How To Actually Torrent Privately & Anonymously For FreeCategory: darknets
A 6 Minute Read
09 Feb 2017
Image By Shane Adams
Support The Tin Hat on Patreon! Just one dollar makes all the difference in helping me write more content!
Despite all their political baggage, torrents are undeniably one of the most efficient and effective ways to distribute data. Their speed and resilience are part and parcel to their popularity. However, because of their design they also easily expose those who use them.
Political/social/philosophical debates aside, torrents present a serious privacy problem for their everyday users. Indeed, anyone can watch who torrents what. This tutorial will describe two separate ways, each with their pros and cons, to route around this issue.
Weak Privacy, Fast Speed: VPN
The most popular method to achieve privacy while torrenting is to use a VPN. Of course, this comes with a very large caveat that will be covered shortly. Nevertheless, VPNs work by routing your traffic through a given server, often in a location of your choice. Importantly, the server that routes your traffic will also route the traffic of hundreds, if not thousands of other users. Assuming that the VPN company doesn’t log who is using the VPN server (a big assumption), there’s no way for the average actor to tell where the traffic came from behind the VPN.
What this means is that if you’re downloading a given file using torrents, all the peers that you’re sharing with will only see the VPN server’s IP address rather than your own. Of course, they can still approach the VPN company to try and determine who was behind the VPN, but most decent VPNs promise not to hand over this information. Moreover, if your ISP is watching they will also only see garbled data instead of the actual files, because VPNs encrypt all the data that passes through them.
Now for the caveat: unfortunately, VPN companies work exclusively based on promises, and promises are easily broken without you, the customer, ever knowing. While a VPN company may claim not to log traffic, you have no way to verify that they’re keeping to this promise. When faced with the threat of legal action a VPN company may very well just reveal your information, rendering the privacy they claim to provide completely null.
With that said, VPN companies are also extremely reputation based, and if a user were to face negative consequences because the VPN company broke their privacy guarantee, then news would spread like wildfire and they would likely lose much of their business quite rapidly. Moreover, VPNs are also quite fast, allowing you to download files quickly. Whether you accept these risks is a decision that is exclusively your own.
If you do head down the path of VPNs, know that you’ll want to either find one that has drop protection built into the provided software, or (if you’re on Linux) check out my tutorial on using firewall rules to protect against VPN drops. The reason that this is necessary is that if the VPN suddenly disconnects and you don’t have adequate protection in place to stop your torrents, you’ll end up revealing your real IP address, which may or may not land you in trouble.
Strong Privacy, Slow Speed: I2P (via Vuze)
I2P is an online anonymity network that leverages the wonders of cryptography to provide strong privacy. Indeed, if a VPN provides privacy by policy, then I2P provides privacy by design. It relies less on promises and more on mathematics to provide the utmost level of protection. While it operates much slower than a VPN, it is also much more private and secure, and is completely free.
I2P works by encrypting your connection and routing it through not just one server, but several servers in such a fashion that by the time your traffic reaches its destination it is nearly impossible to determine where it originated from. This is similar to Tor, but with a notable difference being that the Tor network is not designed to handle heavy traffic (i.e. torrenting), whereas I2P proudly encourages it.
For this reason, there are a few options available for torrenting on I2P, with the strongest being through Vuze, a torrent client with an optional I2P plugin called I2PHelper. I2PHelper has a built-in I2P client, meaning that you don’t need to bother with the rather clunky I2P interface.
Installing an I2P-enabled Vuze client is easy. First, head over to Vuze’s website and download and install the Vuze client. Next, open Vuze and head to the Tools menu, navigate to Plugins, and finally the Installation Wizard. Select By List, click Next, and scroll down until you find the I2PHelper plugin. Select it, click next, and complete the rest of the installation.
Next, we need to configure I2PHelper just slightly. Navigate again to the Tools menu, but this time click on Options. On the Mode menu in the left panel, select Advanced as the user proficiency to give yourself more options in the interface. Next, head down to Plugins>I2PHelper, again on the left panel. Here you can adjust your bandwidth. Set it to a reasonable level based on how much of your network connection you are willing to share (I set mine to unlimited).
Finally, go to the Connection menu in the left panel, and scroll down to the Networks option set. This is where you will select whether you want torrents to be downloaded through the regular internet, through I2P, or through Tor. If you want the utmost anonymity, select I2P. Do not select Tor for this, as you will harm the network. Finally, click save and exit the options.
Do know that initially any torrents that you download will be painfully slow, but over time as your computer becomes better known on the network your connection will become faster until it is no longer painfully slow, just slow.
Other than the slower speeds, the main downside to torrenting with I2P is torrent availability. Indeed, you can’t just download any torrent through I2P. Instead, you must find torrents that are already being shared by other I2P users. There are two ways to go about this.
First, you could head over to my I2P introduction tutorial and learn how to navigate to hidden services (websites not available on the regular internet) on I2P, where you will find a torrent tracker called Postman. Any torrent you find on Postman will work reliably with I2P, but the only downside is that the selection isn’t as large as what is available on the clearnet.
If, on the other hand, you want to download torrents you find on regular torrenting websites like The Pirate Bay (yes, .torrents, magnet links to the clearnet won’t work with only I2P enabled), you’ll have to go through a bit of trial and error. This is because Vuze’s I2PHelper allows users to torrent both on I2P and the clearnet in parallel, a feature it calls network mixing. This means that if you download an Ubuntu torrent, for example, it will download and share Ubuntu through the regular internet, but it will also go onto I2P and download and share it there as well.
The implication of this is that if other I2PHelper users have already downloaded a regular torrent on the clearnet and are sharing it on I2P through network mixing as well, then you’ll be able to download it from them exclusively through I2P. Knowing which torrents are available through network mixing, however, involves simply adding them to Vuze and hoping that they find peers, which is by no means a guarantee. Again, using Postman is a much more reliable method, even if selection is more limited.
Network Mixing for the Public Good
If, on the other hand, you’re comfortable with the increased speed and risk of a VPN, but would also like to help those who use I2P exclusively to torrent, then you’re a prime candidate for enabling network mixing. Do note that you won’t gain any real benefit in terms of privacy through this route as your weakest link will still be the VPN, but you’ll be helping build a more secure and private torrent network by making more content accessible to it.
The only necessary change to enable this is to go back into Vuze’s Options menu, navigate to the Connection settings on the left pane, scroll back down to the Networks option set, and select both Public IP Network and I2P Network as your default torrent networks. With these enabled, everything you download through the clearnet will also be available to those who only use I2P. Just don’t forget to enable your VPN before you begin torrenting!