Secure IT Foundation

Posts Tagged ‘Peer to Peer P2P

The problem with discussing ‘illegal’ downloading of music, videos or games is that it takes a similar tone to discussing drugs or under age sex in a public forum. Both assume there is complicity or at least some form of condoning of the behaviour. As a result, people cling to misinformation which is at best wrong and at worst can have terminal consequences. We take practical view that if people are going to do dangerous activities then they should be able to make an informed choice and know how to minimise the risks. We are not advocating the world now goes out and only downloads music or videos for free, why would anyone make new content if there is no money in it? However we understand that people do download, so they should be better informed of the risks.

Most people given the choice of paying for an overpriced DVD, CD or game would much prefer to get it for free if possible. Before the Internet this was friends lending records or movies to each other to record on tapes. Small scale illegal activity with limited effect on the content producers revenues. Home made recordings were worse quality so there was a real reason to buy the item in question. Digital media and advances in computer technology has made making a perfect copying possible. Combined with the Internet and suddenly illegal copies can have an impact on the content producers revenues as the numbers are much bigger than ever before.

From our shop in Rotterdam, we see a lot of viruses on people’s computers. The majority of these viruses have been downloaded via a program like Limewire or eMule, using a system called Peer to Peer(P2P). P2P avoids having files stored in a single place, as if all the ‘illegal’ music, video, games or adult material was stored on one computer it would have been shut down a long time ago. As these files are split into thousands of pieces and stored by thousands of people on thousands of computers authorities around the world have struggled to stop this activity. The reason why illegal is in quote marks is that actually downloading content in many countries is not a criminal offence. Some countries rate it as only a civil offence, others have no laws on the matter. This is why P2P networks continue as it is difficult to stop it due to national borders.

To add to the confusion with P2P there are different methods of finding content. Some have a builtin search function other types of P2P need you to visit a website to find a link to a file that just says where the bits of the files can be found, also known as torrent file, from the Bittorrent network. You may have heard about websites like The Pirate Bay which often make the news due to them storing the torrent files. They do not have any illegal content but help people find the illegal content.

So if you are going to take the risk and download files then how should you do it as safely as possible? First thing to do is NOT use Limewire, eMule or similar types of P2P! A large proportion of files on these networks are just fake files, only containing viruses or malware, else they may be the real file  but modified to download a virus in the background. If you have used these programs then do run a full virus scan after un-installing these programs. Secondly never use a work network for P2P software as it can have a major impact on your company’s costs and often leads to dismissal. Thirdly do make sure your computer’s security is at least to level 3, else use a Linux computer to download and view the files. If none of this is possible then use a Linux Live CD to perform the download and save to an external drive.

In the middle of the illegal downloads and bad programs, is a P2P download system that actually has a legal purpose! Bittorrent itself is a very efficient system for distributing files and as such has been adopted by the Linux community to download Linux Operating System CDs and DVDs . Because the files are stored by the users of the Bittorrent it saves the open source community a lot of money compared to hosting all the files themselves. There are several programs that can access the Bittorrent network but we recommend the simplest called utorrent even though it is not open source software.  You will need to make a firewall adjustment to your networks router to make it work efficiently, however do turn off the firewall application rule when not in use as it does potentially compromise your home network security.

Once you have the program then you will need to find some content to download. For this example we are going to find the latest version of Ubuntu, the most popular version of Linux Operating Systems. We go to a website like, now deceased so find yourself a new one! Search for Ubuntu. It lists many versions, but we are looking for 12.04 in particular as it is the latest. We find the copy with the most positive comments, once we are happy it is the right file and a good version, then we click on the file name and download the torrent file.

utorrent opens and gives you the option to choose which files to download. Only check the file you want to download, and let utorrent do its work. Once the file has downloaded it is marked as ‘seeding’. This is the point you suddenly have a complete file and are now beginning to share the whole to file to the Internet. Right click on the file in utorrent and remove and delete the torrent. For known files like Ubuntu there is a check you can do to see if the file has been altered. There is a mathematical process to check the contents called a checksum. You run a  program to check the download and compare the output to a published list of checksums. For example for Ubuntu the checksums are published here and you can learn how to use MD5Sum with the documentation here.

Once again, don’t forget to virus scan anything you download, do make backups of your computer several times a year and do expect the worst as you will find a virus or two if you download ‘illegally’…




  • None
  • Coldwind: Couldn't agree more. I downloaded a piece of software just now, disabled the 'toolbar' 'offer' (which fortunately for me has become a reflex); but co
  • ModemJunki: I only discovered this today - I had updated the firmware to the latest out of habit, and I could STILL access my TrendNet cams on the local network w
  • PrentOS – a Simple Secure Computer « Secure IT Foundation: [...] September 2010 we said it was time for a brand new start to computing, well it is starting to take shape… [...]