

Show HN: AnonTorrent - runn1ng
http://www.karelbilek.com/anontorrent/

======
moontear
Whilst I like the service to the wanna-be-hidden uploader I think this puts
you into too much risk yourself.

Imagine someone creates a torrent containing child pornography (of course
taking the most extreme example) and uploads it to your server - YOU will be
responsible for being the initial seeder of this torrent. I don't believe the
laws in the Czech Republic will care that you tell them "oh, but it ain't my
data - somebody anonymous uploaded it to my server". You still are seeding it
to others.

~~~
runn1ng
Not sure about the laws.

I will surely provide the source code after a while so anyone can do an
anomymous seedbox like this. otoh, it's not that easy to set up... you have to
get the torrent service (I am using transmission-remote) and the tor hidden
service running

I think the risk is comparable with running Tor relay.

------
Havoc
While I approve of the concept in principle, I fear all the wrong types of
people will make use of it. And I don't mean pirates...

~~~
thechut
I think he is trying to make something that is open for everybody to use.
Trying to control what people use it for is like Comcast trying to throttle
bit torrent traffic

~~~
Semaphor
Yeah, I'm sure he'll be proud of that in prison;) This is not about the
morality of it but about the risks for him.

Besides that, it's not the same. People are free to use any other service
while comcast is the gateway and for many the only choice.

------
spindritf
The idea and implementation are clever but in essence it's just a custom-
tailored Tor gateway, right?

------
runn1ng
It is verry possible that if more people try it, my server won't handle the
traffic.... let's hope not

~~~
NiekvdMaas
I like the idea of this project, but how long do you think it will take before
your seedbox host gets complaints and shuts down your server? Especially if
you'd charge for this service, you can expect a storm of legal action.

~~~
runn1ng
I hope that by the time it gets 20 seeders, the torrent has enough "life" to
sustain itself, but it's not yet so popular to get any complains.

------
glomph
At 50Mb files, what the hell is the point? Just find an unsecured wifi
connection and use a file locker site.

~~~
thesteamboat
You appear to have missed the words "alpha" and "proof of concept". Further,
this is explicitly mentioned as an alternative to file lockers, on the grounds
that they can delete the file in the future.

Whether or not this is a good/productive/useful idea remains to be seen, but
you haven't really raised a substantial rejection.

------
derrida
I support what you are doing, but I have some questions.

What are you doing to stop your location leaking through torrent trackers? I
believe bit-torrent through Tor is not anonymous in and of itself. Is your
torrent client doing hostname lookups via the conventional UDP? Have you made
sure you are not leaking these requests? There have been many privacy leaks
through bittorrent clients in the past, and I was wondering what steps you
have taken to mitigate against this possibility.

~~~
sp332
It's not BT through Tor. Which is good because BT over Tor is a terrible idea
:) You sent your file to his server over Tor, and he seeds it via completely
normal means until there are 20 other seeds.

~~~
derrida
Ok. So the "hidden service" is not intended to be anonymous then? Just as a
check to ensure that the user knows they are on Tor? Because, in order to be
the first seed, you will generally leak your IP. If not, what steps have you
taken to make sure the first seeder (the host of this service) are anonymous?

~~~
sp332
You send your file over Tor. That way no one (not even him) knows who you are.
Then he seeds your file for you. You remain anonymous.

~~~
mike-cardwell
Yes, but that's how Tor would work even if he wasn't using hidden services.
The point of a hidden service is to give anonymity to the server as well as
the client. But in this case, his server isn't getting anonymity because it is
simple to locate.

~~~
makomk
It also protects against man-in-the-middle attacks by exit nodes, though I'm
not sure how important that is in this case.

------
return13
Why not mix AnonTorrent with Anomos (<http://anomos.info/>) ?

~~~
runn1ng
That seems... awesome.

If this worked as advertised, there would be no need for AnonTorrent :)

