BTGuard

[kluelos]

BTGuard is a paid service (US$6.96/month as of this date) that says it will make bittorrent downloading anonymous. It invites you to test and prove this by checking your own external IP before and after.

The service simply forwards your traffic for you, promising complete anonymity. Their site's main page says,

Your downloads will be routed through Canada which enforces some of the strictest privacy

laws in the world, ensuring the protection of your identity, even from your own ISP!

First, exactly how does this work? Your computer initiates a connection to the tracker, but sends the tcp packet to BTGuard. BTGuard substitutes their IP address for yours, and forwards the packet. Now it's out there on the net, reaches the tracker, deals with it, alll with BtGuard's IP address, not yours, on the packet. A reply packet comes to BTGuard, they change its destination IP address back to yours, and it's sent onward to you.

The world saw that interaction happening with BTGuard's IP address, not yours. This should supposedly keep you anonymous and safe. It's a simple forwarding service, the same thing as TPB's IPREDator service.

The first thing you should know is that Canada's privacy laws are NOT strict, and that as I write this, Canada is considering its own version of the USA's disastrous DMCA law. The well-known tracker Demonoid was originally based in Canada but was successfully sued out of existence there, going down completely for half a year until it found a new home.

Demonoid certainly found Canadian law no shield for them! Canada's privacy laws are no stricter than anyone else's, and are in the process of becoming much more MPAA-friendly.

The second thing to understand is that claiming to hide you from your own ISP, is absurd. The only way to do that is not to use the connection at all. Your traffic is still passing through their network, on their equipment. If you think you're being hidden from your ISP, try not paying your bill this month. You'll soon discover how hidden you were. If your ISP really wants to find out what you're doing, they will. Count on it.

The third thing to understand is that bittorrent gets most of its speed from incoming connections.

This is where technical support here at CometForums gets most of its questions, about how to allow incoming connections.

This is what port-forwarding through a router's firewall is all about.

We have one entire topic devoted to questions and answers about this one issue. It's the largest single topic on the whole forum.

Other peers have to be able to initiate contact with you for this to work. They have to be able to call you.

If they can't, then you are limited to just the peers that you call, which is much slower because there's only one of you and thousands of them.

If they can't call you, it's the same as operating in "no listen port" mode. you can do that, bittorrent will still work, but your download speed will be extremely slow.

Using BTGuard puts you in this no-listen-port mode permanently. An incoming connection has no way of finding you behind BTGuard, preventing that is the whole point of the thing. Their FAQ says,

Can I allow incoming connections?

Incoming connections directly to you are not anonymous. Please ignore any errors regarding incoming connections, you don't want them!

Which is quite simply a lie. You DO want them, and you want them very badly indeed. They are where most of your download speed comes from. Anyone who bothers to understand how bittorrent works, understands this. If you don't have incoming connections, your download slows to a crawl compared to what it was. it's true they're not anonymous. They can't be.

BTGuard is a service for the gullible, those who can't be bothered to learn what they are doing, instead buying into slick-talking, dishonest sales pitches like this, instead.

This service doesn't make you particularly safe, relying on Canada's weak-and-getting-weaker privacy laws; it certainly can't hide you from your own ISP; it will slow you down tremendously and has you paying for the privilege while lying to you about it.

[Lucy26]

Thank you kluelos, for protecting us from this deceptive service. :)

[greywizard]

I'm a little amazed that being a paid service and all, they can't/won't forward incoming connections as well.

Why on Earth then, would anyone choose their VPN service over all the other free proxy alternatives out there?

It's probably OK for Usenet though as far as speed goes, since it doesn't need open ports in the proxy.

But for the protection part, I agree. The best they could do is not to keep any logs. Other then that, when the police comes knocking to their door they could scramble the user database on the server if they had the time do to it.

And that's if they really care for your privacy anyway.

As long as the technology itself doesn't provide a strong protection of the user and there is a human component involved, you can never be sure of the results.

[Delta223]

Hi, you said

The second thing to understand is that claiming to hide you from your own ISP, is absurd. The only way to do that is not to use the connection at all. Your traffic is still passing through their network, on their equipment. If you think you're being hidden from your ISP, try not paying your bill this month. You'll soon discover how hidden you were. If your ISP really wants to find out what you're doing, they will. Count on it.

If encryption is used, then I would think the ISP could only read the volume of traffic coming through but not the content of it. All they would see is a frequent connection and lots of traffic to an IP in Canada, is this not correct?

[greywizard]

Yes, content encryption can hide the data content from DPI tools, but usually (at least for now) most of the ISPs don't inspect the content of your traffic for the purpose of restricting your connection in case you transfer copyrighted material.

They usually do threaten to restrict your connection only after being notified by third-party agencies working for copyright protection organizations such as MPAA/RIAA.

At that point it's pretty much pointless that they inspect your traffic since they have to notify you of copyright infringement anyway.

At this point a VPN encrypted connection with such a proxy type could supposedly help you from being tracked by those agencies in the first place.

Except that in order for this to really work well with BitTorrent, it should forward incoming connections as well so that your client can work at full speed.

[kluelos]

And at that point, by the time all that happens, you're in it so deep that it hardly matters.

But internet-standard encryption such as bittorrent uses is really simple to crack. It's not there to be "all but impossible to break, requiring sophisticated mainframes and years of computer time", etc. It's nowhere near even the PGP standard.

It's there so that an ISP, having NO interest in playing NetCop or harrassing their customers, can say, "oh, dear, look at that, it's encrypted, can't tell what it is, bye now MPAA." If they really want to know, encryption at that level isn't an obstacle.

It's like a Kryptonite bike lock -- looks good, but it won't actually even slow you down -- picking it's almost faster than having the key.

[Delta223]

BtGuard has optional 256-bit AES encryption which seems more heavy duty than the default encryption of some torrent clients. Or is this an encryption that can also be cracked in a few minutes/hours?

[kluelos]

I didn't see the above when it was posted, sorry.

256-bit encryption is, of course, much better than the default, but this misses the main points. First, the idea that BTGuard can (under Canadian law) and will shield you, is false. Second, encryption isn't there to be uncrackable. It's there so the ISP has an excuse not to try without being paid for cracking it. Thus, they can tell the MPAA to either pay them or go fly a kite.