RealTime IT News

P2P Users, Beware: You Will Be Tracked

What are your chances of becoming the next Jammie Thomas? With the recording industry's decoys, about 100 percent.

Thomas became the unwilling poster girl for digital piracy after a federal jury found her liable for willful copyright infringement after she used the peer-to-peer file-sharing network KaZaA to copy 26 copyrighted songs and distribute another 1,702 digital audio files. Her fine was an uncivil $220,000.

Think it couldn't happen to you? The Recording Industry Association of America (RIAA) has reportedly started to use decoys: people who participate in P2P activities to find illegal files and identify who's passing them along.

The RIAA's relationship with Media Defender, a service that places decoys and spoofed files to thwart those looking for copyrighted material, came to light when company e-mails were leaked.

A study by University of California at Riverside graduate student Anirban Banerjee and computer science professors Michalis Faloutsos and Laxmi Bhuyan found that if you frequent file-sharing services, you will meet the decoys.

Out of more than 100 gigabytes of TCP header data from three continents between January 2006 and March 2006, 100 percent of their test nodes ran into the decoys.

But the analysis showed that few media companies -- less than 0.5 percent -- are out there trawling for illegal swapping.

According to the study titled "P2P: Is Big Brother Watching You?," "blocklist" software was quite effective at reducing the risk.

Products like PeerGuardian, Bluetack and Trusty Files let you set up lists of IP addresses you want to block from access. They can be used with lists of IP addresses suspected of being used by decoys; these lists may be produced by developers or vendors.

For example, PeerProtect claims to generate a list of all addresses used by the RIIA and the Motion Picture Industry Association.

Blocking only the top five IPs on the community blocklists lowered the risk of being tracked to just about 1 percent.