Monday, October 26, 2009

Improve your P2P security

There are a number of reasons why you need to take extra security precautions when using Peer-to-peer (P2P) software. The most obvious is that you are having to trust a whole bunch of people you don't know and can't hold responsible if something goes wrong. Then there are all the P2P parasites, spammers, fake files and poisoners. It's a hacker's dream and a user's nightmare.
Why not P2P?
I'm not trying to sow fear, uncertainty and doubt: but this is a cautionary tale. Especially since many ISPs don't like P2P traffic because it uses up a lot of bandwidth (which we pay for) but they don't want to have to pay for. So they climb on the bandwagon and claim that P2P traffic is mostly illegal, when in fact what they really mean is that P2P traffic is mostly unprofitable. Some ISPs make it a violation of their Terms of Service to do P2P traffic of any kind, others just filter the traffic or interfere with it.
You can download malware or viruses on a P2P network like BitTorrent or eMule. I personally avoid downloading anything that looks like bootleg software, patches or installation CDs. If you can't download it legitimately from or from the manufacturer's web site, it's probably not worth using anyway. Most software I buy or test has a free trail period. The only exception I can think of is SpinRite, which has a no-questions-asked money back guarantee. There is also enough Open Source software out there that you can usually find something close to what you need anyway. So software on P2P is a security and quality risk: it's just not worth it, no matter how tempting it may be.
Many people use P2P networks to find music and movies. Again, you have no idea what kind of quality you are getting, and the bandwidth costs can be a factor. Downloading a compressed bootleg DVD can use up anything upwards of 700MB. Since I'm paying R99 per GB and I can rent most DVDs for R25, it just don't see the point. Also, many movie formats can include scripting and other security nasties, so you are taking your PCs health in your hands.
Music is less risky, and the music industry is finally beginning to understand that the sky won't fall in if they sell MP3 files or just give them away. I don't like stealing from the "artists" (actually its the record companies that are robbing them blind) but if I already own the record or cassette tape them I have no qualms about obtaining a digital copy of those songs, especially if they aren't available as an MP3 download.
Why use P2P?
I do have a problem with audio books. I spend over $50 per month on new audio books, but the book industry just doesn't have a clue about digital media, and they have tied themselves up in arcane contracts as badly as the movie industry. We bought all the Harry Potter books, but the digital downloads are still not for sale in South Africa. I can rent the CDs read by Stephen Fry, but not Jim Dale, and haved one so. But I also admit that I downloaded all the Jim Dale versions "illegally" via P2P networks like LimeWire and eMule. Some of the copies were dreadful, but I eventually managed to listen to the entire audiobook series, whether J K Rowlings' publishers like it or not. I bought the print versions, and I would have bought the audio versions on CD if they hadn't been 5 times the price, and if they had been available for purchase.
Again, there are economics involved. If the size of the book is greater than 1GB then its cheaper to buy a legal copy than download a bootleg one. I always try to find a legal copy anyway, because I'm not a leecher and am happy to pay for my hobby. Audible, Borders Audiobooks, Simply Audiobooks and AudioBooksForFree have all sold me books. The last 3 have sold more because they allow me to download MP3 files more often than not.
There are also legal stupidities involved. Diana Gabaldon's "Outlander" series now has 7 titles. You can buy books 1-4 and 7 in unabridged form, but I couldn't find books 5 and 6 for sale unabridged at all. Not even the CDs. But some kind soul on BitTorrent allowed me to download both. If I could pay for these copies I would prefer to. When the lawyers and the publishers decide not to boycott their customers, maybe I'll be able to.
Protect Yourself!
Aids activists all say you should use a condom. There are electronic equivalents for your computer: turn of uPnP on your router/modem, turn on your PC firewall, and use a good antivirus like NOD32. But that's just the beginning. I use a facility that block a whole load of bad web sites in my hosts file. It's called HostsMan and it cuts down on annoying ads and malware in browsers. But it can't block bad IP addresses.
For that you need PeerBlock, another free program. It monitors your P2P connections and makes sure you don't connect to any know bad IP addresses. You can get it to block HTTP traffic too, but it also stopped my NOD32 updates from downloading. This wasn't intentional, and I could fix it by using a different download server. Just weird.
eMule also has an IP blocking facility, but the standard ipfilter.dat file is only updated once a month or so, and doesn't stop the spam and fake files. You can update it more often using BlockList Manager, but it's a bit tricky to set up. It was originally designed to work with PeerGuardian, but PeerGuardian has been superseded by PeerBlock, which works well. I use both BlockList Manager and PeerBlock, to be sure, to be sure (Irish joke).
Beat ISP Filtering
My greedy ISP "blocks" all P2P traffic, usually during weekdays from 8am to 6pm. I'm not sure exactly how they do it, other than that eMule stops working properly and loses all its connections. So much for the "S" in ISP. The only way to get round this is to use a Virtual Private Network (VPN) service, such as ItsHidden. This sets up a secure tunnel between your PC and their servers, and the traffic between these two points cannot be analysed or decrypted, and looks just like any other VPN connection. It isn't illegal to use a VPN, and companies do it all the time. ItsHidden has a free VPN as well, so you can try it out and see how it works. Once you have used it for a while, you'll probably want to upgrade to their $9.99 per month paid service, which is faster and offers additional security features.
Their servers are in the Netherlands, so your PC appears to be operating from there. It's weird because when you do a Google search your default Google server is and the buttons are in Dutch. You can set your Google preferences to English quickly enough.
Don't confuse a VPN with a Proxy service. Proxies don't work the same way, and your ISP can still interfere with your traffic. A VPN effectively "relocates" your PC to another country. Its weird, but it works. The connection is a little slower than normal, but at least there is a connection.
Update 20 Sept 2011: I found a really reliable VPN service called SwissVPN that has been a great help. It can use the normal VPN software that comes with Windows, or you can use their OpenVPN client. Fortunately my ISP is being more reasonable with my traffic at present.


