+ Reply to Thread
Results 1 to 13 of 13

Thread: Cheating on KeepFrds

  1. #1
    JohnareyouOK's Avatar
    Join Date
    31.01.19
    Location
    Earth
    P2P Client
    BiglyBT
    Posts
    254
    Activity Longevity
    0/20 7/20
    Today Posts
    0/5 ssssss254

    Cheating on KeepFrds

    KeepFrds recently launched a new anti-cheating system. Has anyone tried cheating on KeepFrds recently and have some practical info of this system? Is it still safe to use RatioMasterPlus on KeepFrds (Yes in the past, idk now)?

    Members,

    Our site will update the anti-cheating system recently, and the new system will add a detection feature.

    The system will randomly select a number of seeding users every day, randomly select a seeding torrent for each user and send a random data block request.
    If a user fails to respond the correct data block several times in succession (the threshold is still under testing), it will be determined as cheating.

    At the beginning of system operation, we will conduct manual re-inspection. No punitive measures will be taken before the system stabilizes.

    KEEP FRIENDS
    2020-03-12
    Reply With QuoteReply With Quote
    Thanks

  2. #2
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,832
    Activity Longevity
    12/20 19/20
    Today Posts
    3/5 ssss39832
    Not a member there, but I'll comment on the technical aspects. While this is feasible in theory, there are too many variables that make it prone to false positives and effectively turn any collected "evidence" into circumstantial at best.

    The seeder could be unconnectable...
    or have the IP(s) used for the "random data block request" in its blocklist...
    or not have good network connectivity...
    or not have any free upload slots...
    or have reached its maximum connections limit...
    or be forcing protocol encryption in both directions...
    or have randomized/changed its listening port...
    plus other factors I'm likely forgetting right now.

    Some may not remember or even know this, but IPT claimed to be using a similar method ("we don't care about speeds, we check how you respond to a BitTorrent protocol connection") to detect cheating as early as 2009, which was later found to be a complete fabrication. And besides... if you were tracker staff, would you announce your new anti-cheating measures and then proceed to explain in detail how they're going to work? Security through obscurity may not be a great policy, but it's a pretty effective one in a torrent world where 1. there is no presumption of innocence (if we think you cheated = you cheated and bye bye), 2. the value of what you're trying to secure is fairly low (in an era of fast connections and gigabit seedboxes, cheaters couldn't damage a tracker even if they tried), 3. the cost of unsuccessfully bypassing the security is high (losing your account and having to find another invite).

    As for your last question, when RatioMaster Plus receives an incoming connection, it answers with a choke message (which basically means "I can't talk right now, try again later", like the no free upload slots situation mentioned above) in the same manner the emulated client would. Prior to this clever approach, all ratio tools including mRatio merely accepted the connection and sent nothing.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  3. Who Said Thanks:

    moonlite (22.12.20) , sigduwksnsksis9283 (20.09.20) , JohnareyouOK (21.04.20) , H265 (21.04.20)

  4. #3
    JohnareyouOK's Avatar
    Join Date
    31.01.19
    Location
    Earth
    P2P Client
    BiglyBT
    Posts
    254
    Activity Longevity
    0/20 7/20
    Today Posts
    0/5 ssssss254
    No wonder KeepFrds suddenly raised this anti-cheating program earlier this year. Just overheard this rep:
    Rhilip/awesome_ptcheater: A awesome collections of cheater software in Private Tracker
    and this blog article:
    PT Cheating and Anti-Cheating - Rhilip Nest ~ Personal Blog

    Rhilip is an active developer in chinese PT community, this article seems act like a re-introduction of ratio cheating to their community, which judging from timing might have inspired KeepFrds's this attempt (which seems no use ..... as anon said. haven't heard of anyone being banned for this honeypot method so far). Interestingly though, this blog post happens to mention several cheating tools I've never heard of, wanna give it a try now, so is it popularizing cheating or anti-cheating (apparently he's against cheating)
    Reply With QuoteReply With Quote
    Thanks

  5. Who Said Thanks:

    anon (21.12.20)

  6. #4
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,832
    Activity Longevity
    12/20 19/20
    Today Posts
    3/5 ssss39832
    I can't understand the article, but I found the GitHub repository some months ago. Hasn't been updated since the initial commit (mRatio TLS Fix v2 [BETA] ) but at least we're credited in the description, yay.

