Request: how-to guide for securely torrenting & general PC security

Hello

I didn’t find any instructions on how/where to post these types of how-to requests on the forum. I was planning to ask on discord but chat is disabled for new members. I’m a noob and I have lots of general questions regarding torrenting and PC security. Below are things I’d like to ask the L1 community regarding those topics.

Questions on torrenting:

  • What is your procedure for downloading torrents? do you use a VM to check the torrent, or put it directly on your PC?
  • How do you circumvent your ISP when torrenting?
  • What steps do you take to avoid downloading malware or viruses?
  • To have anonymity, is it best to use a VPN when torrenting or are there other options?
  • Do you use Tor to get on torrenting websites, or is there a good verity of sites to use without Tor?
  • When searching through torrents to download, what are some red flags to look out for?

Questions on PC security:

  • If I am unable to set up my own VPN, what is the next best VPN service to choose?
  • What is your antivirus, antispyware, and antimalware set up? Do you use a paid subscription for one piece of software, or do you use a group of different free software each for a specific purpose?
  • Do you use any browser plug-in for additional security or to prevent tracking?
  • In the past I’ve used the security planner in the link below. If you’re a security expert, what would you add to the planner that CR missed? (phttps://securityplanner.consumerreports.org/)

Thanks to anyone that replies with some insight or links to helpful info elsewhere on the forum.

2 Likes

Hi! Welcome to the forum!

If you want to post on the Discord, I think you need to go to the Rules or Roles tab, and click on there.
You might have to accept the TOS.

As for torrenting, there are legitimate sources of torrents.
If you start a torrent from a trusted site (like a linux distro site) then compare the hash when complete, then you can rest assured the file is either clean, or everyone getting the file will have the same bug, and all will be affected.

For unofficial torrents, or items that are copywritten in a non-free license (like software and media you don’t have a license for) then I don’t think anyone will help, because it may be a breach of the rules. (link at bottom)

It is not the tech that is the problem, it is the content that the tech enables.

Just like bitcoin / US bills are used for drug deals; it’s not the money itself, but the crime it enables that is the problem.

For general security, you could use an anti virus, and make sure you only source software from secure, trustworthy sources, like a distro’s repo, or from MS’s store, or an app store.

I’m not a mod, I just like this site not being shuttered by the Feds.

7 Likes

By which I mean to suggest, that the illegal content inherently has risk, because someone willing to illegally share the works of others, might be willing to backdoor / combine viruses / bad code.

Legitimate sources (of which there are many) will post hashes, so you can double check hashes.

Does not prevent hash collisions, nor prevent a source being compromised up stream, and the link+hash bing changed on them.

4 Likes

I second @Trooper_ish 's comments.

A good resource for checking suspect files (regardless of where/how you obtained them) is VirusTotal

Upload a file or search for a file’s hash and you can see the scan results for many anti-virus programs. By no means foolproof but informative.

4 Likes

@Trooper_ish, thanks for that comment. I want to clarify that I do not intend on torrenting pirated or copyrighted material. My questions regarding torrents was meant to be for general peer-to-peer file sharing sites.

In general, stick to an up to date version of well known and maintained torrent client. For example qbittorrent, transmission, deluge are all fairly good and easy to use.

Lots of people use rtorrent/rutorrent which is a bit more complex to set up and keep up to date because it has lots of parts and it’s kind of like building your own website, but it was the first thing that “scaled” and allowed folks to run with a web UI while simultaneously seeding thousands of torrents - I don’t know if I’d bother with it again.

Generally ISPs care if/when they get letters for various laywers pointing at your IP or asking them to pull logs and keep records of strikes because this is a hassle. This doesn’t happen for e.g Linux distros and other free content.

With respect to avoiding malware, use trusted sources. There are trusted sources in the form of “private trackers” even for copyrighted material. These are basically websites where you need an invitation for, and they are moderated and there are rules like on this forum.

Use of public VPNs is often banned on these private trackers, but use of seedboxes, or is from multiple places is not. Some people run a torrent client at home, but run OpenVPN tunnels or wireguard tunnels connecting their torrent containers/VMs/hosts to the internet.

A seedbox is a managed server sitting somewhere in a datacenter and storing/seeding/downloading content, that you can interact with and control. Typically you’d have access to it over https for the UI, and through sftp for files, or through a VPN with samba for files. There’s dozens of companies that rent these, there’s people that build seedboxes themselves after renting VMs in various cloud ISPs or after renting physical boxes.

Happy torrenting!

1 Like

On torrenting:
If you download torrents from legitimate sources, you are most likely be fine. Your client will verify the download and if from legitimate source it will probably be malware free. You may however run into problems with your ISP.

For example after getting Tails via BitTorrent, legitimate free software from their official website, I received legal threats and “we will disable your internet” threats from ISP within days. I told them to go suck a lemon, and things escalated from there. I used the money analogy later to explain that they are unreasonable to label someone using BitTorrent a criminal.

