I am not in a place where I can afford a VPN (do not start suggesting cheap VPNs to me istg), and in addition, you have to place a lot of trust in the VPN. Tribler seems promising, except… For the giant disclaimer that’s been on the site for years. That worries me. I am quite worried about getting scary letters from my ISP or something when torrenting.

Do not put yourself in danger. Our anonymity is not yet mature.

Tribler does not protect you against spooks and government agencies. We are a torrent client and aim to protect you against lawyer-based attacks and censorship. With help from many volunteers we are continuously evolving and improving.

Edit: Seems like there are a lot of issues below the surface as well… https://lemmy.dbzer0.com/post/19118584/10120234

And Lokinet, I2P, and GNUnet have their own massive problems… https://comment.ctrl.blog/discussion/tribler-onion-routed-bittorrent

ngl, kinda depressing that it’s like this…

Edit 2: I misread the article a bit, it’s not quite as dire as I thought it was initially, but the warning and the fact that only the core file-transferring features are anonymized at all… Is a bit disconcerting.

  • black0ut@pawb.social
    link
    fedilink
    English
    arrow-up
    20
    arrow-down
    1
    ·
    7 months ago

    Torrenting on the TOR network is actively discouraged. It uses a lot of bandwidth, and it hurts other people’s speeds.

    If you want to torrent on an anonymous network, use I2P. It may be harder to set up than TOR, but you can torrent entirely inside it. It has trackers inside, and a lot of clearnet torrents have also been listed on them. And most importantly, I2P is more prepared for torrenting than TOR is. When you connect to it, you add capacity to the network, so using bandwidth for torrenting is not as detrimental to it.

    • ScratchySoft@lemmy.dbzer0.comOP
      link
      fedilink
      English
      arrow-up
      5
      ·
      7 months ago

      Tribler is not Tor, and I know Tor doesn’t work. That’s why I asked if there’s anything like Tor rather than just doing the stupid thing of using Tor immediately. I’ll look into I2P.

  • scratsearcher 🔍🔮📊🎲@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    14
    ·
    edit-2
    7 months ago

    i2p is the only tor for torrents I know of. a program i2psnark that comes with the java-version preinstalled specifically. You need to follow their setup instructions closely to get a functioning i2p you can interact with using a http-proxy setting in your web-browser.

    I2P can only talk to other I2P users. There are far from enough users on it to reliably use it for P2P. There’s nothing inherently wrong with it, it just never reached critical mass. The set-up process is probably too complicated for most potential users.

    • So the massive i2p problem is its unpopular.

    This is a bit of the chicken and egg problem. Has anyone here experience using or seeding i2p torrents? I would be interested in for example seeding Linux iso. I set it up

    My 2cents how to seed :

    then you can use i2psnark/Create a torrent in the web interface, and type the file-name of the file you want to seed over i2psnark. on Linux for me its in in /var/lib/i2p/.i2p/i2psnark

    But sharing over it is another matter; you need a tracker for that, like postman, or the other one I have not tested yet.

    • ddh@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      6
      ·
      7 months ago

      I’ve used I2P for torrents and it’s fine. There’s plenty of popular stuff on Postman. The speeds are slower partly to the network but partly due to number of seeders, so I encourage everyone to get on there. Just be patient and there’s no problem.

    • Brickfrog@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      7 months ago

      I2P works fine, qBittorrent supports it now too. There are earlier posts in this community discussing it.

      Like you said it’s mostly a popularity problem, less users = less seeds/peers.

  • stupid_asshole69 [none/use name]@hexbear.net
    link
    fedilink
    English
    arrow-up
    3
    ·
    7 months ago

    If you aren’t gonna use a vpn then require encryption, disable dht and pex, use doh or dot and only use private trackers.

    Require encryption, distributed hash tracking and peer exchange are options in your client. Requiring encryption means a mitm observation of your traffic won’t show you are doing torrenting. Turning off dht and pex prevents someone who’s not a member of your tracker jumping into the swarm and clocking users. DNS over https or tls makes requests to get the ip of a website from the url encrypted, so a mitm observer can’t even see that you went to the bad website to ostensibly do bad things. Private trackers get you out of the low hanging fruit category where enforcement is usually focused.

    Of course, anyone who monitors traffic patterns will know you’re torrenting, so laws (or a change in laws or enforcement strategy) can still get you.

    If you read all this way and you want to know what the solution is, it’s not i2p or tor, it’s a vpn service. I know you said you don’t want that, but it’s the solution to your problem. You figured out yourself that i2p and tor don’t suit your needs already.

    Good vpns have infrastructure that makes it impossible to keep logs and will pass independent audits. They will also not have a history of turning over users data or otherwise acting badly.

    I use airvpn for torrenting. It works fine as long as you’re not in Italy.

    If you want to understand how a person can trust and afford a vpn, ask away. If you cannot or do not want to use a credit card, use a vpn service like mullvad or proton that accepts cash.

    • ScratchySoft@lemmy.dbzer0.comOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      7 months ago

      Sadly I am not in any private trackers. And while I know VPNs like ProtonVPN are fairly reliable, I’m hesitant to place much trust in them, nor do I have… Any income right now (things are a mess)…

      • stupid_asshole69 [none/use name]@hexbear.net
        link
        fedilink
        English
        arrow-up
        2
        ·
        7 months ago

        Private trackers: they’re easy to get into. Ipt will probably temporarily open signups this month, mya is always open afaik and plenty of others have signups where you just have to take a test they give you the answers to. Once you’re in you just gotta maintain a ratio by seeding instead of just downloading all the time and climb the “tracker ladder” to get to the ones you want.

