Being the number one choice of more than 150 million users all around the world when it comes to filesharing, it’s safe to say uTorrent is currently the most popular software for P2P. Although it becomes better and more feature-rich with every update, the team of developers behind the project managed to keep uTorrent lightweight and without any major flaws (Vuze – beware!).
Utorrent 3.4 is the latest update released by the development team on February 20th and also one of the most important security updates of the 3rd version of uTorrent. The new software version comes with an enhanced security feature that is supposed to considerably lower the dangers of a DDoS (Distributed Denial of Service) attack while increasing transfer speeds. How is that possible? Adam Kelly, a representative of BitTorrent explains how it works.
When a bittorrent client does not choose the best peers, connections are distributed in a bad way towards clients. The same thing happens when there are malicious elements acting in the swarm. To better understand the term “swarm”, it is defined as the sum of peers and seeds sharing the same torrent. Five peers and three seeds create a swarm of eight. When connections are not distributed well towards clients, many hops (a hop represents each network device the data passes through) appear, creating a bottleneck effect, slowing down the whole network.
The new technology called “Canonical Peer Priority” is expected to free up connections slots for higher priority peers in the swarm, according to Adam Kelly. Lower priority peers will be disconnected from the current swarm, allowing them to get higher priority in another swarm and get connected again on an open slot.
Won’t this formula cause some peers to lose most of their connections? In fact no; as soon as all peers accept to prioritize certain peers’ IP addresses, each peer will feature the same priority in a certain swarm. Better also, any DDoS attacker will only get the effectiveness of the proportion of attackers/legitimate peers. A DDoS attack on a bittorent swarm consists in connecting as many times as possible to the peers in the swarm and then showing that there is no data received, thus holding the connection occupied for as long as possible. This would cause a severe drop in available connection slots and lower the effectiveness of the transfer in the swarm.
Canonical Peer Priority is actually a complex piece of code, but for the sake of understanding we won’t dive into a very technical ocean. As a matter of fact, it is enough to say that this concept allows for removal of data transfer bottlenecks by dropping lower priority peer and allowing higher priority ones to take a place in the swarm. With this global ordering function running, attackers won’t be able to fully disrupt the whole data transfer in the swarm, but only to the level of the number of IP addresses they own compared to the number of peers.
When swarms grow in size (and that’s usually what happens), DDoS attacks become increasingly expensive, and, at some point, too expensive to afford. This happens as connection priority used paired IP addresses, so every IP will rank high for only a few others. If the attacker’s IP ranks lower than the peer, then it is rendered useless for a DDoS attack.
It’s only been a few days since the update by the Bittorent team, so there is yet time to wait and see its level of effectiveness. Factors such as the number of users updating to uTorrent 3.4 and the rate of which the number of new users increase will determine the effect of Canonical Peer Priority over data distributions in-between swarm peers and resistance against DDoS attacks. It is not known at the moment if other bittorent clients will take on peer priority technology and implement it in their own systems, as it is yet the early phase of the main launch. However, it is expected for this to happen, leading to a better managed peer-to-peer system.
Additionally, Bittorent addressed the complains of very slow bug fixes and low number of updates by making a public statement, saying that “these will be a thing of the past”. Should we expect a whole lot more updates with real effect on swarm management, security, and improvements in data transfer speeds? That’s what everybody hopes for.
If you want to combine good speed with good security for your torrenting needs, why not check out our article dedicated to P2P VPNs.