Note: This guide assumes you never used BitTorrent before, and that you want to start learning about it with a safety focus from the outset, but it does assume you understand basic computer and Web lingo like “website address” and “downloading.” If you’re new to BitTorrent and don’t care about staying private, then LifeHacker’s “A beginner’s guide to BitTorrent” or “The Torrent Guide for Everyone” at MakeUseOf.com may be more your speed. Also, if you do have some experience with BitTorrent, all the better. Things will make more sense to you more quickly. :)
If you’re going to read this how-to guide, I’m not going to assume you need to be convinced that downloading movies and other digital media like music, eBooks, games, and so on is something worth doing. There are, of course, many reasons why you might want to get media at no cost. These reasons range from the personal (Netflix doesn’t have the show you’re really into right now) to the political (fuck Netflix and also fuck capitalism) and everything in between (you don’t have “discretionary income” because, y’know, capitalism, but whatevs).
This guide isn’t trying to tell you what you should do—that’s your government’s job. All I want this guide to do is help you access the material you want, whatever that material is, regardless of why you want it, safely and anonymously. And since the most widely used and arguably most effective digital media distribution technology is BitTorrent, that’s what we’ll focus on today.
If you’ve heard anything about “downloading free movies on the Internet,” you probably heard of BitTorrent or its more colloquial synonym, “torrents.” You have also probably heard of companies threatening BitTorrent users with Internet service bans, financial penalties, and even lawsuits for “stealing intellectual property.” Through expensive and coordinated campaigns, companies like Disney and others represented by special interest groups like the RIAA and MPAA try to convince people that BitTorrent is hard, immoral, and unsafe to use. But these corporate-backed efforts are little more than self-serving moral crusades, effectively a big societal guilt trip, and a false one at that.
By the time you finish reading this guide, you’ll see how and why BitTorrent is easy, ethical, and safe to use. To do that, let’s start at the beginning. (If you’re one of those “just give me a fish, I don’t want to learn how to fish,” people, skip to Step 1, below. But I warn you, you’ll have a much better understanding of what I’m talking about, and that means you’ll be able to keep yourself a lot safer, if you read thoroughly than if you skip ahead. You can always skip ahead the next time, after you absorb the background information first.)
What is BitTorrent, really?
BitTorrent is a way to copy files between computers. That’s it. Really. “But if it’s just a way to copy files around,” you’re probably wondering, “what makes BitTorrent so special?”
What makes BitTorrent special: pieces, not files
What makes BitTorrent special is the way it goes about copying (or “sharing”) files. Ordinarily, to start downloading a copy of a file from someone else, they have to have the entire file. Not so with BitTorrent. Using BitTorrent, you can download (that is, receive, or copy)1 incomplete parts of a file from someone else who also only has some but not all parts of the desired file, themselves. Moreover, BitTorrent itself doesn’t care what the file is. The file might be a “pirated” movie, but it might also be literally anything else. BitTorrent isn’t just for piracy. BitTorrent can be, and often is, used to share anything that can be digitized, no holds barred, since all BitTorrent cares about are what it calls pieces.
You can think of BitTorrent “pieces” like pieces in a jigsaw puzzle. When you download a file with BitTorrent, what you’re actually downloading is copies of all the individual puzzle pieces that, taken together, make up the completed jigsaw puzzle. When you have all the pieces, BitTorrent automatically puts the pieces in the right places so they make up the desired file or files. This completed puzzle is what BitTorrent calls a “seed.”2
When you first go to download stuff with BitTorrent, you’ll be presented with something called a “torrent.” You can think of torrents, which are sometimes a kind of file themselves (a “
.torrent file”), like empty jigsaw puzzle boxes.3 Torrent files describe their contents, but they are not the actual content. So the torrent isn’t a true puzzle piece, per se. Rather, a torrent is the additional information we need to look for the rest of the pieces. Much as a picture on a jigsaw puzzle box shows you what the complete puzzle with all the pieces in the right spots is supposed to look like, but it isn’t a puzzle piece itself, so too does the torrent itself describe the completed torrent contents.
Okay, but where do torrents come from?
Torrents are made by other people, just like you. Sharing something of your own with others using BitTorrent is actually pretty easy. Beyond that, especially if you want to share something big but don’t have a lot of resources like bandwidth or disk space, using BitTorrent to share it can help you out big time.
Making a torrent is a simple matter of using a program to make a new
.torrent file (our proverbial “jigsaw puzzle box”) out of files you already have on your computer. Usually, this is as simple as choosing “New Torrent…” from the “File” menu in a BitTorrent app, such as in this screenshot of uTorrent 1.8.4 for Mac OS X, below:
There are a lot of BitTorrent client apps you can choose to use. Naturally, Wikipedia has a huge comparison chart of them, and plenty of blogs have their “best of” picks. “uTorrent” is just the name of a popular one, and I like it well enough. For our purposes, the only really important thing is that whatever client you pick needs to have support for network proxies, which we’ll talk about next. If you’re not sure what to use, I recommend Deluge because it’s free, fast, works everywhere, and yes, supports proxies.
Sharing something of your own makes you the first seed for this torrent, since you obviously have all the pieces of the files you’re sharing. For other interested users to make their own complete copies of a file, there needs to be at least one person who’s got all the puzzle pieces. That is, there needs to be at least one “seeder.” But don’t worry, because once someone else finishes downloading all the pieces of your torrent from you, they become another seeder, since now they, too, have all the puzzle pieces. The group of folks sharing a torrent is what BitTorrent calls a “swarm.”
Any torrent you might download was first uploaded to the Internet by someone else in this way. Many people also take the next step of listing their torrents in one or more of the many public, searchable directories that index, archive, and categorize torrents, called “torrent sites.” The most famous of these community-driven websites was ThePirateBay.com (may it rest in peace), but today there are dozens of popular ones, like Kickass Torrents, ExtraTorrent, and AhaShare, to name a few.
So you see, there’s nothing nefarious, underhanded, or dangerous about sharing files over BitTorrent, or “torrenting.” The danger comes solely from malicious, overbearing, and greedy people who abuse others to try to control what is being shared, and who is allowed to share it. BitTorrent itself is just a tool, much like the rest of the Internet. Equating BitTorrent with wrongdoing is like telling people they’re doing something wrong when they browse the Web and read blogs. It’s just silly. Still, much like browsing the Internet, torrenting can be dangerous because of the malicious people, corporations, or tentacle monsters who are willing and able to abuse you for reading, saying, or sharing something they don’t want you to.
That’s where protecting yourself with public proxies comes in.
Public proxies as shields for our identity
To keep yourself safe from predators like corporations with itchy lawsuit fingers, you have to know a thing or two about network proxy servers.
Everything you need to know about proxies, and nothing you don’t
A network proxy is simply a computer that’s willing to forward a message from you to another computer on your behalf, just like a classmate who’s willing to pass your note along to a fellow classmate during class.
The nature of proxies makes them easy to abuse (much like a classmate’s trust), so many proxies are not available for public use. These are called “private proxies,” and they generally require that you have a username and a password before you can use them. But many other proxies are available for public use, offered freely to netizens like you by folks who understand the importance of a free and open Internet. Many of these proxies are listed in directories like XRoxy.com, ProxyNova.com, UltraProxies.com, PublicProxyServers.com, and so on. These are called “public proxies,” to no one’s surprise.
By the same token, an anonymous proxy is a computer that’s willing to forward a message from you to another computer, and won’t tell that other computer who the message came from. For obvious reasons, anonymous network proxies are almost always also public proxies. Anonymous proxies are designed to shield our identities. The ones that take privacy seriously are like our best friends; they’re willing to pass notes for us in class and won’t snitch on us if they get in trouble.
Confusingly, there are about as many ways to describe (or “classify”) anonymous proxies as there are websites listing them. Each of the proxy directories I just mentioned displays their list somewhat differently, but they all classify proxies along the same basic criteria because, technically, they’re all doing the same thing. For our purposes, the important things to know about a proxy are:5
- Its IP address and port number. This is the proxy’s internet address. It serves the same purpose as the Web addresses (URLs) you’re familiar with, but both parts are only numbers.
- Its anonymizing features. We only want to use proxies that are labelled with words like “HiAnon,” “High KA+,” “Elite,” “Anonymous,” or “Ultra” anonymity levels. We don’t want “transparent” proxies.
- Ideally, the proxy should also have “SSL,” “TLS,” or “HTTPS” support, which all mean the same thing. These proxies are the ones that accept the ubiquitous, encrypted Web traffic that many banks and e-commerce sites like Amazon and Facebook use. This is helpful to us because it means we can make our torrenting activity look like we’re browsing websites, even if we’re not.
Finally, there’s one peculiar and popular kind of anonymizing proxy that deserves a special mention: the Tor Browser.
Tor Browser: a very special, very important anonymizing tool
One very special example of an anonymous proxy service is called Tor: The Onion Router. I wrote a detailed description of it in another HowTo guide. While it’s technically possible to use the Tor network as an anonymous proxy for BitTorrent, that’s generally a bad idea because doing that slows down the whole Tor network, including your own BitTorrent downloads, among other reasons. Remember, the whole point of BitTorrent is to download large files quickly, which is the opposite of what Tor was invented to do (download tiny files super secretly). So, BitTorrent isn’t something you want to use Tor for.
That said, Tor does come in handy when you’re searching the Internet for torrents to download in the first place. Especially if you’re looking for some “intellectual property” protected by the legal system (*cough*movies/games/TV shows/apps/etc.*cough*), you probably want to use the Tor Browser to find torrents of it. This is because, if you use your regular ol’ Web browser and Internet connection directly, you’ll reveal what you’re searching for to anyone looking. Using the Tor Browser, rather than your regular browser, keeps others in the dark. Tor, in turn, then makes a request to The Pirate Bay or whoever on your behalf, and returns their answer (that is, the resulting web page) to you. So as long as you use the Tor Browser, your Internet service provider (and your government) remains none the wiser about what material you’re accessing.
This is how we want our actual torrenting to work, too. So what we need is a (fast) network proxy. But wait. We don’t want anyone to know that we’re looking for fast network proxies, because duh. What are we to do? The answer, by now, should be obvious: use Tor. So, if you don’t already have it, get the Tor Browser. It’s an easy to use Web browser that frees you to browse the Internet anonymously. We’ll need that.6
Torrenting anonymously: an overview
At this point, you have all the knowledge you need to torrent anonymously, even if you don’t feel like it, yet. Let’s review.
Torrenting is simply the activity of copying files from one computer to another using BitTorrent. To do this anonymously, you need to make sure that you never make a direct connection from your computer to other users. For that, you use a BitTorrent client that supports network proxies. You also need a way to search for torrents that your Internet provider won’t know about. For that, you use the Tor Browser.
You also use the Tor Browser to find an anonymous proxy. Once you find an anonymous proxy, you tell your BitTorrent client to use it, which is a simple matter of setting its proxy preferences to the address of the anonymous proxy you found. Then you load the torrent you want to download into your BitTorrent client, and you’re done.
That’s the whole process from start to finish. Now let’s take each step one at a time.
Preparation: Get the Tor Browser and a BitTorrent client that supports proxies
Step 1: Find and configure an anonymous network proxy
As mentioned earlier, there isn’t anything magical about network proxies, and there’s nothing special you need to know to use one. All you really need to know about them is where they are. Luckily for us, there are public listings of them in much the same way that there are public listings of torrents themselves. A simple search for them on the Tor Browser’s home page, as shown here, will return many such listings:
Make a note of the type (typically either SOCKS4, SOCKS5, HTTP, or HTTPS) and address (IP and port numbers) of an anonymous proxy. Then, configure your BitTorrent client with those network settings.
Here’s an example of what Deluge 1.3.11’s Proxy preference window looks like:
And here’s the same configuration in uTorrent 1.8.4 for Mac OS X:
Anonymous proxies don’t stay online forever. They come and go at irregular, sometimes unexpected intervals. That’s why they’re listed in public directories alongside a timestamp, so you know when the proxy was last checked to be working.
Whenever you start torrenting, check the proxy settings in your BitTorrent client to make sure you’re using a proxy that is currently online.
