I recently changed from Verizon DSL to Charter Cable internet services. About a week later, I started receiving warnings via email from Charter telling me to stop downloading music from limewire (copyright infringement?). After that they sent notices to stop downloading movies from UTorrent. What’s funny is that both were files that never finished downloading. What I want to know is how do they know who I am, where I go on the internet and when I choose to save something to my computer? How does someone else know when your on a website downloading anything?
Well to start with, Charter isn’t just any “someone else” … they’re your ISP.
And as your ISP they know a lot about you, and have the ability to do a lot with that information.
Verizon could have but for whatever reason chose not to.
Let’s look at that in a little more detail.
Your ISP Sees (almost) All
The whole point of having an ISP is to use their services to provide you with a connection to the internet.
That means that when you send or receive data – any data – it travels from your computer through your router and immediately encounters equipment owned and operated by your ISP.
Where, if they choose, they can look at the data.
Rarely do they look at the contents of the data, but more and more they’re looking at the type of data – they’ll note whether it’s email or a web request or an instant message.
Or file sharing.
Typically, traffic that crosses the internet is identified by the IP address of where it came from, the IP address of where it’s headed, and a “port number” that indicates what type of traffic it is. Port 80 is web traffic, 25 is email, and so on.
As I said, it’s unlikely that they look or care about what the data actually contains (though they could), but they do care about the type of traffic, and the quantity of traffic.
And file sharing is on many ISPs radars.
Your ISP’s Rules: The Terms of Service
Here’s an often frustrating catch: your ISP sets the rules about what they do and do not allow on their system.
That means that they can disallow file sharing protocols whether or not you’re using them to perform illegal downloads. The justification is typically that file sharing protocols use up a great deal of the ISPs capacity, and thus have to be disallowed in order to provide adequate service to all of its customers.
Whether or not you believe it is up to you, but it’s a plausible position.
And if you violate the ISPs rules – their TOS (terms of service) or AUP (acceptable use policy) – then the ISP has the right to disconnect you.
Your ISP Knows You
Of course your ISP also knows who you are. You pay them every month, they know where you live since they deliver the internet connection to your home.
And they also know your IP address, since in order to connect to the internet at all they had to give the IP address to you.
What that means is when (say) a movie studio says “we see one of our movies being downloaded to and shared from this IP address” your ISP can then turn right around and say “I know who that is … I’ll tell them to stop it”.
And you get the warning message you get.
It’s a File **Sharing** Protocol
When you use services like limewire, utorrent or others it’s important that you realize that you’re not only downloading whatever it is you’re downloading.
You’re also sharing what you’ve downloaded previously with others who are using the same service.
That’s why it’s called “peer to peer” file sharing – there is no central server, it’s everyone using the service sharing with each other.
That’s typically the copyright issue that most people get stuck on. If you download, say, a movie – well that’s you downloading one movie.
But with the file sharing software continuing to run, dozens if not hundreds of others could be “downloading” that same movie from your machine – even before you finish downloading it yourself. Now all of a sudden your machine becomes implicated not in one copyright violation – your download – but as a source of dozens or hundreds of other copyright violations as you make that same movie available to others.
That’s when the movie studios or record labels contact your ISP, and in turn when the ISP contacts you.
What About Encryption?
ISPs can’t see what you encrypt, it’s true. It’s one of the reasons VPNs and https and encrypted email are and should be in widespread use: no one who can see the traffic can read its contents. Many file sharing protocols have begun to do exactly that: encrypt.
However.
The port number that defines what it is you are sending is not encrypted. It may change (25 is email, 465 is typically encrypted email), but it still defines what it is you are sending. They can’t see the contents, but your ISP can still see:
- The IP address of where the data is being sent. (That must be in the clear so that internet routers know where to send the data.)
- The IP address of where the data came from. (That must be in the clear for the TCP/IP protocol transmission acknowledgements to work.)
- The port that identifies what the data is … email, web, etc. … which is also not encrypted.
They can’t examine the data, but they can still see where the data is coming and going, and what kind of data it is.
So even encrypted your ISP could still say “hey, you’re running peer-to-peer file sharing software, and we don’t allow that: knock it off”.
Yes, there are attempts to further obfuscate peer-to-peer file sharing traffic, but you get the idea – for the most part even if the ISP can’t see what you’re sharing, they can see that you’re sharing.
And for many, that’s enough.
Bob
Hehe… Leo, check your articles. The comments are getting spammed…
08-Nov-2010
Lester
I’m with a small ISP that is about my only choice, since I’m in a rural area. They adamantly reject Peer to Peer downloading. And that’s just fine with me, because when a few people hog the bandwidth we all suffer. Maybe the big guys can swallow the extra overhead. Plus, I don’t like piracy of any sort, because in the long run we all suffer when that kind of mentality overtakes our culture.
bob says no
well what if you are unable to say go to a cinema due to illness or other reasons and your only option is to download it. but being ill are not able to afford buying film after film. WHAT DO YOU SAY THEN GOOD SIR!
