The Dangers of Torrent and p2p Sites to Home Computer Networks
Torrent or P2P Sites use Technology That can Create Security Breaches in Your Home Computer Network
Most teens today visit media sharing websites that utilize torrent or peer to peer technology. These types of websites, by their very nature, require a user to open channels into their network, that can in turn leave the network highly susceptible to infiltration by hackers. They are dangerous to network and computer security, and many people are completely unaware of what they are, and how frequently they are being utilized by American teens to acquire virtually any type of media they desire.
I knew nothing of their existence, and learned about them the hard way. I hope that by sharing what I've learned, I can prevent others from having all the network problems our family struggled with actively for a year and half, but longer if you add in the time that we were unaware of what was happening to our network.
My Family's Network is Once Again Safe & Secure
My Family's Story Began in 2009 and Endured for Over 2 Years
My family's home computer network was hacked around 2009. I've written a more detailed version of what the outcome of that was, which was that our network was entrapped into a Botnet, and we lost our use of it, which you can read here. Here, I focus on what occured within our home that made our network vulnerable to outside hackers. It opened up a world my husband and I never knew even existed, and led to a frightending 2 year ordeal which changed all of our lives profoundly.
Our story began when our 2 (then) teenaged sons...who were pretty average kids all around, learned from friends what most teens today already know. How to find television and movie media online to view for free. They were fairly advanced about tech-related subjects...definitely much more tech-savvy than their we were. Which at the time was necessary to employ the techniques necessary to take advantage of free media resources. Today, that kind of technical knowledge isn't really needed anymore. I'd be willing to wager that almost any teenager today, if motivated, could quite readily connect to these resources without much less effort that our kid's needed to employ back then.
I'll also tell you about how we as parents got up to speed and learned to protect our computers and home network from hackers after our 2 year ordeal was finally behind us.
The one thing that may have made us a little bit unique was that I have always loved computers...although strictly from a user standpoint. I had worked in the computer industry way back in the '80's when I was working (long before I had kids,) and I continue to love them today. Which is why I write a blog on tech tips now. Because of my strong interests I probably had a higher level of understanding about computers in general then perhaps most stay at home moms did back then. We probably had more computers than the average household, and perhaps a better network too.
In order to better explain the basics of home networks I'm going to go back to the beginning and provide you with a brief history of how our home network evolved.
Chronology of our Home Computer Network
Back in the days of dial-up, as our kids grew and our use of technology grew, we progressed from sharing one desktop to each person having their own computer. Since internet access was required for some of their school work, even back then, we went from one phone line to 2, then we added a third.
When broadband became available in our area, we jumped on the band wagon, and were thrilled with the faster speeds, but kept the phone lines too, so that several people could be online simultaneously. But as our phone line costs increased, and arguing ensued over who got to connect to the faster broadband connection, I researched alternatives, and educated myself on routers and WiFis.
We only knew one family that had implemented a home network, but the husband was happy to teach us how to set one up. I purchased the hardware we needed, and he spent an evening with me teaching me how to install the wireless cards in each Windows computer, find a good central location for our router, and how to link everything together. He taught me how to access the router online, using the default username and password, but back then, no one really worried about changing those default settings, and we didn't setup any kind of security to prevent access to the network.
As networking became more popular, our cable company began to offer networking as a service, but this was a year or two before they did. Everything worked great for a while, but over time, more devices entered our home that utilized radio waves, which is the technology that wireless networks use, and interference issues sometimes cropped up, generally from cordless phones or our microwave oven back then.
We also added an addition on to our house, and moved some things around in the process, so our network was adapted to accommodate those changes. I still was able to handle the logistics of all this, but we ultimately reached a point in time when a problem arose that I couldn't fix. We found a local consultant who helped us install a signal amplifier, which was great for a while.
That technology was rapidly improving, and over a period of several years, we upgraded the 'amplifying' types of devices several times, migrated to newer wireless standards, added access point technology, hard wired more areas in our home, and most importantly learned to change the default router settings and added WEP encryption to access our network.
My 2nd Monitor
Changing the Default Router Settings and Enabling an Encryption key for Network Access
This is a really important aspect that everyone should know how to do, and I'm going to assume that most everyone either does know how, or has that setup by their ISP or whoever setup their wireless network. If anyone has questions about this, and my assumption isn't correct, let me know in the comments section below, and I'll add a section to this lens on how to do that.
Description of the Likely Scenario that Created Vulnerabilities in our Network
Over time our boy's knowledge of, and usage of technology far surpassed our own. We also seemed to have less time than when they were younger, and our computer usage was primarily aimed at getting things done, whereas their usage had a much broader scope. Not only did they rely on it for school work, applications and administrative things, but it became the hub for most of their social interaction, as well as their primary source for media of any kind.
As everyone's usage grew, we began to have more and more problems with network speeds, and network outages. As our boy's knowledge grew, and ours sort of stagnated, they began helping us out with technical problems with both our computers and our network. In an earnest effort to improve the overall network throughput and address our escalating problems, one of the boys upgraded our standard Linksys Router's software to dd-wrt, which was actually a really smart move, because the software is pretty amazing. It really gave our old router a facelift, but since we didn't involve ourselves in the process we didn't realize that the security that had been in place was affected, and we didn't think to check on this aspect for a long time.
It was only when we began to have some really significant problems that it dawned on us that the encryption we had originally setup on the Linksys router was no longer in place. It was around this time that we also really delved into the dd-wrt application and found out both how amazing it was (more surprising because its open source software) and the powerful reporting capabilities it offered, which were better than my husband's commercial setup for his business. The reports depicted some extremely unusual patterns of high usage, some of them occurring when no one was here, which was really hard to understand. But they also showed us patterns for problems that we'd been experiencing, and which we ultimately learned was that our network had been commandeered by a Botnet. That meant that it was no longer under our control...but was being controlled by someone known as a bot master. In my article about how our network was hacked by a Botnet, I talked about the specific Botnet I believe we were part of.
Introduction to Torrent Programs
The Network Reports Pointed Towards Torrent Program Usage
The information from the reports, along with several network consultants who worked with us during different points in our ordeal, led us to learning about the type of technology that's used so routinely by teenagers today, and was a complete mystery to us, and our friends. As we learned more about how the technology works, we began to understand how the course of events made it fairly easy for a hacker to get into our network, maybe more than one for all we know...they are difficult to track and identify, unless you catch some of the activity as it's happening.
Dangers of Torrent, BitTorrent, P2P and File Sharing Sites
In order to appreciate the danger, you need to understand the technology behind torrent programs,. Torrenting is a way that kids, or anyone for that matter, can have access to free media through the Internet. This is a very attractive way for kids to be able to get music, watch TV shows, watch movies, and download video games, for free. The way torrenting works is through what's called what's often referred to as peer-to-peer (p2p) file sharing. When a person wants to access media without having to pay for it, they can do a Google search, for example they may use the title of a movie, and included in the search results will be sites that say they can watch this movie for free. So they click on the site, perhaps they even check out a couple of the sites, and in the end decide that one of the sites looks most appealing to them, and that's the site that they decide to register with, and join as a member. It's easy to join and become a member of the torrenting site, and the site may or may not disclose the terms of agreement. More than likely they will ask you to check some sort of box that says that you agreed to all of the terms of the website.
This is where the problems can begin, especially with the older file sharing sites which were less technologically advanced than today.. Very few adults actually read those pages and pages of terms and conditions, and even fewer teens do. I actually do try to, (after having teenagers), but even if you do read everything, and understand everything...which is a huge "if" right there, there isn't really any alternative to agreeing to the terms if you want the product or service in question, and after putting all that time into it, who wants to start from scratch? So I suspect even the most savvy of users doesn't usually bother to read through all the terms and conditions. Generally they just check the box to agree to them and move on to begin downloading the media! So, what you are agreeing to in this instance, is sharing media with other members of the site.