Step 1-A: Enable BitTorrent encryption settings
While we’re digging around BitTorrent client preferences, it’s worth taking a look at some other settings related to privacy. Unlike the earlier settings, which you’ll need to adjust with a new anonymous proxy every time you want to start downloading a torrent, these are all “set it and forget it” options, and they all do basically one thing: turn on BitTorrent’s protocol encryption.
In uTorrent, you’ll find the protocol encryption options in the “BitTorrent” preference pane, where you want to set the “Outgoing encryption” option to “Force,” as shown here:
In Deluge, you’ll find the same options in the “Network” preference pane, grouped under the “Encryption” header:
Set all the encryption options available to you to “Force,” meaning that you’ll only accept encrypted connections. These settings help hide that the messages you’re sending through the proxy are BitTorrent messages, which means proxy operators and Internet service providers who don’t like torrent traffic will be less likely to notice that you’re torrenting. This also might mean you reject connections from some BitTorrent users who don’t support encryption, but these days enough folks do that you probably won’t notice a difference.
In my experience, using BitTorrent’s protocol encryption settings and getting into the habit of choosing a new anonymous proxy each time you start a torrenting session means you can fly under the radar and still use BitTorrent for a good, long while. Permissive coffee shops or other free Wi-Fi spots, instead of your home connection, are also good spots to torrent from. Just make sure you’re still torrenting using encryption and a working anonymous proxy—and that you tipped your barista. (Use cash.)
Step 2: Find a torrent to download
Back in the Tor Browser, click around some of the torrent sites or use their search features to find a torrent you want to download. Here’s what a search for “daily show” looks like at Kickass Torrents:
As with most things in life, use common sense to help guide you to a good torrent. Remember, these torrent descriptions are like the outside of a product box; they’re labels, not the actual contents. Here are some common sense questions you could ask yourself to avoid fakes and scams as you browse for a good torrent:
- Does the reported file size of the torrent seem reasonable for what you’re trying to download?
- Does the torrent’s reported file count and content list seem reasonable for what you’re downloading?
- Skim the comments associated with the torrent listing. Do commenters tend to agree that the torrent is high quality, or do they call it a fake?
- Does the torrent have a healthy number of seeds? Remember, if a torrent has no seeds at all, then you’re not going to be able to complete your download.8
Step 3: Download the torrent file or click the magnet link, and load the torrent in your BitTorrent app
Once you find a suitable torrent, find and click the download link on the torrent site (usually a downwards-pointing arrow), or the magnet link (usually a horseshoe magnet icon). One, if not both, of these options will cause your browser to pass along the data to your BitTorrent app, which may ask you where you want to save the torrent contents. Choose an appropriate spot on your hard drive and start torrenting.
If you’ve set everything up by following the previous sections, you’ll begin to see connections appear in your BitTorrent client. In actuality, though, none will be direct connections you’ve made to any of those machines. Instead, those connections are being routed through the anonymous proxy you chose, earlier.
Congrats, matey! ;) You can now cancel your Hulu subscription and enjoy the wonderful world of media without commercial pollution interruption.
Optionally, verify it’s all working as intended
The simplest way to verify your setup is to use the
netstat utility built in to your computer. This is a command line tool that shows you the state of all network connections your computer is currently making. On a Mac as well as most Linuxes and other UNIX-like systems, the easiest way to get the output we want is to invoke the
netstat program with its
-p switches enabled. Open a new Terminal window, type netstat -np tcp, and then press return.9 This will produce a report looking something like the following:
$ netstat -np tcp Active Internet connections Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 0 192.168.1.77.54535 220.127.116.11.8080 ESTABLISHED tcp4 0 0 192.168.1.77.54534 18.104.22.168.8080 ESTABLISHED tcp4 0 0 192.168.1.77.54533 22.214.171.124.8080 ESTABLISHED tcp4 0 0 192.168.1.77.54532 126.96.36.199.8080 ESTABLISHED tcp4 0 0 192.168.1.77.54531 188.8.131.52.8080 ESTABLISHED tcp4 0 0 192.168.1.77.54530 184.108.40.206.8080 ESTABLISHED tcp4 0 0 192.168.1.77.54529 220.127.116.11.8080 ESTABLISHED tcp4 0 0 127.0.0.1.9151 127.0.0.1.53404 ESTABLISHED tcp4 0 0 127.0.0.1.53404 127.0.0.1.9151 ESTABLISHED tcp4 0 0 192.168.1.77.53403 18.104.22.168.9001 ESTABLISHED tcp4 0 0 127.0.0.1.9151 127.0.0.1.53402 ESTABLISHED tcp4 0 0 127.0.0.1.53402 127.0.0.1.9151 ESTABLISHED tcp4 0 0 192.168.1.77.53395 22.214.171.124.5223 ESTABLISHED tcp4 0 0 127.0.0.1.49153 127.0.0.1.1023 ESTABLISHED tcp4 0 0 127.0.0.1.1023 127.0.0.1.49153 ESTABLISHED
The important column for our purposes is the fifth one, “Foreign Address,” which lists the addresses of computers our computer is directly connected to. If you see the address of the proxy server you chose to use back in step 1, congrats, you’re torrenting via a proxy. What you don’t want to see there is the address of any peers (fellow participants in the swarm) that your BitTorrent client shows you:
If you see these addresses in
netstat‘s “Foreign Address” column, it means your computer is directly connecting to the swarm, without using a proxy. As shown in the example above, comparing
netstat‘s output with the peer list here shows that we’re set up nicely!
Torrenting anonymously can be tricky, and it certainly helps to have a friendly neighborhood technomage to ask for advice if you’re feeling uneasy. But as you can see, it isn’t a hard thing to learn once you have the information you need. Best of all, I can guarantee you this: torrent sites have a far better selection than Netflix. ;)
The best source for information about news and developments in the BitTorrent universe is TorrentFreak.com. Check it out!
Addendum: What about paid VPN services?
A link to this guide was posted on The Pirate Bay subreddit, where it was well-received. Several people suggested using paid VPN services instead of free public proxies. Using a paid VPN service means purchasing access to a private proxy from a corporate entity, which is something I do not recommend. There were also some good follow-up questions about using proxies. Here’s one such exchange.
The first proxy I tried didn’t work (cmd was showing peer addresses), I tried another and it worked.
However, the first time, the torrent still downloaded, I wouldn’t have known it wasn’t going through the proxy, so is it necessary to check the connections every time I use a new proxy, start utorrent etc? What if the proxy stops working halfway through? It would be nice for utorrent to stop downloading if it’s not going through the proxy.
Also, why are paid VPNs so recommended if it’s as easy (and cheap) as this to avoid punishment?
Yes, you should always check to see if the proxy you selected is actually working for each new proxy you select, and you should always choose a new proxy each time you fire up your torrent client. People pay money for reliability, not technology. The technology of a free proxy and the technology of a paid proxy is identical. The difference is the consistency and contractual uptime guarantee, that’s it. If you have bad habits (i.e., you’re not carefully checking to see if the settings you entered ACTUALLY WORK after you enter them), then maybe paying for reliability is something you want to do. Just keep in mind that when you pay for something, there’s a money trail. If you don’t use a paid service, there’s no receipt in someone’s financial accounting ledger that can be traced back to you. I prefer being careful and using free proxies over paying money for the same technology in a way that encourages me to be lazy.
Also, uTorrent has a bad habit of trying proxies you give it but falling back to whatever other means are available if the proxy doesn’t respond to you. That’s a problem with uTorrent, not you. It does mean that you might want to use a different BitTorrent client, though, if you’re not careful about checking the proxies you choose to use. Again, that’s why I like Deluge: if you give it a proxy that isn’t alive, it will try the proxy but the download will fail. That’s what you want, because the proxy is dead. You don’t want it switching to a direct connection behind your back.
Another thing you can do to be extra cautious is disable PEX (Peer Exchange) and DHT (Distributed Hash Table) lookups. Some clients don’t respect proxy settings for these two mechanisms, even though they should. Again, that’s a problem with the client, not you. It’s also easier to check that the proxy you’re setting up is really the proxy being used for trackers (as opposed to PEX or DHT) because numerous paid torrent VPN services also provide IP checking utilities that you can by definition use for free (even without being a customer). See, for instance, BTGuard: CheckMyTorrentIP. Just set up a free anonymous proxy like in the above HowTo guide, then follow the steps in the BTGuard CheckMyTorrentIP page, and look for the IP address of the proxy you set up instead of “BTGUARD IS WORKING”. BTGuard won’t tell you “it’s working” because you’re not paying or using BTGuard. But it will show you what IP address it thinks you’re using, and if that IP address is the address of the proxy you configured, then you’re torrenting (at least using traditional trackers) through that proxy. :)
Hope this helps.
- Everyone glosses over this point, myself included, but this point is actually very important: downloading something is the act of making a copy of the thing you are downloading. When you download or receive something from the Internet, you are literally creating an exact replica (a “copy”) of whatever it is you’re downloading. This is fundamentally different from “stealing,” which is the act of removing something from one place and putting it in another. You literally can not steal anything using the Internet no matter what you do, and anyone who tells you differently is trying to sell you something, or put you in jail. [↩]
- BitTorrent suffers from a wealth of jargon. Thankfully, Wikipedia has a decent glossary of BitTorrent terms. [↩]
- BitTorrent files typically have the
.torrentfile name extension, but they don’t have to. Technically, BitTorrent files are bencoded dictionaries, which is a fancy way of saying an index that lists the torrent’s referenced contents and where that content can be found. So they’re really meta or metainfo files. Sometimes they’re also called a manifest. When torrents are not files, they are usually something called “magnet links,” which serve the same purpose as a torrent file’s dictionary but that use a special URL instead of an actual file. More on magnet links later. [↩]
- In the screenshot above, you might have noticed there’s a field for “Trackers.” That’s where you paste the URLs (the Web addresses) of any well-known trackers you want to announce yourself to. When you start sharing (or “seeding”) your file, those trackers will dutifully re-announce your announcement of your presence to any other BitTorrent users who want to copy what you’re sharing. There are numerous stable, public, free BitTorrent trackers available to you (like
udp://open.demonii.com:1337/announce), and it doesn’t really matter which one you use. (In fact, the more you use, the easier it will be for others to find you.) For now, suffice it to say that a tracker’s job is to keep other users in the swarm updated about where everyone else is, in case things change and in order to help you find one another in the first place. Obviously, hiding our real identity from trackers as well as the rest of the swarm while still being able to find and share files with one another is a key part of what staying anonymous while using BitTorrent is all about. We’ll look at ways to do that in the next section. [↩]
- Another useful consideration for a proxy server I don’t list explicitly is its physical location. You may want to use a proxy located in another country than you are in so as to avoid running afoul of local laws, or to route around geographic censorship. Remember, political and legal borders are not real, so the fundamental Internet technology we’re talking about doesn’t and, to work correctly, shouldn’t pay any attention to them. Most proxy lists display the country a proxy is in alongside its other information. [↩]
- Technically, the Tor Browser is a package deal that comes with a modified version of Mozilla Firefox and the actual tor proxy software, all pre-configured to work together. If you want to learn more about Tor and, trust me, you do, consider reading my article all about it. [↩]
- Even though each BitTorrent client’s preferences window looks different, they all describe the same basic behavior. [↩]
- You can often still download many pieces of a torrent even if there are no seeders in the swarm. Sometimes, if a torrent has many independent files, you can still download the majority of the content you’re after because only a few pieces in a few files are missing. The quickest way to check this is to look for the “Availability” proportion in your BitTorrent client. Without a seed, this readout will be somewhere between 0, meaning absolutely no parts are available, and just under 1. The closer this value is to 1, the more pieces of the torrent are available. I once downloaded a torrent of a four-season TV show whose availability was 0.954, and was happy to find two complete seasons had downloaded without any problem at all despite never finding a seed for that torrent. Other torrents provided the missing episodes and all was well. [↩]
- On Mac OS X,
netstatis also available from the Network Utility application, in addition to the command line in Terminal. In Network Utility, go to the “Netstat” tab and choose the “Display the state of all current socket connections” radio button. This is the equivalent of typing netstat -a in Terminal. [↩]