the distribution via DHT. However, a magnet link may contain the address of a torrent tracker, which in most cases speeds up the search for peers. It should be noted that a magnet link and a torrent file without a tracker are useless if the end user does not have active DHT connections through which he can find a peer participating in the distribution with the desired infohash.

A lot of explanatory material has been created about the basic principles of BitTorrent, therefore, having understood the essence, we turn to the main topic of the article.

BitTorrent to I2P

The idea of ​​file sharing through hidden networks like I2P is not new. For an ordinary user, I2P torrent is notable for the practical impossibility of blocking distributions and trackers from providers, since I2P is a hidden network where the goal of everything is anonymity and the inability to track the source of traffic. The general paradigm of BitTorrent, like any peer-to-peer exchange, implies a direct connection between users. It is this feature that makes the usual torrents unsuitable for distributing files, the distributors of which Big Brother wants to catch and punish. For example, in some European countries great attention is paid to the fight against domestic piracy: games, films, series. Law enforcement officers, having connected to the distribution, track the IP address of the one who participates in the distribution of the cracked game, and then the user receives either a letter of happiness,

Publicly discussing the topic of anonymous file sharing is considered unethical, since our layman knows a circle of people who dream of anonymity: pedophiles, drug addicts, extremists, sectarians, sectarian drug addicts, and so on, follow the latest list on the air of federal TV channels. However, for a free-thinking and healthy person, the scope of anonymous torrents is drawn easily and without remorse. Remember WikiLeaksand other revelations of inhumanity, which are a crime for a healthy person, but under sometimes absurd laws, disseminating information about such crimes is already a crime like divulging state secrets. The possibility of secret transfer of files in such cases is equal to the preservation of one's own life, health and freedom. The need for anonymity is a broad topic, in which there is a place for a corrupt official, a mediocre anime lover, and debunkers of lawlessness, and - they tell the truth on TV! - criminals. As for the criminals, they don't need this article, they have already been successfully using technologies that, in principle, cannot be effectively blocked, and therefore banned. This material is addressed to a general audience and is educational in nature,

Resistance to censorship on the side of Internet providers and anonymity in front of the participants in the distribution is entirely provided by I2P technology. Watching from the side, it is almost impossible to trace the movement of I2P traffic and, therefore, its source. All users and servers have cryptographic identifiers instead of IP addresses. Identifiers have nothing to do with the actual location of the network member, but allow you to contact him. Read more about I2P in a separate article that answers most of the questions (and also see other articles on the topic in my profile).

There are several BitTorrent clients that can work over I2P. Periodically, new solutions appear or old ones are no longer supported by developers. Be that as it may, all applications in this category are divided into two types: those that can work both over the regular Internet and over I2P, and those that are designed exclusively to work through a hidden network.

Using a multi-network torrent client can be dangerous if used inappropriately, as IP addresses can be leaked. For example, a user has started downloading something via I2P, but he has active DHT connections from the regular Internet, and his client periodically accesses torrent trackers that are outside hidden networks. If a request comes in from a non-anonymous network that contains the infohash of a dubious I2P seed, the torrent application will respond positively and start relaying the seed from the dark web somewhere, perhaps to Big Brother. The ensuing consequences of leaking an IP address in a questionable distribution are difficult to predict, but nothing pleasant will come of it for sure.

On the other hand, multi-network torrent clients can be very useful for intentionally cross-network torrenting. For example, after downloading a movie from a clearnet tracker (from a torrent tracker from the regular Internet), it can be distributed in I2P for those who, for some reason, cannot or do not want to use a traditional torrent. In this case, it is important not to change the distribution so that its infohash is identical to the original one. This will ensure the maximum number of peers across all possible channels for new users: for those who download only through I2P, and those who combine sources from different networks.

The average I2P network speed at the time of writing is 40Kb/s. There are jumps over 100Kb / s, a matter of chance, but in general, with standard tunnel lengths (incoming and outgoing tunnels by default are three transit nodes long), the speed fluctuates in the range of 20-50Kb / s. It turns out that the real bandwidth of the seed is not critical, it gives the file to a specific user at a speed of up to 100Kb / s. This is the speed of a particular peer-to-peer connection, which depends on a lot of factors inherent in I2P, for example, the quality of transit nodes and their number between users. The speed will be determined by the worst member of the chain.

