Wednesday, November 19, 2008

Limitations and security vulnerabilities

Kevin Jung

Limitations and Security Vulnerabilities:

Lack of Anonymity
BitTorrent does not offer its users anonymity. It is possible to obtain the IP addresses of all current, and possibly previous, participants in a swarm from the tracker. This may expose users with insecure systems to attacks.[5]


Dialup versus Broadband
BitTorrent is best suited to continuously connected broadband environments. Dial-up users find it less efficient due to frequent disconnects and slow download rates.


The Leech Problem
BitTorrent file sharers, compared to users of client/server technology, often have little incentive to become seeders after they finish downloading. The result of this is that torrent swarms gradually die out, meaning a lower possibility of obtaining older torrents. Some BitTorrent websites have attempted to address this by recording each user's download and upload ratio for all or just the user to see, as well as the provision of access to newer torrent files to people with better ratios. Users who have low upload ratios may see slower download speeds until they upload more. This prevents (statistical) leeching, since after a while they become unable to download much faster than 1-10 kB/s on a high-speed connection. Some trackers exempt dial-up users from this policy, because they cannot upload faster than 1-3 kB/s.


The Leech Compensation Problem
To combat this leeching problem, some seeders deliberately withhold one final piece from the seed, thus leaving a large number of potential seeders once they receive the withheld piece of data. With clients each awaiting that one final piece, the seeder ensures that there will be many more seeds once the final piece is released.

It is considered good etiquette to utilize the "Share Ratio" data, and equal (1.000 Ratio) or double (2.000 Ratio) one's leeching. This provides an opportunity for one to compensate for one's own leeching, and support the torrent, and nature of the protocol. While this is usually most easily accomplished with a DSL or ADSL connection, those using Dial-up will not be able to conform easily to this rule of etiquette. Also, it should be noted that many internet providers still have restrictions as to the amount of traffic generated over a certain period of time. As such it is likely for users with such internet connections to minimalise their share ratio.


The Cheater Problem
There are "cheating" clients like BitThief which claim to be able to download without uploading. Such exploitation negatively affects the cooperative nature of the BitTorrent protocol, although it might prove useful for people in countries where uploading pirated material is illegal, but downloading is not.

No comments: