Supposedly anonymous Tribler activity being shown on IP address spying websites (9/19/19)

I downloaded this program in the hopes that I could hide my torrent activity because I’ve received notices from my IP in the past, and started using it, being pulled in by the advertising of anonymity, but when I checked iknowwhatyoudownload.com just now, I was shocked to find not only the torrent I had downloaded comes up, but 13 other torrents I know nothing about, which leads me to believe these are torrents that are being ping ponged to me in your ‘onion’ setup.

I have my anonymity setting in settings to 1 hop, and am wondering why there seems to be no anonymity.

I am hoping someone can let me know what is going on here, as I am ready to simply uninstall this program and pray my IP doesn’t come knocking (the torrent I downloaded was from a TV show that I had previously received an IP notice over).

This is really bad.

2 Likes

Interestingly, I have tried your url link and it gives me a list of files that have never been downloaded, from a PC that does not use torrents, it is to work in the workplace. But I’m using tor browser ahahahah. Made the test with internet explorer and rightly does not give me any list of downloaded files.

I guess the problem still for me then is, even though that site may be listing things inccorectly/adding things incorrectly, they were able to see the torrent I did download through Tribler, same content, same exact size.

So, basically, what I leeched and downloaded using Tribler, it wasn’t anonymous.

Do you have Tribler installed also? I ask because I noticed that erroneous torrents were still showing up the next day even though I didn’t have Tribler open/running. It contiued to show 3 more torrents on the 20th, 1 day after of no use of Tribler, and then 1 already shown torrent had been active 2 days after, the 21st.

I then deleted Tribler on the 21st, and no more torrents have showed up/been accessed again in the past 2 days since - appears no more.

@BlackBart @jack75 Tribler developer here. The downloading and seeding in Tribler is anonymous if you have specified to use one or more hops. The leakage of the IP is related to the torrent metadata request. Metadata includes the information like seeders, leechers, included files etc. When you click on a torrent to download, Tribler sends a metadata request to Bittorrent DHT and the other trackers listed in the torrent. When metadata is received then the files are listed in a dialog box for you to select and start downloading. This request sent to DHT is not anonymous (encrypted through tunnels) which is why other peers or even iknowwhatyoudownload.com (which is likely observing the DHT requests) finds out about association of the infohash and IP address. An important point to note is that just by sending/receiving metadata request does not mean that you are actually downloading the torrent. You may or maynot choose to download the torrent after viewing the metadata.

In case you choose to download and check the checkbox indicating download anonymous with proxies, your actual download happens anonymously.

The mulitple torrents association to your IP is likely because of the periodic health check of the torrents in the database. Tribler is a peer-to-peer system so you get information about new torrents or channels from your connected peers and similarly, you share information about torrents and channels to other connected peers. This is how information dissemination and search works. For example, if you perform a health check for a torrent then the health information of that torrent is gossipped to other peers and vice versa. There is no central tracker or peer coordinating the information sharing. The network works by peers helping each other via gossiping in the network.
I hope this answers your question. Feel free to ask if you have more questions.

FYI, here is a ticket on Github for complete anonymity including the metadata request.

I still haven’t received an answer.
What is the reason for the Tribler to make a request to DHT network for random torrents and all from the “Recommended” list.



The client in the background transmits and receives data that the user does not need, even when mining is disabled, without being an exit node.

Dht is required and is a must to bootsrap the ipv8. But i think you are asking why dht is being used to query metadata (the torrent files).

It is because, meta is distributed through gossip. This way it can work without a master server and query the network.

So the need is for the system not the user, i think it will make more sense if all torrent sites would be brought down by court order?

Please, see DHT-based download scanners vs Torrent Checker for clarification.