Trying to Design a super-secure Torrent index.
#1
Earlier this year I set up a tracker that I sold off recently and I wish to use some of the excess to create an index now purely to piss off BREIN, et cetera.


Here are some features so far:

- No storage of IPs.
- Any information about member's (PMs, logs, HWID's) are saved behind a 2048 bit encryption.
- Two servers, one hosted in Nanjing the other one in Yunan. 
- Domain name, and Server has been set up by a friend of mine through a public library in Bangkok, under a fake pseudonym
- Every DMCA request will be replied with 2girls1cup.


Visitors will be encouraged to upload as much as possible. By every 100 torrents uploaded USD $5 will be donated to World Wildlife Federation for as long as my surplus lasts.
Ad revenues received will purely go to keeping the servers up, and surplus to charity, to further encourage uploads.

I've estimated that this will cost me around $1600 - $1700 (so far).


I am aiming at making it as idiotproof as humanly possible, and if anyone has any really good fuck-off world police advices, I'll take them in.
Reply
#2
Quote:Every DMCA request will be replied with 2girls1cup.

what's that?
Reply
#3
https://en.wikipedia.org/wiki/2_Girls_1_Cup
Reply
#4
(Jul 24, 2016, 03:36 am)hireshi Wrote: Earlier this year I set up a tracker that I sold off recently and I wish to use some of the excess to create an index now purely to piss off BREIN, et cetera.

We need more people like you! Heart

(Jul 24, 2016, 03:36 am)hireshi Wrote: - Any information about member's (PMs, logs, HWID's) are saved behind a 2048 bit encryption.

2048 bit encryption smells like RSA to me and I wouldn't be using that for storage. It would be debatable if I would use it for certificates and communications. I would suggest a symmetric cipher (twofish, AES or something similar) and use a one way hash derived from the users anonymous credentials as the key so no password storage is required. You would not be able to decrypt it even if you wanted to. As it happens there is an authentication white paper that does exactly this without user registration at all but I'm unable to find the link ATM.

(Jul 24, 2016, 03:36 am)hireshi Wrote: - Domain name, and Server has been set up by a friend of mine through a public library in Bangkok, under a fake pseudonym

Although you may be protected from the powers that be, in doing so, they would be able to use the false information as an excuse to remove the site from the records. DNS generally is a weakness that the torrent community is in denial about and I've seen no constructive responses to combat it. This is even though several large streaming and torrenting sites have been successfully taken out this way.

(Jul 24, 2016, 03:36 am)hireshi Wrote: - Every DMCA request will be replied with 2girls1cup.

Big Grin 
(Jul 24, 2016, 03:36 am)hireshi Wrote: Visitors will be encouraged to upload as much as possible. By every 100 torrents uploaded USD $5 will be donated to World Wildlife Federation for as long as my surplus lasts.

TBH I'd rather it was ploughed back into the good fight, so to speak. Perhaps set up some Tor exit nodes, more trackers, donations to TPB, SuprBay or the Pirate Party and so on.
WWF gets quite a lot of funding already and via more mainstream revenue but fighting the RIAA and MPAA nazis gets very little backing and it's a hard area to monetize.....even pirates gotta eat.

(Jul 24, 2016, 03:36 am)hireshi Wrote: Ad revenues received will purely go to keeping the servers up, and surplus to charity, to further encourage uploads.

I've estimated that this will cost me around $1600 - $1700 (so far).

I hope it doesn't cost you anything in the long run. I would be soooooo happy for a big FU to the man from a self sustaining, non-profit tracker.

(Jul 24, 2016, 03:36 am)hireshi Wrote: I am aiming at making it as idiotproof as humanly possible, and if anyone has any really good fuck-off world police advices, I'll take them in.

Never underestimate how stupid people can be  Angel
Reply
#5
Stuum is correct, DNS is a large weakness to any website trying to avoid being taken down by authorities. Depending on your capital, you may create a shell corporation and operate your own registrar for roughly $15,000, thereby registering your own domains. This will give you some additional security on your domain name as registrars like Register.com would not be able to shut you down, but may not be worth the expense. DNS poisoning and MITM attacks cannot be avoided if a large enough party intervenes, but implementing a PTR record may help some. Good luck to you.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Web design Wacco 18 56,565 Jun 22, 2017, 17:01 pm
Last Post: RobertX
  Favourite Programming Language to design GUI Applications RobertX 5 24,575 May 05, 2017, 04:14 am
Last Post: Jatts69
  Trying to create php pages automatically ? Uplaoder 2 18,498 Aug 04, 2016, 02:54 am
Last Post: Uplaoder
  Advanced User Interface Design using Java 8 Nine 2 18,480 Apr 06, 2016, 20:51 pm
Last Post: Nine
  web page design coders needed ddoking007 2 16,632 Jun 17, 2014, 03:03 am
Last Post: automotiv



Users browsing this thread: 1 Guest(s)