The whole concept of torrenting, (or bit torrenting or peer 2 peer programs) involves a large group of users, who each have downloaded lots of media to their hard drives. When a user initiates a new download, instead of receiving the entire file from one server, they are actually downloading many different pieces or 'bits' of a particular file, from many other members hard drives. One thing that is important for me to mention it that this process is less automatic now than it was several years ago. Users usually have to make some modifications to their network ports, and essentially open it to allow for the other users of the site to access your hard drive, or potentially all of the hard drives on your network. But teens often know enough about their networks to accomplish this and don't think to mention it to their parents for one or more reasons, but at a minimum because they don't recognize the danger of their actions.
The torrenting site provides the software and the user network for all of their users to share these 'bits' of their files with each other. The end result is that the user now has a complete version of the (usually pirated) movie (in this case) on their own computer. As a member of that bit torrents community, the user's computer, in turn, provides many bits of media on their hard drive, to other users who are doing the same thing. It's actually pretty nifty, and there are a lot of polished, seemingly safe and secure sites out there offering this technology. And the technology in and of itself, is not a threat. What creates the threats, as I understand it, and I'm sure I don't understand the entire concept all that well, are the modifications to your network that necessarily need to be made, to allow many, many, other users into your network, so that they can access your hard drive. I'm sure there are different scenarios for how this actually happens, with varying degrees of knowledge on the user's part, regarding the types of permissions they are granting to the torrent site. And I suspect that there are varying degrees of compulsory sharing between the various sites offering these services. Some may limit the actual time your computer spends sharing bits with others to the time-frame required for you to accomplish your download. But others I suspect, based on the network traffic reports I discovered on our own network, keep your computer available for sharing 24/7.
A Summary of the Greatest Threats
The main threats are:
1. Pirated media is illegal and subject to huge fines. Authorities are actively pursuing stopping users, and imposing financial and even criminal penalties on "innocent" users, many of whom are teenagers just following their friends advice. Even more alarming is the fact that all of these activities are traceable and provable, and the existence of illegal copyrighted media, if found on a device, or to have been routed through a router, are punishable to the owner of the hardware whether or not they had any knowledge of the actions.
2. Allowing websites or many users to access files on your computer is risky business...and can lead to a multitude of problems including viruses and identity theft.
3. If the computer that is torrenting is on a network of any kind, any device on the network is also susceptible to the same attacks.
These threats are real and frequent. Computers that have been well maintained, with the proper security measures, and networks that have been secured with good firewalls won't be protected in the event that someone on the network opens up a portal to the outside world.
The Prevalence of Bit-Torrents
If any doubts the prevalent use of torrenting technology here's an excerpt from Wikipedia regarding the popularity of torrenting back in 2012:
"BitTorrent has 150 million active users according to BitTorrent, Inc. Based on this the total number of monthly BitTorrent users can be estimated at more than a quarter billion. At any given moment BitTorrent has, on average, more active users than YouTube and Facebook combined. (This refers to the number of active users at any instant and not to the total number of unique users. BitTorrent is widely used to transfer Files. More than 200,000 people have been sued since 2010 for transferring copyrighted materials on the BitTorrent network."
We, as most parents that I've talked to since, had no idea what torrenting was, but then we began having huge problems with our home network. Upon researching and logging the issues it became evident that our network had been hijacked, leaving very little of its resources for our own computing needs. It took 100's of hours of time to research and diagnose the problems, get up to speed with the technologies, and isolate what specifically was attacking our network, and our computers. After several failed attempts to correct the situation, which involved reinstalling operating systems, upgrading os'es and even replacing computers with newer technology, we finally figured out that our problems were primarily virus based and hidden so well that they were virtually impossible to detect or remove, without wiping everything single device on the network simultaneously, and starting from scratch with every machine as a 'blank slate'. This ultimately, was the approach that finally solved our network issues.
A Few More Tips
Here are a few more things we learned through experience:
- Even non-tech-savvy kids today have the resources and where-with-all to figure out how to get past any security measures you may have implemented on you computers or your home network.
- The torrenting sites are so widely used and 'polished' (for lack of a better word) that even adults who are relatively tech-savvy, can innocently become involved with them. This is especially because there is a very large "gray area" when it comes to media that is free.
- Because torrenting sites and software are not illegal per se, and there are legitimate sites that use the technology to share free public domain types of media, there aren't easy answers for parents to address this subject with their kids. But here are a few suggestions:
- Talk about torrenting or peer-to-peer (p2p) sites with your family and make sure that everyone knows about them, the risks involved, and to approach free media of any kind cautiously.
- If you think you might have torrenting software on a computer you can search for files that end with .torr or .torrent.
- Even after you have this conversation with your kids, don't assume that they entirely understand both the technology and the dangers the way you do. We were pretty shocked to find after having the kids on board with wanting to fix things, that they still had files on their computers and were using sites that were dangerous, primarily because it was so ingrained in their generations' media habits that sites they thought were safe and legal, really weren't.
- If you have kids going away to college, it's important to revisit the topic periodically when they come home, since torrenting is so completely ingrained in their generation's culture. It's very likely that pretty much any device they come home with will have torrent apps running on them continuously in the background that they forget about stopping when they are home visiting. It's not easy to enforce a 'no torrent' mandate, but in my experience, it's not only advised, but necessary, since internet threats continue to flourish.
How File Sharing Technology Began & Evolved
A Little Bit of History
Napster was the first widely popular website to use the peer-to-peer model of file sharing on a wide scale. Some of you may remember Napster...I do, although I never actually tried it, I was curious. In it's heyday, it was especially popular with teenagers who downloaded music files to store and play on their MP3 players. It predated Apple's iTunes Store, which, when it was released, probably played a large role in Napster's demise.
What played a greater role however, was the whole drm controversy. When artist's began seeing some of their work showing up online before they had even actually published it, it sent chills up their collective spine...and rightly so, I should add.
The other early file sharing sites like Kazaa and Limewire, met with similar fates eventually (although I still find colleges are warning students of the dangers of their use so maybe they still operate in some form today). But while those were file sharing sites, they weren't actually torrent sites, which was a newer technology that was created in part to sort of skirt the issues that created all of the legal problems for Napster. The early file sharing sites used a central server that coordinated the sharing process. Torrent technology works a little differently. The torrent host site still administers some the the transactional stuff, but the actual file sharing activities occur on a true peer to peer basis. This distinction means, that not only is it more difficult to gather evidence of wrongdoing, since all the little 'bits' of data are pretty impossible to track, (that was actually true of the earlier technology too, but even more true with the newer model), but the hosting site (I made up that name for it, there's probably a better definition for the actual site that brings all the users together), doesn't carry any (or at the very least only a negligible amount) of legal responsibility, so they are less likely to be sued.
Torrent Freak's 2017 List | Most Popular Torrent Sites
Torrent Freak is a website dedicated to covering news surrounding all aspects of torrenting and file sharing. The website has lots of articles about the best technologies for people to use today to safely download pirated media.
I ran across their website today while trying to update many of the links and information in this article, which I originally wrote in 2012. (Because it's such a long article it's taken me a few days to get everything up-to-date.) I was more than a little disturbed to discover such detailed and reliable information within just a few moments of search time. It's helped me to recognize that the torrenting community continues to thrive today, which of course goes to the heart of why file sharing technology works and why it's difficult for lawmakers to prevail.
A list of the Top Torrent Sites At the Time Our Network Was Hacked
ABC (Another Bittorrent Client)
There are two things that I thought of after finishing this and that I wanted to make sure were very clear and not lost in all of the information given in the sections above:
1. How do you know if you have torrent files on your computer. Most torrent files have one of 2 file extensions, .torr and .torrent. If you search your hard drive using the wildcard * in your search like this:
and you find files with these extensions, then your machine has been downloading torrent media.