Leechers in an I2P torrent distribution play a significant role in speeding up the entire swarm (the totality of all participants in the distribution is called a swarm). Despite the low average speed for a single connection, when downloading and distributing popular torrents in I2P, the speed reaches 2Mb / s. This is possible due to the collective factor: participants distribute downloaded fragments to each other, forming new peer-to-peer connections between themselves. A lot of slow connections provide a good final speed, like streams, gathering, form full-flowing rivers. In fact, the BitTorrent protocol was created specifically for load balancing when sharing files, and its architecture is ideally combined with I2P.

I2PSnark torrent client

A list of existing torrent clients that support I2P can be seen in the i2pd documentation . If the list is incomplete in your opinion, you can add to it . Only I2PSnark will be covered in this article, as it has been the best solution for I2P torrents for many years. In addition to decent functionality, it is an I2P-only client, that is, it can work exclusively through the I2P network, which saves inexperienced users from the threat of an IP address leak.

I2PSnark appeared almost simultaneously with the I2P network itself (~2003). To this day, it is part of the I2P Java Router , which includes a number of applications beyond the basic function of connecting a user to a hidden network. I2PSnark communicates with the I2P router via the I2CP protocol, which is supported in the alternative, lighter and faster i2pd router , implemented in C++. To use I2PSnark separately from a Java router, you need to use I2PSnark standalone. You can build the binary file yourself from the source code, or use the build from the I2P+ project , which is a soft fork of the main I2P router with minor changes. A direct link to download the I2PSnark standalone binary is given on the above mentionedi2pd documentation page .

Java applications require a special runtime environment on your device (Java Virtual Machine) to run. You can install Java on almost any modern operating system. Download the latest release for Linux, Mac or Windows on the official page .

Before using I2PSnark standalone, you need to enable the I2CP interface, which is disabled by default in i2pd. This is done via the config file i2pd.conf: uncomment the line enabled = truein the section [i2cp]and restart i2pd.

You can find out where to find the configuration file on your system on the main page of the i2pd web interface, which is available by default at http://127.0.0.1:7070Look at the line Data path.

The downloaded archive of I2PSnark standalone contains files launch-i2psnarkand launch-i2psnark.batUse a bat file to run on Windows and a file without an extension in the name in any other case. When using on unix-like operating systems, don't forget to make the file executable ( chmod +x launch-i2psnark) before running it.

You need to interact with the running I2PSnark through the web interface available by default at http://127.0.0.1:8002It is intuitive and easy to learn. To change the language to Russian, go to the settings (the bottommost button, the gear icon), in the "User interface" section, change "Language" and click on the "Save Configuration" button below.

Pay attention to the "Tunnel Configuration" section, which is responsible for incoming and outgoing tunnels.

Hops are the length of tunnels in transit nodes. The longer the length, the more anonymous and slower the tunnels. The default is three hop tunnels, but for home use it's fine to have two or even one hop.

It is possible to run multiple instances of I2PSnark on the same device: short tunnels for uploading and downloading regular content and long tunnels for more sensitive material. To do this, copy the entire I2PSnark folder and change the file in the copied directory jetty-i2psnark.xml: find the value "port"and change the port number on which the web interface will be available.

For example, one instance of I2PSnark can use port 8002, and the second 8003To make it harder to confuse which instance you have open in the browser (long or short tunnels), use different skins.

Note: I2PSnark changes its I2P identifier every time it is launched, which is visible to other file sharing participants.

Uploading files and creating your distribution

To join the distribution, open the add menu (the top button with the plus icon).

In the "From URL" field, you can insert a magnet link, or a direct path to a file .torrentin your file system. The "Data dir" field specifies the path where the downloaded files will be saved. To start the download, click "Add torrent".

I2PSnark also supports maggot links, a variation of magnet introduced in Robert's I2P torrent client. Robert and his quirks are now out of use. Today, the term "maggot link" occurs mostly as a misnomer for standard magnets.

The second and more elegant option in some cases allows you to add a torrent without using the web interface: add the torrent file of the desired distribution to the main I2PSnark file storage directory. By default, I2PSnark stores torrent files and downloads in a subdirectory of the same name i2psnark/i2psnarkWhen you add a new torrent file to this directory, the application will pick it up and start the download process automatically within a few seconds.

