this post was submitted on 10 Apr 2024
200 points (98.5% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54500 readers
646 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If they are trying at great leghth to block IPs associated with piracy, it isn't that much harder to get known VPN IPs blocked too especially when they could use the 'why won't someone think of the children' card and claim VPNs are solely used for CSAM and drug markets.
The smart move would be to skip VPNs and move over to I2P. For those who don't know I2P is kinda like if tor and torrents had a baby that was a VPN on crack. Unlike a VPN where your traffic is encrypted and sent to one centralized server, I2P encrypts and routes your data through multiple servers and unlike tor every client by default is a node that data can be routed through.
But at the same time I2P is still built upon TCP/IP so it's still like encrypted yodeling. Finding out who's likely yodeling down movies is rather easy. The protection instead lies in the high barrier to prove exactly which movie and when so as to pass the barrier for court admissable evidence.
Now don't misunderstand me, I2P is great stuff and I've used it on and off for years, but it shouldn't be treated as the holy grail of safe and secure communication. Nothing can truly be that if it's built on TCP/IP for fairly obvious reasons.
Maybe I'm missing something but how could finding out who's yodeling a movie be rather easy when you would have to decrypt the traffic to determine if it was a movie and not just normal traffic? I get that because of TCP/IP you can tell someone is using I2P but wouldn't you have to compromise the garlic encryption layer to determine what exactly they are doing?
That's what I'm saying. It's like everyone knows some college kids smoke pot from the smell in the dorms, but Police can't legally search room by room to find out who it is, they need a search warrant which they need more than a general suspicion that someone in the dorms smoke to get.
Same with I2P, it's done in a public setting so from traffic patterns we can be pretty sure someone is downloading a shit ton, and that it's likely illegal content. Residential IPs have little reason to consistently download several GB files on a daily/weekly basis, streaming and download also look vastly different profile wise and at least no one I know of go to those lengths to try and mask their traffic patterns by trying to make streaming look like download or vice versa.
But as I said and you reiterated, you still need to crack the encryption to actually prove it in court. But given a specific target there are many ways to do that. A generic approach is likely not going to happen. Which means that I2P is secure much like having a secret chat in a crowded place like Grand Central Station in NY. You know that people are meeting there to chat about illegal stuff but you don't know who. It becomes much easier if you know who to follow and eavesdrop on, but of course still not easy.
It is however nowhere near as safe as communication over channels that aren't public to begin with. But such of course do not exist outside military and other special contexts.
It's true, it's not a silverbullet, but it's probably the next step to piracy and illegal content, IF someday they find a working solution to break torrent over the clearnet.
They already found a simple elegant working solution for the common user: Block at the DNS level in the router. While this works for most non techy user, most of us already use a VPN or know how to change the default DNS server.
Yes, it's the next step and an evolution because it is far more of a trust less approach. With VPNs you need to trust your provider. If they "give you up" then you're well and truly fucked. For I2P there is no way for a malicious node operators to parse out who is doing what. And the source code you can vet yourself so no need to trust it. Still if you have actors working together in the nodes, the torrent provider and at the ISP level then you can most certainly find a way to break the layer of secrecy. The barrier is however vast and so far police haven't spent that much effort on piracy because it isn't a serious crime in the eyes of the law. And I don't foresee that they will for many years.
It's also far more accessible than say Usenet and VPN+private trackers. Which is a very good thing for privacy in general.