    Also, that Python code to do a BitTorrent handshake with a peer proves what I said in my previous post. Forcing protocol encryption is enough to make it fail.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  7. Who Said Thanks:

    JohnareyouOK (22.12.20)

  8. #5

    Join Date
    05.06.12
    Posts
    176
    Activity Longevity
    0/20 14/20
    Today Posts
    0/5 ssssss176
    If you do get caught just say - It wasn't me
    Reply With QuoteReply With Quote
    Thanks

  9. Who Said Thanks:

    JohnareyouOK (22.12.20)

  10. #6
    Quote Originally Posted by JohnareyouOK View Post
    No wonder KeepFrds suddenly raised this anti-cheating program earlier this year. Just overheard this rep:
    Rhilip/awesome_ptcheater: A awesome collections of cheater software in Private Tracker
    and this blog article:
    PT Cheating and Anti-Cheating - Rhilip Nest ~ Personal Blog
    These are like how to diffuse a bomb by making it. if one chinese pt implements something im sure others will follow as 90% of them keep the same shit with little to not difference.

    currently im not in frds, waiting for my pter account to age enough till then i have few questions about this tracker.

    how is the internal teams speed on uploading something hot/new?
    how is the average speed of new/old torrents? is it the casual limited 1MB/s to 20MB/s?
    cheating is same as others for now right?
    Reply With QuoteReply With Quote
    Thanks

  11. #7
    JohnareyouOK's Avatar
    Join Date
    31.01.19
    Location
    Earth
    P2P Client
    BiglyBT
    Posts
    254
    Activity Longevity
    0/20 7/20
    Today Posts
    0/5 ssssss254
    Quote Originally Posted by sigduwksnsksis9283 View Post
    how is the internal teams speed on uploading something hot/new?
    Keepfrds only features x265 10bits, ~100 new internal releases per month (quite a few are not newest movies), and for TVs, only released after whole season finished. so in general, not dominate in terms of completeness and speed. only valuable for x265 10bits fans (esp chinese because subs)

    Quote Originally Posted by sigduwksnsksis9283 View Post
    how is the average speed of new/old torrents? is it the casual limited 1MB/s to 20MB/s?
    cheating is same as others for now right?
    cheating is the same. speed:
    Reply With QuoteReply With Quote
    Thanks

  12. Who Said Thanks:

    sigduwksnsksis9283 (22.12.20)

  13. #8

    Join Date
    27.06.20
    Posts
    52
    Activity Longevity
    0/20 5/20
    Today Posts
    0/5 sssssss52
    There are so many x265 uploaders on 1337x lately and it's tough to keep their new works.
    As a big fan of x265, I once thought joining keepfrds would be attractive but their invite conditions go harder for small hdd capacity users.
    Like seeding 1.5TB of their releases for a long time after joining?
    And recently I don't see someone's inviting someone. Maybe user limit or sth?
    Also I compared tigole or joy's work with frds' but it seems no fine to me in my personal opinion.
    So one day I just changed my mind.
    Last edited by moonlite; 22.12.20 at 14:34.
    Reply With QuoteReply With Quote
    Thanks

  14. #9
    JohnareyouOK's Avatar
    Join Date
    31.01.19
    Location
    Earth
    P2P Client
    BiglyBT
    Posts
    254
    Activity Longevity
    0/20 7/20
    Today Posts
    0/5 ssssss254
    Quote Originally Posted by moonlite View Post
    So one day I just changed my mind.
    Totally agree. In fact ALL KeepFrds works will be reposted on other chinese sites 24 hours after released, so it's not must to join even for KeepFrds fans.
    Reply With QuoteReply With Quote
    Thanks

  15. Who Said Thanks:

    moonlite (23.12.20)

  16. #10

    Join Date
    27.06.20
    Posts
    52
    Activity Longevity
    0/20 5/20
    Today Posts
    0/5 sssssss52
    Quote Originally Posted by JohnareyouOK View Post
    Totally agree. In fact ALL KeepFrds works will be reposted on other chinese sites 24 hours after released, so it's not must to join even for KeepFrds fans.
    Hope Beitai to grow up well.
    Reply With QuoteReply With Quote
    Thanks

  17. Who Said Thanks:

    JohnareyouOK (23.12.20)

  18. #11
    JohnareyouOK's Avatar
    Join Date
    31.01.19
    Location
    Earth
    P2P Client
    BiglyBT
    Posts
    254
    Activity Longevity
    0/20 7/20
    Today Posts
    0/5 ssssss254
    Reminder for those who cheat on chinese trackers

    Multiple chinese trackers have posted announcements recently about cheating that you might already notice, that's because a more or less celebrity (or notorious, that's what they said) recently has done a lot to popularize how to cheat, e.g. created social groups, posted chinese tutorials which is widely circulated there, etc.

    Previously, perhaps due to GFW separating the chinese internet from the world internet, and the unspoken tacit agreement in chinese circles to not talk about how to cheat openly, it was obscure to the most, however, this guy popularized it.