2. Unlike in the earlier days of the internet, it's not likely that a child could inadvertently download torrent files without knowing what they are doing. With today's technology, you need to have a fairly good understanding of the steps involved in setting up your computer and network to participate on torrent sites...in fact you need to open a port or two on your router to be listening for this type of information. Thus the security breach...but at least it's reassuring to know that you can't do it accidentally very easily anymore. The only reason I say this is because I recall in the early days actually visiting sites when I was looking for obscure media, and seriously considering using one of them to download something. What scared my away were the disclaimers and legal stuff I needed to agree to beforehand. At the time I knew nothing about file sharing sites, but in retrospect, this was probably one of them, and I could have easily gone the other way and downloaded something not realizing the ramifications!!!!
3. Another good way I remembered to check if teens are visiting torrenting sites is by looking at the browsing history on their computers. You can also do this on mobile devices, but that's a little trickier since they usually have the devices themselves locked with passcodes, and you need to be knowledgeable about each type of device's browsing technology and how to use the app to check it's history.
One thing my friends have asked me is...
How can you know if a website uses torrent or peer to peer technology? There isn't an easy answer for this if your attempting to download free media. But if you take the time to examine the file types you'd be downloading, and avoiding any with the following extensions, you'd be eliminating some really obvious threats:
The title of the article is: How to Tell If a Movie Torrent File Is Fake
A lot of information is written for people who are using torrenting sites, to help them avoid dangerous sites. - About.com's Internet for Beginners site has a great guide for this.
- This is the link to the article 'How to Tell If a Movie Torrent File Is Fake'
Although this article is intended for people to 'safely' torrent (an oxymoron at best), it's still good information for anyone to avoid obvious threats.
Great Information About Torrenting Dangers I 2017
- The Dangers of Using Torrents
Trevor Murimba, a Certified Ethical Hacker has written some good advice for everyone on the dangers of using torrenting sites in current times...specifically in 2016. Sadly, torrents are still here and still dangerous!
What's Available for Online Resources
There's a plethora of information providing advice on how to utilize torrent technology but...
What alarmed and saddened me in conducting research for this lens, was how readily available very clear and concise instructions were for virtually every aspect of how to begin downloading using torrent technology. There are articles which guide users, step-by-step through the setup process for their computer and network, articles on sites to use, detailed information on the nomenclature and inner workings of the process, warnings about the illegalities, and advice on how to avoid getting viruses, getting scammed or 'caught'. There are sites designed to allow users to find out how much of their download activity has been tracked publicly. And historical essays on how the technology developed and changed over time.
What is clearly lacking is advice for parents informing them of the wide spread use of these practices, and educating them about how to protect their networks, their home computers, and their kids. I did find a few sites that discussed some of these things, but they were few and far between, and not easy to spot amidst all of the 'how to' guides.
A few of the sites I found that provide educational and helpful resources parents and users
- FBI Publications - A Parent's Guide to Internet Safety
About the Federal Bureau of Investigation
- Parental Control Software Torrent Freeware Downloads: Verity Parental Control Software, Win Parental
Freeware parental control software torrent downloads. Verity Child Monitoring and Parental Control Software. Win Parental Control Software is an comprehensive Web Filtering Software with Parental Controls.
- Parental Control for Windows - Free downloads and reviews - CNET Download.com
The Best Free Parental Control app downloads for Windows: Anti-Porn HomeGuard (32-bit) Spyrix Free Keylogger Porn-Blocker LightLogger Keylogger Golden
- If you steal films and music, copyright companies 'will have your IP address within three hours' | D
There is a little bit of helpful information for parent's in this September 2012 article entitled: File-sharers' details logged with copyright companies 'within three hours' Read more: http://www.dailymail.co.uk/sciencetech/article-2201611/If-steal-
- Talking Torrents: Frequently Asked Questions About Bittorrent Litigation | Philly Law Blog
One afternoon you check your mailbox and notice that your internet service provider has overnighted you a letter. You open the letter and find it says you've been named in a lawsuit for downloading porn, movies, or music on the internet. Your interne
Homeland Security's Cyber Safety Website is Huge!
- They've Dedicated October to Learning About Cyber Security Too!
