From owner-freebsd-questions@FreeBSD.ORG  Tue Jan 25 19:38:16 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BDC6316A4D6
	for <freebsd-questions@freebsd.org>;
	Tue, 25 Jan 2005 19:38:16 +0000 (GMT)
Received: from fw.farid-hajji.net (fw.farid-hajji.net [213.146.115.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A655643D5D
	for <freebsd-questions@freebsd.org>;
	Tue, 25 Jan 2005 19:38:15 +0000 (GMT)
	(envelope-from cpghost@cordula.ws)
Received: from bsdbox.farid-hajji.net (bsdbox [192.168.254.3])
	by fw.farid-hajji.net (Postfix) with ESMTP id EC90B4ADA0
	for <freebsd-questions@freebsd.org>;
	Tue, 25 Jan 2005 20:33:24 +0100 (CET)
Date: Tue, 25 Jan 2005 20:39:26 +0100
From: cpghost@cordula.ws
To: freebsd-questions@freebsd.org
Message-ID: <20050125193926.GB2244@bsdbox.farid-hajji.net>
References: <20050125192253.GA3088@gicco.homeip.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20050125192253.GA3088@gicco.homeip.net>
User-Agent: Mutt/1.5.6i
Subject: Re: Bittorrent secure?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jan 2005 19:38:16 -0000

On Tue, Jan 25, 2005 at 08:22:53PM +0100, Hanspeter Roth wrote:
> Hello,
> 
> how secure is Bittorrent?

Do you mean the Bittorrent *protocol*, or a specific
*implementation* thereof? And what do you mean with 'secure'?

> How can one know how trustworthy the stuff
> downloaded from other Bittorrent fellows is?

>From which torrent? :-)

You get what you download. This is *normally* that, what the
seeders offered. You may want to checksum (md5, sha1, ...)
the files you get, comparing the digest strings with the
signatures published on trustworthy sites (e.g. if you
download an ISO image or so). All this is independent of
the transport protocol that you used (ftp, bittorent, ...).

The bittorrent protocol uses TCP to transmit the chunks,
therefore ensuring that the chunks are not *intentionally*
corrupted along the way. Moreover, bittorrent checksums
the chunks internally, as an added measure of security.
But you are still encouraged to checksum the complete
file(s) anyway.

> -Hanspeter

Cheers,
-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/