> Is this legal?
Why wouldn't it be? You're not actually hosting a tracker in this case, only looking at incoming connections. And even if you do run a tracker, hard to make the case that the tracker itself is illega. Hosting something like opentrackr is like hosting a search engine, how they respond to legal takedown requests is where the crux is at, and whatever infra sits around the tracker, so police and courts can see/assume the intent. But trackers are pretty stupid coordination server software, would be crazy if they became illegal.
Now I'm wondering: with the wide range of bittorrent clients out there, and the fact that many are written in unsafe languages, could it be possible for some of them to be exploited through a malicious tracker? It would not surprise me if some of these clients misbehave if fed malformed data from a tracker.
I actually ran a very-short-lived private use tracker briefly, for some exploration doing p2p watch partying. But it was a toy, never got serious enough to look deeper at how the tracker worked (was using the rust Aquatic tracker, which kindly added webtorrent support on request! https://github.com/greatest-ape/aquatic )
Does the tracker know what it's tracking? Is there any attempt to make the tracker unaware of what peer rendezvous it's doing?
My gut is that it seems some kind of hash/magnet that folks are asking to peers on. And that the magnet itself is sufficient, and doesn't have to include anything identifying (although I believe many magnet links included some human readable description). The tracker could likely try to download this hash from the peer itself, to get the torrent info, but wouldn't really know what the torrent is or what's in it without doing the download itself.
Does that check out? How much of the magnet link is key to rendezvous? Could a tracker ignore human friendly fields, block them at ingress, to shield it's eyes?
This reminds me of the time I ran an NTP pool server, then withdrew it. The IP address kept getting NTP requests for months. It was no big deal, NTP is a lightweight protocol, but it was a reminder that IP addresses keep reputations for a very long time. Same thing with domain names, I guess.
There is a tracker masterlist here updated daily so you can find another dead ones probably https://github.com/ngosang/trackerslist
In other words, you can DDoS any ip for the cost of registering a domain and publishing a specific DNS record.
This is like when cloudflare picked up the IP address 1.1.1.1. They saw a ton of traffic to it as soon as it went hot, because a bunch of people had scripts pointing at it.
My first thought is, how many BitTorrent clients have vulnerable parsing code? Could a malicious actor register the domain and infect clients?
That's easy. Register the domain in Russia, China, Iran, or similar country. Run the website in Alibaba.
Let them attempt to send legal toilet paper to Russia or China. I'm sure that will end well.
Kind of amazing how many clients kept pinging a tracker that had been offline for years. It shows how some parts of the internet just keep going in the background long after we stop noticing. There's something oddly persistent about that.
Why not forward to another open tracker? Then you host nothing, and any legal letter you receive you can just tell them to talk to the open tracker.
Is there a chance if someone bought suprnova’s domain (if available), which closed in 2004, someone could finish their download if a seed were still active? Does it matter if this was pre-DHT, or does DHT go historical to cover old stuff?
IANAL, but my understanding is that running a content-neutral tracker is legal in the US.
In other jurisdictions it most certainly is not, and the VPS maybe in a different jurisdiction and the .si TLD definitely is.
I wonder how many anti-torrent groups are doing this covertly.
I used to think those old trackers were long dead, but it’s wild to see them still pulling in millions of peers. P2P may have faded from the spotlight, but the infrastructure never really went away.
Why didn’t they use a protocol like Gnutella to serve as a non-centralized tracker? Or did they?
Seems like the perfect opportunity for a FBI honeypot
I wonder if there are any known vulnerabilities in various torrent clients' handling of tracker responses, e.g. buffer overflows. One could potentially amass a pretty large botnet.
Could you point the DNS at a different tracker?
Some history on the original tracker:
https://torrentfreak.com/demonii-torrent-tracker-shuts-down-...
https://torrentfreak.com/mpaa-we-shut-down-ytsyify-and-popco...
Could this be used to exploit peers if they connect to an intentional malicious tracker?
Can you do this to create a database of torrents for a torrent search engine?
Dead Internet theory
Not a lawyer, but I think intent is a big part of legality and I hope that doing something like this for research purposes should be relatively safe.
Bittorrent is such a beautiful technology, solves a real problem easily, and helps many many people. It's a shame it's been stifled so much by lawyers.
As far as I am aware, there are legitimate uses for this technology.
I think some commenters here missed the point.
Of course hosting a tracker is legal, but what about "hijacking" inactive resource?
interesting choice of hosting provider...
> So… the domain is available now.
Not really? OP seems to want to sell it for $10000: https://www.dynadot.com/market/user-listings/demonii.si
Replace that Dynadot link with your referral code! I interface with a lot of domain registrars and they are one of the good ones.
You can pay for seed boxes with Monero
Lawsuits are civil and wont have all the power to find you in all way, compared to a criminal suit or intelligence agency
So the privacy vectors necessary are more limited
why did you shut it down?
Not illegal. But most people without resources to fight off the thinly veiled, strongly worded legal letters would probably fold under this light pressure.
Interesting, but I suppose it’s not surprising to see clients still holding references to old/defunct trackers. Those peers this person discovered once the tracker was resurrected are more than likely to be seed boxes. Maybe a few real clients if they found an old .torrent link and have left it open.
Thanks to DHT (trackerless peering), trackers have become mostly defunct.
You bought a house that had a murder X years ago and are wondering if your guilty for the murder, probably not - aslong as you don't do more murder in it.
I suppose real life is more interesting though, the guy who picked up the domain to stop the global ransomware crisis was picked up after Defcon if memory serves.
Ironically your probably at more risk from the GDPR for leaking those IP addresses that connected to the box via your blog post.
I'm not a lawyer/solicitor though, don't take my advise.
Imo one the tragedies of filesharing is though the legal bullshit from MAFIAA didnt make a dent in big public trackers like TPB serving Marvel movies and other popular shit, it did manage to kill off many of the smaller specialised trackers serving exquisitely collected and curated torrents of stuff you cannot buy anywhere anymore.
wow, brilliant.
I have a theory that BitTorrent is used as a command and control mechanism for botnets.
We've seen various methods of botnet and malware control like rotating domain names that were successfully reverse engineered and used to trigger a kill switch for WannaCry, famously [1].
BitTorrent is known to be resilient, particularly if you use multiple trackers, proxies, etc that are all built into the infrastructure.
[1]: https://www.wired.com/2017/05/accidental-kill-switch-slowed-...
[dead]
[dead]