Anonymous said...

Shut up you are a NOOB. First of all all you need is an antivirus & uptodate (which you could download). What? Do you work for a Software company or Movie/Music industry? What's with the virus/malware paranoia? Most P2P ("moron"), Like TPB (The Pirate Bay) have comments. Hello? Read them. IF YOU ARE SUCH A NOOB THAT DON'T KNOW HOW TO DO "TORRENT" DOWNLOADS! You sound like a paranoid freak (stick to your iPHONE or BB). Stop commenting about things you have no idea about. Utorrent + TPB = All MS, Adobe, Movies/Music (can't get virus/malware with these last one)ect. As for bandwidth or your ISP known "PeerGuardian 2", Mr. Donn Edwards. YOUR BOOKMARK HAS BEEN DELETED.

Donn Edwards said...

Such a fit of pique from someone who can't read, or who is completely ignorant of the ISP situation in South Africa, where I live. I won't try to debate the points raised, since the poster clearly intends not to visit my blog again. Whatever.

I don't work for a software company or the Movie/Music industry. I *write* software for a living, and I have made numerous projects available for download entirely free of charge, including the Mustang/Miami development system, and my SMS program.

I don't claim to be an expert on BitTorrent, but I have used P2P networks for some time, actually beginning before Bram Cohen developed BitTorrent. I do know how to download a Torrent, and I said as much.

If you want to download software from untrusted sources be my guest. I prefer to use Open Source software or commercial software from a source that allows me to try before I buy.

The virus/malware "paranoia" is well documented in older posts, where one so-called "crack" from a P2P network screwed up my laptop with malware and I was forced to spend a week reinstalling everything from scratch.

The only insulting remark my dear friend made was to accuse me of using an iPhone. I wouldn't be seen dead with an iPhone after the way Apple treated me. But then if he had actually read my blog for any length of time he would know this already.

I am glad "my" bookmark is no longer cluttering your Safari browser.

Audio Book Store said...

Check us out the next time you get an audio book craving :)

Quintin T. said...

Using a VPN is the way to go.
usa vpn

chicago colocation said...

It's tricky to setup BlockList Manager on your system but with this application, you can block all spams and fake account going into your website.