Leo
It’s still illegal.
Dennis Fluttershy
If you can’t pay for it – if you don’t want to pay for it – then you’re not allowed to watch it.
However … if a movie is never released in your country … and you’re even willing to pay for it … what should you do then? =|
Leo
Legally? Live without it.
Mike Miracle
I agree,I do see the need for torrents,and these sort of programs, but they do have legitimate uses , not just piracy. I myself have had the infringement email two times in just over two years. I use Comcast and both times it was working on someone else’s PC , trying to figure out what was wrong with , and then I realized the freeze’s ,BSOD’s, slow internet ,ETC, issues they were having were caused by two or three torrent apps or other FSP app ( or both) auto starting and running in the background . I had a false one a long time ago when I had TDS, never really figured out who was at fault there ,but I was downloading a demo/beta of a game and the main server was down and the secondary was so slow, and they had recommended and linked to the torrent on the site, but then an hour or so into the download, I got the email. I use it for the latter, but I always close it when not in use, so many people don’t realize, forget, or just don’t know,its still running/sharing files in the background even when your last download is finished,even if you are done downloading, it will run as a server until you close it,and sometimes the ” X ” just minimizes it out of your way.
Mike
Morpheus
What you do is learn about the TOR network. Then you trip, and fall into the TOR, subsequently hitting your head, and your fingers hit download on one of the movies you missed due to your illness. Then you wake up from your little coma nap, and PRESTO!; you just got that movie and your ISP doesn’t know you downloaded it! My friend who uses it stands by it 100%, and he’s a Network’s and Servers Admin for Microsoft, so I think he knows what he’s talking about. The TOR does something to mask your identity online. He says it’s a little slower loading pages you just searched, but not really much, just because it’s working in the background masking your IP and playing tennis with it. Your ISP, for the people who have been asking, know your downloading stuff because they know the IP’s of the sites that serve people with mass downloads. I’m sure they have a simple algorithm that when there clients IP, (YOU), meets up for a lunch date with the bad, bad, but so good sites like Piratesbay, then it probably pings and they know. Oh and it’s a no-brainer when your average incoming and outgoing packets skyrocket. TOR it, and they won’t. It’s simple. But, it’s your decision to do anything on the Internet, always remember that. I’m just showing you the door, it’s up to you to grab the handle and go through it.
Connie (Team Leo)
Theft is still theft whether you think you’ll get caught or not. Just sayin’…
Me
Some ISPs have traffic shaping which will actually slow down uTorrent. Theres encryption for getting past that, however its not good for anonymous (the only thing it does is prevent passive listening, IIRC).
Me
Oops. By “uTorrent” it should have said BitTorrent. uTorrent is the client I use.
JC
In the same train of thought– if I am using a program such as PeerGuardian, how am I protected exactly? What information is hidden from 3rd parties, and how much (if any) is hidden from my ISP?
Gord Campbell
When I use BitTorrent to download a new version of Ubuntu, it’s highly efficient and completely legal. I’d hate to see a technology blocked because it’s misused sometimes. Kind of like banning cars because some people drive when they are drunk…
Sandy Smith
Regarding email encyprtion you should clarify that port 465 is (typically) TLS encryption which is just the credentials of the message – not the message itself. I think you should do an entire newsletter on encryption… it’s a topic people need to know – to protect themselves.
11-Nov-2010
Slick
The one thing that has always puzzled me about this subject is this: With all the information (the IP address of where content is being sent from, your IP address, etc.) passing through ISPs, why is it so difficult for ISPs and the police to track down websites that host illegal content and particularly child abuse pictures?
11-Nov-2010
Me
From what I understand, the police need a court order or something to get information from ISPs. But Im not sure how hard those are to get. And a lot of them I imagine are outside of jurisdiction.
russ
well technically we have the right of privacy and when law enforcement try to invade that through ISPs then that is illegal, thats why they need to get a warrant first, its like breaking into a home. unless its a matter of national security then the police cant tell the isp to show them the data. or make a law about it
Logan
Not since the Patriot Act. All ISPs are required to keep record of Internet traffic for years and let the government take a peek when it needs something.
Ivor Nelluvanitch
Will BTGUARD (which is an anonymous proxy) make it likely that the peer to peer user is “cloaked”?
john neeting
Hate to burst ‘knowledgeable’ bubble experts in communications. I’ve been reticulating for 44 years.