        Mya is the one most people start with now.

        On VPNs: you have to understand your own security, just like anything else. Ones like mullvad refuse to keep information about you (your login credentials are a random string of numbers and they do cash transactions similarly anonymized), and ones like proton allow you to use information that isn’t tied back to you (it’s your responsibility to make sure that information can’t be tied back to you!). It’s worth learning about them now even if you’re not in a position to pay for one because knowing will help you make good decisions when you are in that position.

  • Mohamed@lemmy.ca
    link
    fedilink
    English
    arrow-up
    3
    ·
    7 months ago

    It works very well for me. My evidence that it is private is that I download plenty (more than 1 TB per month) and I never get a copyright notice from my ISP. When I torrent non-privately I get plenty of copyright notices, sometimes several times for the same torrent.

    It does have, however, some major performance issues. It can be very slow, and it can use up a lot of RAM and a lot of CPU. Its internal database, which saves state of downloads, frequently gets corrupted at which point it has to be re-generated, meaning the list of torrents (not the downloads) is lost. It can be quite a bit slower than other torrent downloaders, and sometimes torrents stall for a while as it waits to prepare the network, especially at start-up.

    It’s been getting a lot better though with every update, which is quite frequent.

  • Brickfrog@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    7 months ago

    I’d recommend I2P.

    But sure, you can use Tribler if you prefer just don’t set yourself to be an exit node if you’re worried about other users’ torrent traffic going out your own internet connection. Been years since I tinkered with it back then Tribler felt even slower than I2P torrenting and the Tribler torrent client would crash every few days/weeks, I sort of gave up on it after a while but maybe it’s better nowadays.

  • swelter_spark@reddthat.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    6 months ago

    I use Deluge. It can be used with i2p or tor, and can be set up to route everything through your local proxy.

  • Matt@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    6 months ago

    Try Tailscale for torrenting and Orbot for day-to-day use.

    • ddh@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      6 months ago

      As a Tailscale user, I don’t understand how it helps with torrenting–don’t you typically control all the nodes? Or is there some way to configure a third party exit node?

  • dogs0n@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    7 months ago

    Depending on where you live, it may not matter if you don’t use a VPN, you could possibly research what usually happens in your area?

    Many people never get warnings, others ignore them and nothing happens.

    Usually nothing happens because ISPs don’t care if you torrent, it wastes their time and resources when studios/content owners send dmcas (or whatever) and they have to send a warning. I bet the warnings are just automated for most isps so they can mostly ignore them. ISPs also don’t want to punish their customers because then they’ll lose revenue by cutting you off.

    (The ignoring part is heresay, i’m just combining info i’ve heard over the years and experience)

    Some (most?) countries it’s not illegal to torrent copyrighted content either, unless you distribute it (seed).

    • ScratchySoft@lemmy.dbzer0.comOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      7 months ago

      I live in the US, so it is illegal here though not always enforced much, but a lot of trackers also encourage seeding for obvious reasons and it seems like poor form not to.

      • 10001110101@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        Years ago, I used to just ignore letters. Nothing happened for years. Moved and switched ISPs (smaller, regional), then was banned by that ISP after a few months, lol. Copyright holders can sue you, so it’s just an odds thing.

        I just use a VPN now. Used Tribler before I set up my Arr stack, because Tribler didn’t work well with it. Tribler is faster than i2p if you use 1 hop, but theoretically, the Movie Picture Association could run an exit node and still sue you, if you only use 1 hop. (Actually, it’d probably be a legal gray area for them to run an exit node because they would be facilitating piracy).

  • Fleppensteyn@feddit.nl
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 months ago

    In many cases, you have to disable the privacy setting (hops) to be able to download anything. Probably because it still hasn’t attracted a lot of users.

    They switched from a client application to a web interface in a recent update, which I’m not a fan of (mainly because I’m blocking right click hijacking in my browser).

    It’s nice to add an extra layer of security, imo, but I wouldn’t rely on it completely if you’re in one of those countries where ISPs don’t respect your privacy.

  • noisypine@infosec.pub
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 months ago

    Tribler works well. Its not as fast as standard torrents, but its not unreasonable either. I see lots of talk of I2P, but man, it’s not a simple thing to setup and the torrents are restricted to what’s on the I2P network. Generally missing a ton of stuff and downloads are very slow, much slower than Tribler.

  • 0x0@lemmy.zip
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    2
    ·
    7 months ago

    Aren’t magnet links supposed to be more private and isn’t a download p2p anyway?

    • dogs0n@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      7
      ·
      edit-2
      7 months ago

      The problem is that content rights holders setup bots that track who is torrenting media that they own (all the peers they can connect to).

      Then they use your ip to ask your ISP to stop you.

      As far as i am aware (and possibly wrong), magnet links aren’t any more secure than using a .torrent file, it’s just another form of it that can be easily clicked (or copied) to open in your client (i’ve never looked but it might just be a link containing the info that would be in the torrent file).

    • Kissaki@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      6 months ago

      A magnet link can be used to download the torrent file.

      They’re only more private in the sense that the link itself is not a torrent file you download and open. Instead, it’s a link to that torrent file, downloadable through bittorrent.

      It doesn’t make your downloading any more private.