On security:

  • I use an antivirus, switched from Kaspersky to BitDefender. People mostly think it’s useless and if you don’t visit shady places you are fine. I think this is false, because your favorite website is an out of date WordPress install on an out of date shared hosting plan.
  • My opinion is that VPN is a fad. There are so many ways to fingerprint you and track you that it is borderline useless. Many VPN providers have shown that they do keep logs, and they do track users when ordered to. Use TOR if you need maximum possible anonymity but know it’s not magic - it has bugs and it can’t save you from user error.
  • Email is not private. There are more private options out there, they also track users when ordered to.
  • My browser of choice is Firefox, and I do add uBlockOrigin and Facebook container to it. It’s not perfect for privacy but some additional settings may make it a bit better (turning off pocket, search suggestions, not using an account etc…)
  • Use a password manager and 2FA when ever possible.
  • Use Singnal.

On privacy:

Something is always tracking you. Always. Your dumb phone is triangulated by your service provider and whatever your national security agency is they can pull those logs in a blink of an eye. Smarter devices and more services means more crap follows you around.

Maintaining you privacy is tedious, very tedious and it’s up to you to decide if you need a cell phone, Facebook account , a smart TV, that mobile game to play while you commute, is it too much to cold boot a live system whenever you browse and so on…

2 Likes

I am not comfortable discussing torrenting here especially in the context you seem to be coming to.

With that said, r/piracy exists and seems reasonably sane.

For all your suspicious file woes, there is VirusTotal. If it is a new hash, i dont recommend you use it.

2 Likes

‘I’m only torrenting legal files.’

Also:

‘How do I circumvent my ISP and stay hidden and not get malware?’

:rofl:

But I get it, I also worry about getting malware and reported by my ISP while I’m torrenting completely legal and legit and safe software. You never know when those linux devs will come after you with copyright claims.

Thread moved to the #community category as the wiki category is for the actual guides/wikis, not requests for ones.

Also, do not provide information on torrenting illegal material. Any such thing will result in thread lock and unlisting as it is against the forum rules.

3 Likes

image


Honestly, this… it’s obvious what you’re trying to do, and there are a number of companies that have pissed me off with their business practices too, but we can’t help you here with it. I’m surprised Dynamic went easy and didn’t lock this tbh. The best I’ll do is direct you to r/piracy and their Megathread.

3 Likes

I personally come from the era of irc x/dcc and public ftp (ratio).

The p2p era for me is a reputable, less publicly known seedbox and if you are paranoid then vpn when you connect to a seedbox, from the first minute before you visit the website to buy.

And it would be good to limit yourself to reputable private trackers. That’s it… some really panic when it comes to p2p.
As for hidden threats… I haven’t heard of ISO linux containing any. As a general rule, use only encrypted connections… sftp, https, ftps.

Some people think of illegal content as soon as they hear p2p / torrent. Torrent is legal and what content the user downloads is on his conscience and legal responsibility.

Torrents and seedboxes are legal and what someone uses these services for is their problem, not mine.

2 Likes

Exactly.
A lot/most of Distros can be had via Torrent, saves on the developers when they do not have to pay some company to provide relatively big files.

1 Like

I agree but I do wonder what is the ratio of legitimate vs illegitimate torrent traffic per day is when it comes to torrents.

In the grand of things, and I am just pulling this number out of my ass, its probably less than 1% usage of legitimate torrents vs the 99% percent of the use. Probably even less than 0.01% of torrent traffic per day is legitimate. With that data point, is it safe to say that practically all of the usage of torrents is piracy :face_with_monocle:

1 Like

Probably the same as Emails.
Judging by the numbers the firewall at work sees daily, maybe 5% of email is not spam/phishing/bullshit.

Well, 2.6GB of today torrent traffic is Fedora 36 KDE. Source: Me

3 Likes

I agree email is bad and we should move on from it. But corporate and government has only just gotten into it. When was the first historic court subpoena sent via email?

Anyway. Torrenting is mostly bad. I dont feel bad about it because people arent going to pay for the stuff anyway. Heck even linux people arent paying for file hosting because of it. Its fine.

1 Like

Does weapons kill people? Do people kill using weapons?

It’s clear that 99% of p2p traffic is illegal stuff, but at the same time you can’t stigmatize technology and people just for that. :wink:

Do you have a weapon? If so, it means you will kill someone for sure?

If 99% of people who have a gun to kill someone, it doesn’t mean that you too will use that gun to kill someone just because most of them do it. :slight_smile:

1 Like

lol 99% of people who have guns dont have it to kill some one.
they have it in-case they need to defend themselves which may include killing some one…
but the intent of ownership for most people isnt to kill.
its to have the ability to kill if its needed.

and no guns dont kill people. people using guns kill people.
you dont blame the hammer when it hits your thumb, you blame the idiot wielding it.

as for torrenting. 90% are actually legal now.
15 years ago the story was different, with the vast majority of torrents were illegal.
but now after a decade or more of dns blocking…
pretty much everyone i know has switched to a subscription service for the media they used to pirate.

theres also the fact that most cracks on torrent sites are trojans.
either adding you to a bot net or reducing your security.
so i would say be careful, as not all torrent sites curate there content.
but hey that wont be an issue if your not pirating other people shit for free. :wink:

1 Like

Don’t a bunch of games use the torrent protocol for distributing their updates on the backend? I think WoW was one of them? I bet that would account for a chunk of overall traffic.

yeah some games distribute patches via torrents.
as do linux distros and opensource applications like gimp.

that being said they also often offer a direct link which is just as fast or faster.
and the fact that if you know how to look you can find pretty much anything you want direct download no torrent needed…

:slight_smile: