
The Pirate Bay is an FBI honeypot? A disconcertingly plausible conspiracy theory - nreece
http://motherboard.vice.com/read/the-pirate-bay-is-an-fbi-honeypot-a-disconcertingly-plausible-conspiracy-theory
======
simplicio
The article gives rather short shrift at the end to what seems like a pretty
strong argument against this theory, which is that it isn't clear what it
would get the FBI. Is there any info they can get from running the site that
they can't from just logging torrent traffic?

Plus, while the FBI is allowed to facilitate minor illegal actions during
under-cover operations (like having one of their agents work as a mod at Silk
Road), this would involve them essentially paying for and running the
infrastructure for hundreds of thousands of acts of piracy. I'm pretty
sceptical the people in charge would sign off on that, especially if most of
the information could be gathered using other methods.

~~~
sarciszewski
> Is there any info they can get from running the site that they can't from
> just logging torrent traffic?

Yes!

They can glean the IP addresses of the people who upload torrent files to TPB
by running a honeypot. There's a much stronger case going after the providers
of stolen material than the consumers.

Does that mean they're doing that? I don't know.

EDIT - REPLY LIMIT HIT - REPLYING HERE SINCE I CAN'T RESPOND BELOW

> If that's what they wanted to do, couldn't they just set it up so they
> continuously downloaded all new torrents and looked at the ip of the initial
> seeder?

How do you know you got the new seeder and not the first consumer? That's less
reliable than "hey look an HTTP/1.0 POST with the exact torrent file came from
this IP address at this time".

~~~
dwild
Well one of them will have 100% of the content and the other one 0%...

~~~
sarciszewski
Sure, but you can also exchange bittorrent packets before the .torrent file is
uploaded to TPB. How do you know the seeder is the original distributor? :)

~~~
dwild
Well the same apply to the torrent file.

~~~
sarciszewski
Yes, but BitTorrent users seed without realizing it. Whereas uploading a file
to The _Pirate_ Bay is an intentional act of copyright violation. Easier sell
to a jury.

------
failed_ideas
FBI honeypot? Why bother, just cross reference your advertising shadow
profiles with a few trackers of what you're interested in. Combine that with
the scrape Canada is doing with all the download services, and the pre host
intercepts to AWS, Google, Microsoft, etc... that the NSA is doing and you
capture all the file transfers for all but the savviest of people. Operating
TPB would expose them to potential liability at home. I highly doubt the
MPAA/RIAA/etc... are not going to sue if they found out the FBI is directly
responsible for disseminating 300K copies of frozen and Taylor Swift's album
for free to capture the fairly useless proxied VPN of the uploaders. America
and Canada have proven that they don't need to operate the hosts, they can
capture all the data just fine without exposing themselves to the risk.

Regardless, assume the FBI/NSA/CSIS/MI-X/etc... are capturing everything you
do including the comments on here, reddit, twitter, Facebook, 4-chan, torrent,
tor, and really everywhere else. The can unravel that onion, so unless it's
carefully encrypted, and it on the internet, assume the governments either
have it or have access to it.

~~~
PlzSnow
Why would I assume that the FBI/NSA are capturing everything I do online? It's
an absurd proposition without a shred of evidence.

~~~
celticninja
The capture everything done online and store it. They can wait until you
become a person of interest then plug your email address and name into the
system to get your Amazon, eBay purchases, Google searches, FB comments and
likes, GPS data from your phone to see where you went, who you were with by
cross referencing FB friends and their phones GPS data.

They are not looking at you specifically but they are keeping your data in
case one day they do want to look at you.

~~~
lione
And the fact that there isn't nearly enough storage capacity being created in
the world to contain said data for any reasonable amount of people?

~~~
emergentcypher
Storing text data isn't nearly that costly. Audio as well. I think they have
the capacity to easily store the audio contents of every phone call made in
America. Video is another question.

Much of what they capture can be stored temporarily for filtering, saving what
looks interesting and discarding what isn't.

Sure, we can concede that they aren't storing absolutely everything. The point
is: they're storing __a lot __, and they 're trying to store as much as they
possibly can.

------
jgrahamc
_The main concern people seem to have is the site 's use of CloudFlare, a
content delivery tool company that can protect sites from DDoS attacks and
help manage a large influx of traffic.

To do this, it grabs IP addresses (a number assigned to each internet-
connected device by its internet service provider that can often be used to
identify a person), which conspiracy-minded folks say would be a nice thing
for the FBI to have. Theoretically, if CloudFlare is saving these IP
addresses, the FBI could subpoena CloudFlare for that data. And if the
government is actually running the site, then it would have those IP addresses
by default._

This is a very confusing argument. If the FBI controls The Pirate Bay then it
wouldn't need CloudFlare to be able to get the IP addresses of people
connecting to The Pirate Bay because... they'd be The Pirate Bay and so would
see people connecting.

~~~
sarciszewski
I think a more convincing argument is that they're relying on CloudFlare to
hide the IP address of the server, which is probably not very covert.

[http://www.wired.com/2013/08/freedom-
hosting/](http://www.wired.com/2013/08/freedom-hosting/)

"It just sends identifying information to some IP in Reston, Virginia."

If the FBI does nothing else, they learn from past mistakes.

~~~
eli
Wouldn't a non-FBI owner of Pirate Bay also want to obscure the IP of the
server just as much? I don't really follow this argument.

~~~
sarciszewski
> Wouldn't a non-FBI owner of Pirate Bay also want to obscure the IP of the
> server just as much?

Yep.

> I don't really follow this argument.

It's not a piece of evidence in favor of the FBI being involved. It's an
explanation for why they would use CloudFlare and/or what they would use CF
for.

As I said elsewhere, I don't really buy the arguments. But I don't use TPB
either. The only torrent I download are Linux/BSD ISOs. So I'm not going to
risk my freedom on not buying arguments. :)

------
tinco
What is also a disconcertingly plausible conspiracy theory? The recording
industry spreading the rumor on Twitter that filesharing sites are being
monitored by the FBI.

Not that I believe that, but it's simple to point out that all evidence for
this theory is a bunch of Twitter messages with second hand information.

Nice journalism on Vice's part..

------
jrochkind1
This argument doesn't make any sense at all.

If the FBI were running PirateBay, why would they need CloudFlare to grab IP
addresses?

Who knows if the FBI is running the new pirate bay, but this article provides
no particular reason to think so.

~~~
sarciszewski
> If the FBI were running PirateBay, why would they need CloudFlare to grab IP
> addresses?

More like: They're harvesting IP addresses, and they're using cloudflare to
disguise the IP address of the server? That's what I would do if I were an FBI
cybercrime team member assigned to this case.

------
Beltiras
They could be, but then they just don't understand the tech involved. If you
want to log who's seeding, just hop onto the torrent and log away.

~~~
anon4
Which would be less honeypot set up by the FBI and more FBI agents loafing
around the park covertly checking which of the thousands of people singing
copyright infringing songs also swap pictures of naked children.

------
madaxe_again
Ironically, those of us who live in countries where access to TPB is censored,
like the UK, have to use tor to access TPB - and therefore this method of
tracking would be utterly ineffectual.

If it is a honeypot, it's pretty crappily made one, with honey dribbling out
through a crack and "hunny" written on it.

~~~
AlyssaRowan
Actually it's currently _not_ blocked on the ISPs I've tested, and I know why.
The existing order doesn't cover CloudFlare, and much of the blocking was IP-
based false route injection, not DNS-based or HTTP-Host:/TLS SNI-based.

If there is no existing censorship infrastructure installed at the respondent
ISPs which can fulfil the terms of the existing court order, the applicant may
need to go back to court - and it may need a re-hearing, as the order was
allowed only on the basis that existing infrastructure _could_ do it. I don't
think the Digital Economy Act site blocking provisions made it in, so there's
no primary legislation, no case law that I know of (bearing in mind I'm just
an interested layperson!), this specific thing was discussed and specifically
dropped in Parliament, and the balance of harm has changed.

I don't know if it's a honeypot - the staff are reportedly locked out, and
CloudFlare (US) might be as neutral as they can be when it comes to what they
reverse-proxy, but _The Pirate Bay_ (real or not) is possibly the most
internationally-notorious website in the world; a ruthless test of
CloudFlare's legal and technical resilience if it's _not_ FBI. (I certainly
wouldn't expect them to hold the line in these circumstances!)

But I can't see what the site itself would really get the FBI/etc. that they
can't get by easier means: these are all public torrents and they run no
tracker.

Either way, I'm getting popcorn.

~~~
jrochkind1
Woah! Good observation!

Yeah, this could get good. Will countries block Cloudflare entirely,
potentially forcing cloudflare to refuse to have piratebay as a customer? Will
they require cloudflare to provide special IP's used just for piratebay? Will
they give up?

It would not have occured to me that something as simple and widespread as
using cloudflare -- so widespread by 'legit' businesses that nobody can think
it's just a tool for criminals -- would put such a wrench in current
censorship attempts.

Go internet!

~~~
AlyssaRowan
There's some precedent in that: for example, certain actions against the
Chinese "Golden Shield" involving blocked content and well-known CDNs. They
_were_ willing to, um, "harmonise" it, almost no matter what the cost.

I'm calling the bluff of Western governments taking the same line. They ask
about it, sure, and they'd do it to little sites that wouldn't fight back or
that they rule illegal, but to do it to powerful, well-known, extremely
popular sites is a huge, overt, draconian step: one they and the populace
supporting them will hopefully find too distasteful to bear. One that reminds
them about the cost, drawbacks and hopelessness of what they are doing, and
forces them to ask the hard questions about whatever they think the benefit
is, and whether it's really worth it.

It's an interesting anti-censorship tactic I've studied for a while. It _is_
however essentially playing chicken with nation-states to see what collateral
damage they're willing to accept to take control of what their citizens have
access to before they give up, however. It thus may fail, but the stakes can
always, potentially, be raised again. The _ultimate_ failure mode for it is a
nation-state deciding to disconnect from the internet completely - but that's
what so-called "guerrilla networking" is for, because _fuck_ that noise.

The tactic is also potentially applicable to even the most advanced DPI-based
protocol blocking, if you have a indistinguishable link protocol and a set of
techniques to masquerade such a protocol as more recognisable protocols. I
don't have anything to release regarding that yet. <g>

~~~
jrochkind1
I feel like if, say, the UK, actually blocked Cloudflare -- Cloudflare
wouldn't just take it, it would be too hard for their business.

They'd try to work something out so the UK really just could block piratebay,
or they'd fire piratebay as a customer.

Either one of which would be really bad PR for cloudflare among the digirati.
They wouldn't want to do it. Perhaps they'd manage to work something else out
with the (eg) UK government. But I don't think they'd just accept all their
customers being blocked, they'd lose too much business.

No matter what happens, it'd keep the topic in the news, and demonstrate what
a mess it is, so be a success on that front.

------
rnhmjoj
I think they would monitor who is actually sharing the copyrighted files with
bittorrent, not who log into tracker sites. There is nothing illegal with
visiting the pirate bay, right?

~~~
Shank
Correct. Even clicking a magnet link or getting a torrent file doesn't say
you'll connect to the swarm and download it. You're only pirating once you do
that, and you start getting pieces of the files in the torrent.

------
ChrisAntaki
> “In a post-Snowden world,” Sanabria said, “nothing would surprise me.”

That's the spirit.

------
sys32768
I read somewhere a few months ago many websites through TOR had suddenly
started popping up CAPTCHAs on CloudFlare, which apparently requires enabling
JS. Why would CloudFlare start doing that to known TOR users?

------
skidoo
I've always been weary of TOR, considering its origins. And I think Silk Road
was co-opted ages ago.

~~~
jackweirdy
Presumably you’re also weary of all encryption algorithms that have ever come
out of NIST then.

~~~
lawnchair_larry
Probably not the best example anymore.

------
rilita
It's unsafe to torrent on a IP that can be connected to you. Nothing has
changed. Carry on.

------
junto
Decentralize all the things.

~~~
eloisant
Well Bittorrent is decentralized, because you can use one of the other dozens
of torrent sites that exist besides TPB.

~~~
xyzzy123
Yep. The protocol is one thing, but what's also needed is distributed
curation. This is a trickier problem that no one has solved yet [for a
universal system where no-one has to go to jail].

There's a user story in this: "I use this thing to get stuff that I want". If
the system backing that action isn't distributed then it's vulnerable.

For the average user, a legit torrent site is indistinguishable from a spam
site. TPB have actually done an enormous service to the Internet for years by
reducing the amount of malware installed by "download assistants" and so on.
Despite the issues with many of the torrents themselves.

~~~
sarciszewski
> This is a trickier problem that no one has solved yet [for a universal
> system where no-one has to go to jail].

[http://yacy.net/](http://yacy.net/)

[http://conferences.sigcomm.org/sigcomm/2013/papers/sigcomm/p...](http://conferences.sigcomm.org/sigcomm/2013/papers/sigcomm/p303.pdf)

The pieces are there, it's just a matter of motivating a group of
sophisticated developers to tackle this problem.

~~~
hamstergene
I don't see anything by that links about how they plan to fight off spam, scam
and unwanted content (drugs/terrorists/illegal porn/etc).

The problem is that the first moment such network gets traction, someone will
set up a robot which will make submissions of random data named "Game of
Thrones S0xE0y" every second, effectively rendering search useless. The real
challenge is to solve problem of decentralised moderation, not to create a
decentralised network.

------
stefantalpalaru
It doesn't make sense. You can get 99% of the real IPs by simply connecting to
each swarm.

~~~
porpoisemonkey
I don't necessarily subscribe to the theory but one possible angle is that
they want members to log into the site. I suspect that it's easier to prove a
user account (with a privately held secret password and activity history)
belongs to an individual than just an IP address.

------
TheOtherHobbes
I'm not so sure about TPB.

4chan, however...

~~~
cLeEOGPw
Who is this 4chan you are talking about?

