HBO Attacking BitTorrent

HBO is actively poisoning the BitTorrent downloads of the new show Rome. In addition to an older tactic of offering bogus downloads that never complete, HBO is now obstructing the downloads offered by other people. BitTorrent downloads are peer-to-peer, but the peers are introduced to each other by a tracker (“you’re looking for Rome Season 1 Episode 2, talk to 127.0.0.1”). HBO runs peers that tell the tracker they have all the chunks of the show, but then send garbage data when a downloader requests a chunk. The downloading client can detect that it’s garbage and will try another peer for the chunk, but the end result is that it takes much much longer to download shows. This isn’t HBO’s first move to stop online distribution (see this story of a guy who received a “you’re busted” letter from HBO) but it’s the most active effort I’ve heard about. It’s also very effective–to test this, I randomly selected a healthy torrent for the 2nd episode of Rome, and after hundreds of failed chunks the download stalled at around 30%.

Naturally the downloaders are fighting back. Systems like Peer Guardian let you manage blacklists of bogus peers. It will also autodetect new bogus peers. At the end of this post I’ve included one such list of known-bad peers, found on a discussion of a failing Rome download. There are a lot of IPs involved in this! You’ll see companies like Media Sentry who are agents for the media companies in tracking down and stopping illegal filesharing activity, as well as a large number identified just as HBO.

PeerGuardian is only the start. I think the approach to poison peers will be the same as to spamming mail relays. We’ll see distributed blacklists with a reputation system managing the blacklists. It’s beginning to emerge informally. The fact that bogus fragments are so easily detected (every fragment has a guaranteed-correct checksum provided by the person who originally seeded it) means that there’s no messy Bayesian spam detection algorithms or grayboxes. If you send me a bogus fragment, you’re obviously evil. The problem then becomes determining which reports of poison peers are bogus. Any success HBO has in the download wars will be shortlived, as I expect to see software implementing this kind of distributed automatic blacklisting soon.

HBO-bloack:38.112.0.0-38.119.255.255
HBO-bloack:64.34.160.0-64.34.191.255
HBO-bloack:64.62.170.0-64.62.170.255
HBO-bloack:64.124.0.0-64.125.255.255
HBO-bloack:66.250.46.0-66.250.47.255
HBO-bloack:70.84.0.0-70.87.127.255
HBO-bloack:168.215.129.64-168.215.129.95
HBO-bloack:206.169.170.240-206.169.170.255
HBO-bloack:206.169.225.80-206.169.225.95
HBO-bloack:206.169.230.96-206.169.230.111
HBO-bloack:208.50.192.0-208.51.255.255
HBO-bloack:209.203.99.224-209.203.99.239
bt-bad-seed:82.33.171.99-82.33.171.99
bt-bad-seed:80.171.23.230-80.171.23.230
bt-bad-seed:156.34.155.159-156.34.155.159
bt-bad-seed:207.180.131.30-207.180.131.30
bt-bad-seed:67.81.57.176-67.81.57.176
bt-bad-seed:24.251.101.76-24.251.101.76
bt-bad-seed:217.165.65.183-217.165.65.183
bt-bad-seed:81.66.166.200-81.66.166.200
bt-bad-seed:84.9.80.129-84.9.80.129
bt-bad-seed:82.235.113.152-82.235.113.152
bt-bad-seed:80.171.76.241-80.171.76.241
bt-bad-seed:212.2.170.99-212.2.170.99
bt-bad-seed:64.168.30.40-64.168.30.40
bt-bad-seed:216.168.118.161-216.168.118.161
bt-bad-seed:81.69.89.120-81.69.89.120
bt-bad-seed:24.153.38.215-24.153.38.215
bt-bad-seed:84.9.80.129-84.9.80.129
bt-bad-seed:81.216.47.226-81.216.47.226
bt-bad-seed:221.188.54.71-221.188.54.71
bt-bad-seed:64.217.229.102-64.217.229.102
bt-bad-seed:172.213.246.194-172.213.246.194
bt-bad-seed:217.165.83.225-217.165.83.225
bt-bad-seed:82.235.77.238-82.235.77.238
bt-bad-seed:82.182.96.52-82.182.96.52
bt-bad-seed:216.168.117.133-216.168.117.133
bt-bad-seed:217.132.96.144-217.132.96.144
bt-bad-seed:85.224.52.236-85.224.52.236
bt-bad-seed:172.216.232.91-172.216.232.91
bt-bad-seed:66.68.84.184-66.68.84.184
bt-bad-seed:159.101.25.201-159.101.25.201
bt-bad-seed:67.68.197.49-67.68.197.49
bt-bad-seed:217.132.209.91-217.132.209.91
bt-bad-seed:195.137.71.28-195.137.71.28
bt-bad-seed:65.49.132.215-65.49.132.215
bt-bad-seed:66.131.49.145-66.131.49.145
bt-bad-seed:216.168.124.47-216.168.124.47
bt-bad-seed:169.165.109.61-169.165.109.61
bt-bad-seed:67.118.118.52-67.118.118.52
bt-bad-seed:217.165.84.201-217.165.84.201
bt-bad-seed:24.55.8.247-24.55.8.247
bt-bad-seed:217.165.86.191-217.165.86.191
bt-bad-seed:68.144.114.32-68.144.114.32
bt-bad-seed:67.169.151.53-67.169.151.53
bt-bad-seed:70.51.238.143-70.51.238.143
bt-bad-seed:172.216.167.174-172.216.167.174
bt-bad-seed:69.156.93.197-69.156.93.197
bt-bad-seed:24.43.243.187-24.43.243.187
bt-bad-seed:216.168.118.2-216.168.118.2
bt-bad-seed:70.51.240.138-70.51.240.138
bt-bad-seed:24.68.138.102-24.68.138.102
bt-bad-seed:212.238.211.93-212.238.211.93
bt-bad-seed:217.165.50.129-217.165.50.129
bt-bad-seed:84.9.84.36-84.9.84.36
bt-bad-seed:80.44.157.183-80.44.157.183
bt-bad-seed:84.94.27.122-84.94.27.122
bt-my-detect:24.141.201.130-24.141.201.130
bt-my-detect:70.152.132.252-70.152.132.252
Performance Systems International Inc:38.112.0.0-38.119.255.255
ServerBeach, Peer 1 Network Inc:64.34.160.0-64.34.191.255
Peak Web Hosting:64.62.170.0-64.62.170.255
Abovenet Communications Inc:64.124.0.0-64.125.255.255
MediaSentry+SafeNet:66.250.46.0-66.250.47.255
ThePlanet.com Internet Services:70.84.0.0-70.87.127.255
MediaSentry:168.215.129.64-168.215.129.95
MediaSentry:206.169.170.240-206.169.170.255
MediaSentry:206.169.225.80-206.169.225.95
MediaSentry:206.169.230.96-206.169.230.111
Global Crossing:208.50.192.0-208.51.255.255
MediaSentry:209.203.99.224-209.203.99.239