Being online exposes us to cyber criminals and others who commit identity theft, fraud, and harassment. Every time we connect to the Internet—at home, at school, at work, or on our mobile devices—we make decisions that affect our cybersecurity.
Books on Networking and Online Safety at Amazon - It's not Easy Finding Good Resources for Learning About Computer Networks
During the year and a half time period in which I spent most of my waking hours attempting to learn about and diagnose what was happening to our network, I really struggled to find good information that was targeted for users, not technicians. The Networking for Dummies book below was one of them I downloaded to the Kindle app on my iPad, and it was actually really useful. The other two books I haven't read, because I didn't run across them at the time. But they both look interesting to me, and I'm thinking about getting them.
Many of the Networking Books Are Expensive, So I'm Adding This One Because It's Excellent & Inexpensive
I hesitated in adding this one because it's really for someone who's well versed in computers, but then decided to anyway because for the price it looks like it's a really resourceful guide, and people seem to love it!
I got an earlier version of the book while we were having all of our problems and it was one of 2 I relied on a lot.
While it's not inexpensive, it does a great job of explaining networking concepts in simple laymen's terms that even those who considered themselves to be 'tech challenged' can follow.
I just ordered this book at Amazon because I write primarily about mobile technology and safety on my personal blog too.
This is the editor's synopsis: “This is a must-have work for anybody in information security, digital forensics, or involved with incident handling. As we move away from traditional disk-based analysis into the interconnectivity of the cloud, Sherri and Jonathan have created a framework and roadmap that will act as a seminal work in this developing field.”
– Dr. Craig S. Wright (GSE), Asia Pacific Director at Global Institute for Cyber Security + Research.
This books was published in 2006, so some of the information is dated, but it's still available today and it helped me a lot when I was trying to figure things out.
5.0 out of 5 stars Still amazingly accurate in 2012, January 29, 2012
ByÂ Jim Johnson "Truth Seeker" (Western US)
There's really nothing to say about the quality that hasn't been said already in other reviews. This is an excellent, well-written, informative, and entertaining read! I am amazed at how accurate this book still is, despite being several years old. There are a few things that have changed since this book was released such as the Nessus vulnerability scanner licenses, and the availability of some tools. Also the section on wireless attacks could use a little updating to include newer strategies and tools, and there is no mention (that I can recall anyway) of either Cross Site Scripting (XSS) or Search Engine Optimization (SEO) Poisoning, as those are relatively new. Overall though this is an excellent place to start and a fascinating read. Highly recommended for everyone, not just aspiring security professionals. This book will open your eyes and drastically improve your personal security practices while entertaining you at the same time. Highly recommended!
The Quintessential Guide To Introduce the World of Hacking to The Uninitiated
This is a newer version of one of my all time favorite books. I learned a lot reading it and current reviewers say things like 'This book is perfect.' I don't think I've ever seen as many near perfect recommendations as I have for this book.
Additional Links to Amazon Books on Internet Safety
After feeling frustrated trying to find useful links for parents on these topics, I decided to search the Amazon book store again. Below are a few books that include sections on this topic. One is specifically geared towards the elderly population and it garners wonderful reviews. Seniors and Cyber Safety are truly a missed opportunity in that there isn't very much information out there yet a huge need for it!
I can personally attest to this fact after spending the better part of 2 months dealing with my 90 year old Dad's computer that was so virus filled we ultimately had to trash it and get him a new one. The best part of that whole ordeal was that it forced the issue of upgrading from Windows XP upon him. He's now the proud and (finally) happy owner of an HP Desktop running Windows 7.
This book for Seniors gets rave reviews!
Several reviewers mentioned that this book is so great it isn't necessarily only for Seniors! It's also free for Kindle Unlimited members and I've read and shared it with my 91 year old Dad who writes his own blog.
This Book is Older But Still Good and Only $.99 in Kindle Version
I have an entire shelf in our home library dedicated to cyber safety following our Botnet invasion. This is one I like.
I gave my boys an earlier version of this when we finally figured out that it was their activities which indirectly led to our Botnet infiltration.