BitTorrent is often praised for its decentralized nature. The file-transfers take place between users and there’s no central service required. That’s also one of the main reasons why pirates embraced it. There is a weak spot though. In order to download something, you need a torrent or magnet link. These are available through torrent sites which, as history has shown, can disappear overnight. While it’s unlikely that all torrent sites will be eradicated at once, we recently spotted a rather novel approach to this ‘problem.’ A few weeks ago OpenPGP keys with magnet links were added to SKS keyservers. These keyservers are computers which store and index OpenPGP keys over the Internet. This helps users who rely on encrypted email, for example. The servers generally share the keys amongst each other in a pool and uploaded keys generally can’t be removed. The permanent storage of keys generally isn’t an issue. However, when the system is used as a stealth resource to store magnet links to pirated content, this resilience is put in a different light. This is exactly what happened. A few weeks ago a series of rather odd, but valid, PGP keys were uploaded to SKS keyservers. These keys were not meant to encrypt email though, but as a safe storage for torrent magnet links. As a result, popular keyservers, including the ones hosted by research university
MITand
Surfnet, have transformed into pirate sites.
