1) Torrent applications don't always respect your proxy settings, bypassing Tor entirely.
2) Torrent applications sometimes add your IP address to their packets, so you essentially tell everyone where you are after coming out of a different door all sneaky-like.
3) You're probably telling all this and your port number to the tracker. Trackers are complete blabbers, they'll tell anyone who asks where to find you.
4) Multiple connections run through a single "circuit" for speed & a bit of anonymity (by reducing the number of nodes you're using, some of which may be watched; I don't quite follow this reasoning. Seems to me it's putting all your eggs in fewer baskets), but browsing + torrent may reveal enough info to deanonymize you, because you run through fewer exit nodes.
And last but not least, Tor can't handle the load:
>We've been saying for years not to run Bittorrent over Tor, because the Tor network can't handle the load.
Running torrents over Tor has always been a horrible idea, due to the load issues and 2 and 3. And because it's insanely slow. And because it's about as rude as you can possibly be to the rest of the Tor network. The fourth is new to me. I suspect most of the offenders just don't fully understand torrents or Tor, and are reaping what they sowed - there are plenty of resources to understand it, and Tor goes to great lengths to explain what it does extremely clearly.
It is worth noting that both this Tor blog post, and the research paper it mentions, were published in April 2010. I initially assumed that this would be explaining why using Bittorrent with Tor hurts the network, like http://www.chrisbrunner.com/2006/07/09/why-you-shouldnt-run-... :
When you use BitTorrent on Tor, you're placing an incredible amount of burden on the network and sucking up the bandwidth that could have otherwise been used for the purpose of freely spreading information. You're discouraging people from donating their bandwidth to running the exit nodes that allow the Tor network to function. You're destroying everyone's ability to publish information without being persecuted by their government. You're destroying the privacy that so many people worked so hard to give us.
Whilst I agree that the Tor network would be better off without Bittorrent traffic, it bothers me when I read things that say that Tor can't anonymise Bittorrent traffic.
Using the TransparentProxy mode of Tor, forces all network traffic out through Tor, and blocks stuff which can't be, such as UDP. Do that on a machine which only has a LAN address so doesn't know it's Internet facing IP, and it's anonymous... It can't leak it's IP because it doesn't know it, and it can't connect to the Internet without going via Tor...
Yes, but the article states that some torrent software actually appends your IP address information to the packets themselves, so even if they emerge from an exit node on the other side of the world, entirely anonymized, simple packet inspection can determine their origin.
How does the software append your IP address if it doesn't know it? It can't get it from your router via UPNP, because that traffic is blocked. If it tries to get it by connecting to some online service and asking the IP, the IP it gets back is the Exit nodes.
It doesn't know it's IP address, so it can't leak it.
This is a prime example of people stacking complex tools together and expecting properties to magically combine. It doesn't work that way in the real world, it doesn't work with "computers". I may be an angry old fart, but this "screw knowledge, screw others, live in a dream" mentality is starting to annoy me.
Sometimes, if the tools are designed really well, they do combine. Witness the success of Unix pipelines, or the nigh-magical ability of TCP to work over Ethernet, Wifi, a modem, or whatever other complex systems people dream up.
Being able to combine complex systems is a good thing, and it shouldn't be disparaged as unrealistic.
Applications communicating via Unix pipelines indeed do frequently combine, albeit rarely without great amounts of awk/grep/sed glue and reimplementation of parsing machinery in every link in a chain.
I don't say that pipelines are bad, it's just sometimes we want more structured data format than flat text.
Also, Unix pipelines are currently in decline, and Unix itself is less Unixy than it used to be.
Neither unix pipes nor TCP are particularly complex, and it is their simplicity that lets them be combined -- easier to combine a hammer and an axe than a nail-gun and a rotary saw.
If you really want Tor-style anonymity with BitTorrent, I suggest I2P. http://www.i2p2.de/
The core router software even bundles its own BitTorrent client. However, since it is effectively a darknet, regular torrents you find elsewhere won't really work. Still, it is interesting stuff.
1) Torrent applications don't always respect your proxy settings, bypassing Tor entirely.
2) Torrent applications sometimes add your IP address to their packets, so you essentially tell everyone where you are after coming out of a different door all sneaky-like.
3) You're probably telling all this and your port number to the tracker. Trackers are complete blabbers, they'll tell anyone who asks where to find you.
4) Multiple connections run through a single "circuit" for speed & a bit of anonymity (by reducing the number of nodes you're using, some of which may be watched; I don't quite follow this reasoning. Seems to me it's putting all your eggs in fewer baskets), but browsing + torrent may reveal enough info to deanonymize you, because you run through fewer exit nodes.
And last but not least, Tor can't handle the load:
>We've been saying for years not to run Bittorrent over Tor, because the Tor network can't handle the load.
Running torrents over Tor has always been a horrible idea, due to the load issues and 2 and 3. And because it's insanely slow. And because it's about as rude as you can possibly be to the rest of the Tor network. The fourth is new to me. I suspect most of the offenders just don't fully understand torrents or Tor, and are reaping what they sowed - there are plenty of resources to understand it, and Tor goes to great lengths to explain what it does extremely clearly.