    This has led to, these two weeks, cheating becoming a hot topic of their, and an unprecedented number (at least in the past few years) of cheating activities appearing on chinese trackers. Recently, many chinese trackers have been banning accounts for cheating almost every few days (if not every day).

    So, better be vigilant: If someone did something apparently stupid (like flash 1 TB on a single small torrent) on chinese trackers but didn't get caught before, they may not be as lucky now as before during this special time.
    Reply With QuoteReply With Quote
    Thanks

  19. Who Said Thanks:

    alpacino (05.04.23) , anon (30.03.23)

  20. #12
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,832
    Activity Longevity
    12/20 19/20
    Today Posts
    3/5 ssss39832
    Thanks for the heads up, but I must say that if their strategy until now really was "hope no one cheats or even knows cheating is possible", this was bound to happen eventually. Especially considering these trackers have a fairly large international audience with less restricted access to information.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  21. #13
    JohnareyouOK's Avatar
    Join Date
    31.01.19
    Location
    Earth
    P2P Client
    BiglyBT
    Posts
    254
    Activity Longevity
    0/20 7/20
    Today Posts
    0/5 ssssss254
    BTW, mRatio plays an important role in this incident, as it's the most widely spread and used core tool.

    Recently NEU6 (a tracker mainly for students of various chinese universities) was temporarily shut down, supposedly as a derivative result of this incident. A number of students from China University of Political Science and Law (CUPL) cheated, and everyone at CUPL obtained their IPs via DHCP from a shared IP pool, which led to NEU6 staffs being unable to specifically target and ban cheaters from CUPL, so they blocked the entire IP segment of CUPL, which angered the students of CUPL, and one of which threatened to sue NEU6 for alleged piracy in retaliation. It's said for this reason, NEU6 was closed temporarily to avoid the wind.

    Various ideas for anti-cheat are also under lively discussion in public or private groups, I didn't read a lot, but based on the limited discussions that have been read:
    - Staffs on certain trackers are manually searching for accounts with ghostleech behavior, esp ones that show 0% in snatchlist.
    - Most agree if cheaters use the right strategy, it's really hard for trackers to catch (the ones they've caught so far are the ones that have made obvious mistakes, such as uploading non-stop on torrents that have no leecher, or using significantly too much speed).
    - Propose to switch to UDP, as most cheating tools are currently http/https based
    - Propose ratioless & HR to counter ratio cheating (TJUPT already did this earlier)
    - The honeypot was mentioned once again
    - Propose the model "permanent freeleech. downloads consume seeding points, not buffer eared by uploads" (similar to HUNO).
    - Propose a “group” idea, to target the cheaters hiding in the large swarm:
    Tracker groups the peers, and bind groups in pairs, e.g. 5 peers per group, and sends only the peer list of group B to peers in group A, and only the peer list of group D to peers in group C. All accounts have a cheat weight. When a group has data abnormalities exceeding the tolerance threshold, the cheat weight of all accounts in that group will be increased, the fastest one by 5, and so on until the slowest one by 1. When the cheat weight of any account reaches X, an alert will be sent to the staffs to take a closer look at manually.

    Q: What if only cheat on a single or few torrents, the cumulative weight does not reach X?
    A: Is the total cheat traffic large? If yes, that large cheat traffic spread over only 1 or a few torrents is enough to make the total upload/download offset of those torrents large enough to have caught the attention of staffs. (They do monitor total upload/download offset of each torrent). If no, what's the point of cheating?

    Q: What if it affects the initial seeding by uploader?
    A: The first tracker response tells the client that subsequent requests are sent at smaller intervals, such as 3 minutes.

    Q: Will it misjudge other accounts?
    A: No, others will not be so unlucky to be in the same group with the cheater every time.
    @anon: What do you think of this group idea?

    It still looks rather rough, like doesn't consider how to handle that cheat weights of all “decent” old accounts will sooner or later reach X at various timing as well, if they are active enough. Essentially this turns any normal account into a false positive sooner or later and does not differentiate at all. To solve it, one proposal might be changing the indicator to monitor to “cheat weight divided by account age”, or even the more costly “cheat weight divided by normal weight” (each time the traffic of the group is normal, the normal weight of all accounts in this group is increased as appropriate), however, both will create new issues then. Not to mention what if these 5 peers in the same group cannot connect to one another for legit reasons, grouping seems to hurt the normal use. I don't think this group idea works at all in its current form.
    Last edited by JohnareyouOK; 31.03.23 at 08:56.
    Reply With QuoteReply With Quote
    Thanks

+ Reply to Thread

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •