File hosting, logging and anonymity

Discussion in 'privacy technology' started by justpeace, Nov 17, 2012.

Thread Status:
Not open for further replies.
  1. justpeace

    justpeace Registered Member

    Joined:
    Sep 21, 2012
    Posts:
    48
    Location:
    127.0.0.1
    Hello

    When using file hosting sites like Dropbox, Mediafire etc, most users don't think about the privacy and logging implications and the ability of the provider to log information about their users.

    If person a upload a file to a file host, a must assume that the provider in spite of any privacy policy to the contrary logs his IP address, the filename and a hash value of the file.


    If person b subsequently downloads the (same) file, the provider logs the downloader's IP address, the filename and hash value.

    This information may be retained even after the contents of the file is purged from the server.

    Correlation of this information may later substantiate that the uploader and the downloader either knows each other or have common connections.

    And if the hash value of the file is marked as illegal, or is in a database of possibly illegal or subversive files, both a and b could get in trouble if the file host later is subject to legal discovery or data theft.

    I am interested in exploring this topic because there, so far I know, is scant research on how use of retained file host trafick data might compromise users' privacy and anonymity.

    Topics worth further consideration are plausible deniability and anonymous usage of file hosts.

    If we can't prevent a file host from logging this data, ccan't we at least make the logging useless?

    And if we can't prevent the file host from "knowing" that a and b are connected to each other by the same transaction respectively the act of uploading and downloading of the same file, can't we make the correlated information useless?

    I shall for purpose of this exploration here assume that the average individual user of a file host:

    (1) Uploads/downloads from his home IP address;

    (2) Doesn't use strong encryption;

    (3) Is easily identified by payment trail or other identifiable info which can't be plausible denied.

    The consequences of a file host or cloud storage service being subpoenaed by a copyright troll, or going bad, or being taken over by a blackmailing entity are unsettling.
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Yes, those are valid concerns.

    Just don't do 1-3, and don't disclose personal information.

    1 -- use VPNs and/or Tor
    2 -- encrypt files being shared
    3 -- don't leave payment trails etc

    All of those issues have been exhaustively discussed on Wilders.
     
  3. justpeace

    justpeace Registered Member

    Joined:
    Sep 21, 2012
    Posts:
    48
    Location:
    127.0.0.1
    But not all file hosting sites are Tor safe.

    Some require flash, registration and valid (non-disposable email addresses), while
    others have horrible privacy policies or don't even make any privacy promises.

    One particular popular but bad host is Netload.in.

    Its "Privacy Policy" deceptively states that it's compliant with EU privacy law but neglects to mention which info is retained and for how long. This practice is clearly illegal and deceptive.


    The aassumption should always be that a file host sought only be entrusted with the minimally required information to perform the transaction.

    Ideally, even uploading IPs should never be logged. There is no legal requirement for any host to have the IP of the uploader, so it's a mystery why there is no market for non-logging file hosts.

    Why would any file host need to log the IP of uploaders if there is no law explicitly mandating such retention?

    Bayfiles and Dropbox work with within the TorBrowser.



    Could you point me to the threads?I searched but was unable to locate any topics specifically on point.

    Regarding 2 and 3, you'll be surprised how many uploaders are careless.

    In recent months, uploaders to DDL forums have complained about their premium Rapidshare accounts being terminated due to alleged copyright infringement.

    They pay for their accounts with Paypal, upload warez and don't understand why they suddently lose their accounts and in even worse case could be ratted out by the host to a copyright troll.

    http://torrentfreak.com/cyberlocker...-users-to-settle-34-8m-copyright-suit-120706/


    And this carelessness is by people who should know better.

    Have you seen this:

    http://www.wjunction.com/95-file-ho...bitcoin-based-file-host-new-model-market.html

    Interesting if legit.
     
    Last edited: Nov 18, 2012
  4. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    The recording of file names and hashes can be partially mitigated by renaming the files and packing them with 7zip, Winrar, etc. 7zip has several compression options which will each produce a archive with a different hash. In order to know what's in the archive, they'd have to actually open it, which will take a lot more time than just recording names and hashes.
     
  5. justpeace

    justpeace Registered Member

    Joined:
    Sep 21, 2012
    Posts:
    48
    Location:
    127.0.0.1
    Yes, and I already do that on several forums.

    But let's say that someone shares the file with a friend. His intend is not only protecting the contents of the file but also having the ability to later deny the act of transmission or receipt of the specific content within the data container.



    He uploads the file to a file host, communicates the link to the intended recipient along with a description of the contents.

    In most likely scenario, nothing bad happens, but the file host now has the following info timestamp, IP of uploader and downloader, filename and hash value.


    If the outer data container was encrypted, and the sender and his friend immediately took proper precautions by wiping the outer data container and the informational message, both now have plausible deniability as to having uploaded or downloaded the data within the container.

    A forensic investigation of the friend's computer could only prove that the owner was in possession of the files contained in the archive, not how it was obtained, and even a subpoena to the file host would only prove that there was a data exchange between two parties with a hash value. The key is that all info allowing a third party to later correlate the hash value with anything illicit or subversive must be purged as soon it's no longer necessary.


    However, if either sender or receiver is found in possession of other illicit files, and one of them still possesses the encrypted archive and the password, a third party could prove that the individual in possession of the container is tied to the file host transaction.
     
    Last edited: Nov 18, 2012
  6. marktor

    marktor Registered Member

    Joined:
    Dec 4, 2011
    Posts:
    143
Loading...
Thread Status:
Not open for further replies.