To create a new torrent, you need to use the button with the magic wand icon. All that is required of us is to specify the full path to the file or folder to be distributed in our file system and select the trackers that will be immediately added to the distribution. If you create a distribution without using trackers, the search for peers will be exclusively on DHT. If you are not sure what to do, check the box next to each proposed tracker and select one as the main one. As a rule, Postman is the main one, since it is the oldest classic torrent tracker with a forum ( http://tracker2.postman.i2p ).

After clicking the "Create torrent" button, a distribution will be created, which will appear in the general list. For convenience, it is recommended to add the distributed files to the default I2PSnark folder so that everything is in one place.

The finished torrent file will appear next to the rest of the torrent files, from where it can be taken for posting on the forum or direct transmission to someone. If you click on the name of the distribution in the I2PSnark web interface, a window with information will open.

In the upper right corner you can find the distribution infohash, a magnet link (an icon with a magnet) and a link to download the torrent file (the rightmost one). When you click on the icon of the torrent file, you will be prompted to download the file that lies in the already designated place. To send a magnet link, right-click on the corresponding icon and copy the link it leads to. This is the magnet link ready to be posted.

Once you've created a distribution that you think is really important, try to ensure that you have the maximum seeding time so that at least the first few peers can download the entire files. After downloading someone else's distribution, do not leave immediately, sit if time and disk space allow. Gentlemanship is appropriate everywhere.

Getting to know I2P torrent trackers is beyond the scope of this article and falls entirely on your shoulders. However, there is nothing complicated: arrange distributions clearly, informatively and beautifully.

Sidbox

Seedbox (seedbox) - a device that serves for the constant distribution of files. As a rule, it is assembled from single-board computers and external HDDs. However, any device capable of running an I2P router and a torrent client at the same time with the highest possible uptime and disk space will do. Seedboxing includes not only the constant distribution of your files, but also the support of other people's distributions at least during the release week. This is a kind of subculture, turned on the free exchange of information, imbued with altruism and hard drive price tags.

Someday we, enthusiasts, will get to a detailed review of the successful assembly of the seedbox from sticks and electrical tape, but for now we will limit ourselves to tips:

  1. The minimum amount of RAM on the device to run i2pd and I2PSnark is 512MB, comfortable with a margin of 1GB.

  2. In the long term, active distribution of torrents has a bad effect on the lifetime of hard drives, since during torrenting there is an active work with the disk with a constant change in reading places. Especially if there is a simultaneous distribution to many participants. Because of this, you should prefer several smaller disks than, for example, one disk for several terabytes. This will increase the overall performance of the system, and the failure of one drive will not lead to a complete loss of information. Unless, of course, you get to the point of using RAID - drive mirroring systems between each other to prevent information loss if one of them fails.

  3. Due to the probable failure of disks, it is desirable that the operating system is on a separate physical disk, rather than where the torrent content is stored. This is especially true for single-board computers, where the operating system runs on an SD drive, which in itself is not famous for durability.

The topic of seedboxes based on budget single-boards becomes especially relevant in light of the news about the release of the Linux 5.15 kernel with support for SMB and NTFS, which opens up new horizons for weak hardware, but this is a topic for a separate discussion...

Postscript

Decentralization and the development of free technologies are impossible without the participation of ordinary people. If we don't want to depend on the policy of file sharing and restrictions on the part of the provider, everyone needs to contribute what they can. At the initial stage of popularization of I2P torrents, seedboxing is a critical element that contributes to the development of technology. Already today, torrents in hidden networks are common in countries where the situation forces it. Gradually, the practice of bans and fines is spreading to other regions. Think about whether you can allocate a few thousand rubles to buy a single-board computer and a couple of hard drives to organize your seedbox? Even if you have not dealt with Linux and do not understand what an SSH connection is, believe me, entering the exciting game of free technology and publicity will pay off all the hours and nerves spent on mastering these basics. In my opinion, the culture of free software and hidden networks allows each user to be an equal participant, a custodian of technology and information, which captures no worse than a top online game, but with one big difference: you do not degrade, but develop.

Просмотры:

Коментарі

Популярні публікації