Cardiff Uni Blocks Torrents sites
I think this (see the quote below) is a worrying trend: I suppose they’ve not blocked bittorrent traffic itself, but then again, they’d be hard pressed to.
I don’t use it much personally, but BitTorrent itself is not illegal. There’s lots of reasons you might want to use it. It’s alse pretty easy to track.
When I was working at a college in Oxford we used to have a fine passed on to the college each time one of our IP addresses was named in a cease and desist. We passed this fine - along with a hefty administration fee onto the infractor. The infractions didn’t cease, of course, but we didn’t have as many.
The point is that the real answer to this issue is user education, not technical restrictions that throw the baby out with the bathwater.
Dear All,
Following receipt of a number of copyright infringement notices, Information Services is taking steps to protect the University.
The principle source of these copyright infringements is inappropriate use of peer-to-peer file sharing, for example Bit Torrent.
A number of web sites have been identified which primarily provide access to a high proportion of copyrighted, pornographic or offensive material. Access to these sites, listed below, will be prohibited.
This policy is not aimed at restricting legitimate academic investigation. Should access be required please contact insrvAssist.
Sites with prohibited access:
http://www.torrentsearch.com/
http://isohunt.com/
http://torrentscan.com/
http://www.torrentspy.com/
http://torrent-finder.com/
http://thepiratebay.org/
http://www.torrentreactor.to/
http://www.torrentportal.com/
http://www.mininova.org/
http://skflan.nl.tp
http://www.onlytorrents.com/
http://www.mybittorrent.com/
http://www.torrentz.com/
http://www.torrentradar.org/
http://www.demonoid.com/
http://www.smaragdtorrent.org/
http://www.fulldls.com/
http://www.torrents.to/
http://www.torrentvalley.com/
http://www.torrentshub.com/
http://fenopy.com/
http://extratorrent.com/
http://btjunkie.org/
http://www.bittorrent.am/
http://www.astatorrents.com/
http://www.meganova.org/
http://www.bitdig.com/
http://torrentattack.org/Your insrvAssist contact for this message is XXX XXXXX.
Thank you,
Security Team
March 8th, 2007 at 2:35 pm
I notice a few notable omissions from that list. Is access blocked by requested URL or IP address? And how easy is it to get around that with a web based proxy? I suspect it stops casual piracy, but not the determined ones.
March 8th, 2007 at 3:00 pm
I haven’t tried testing to see whether it’s by IP or URL - I suspect the former.
In their defence it looks like they are only targetting ones who are a little… lax in their legality.
The fact that determined pirates will probably circumvent these measures with ease is, I think, another argument about why this is the wrong approach. Oh well.
March 8th, 2007 at 11:51 pm
If the university was anti-piracy, it would be the wrong approach. All they actually care about, I suspect, is covering their legal arses so they can get on with real work.
March 9th, 2007 at 11:56 am
It’d be interesting to know whether their “legal arses” are really covered if their approach is flawed. I suspect access to such servers based on IP would work, but it appears many of the above servers don’t like access based on IP, and only partially work - access via an anonymous web pased proxy, such as www.the-cloak.com should work fine, and appears to work to access one of the sites listed above right down to the torrent file itself.
The use of something like WebSense would probably be better, as this would provide some form of reasonable assurance, although it’d obviously be more expensive. For example, WebSense Enterprise can block P2P protocols on the corporate network - you could perhaps allow BitTorrent and Skype but block FastTrack, WinMX, Gnutella and eDonkey protocols. Bandwidth PG, an add-on for WebSense, blocks access to download sites and servers for P2P applications (it’d be interesting to know how configurable that is too, as some sites and trackers might be acceptable).
In many cases, legal content that people are obtaining via BitTorrent (e.g. ISO images of Linux distros) is already available from www.mirror.ac.uk (having said that, due to a lack of funding, it’s recently been announced that it’ll close from July 31st) that universities have fast access to, and popular content could be kept on a local webcache/transparent proxy owned by the university anyway.
March 9th, 2007 at 1:18 pm
//The use of something like WebSense would probably be better//
Not really. The interesting thing about how cardiff has done this is that they’re obviously trying to make it clear that it’s the content that they have a problem with, not the technology itself - they’ve not banned bitTorrent. I’m not familiar with websense, but I’d imagine that it works by examining traffic, not content.
If that is what’s behind the reasoning, I applaud the sentiment, at least. Not so much the implementation.
//popular content could be kept on a local webcache/transparent proxy owned by the university//
I believe it already is, here, but there’s an upper filesize limit. I know Oxford don’t do any proxying at all (at the university level, anyway - departments and colleges have the option of doing pretty much what the hell they like).
March 9th, 2007 at 4:03 pm
[…] Who submitted the email in this blog entry to TorrentFreak? […]
March 9th, 2007 at 6:02 pm
//I’m not familiar with websense, but I’d imagine that it works by examining traffic, not content//
That’s exactly why I suggested WebSense, as it provides things like URL filtering, which means that sites that only host legal torrents (probably) won’t be blocked. Blocking an entire protocol (a very efficient one too) is far too heavy handed, especially when it’s successfully used for legal things like distributing patches for “World of Warcraft”. I must admit I haven’t looked into WebSense properly, I only have a passing knowledge, but I might ask someone at work next week that knows more about it (or can ask the vendor), and see if I can get a definitive answer about its classification of torrent sites (you may have to add legal torrent sites as exceptions?). Essentially it saves the uni from having to provide a list of banned sites, would be viewed as a reasonable attempt to restrict access to illegal content, would also provide protection against malware hosted on websites from being introduced to your network, and it’s proactive!
I gather WebSense allows you to set policies, and certain products will work with things like Active Directory to allow user level policies to be applied. The Websense Master Database has the industry’s most accurate classification of URLs, protocols, and applications. This is maintained via a variety of proprietary classification software and human inspection techniques. It has more than 20 million websites in 90+ categories, allowing organizations to design specific internet use policies. Websense Security Labs mines and analyzes over 350 million sites per week for malicious mobile code and hacks, as well as managing a honeynet of computers to discover new threats.
//there’s an upper filesize limit//
I can understand why size limits on webcaches are in place, but if anything they’re a bit backwards, as they’ll happily store thousands of small files and pages that aren’t going to be too much of a bandwidth problem unless every user were to access it, but won’t typically cache that 4GB ISO image that a dozen computer scientists will try and download (which probably uses far more bandwidth than the entire sum of small cached downloads), and will sometimes introduce problems where users can’t see the latest versions of pages. Ideally you’d configure a cache to only cache text/html for a couple minutes, and to cache very large files for months. Sure, the cost of additional disk space would be a lot higher, but you wouldn’t have to worry about mirroring/backing it up as you can afford to lose the cached data, and it might work out cheaper in terms of bandwidth (500GB HDD for under £80 ex VAT, would hold over 160 copies of Fedora Core 6, or probably every single current Linux distro [DistroWatch lists about 220, I think]). Of course, bandwidth is less of an issue for universities; large businesses that pay per GB might find it more important.