# Making BitTorrent Safe to Use Over Tor

There has been a lot of discussion recently about how it is unsafe to use
[BitTorrent](https://www.bittorrent.com/) over
[Tor](https://www.torproject.org/). A [recent
paper](https://hal.inria.fr/docs/00/47/15/56/PDF/TorBT.pdf) described a number
of attacks which could be used to expose a users real <abbr title="Internet
Protocol">IP</abbr> address.

It's not that BitTorrent **can't** be used safely over Tor, it's just that
various popular BitTorrent clients do things in such a way as to lead to IP
address leaks.

I use [Vuze](https://www.vuze.com/) on an [Ubuntu](https://www.ubuntu.com/)
system, and I think I've managed to lock it down to make it safe to use over
Tor.

Before I go any further, I am not interested in discussing the moral
implications of using BitTorrent over Tor. This has been discussed many times
before, and the fact remains that there are legitimate use case scenarios.

There is no point in only sending your tracker communications over Tor. You will
connect to others peers directly and thus they will know your IP address. You
need to send peer communications over Tor as well. If you configure it to use
the [SOCKS](https://www.wikipedia.org/wiki/SOCKS) proxy provided by Tor, for
tracker and peer communications, you'd expect that to be enough. Well... it's
not. If Vuze fails to connect to the tracker over a SOCKS proxy, it falls back
to making a direct connection. Other popular BitTorrent clients also do this
apparently. I tried wrapping Vuze in [tsocks](https://tsocks.sourceforge.net/)
to prevent this problem, but it continued anyway for reasons I haven't figured
out. So I edited the system wide Java configuration to force connections to go
through the proxy. The file to edit is called "net.properties". On my system
this can be found inside /etc/java-6-openjdk/. Once I made this change, Vuze
stopped making direct <abbr title="Transmission Control Protocol">TCP</abbr>
connections outside of Tor. Luckily for me, the only Java app on this system is
Vuze so I can make that change without affecting other apps.

Vuze also uses <abbr title="User Datagram Protocol">UDP</abbr> for some traffic
though, which bypasses the proxy. You need to turn off <abbr title="Distributed
Hash Table">DHT</abbr> to prevent this traffic. I'm not sure if anything else
causes UDP traffic though so I added a couple of firewall rules to prevent all
external UDP traffic just to be safe. I still allow UDP packets to/from my <abbr
title="Domain Name System">DNS</abbr> resolver though of course. Turn off <abbr
title="Universal Plug and Play">UPnP</abbr> as well; this stops Vuze from
opening up ports on your router.

The paper also described a problem where the BitTorrent client sends its own IP
address to the tracker. I don't know if this is something which Vuze does, but I
don't think it is. I spent some time looking at the contents of <abbr
title="Hyper Text Transfer Protocol">HTTP</abbr> communications between Vuze and
different trackers and didn't see my IP in there. But even if Vuze does do that,
I believe I am safe anyway... I use <abbr title="Network Address
Translation">NAT</abbr> so the machine Vuze is running on doesn't even know my
external IP address, and the fact that all Vuze traffic is going out through Tor
means that Vuze shouldn't be able to figure out my real IP address, only the one
belonging to the exit node.

You can actually run **any** BitTorrent client safely within Tor if you know
how. Set up a Linux virtual machine on your box which uses NAT, and follow
[these
instructions](https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TransparentProxy).
Now any network traffic that occurs on that box is either relayed through Tor,
or blocked. No apps running on that virtual machine know your real IP address so
they couldn't leak it even if they wanted to.