Hacker News new | ask | show | jobs
by generalizations 1793 days ago
I usually just count the seeders and leechers. 1000+ seeders are usually seeding something legit. Failing that, I grab several versions and just see what they look like.

I think here, the common-sense solution that works most of the time is more useful than an interesting, complex solution.
3 comments
runeks 1793 days ago
It would be pretty cheap and easy for copyright holders to publish a bunch of fake torrents — just copy the torrent+file names of the most popular torrents and fill the files with random data — rent a couple thousand VMs on AWS, and seed them all using these VMs.
link
joshspankit 1792 days ago
Even more insidious: They can distribute something that is similar enough to the original file, but is still a fake. Movies with the climax cut out, books where the plot is changed, games where you cannot win.

Enough downloaders get the file, skim it to make sure they have a viable one, and then keep it in a folder for later consumption. If it passes the scan test they would be likely to get a bunch more seeders. This is one of the reasons torrent sites have comments.

link
generalizations 1792 days ago
Stuff like what you describe would have lots of artificial seeders, sure - and "they" could even rotate the IP addresses so blacklists don't work.

But it's a big well to poison with such weak tactics, and I think such things have been tried before; and it's not that hard to just...download a different copy.

I usually download a couple different versions of my 'Linux isos' anyway, just in case the audio or the encoding is messed up on one of them. I get that it's fun, and intellectually stimulating, to think about complex solutions to interesting problems, but you still have to look and see if the simple solution is already there. BitTorrent is a robust protocol that's already got built-in mechanisms for these things. The swarm itself attests to the valid files, because those are the files that remain seeded. No need for extra complexity.

link
6510 1792 days ago
Its not effective enough for that but if it was people just move on to the next method.
link
baybal2 1792 days ago
From experience with Gnutella, spammers can just fake the seeder number.

Gnutella, unlike BT can propogate standalone chunk hashes alone, as I understood, so you can weed out fakes early. BT doesn't have that before you start the download.

Gnutella 2 has even more armaments to weed out fakes

link
zekrioca 1793 days ago
I don’t agree
link