Optic degrades 6 times faster than co-axial which means you have to strip it out and replace it every 6-10 years otherwise it becomes useless. Coaxial has a life of 50 years plus and is %10 of fiber cost. 90% of internet users [ non commercial] don’t NEED 100mb/sec as 10mb/sec is just fine [2 sec verses 20 sec ??]. Cost for connection of fiber escalate out of sight compared to coaxial cable. Coaxial is far easier to repair, resists damage where optic will crack, split, fracture, break and is a pain in the proverbial to join – joins further degrade efficiency. $1.6 billion to fiber optic a small city, $160 million with coaxial.
Ken
Not being too knowledgeable about bandwidths etc, I thought that all the massive movie streaming, tv catchups etc that were being urged to watch (and my wife does due to the hours she works) would use more bandwidth than just downloading file-sharing material or am I wrong? I have music playing on the internet all day, am I being greedy? What’s an acceptable limit for daily use? Why don’t ISPs give us programs and guides to let us monitor our usage? Why don’t ISPs limit the amount of customers they take on if there’s not enough to go around??
Getting back to the original question, I think I read somewhere that they can only track what we upload and not download, or am I wrong. It’s all so confusing.
Sandy Smith
For further info in what encrypted ports (465) are capable of read this link:
http://luxsci.com/blog/the-case-for-email-security.html
In particular this paragraph…
“By using SSL for Webmail, POP, IMAP, and SMTP (see SMTP TLS) you ensure that communications between your personal computer and your email service provider
Rod Alys
I use a VPN!
How and what are the protections of this vs. my ISP Co., and also what limitations does this have?
Can they “see” what I’m doing (like using a Bit Torrent,) etc., and that is coming from my Acct.”?
Thanks Leo for your GREAT Newsletter!
03-Dec-2010
Wakkierob
They even know where your money is coming from so if you have a agreement and go over and you have a direct debit they’re charge direct from your bank. And you wont know until the next bank statement.
If you Have or use a Elite Proxy your untraceable! lol
Atari
To get around this, just download your movies using direct downloading (Hotfile/Fileserve/Filesonic/Mediafire/Megaupload/Rapidshare/Uploading) instead of using P2P. P2P, in fact, is ludicrously amateurish, and you will discover that once you learn to use Google.
30-Aug-2011
Bob63
Can my ISP see that I downloading files from a UseNet Server and if so what can they see? Filename, data type, etc? This seems to be the correct article to ask this question. Please don’t delete.
19-Dec-2011
Peter
Hi Leo, thanks for your insight and you were correct about your comment on 30 Aug 2011! SOPA, Megaupload, etc.
john
Great article Leo,
I just bought an elite proxy for a few dollars per month.
If I use this proxy on windows mail, will it stop my isp or others being able to view the data being sent etc.
31-Jan-2012
Stephen
I recently (past 3 weeks) began downloading movies off of torrent sites. As soon as the file was completed downloading I stopped it from seeding. After downloading about 80 movies I started receiving emails from my ISP saying that they were contacted by the movie distributors (ie. Sony, Universal, etc.) and forwarded the message to me. Each email listed the title of the movie in question and demanded that I remove the files and stop downloading or I will be disconnected.
I have stopped downloading and removed the PSP sharing software (Vuze) from my computer but can they (my ISP or the movie distributor) see if I have actually deleted the movies off of my computer or personal shared network media drive?
I understand how the ISP sees what I am doing but how did the movie distributor know I downloaded one of their movies? Do they upload the torrent themselves and watch to see who downloads it?
Sorry for the long post but you obviously know what you are talking about and I hate to completely delete all of those movies if I don’t have to. But at the same time, I really don’t want to get in trouble or have my internet disconnected (guess I should have thought about that before I started downloading movies, haha!).
Your input is much appreciated, Leo.
tronald dump
they know because if you most likely used a public tracker which are infested with uploads from sony themselves to catch ppl who download them. if they are the uploader of the torrent, it isnt hard to track u and send that info to the isp regardless of your encrpytion.
Mark Jacobs
@Stephan
Ask Leo can’t, or won’t, respond to questions that ask to do
something illegal, or ask for help with something that would
be illegal or improper.
Geoff
Nice informative article Leo, Can I just add that over here (UK) British Telecom Slow down but don’t stop file sharing, but after midnight to 7am they allow full speed.
GW McClintock
You said, “That means that they (ISPs) can disallow file sharing protocols whether or not you’re using them to perform illegal downloads.”
I am 63 and I do not d/l copyrighted material me being in the music business, so; my question would be: “Isn’t the ISP acting as a de facto agent of Law Enforcement, and just how did the ISP come to insert themselves as de facto law enforcement?” Granted it is “their” ISP however, when an intity inserts itself in to what may or may not be legal without sworn legal authority I’d think they are letting themselves in for a nice law suit especially if that ISP is the only “game” in town? Yes? No?
14-May-2012
Mama
There are a lot of activities that use a lot of bandwidth, are all of them going to be disallowed? If so, I might as well kill myself now.
Mama
A bettter title would be “How can my ISP not know what I’m doing? Afterall, they are almost up my butt.”
Brandon Hunter
Im very sorry for posting here but i am completely out of ideas!! please someone help! I have a question, is it legal for a comcast internet tech to tell me i have to install something on my computer that in turn erased all my bookmarked pages that i use for reference for work? He had me install some “xfinity” software and told me i could just remove it when it was finished if i did not want it on my computer. Well, as soon as it was finished installing I imediatly opened google crome to start my work (writing ebooks on political topics). To my dismay, ALL of my reference matirial I had spent months looking for and bookmarking was gone!! No bookmarks!! I called the service center, they sent out a tech guy to my place again. He told me that he was not sure why they make people install this software because people are unhappy about it usually. He also told me that other people have had the same problem before and that there is nothing they can do about it. This is unacceptable to me!! It has ruined my focus and direction associated with my writing as I now have absolutely no references!! Please someone tell me this is illegal so i can put a stop to this kind of guided misfortune!! Thank you! B
23-Jun-2012
Debra
Just wanted to thank you for this simple, clear and concise post on downloading! It really helped me to understand this topic. I really appreciate it!
Devon
I became instantly addicted with torrent downloading when i first found BitLord. I constantly downloaded discographies and many movies and games. With all of this foolish downloading came the most unexpected consequence: a copyright notice. One of the discographies i downloaded was of “Puddle of Mud” and that was who contacted my ISP (Charter). After reading a few articles, including this one, I’ve found out that i was caught primarily because many people were downloading the same thing i was (at least i think). That brings me to my question: if i were to download illegally again, it would be foolish i know, would charter know that I’ve done it again?
Mark Jacobs
It’s not normally your ISP who would go after you. When you download via a torrent, your IP number appears in a list of uploaders and downloaders. This list shows up in the torrent program of everyone sharing the files with that torrent. The owner of the copyright or a proxy just has to download that torrent to see the IP numbers of all the people sharing that file. They can determine which ISP you are using to share the file. (http://askleo.com/finding_the_owner_of_an_ip_address/). They then send those IP numbers to their lawyers who get a court order to get the ISP to tell them who is downloading that file using that IP number.
Leo
Quite possibly, yes. Don’t do it. On charter or any other ISP. Illegal is illegal, regardless of whether or not you get caught.
Star
I use hotspot blocker and turns my PC into a VPN.
If you want movies use yifi-torrent.org
Chris Welke
Thank you for writing a tech blog that filled in some blanks re: why my ISP has a hard-on for uTorrent and NOT being completely full of s#!t and ACTUALLY contributing to the depth and breadth of knowledge available on the internets…I downloaded uTorrent and started f-ing w/ Pirate Bay as a test to see if p2p networking was still POSSIBLE in 2014. In my university days (The Engineering Dorm) we all had windows 95 boxes connected via ethernet and a MASSIVE HP-UX server that took up most of the 1st floor of the CSC building … even though it was installed 20 yrs ago…it still works and is still in use.
In 1998 this was “damn fast networking” we played Quake 2 and it felt like real-time, I could send a file over the network as fast as the circuit would allow (4MB/s?) and up/down to the interwebs was =lly impressive.
We started out using FTP in conjunction with ICQ and IRC. From this, we could establish relationships with freshman dormies across North America, and for large files that were hard to download back then, we could grant each other “leech access.” Yes we shared copyrighted software, movies, music etc. et al.
Our proudest moment was watching Star Wars Episode I a few weeks before it was in the theaters. NOT the “Kramer w/ a video camera version,” …some creep at LucasArts or Film or whatever was part of our IRC network and we talked him into sending the Final Cut (Nelson: “hahah!”). So what if the movie sucked? It saved everyone 10 bucks and it proved that if we wanted something, we could get it.
Then Napster hit and all hell broke loose; not for US…I found TONs of extremely rare music you can’t even buy if you want to. Outside the dorms, we did the same using our ISP, who also didn’t notice or care.
FTP didn’t always work so good on a cable modem (compared to the T1-ethernet on campus) and Napster was shutting itself on and off as it got into more legal trouble. I’d switched to a p2p called Poison that worked great and the files were virus-free. Not so for classmates who started using TOR – they’re adult entertainment ESPECIALLY came retrofitted with adware and the clients had names that made “poison” sound friendly in comparison. In fact they seemed to be specifying that they’d r— your sysreg if you used it. And they did.
Recently I wanted to see if it was still possible – I’m a tech guy and I have readers who enjoy my online experiments, so I downloaded uTorrent as it seemed to be the safest choice. I used a win7box that gets used STRICTLY for experimentation purposes – it is a war-torn veteran– .js mouse-event Google account destruction occurred twice, registry overwrites and more malware/adware/viruses than you could count – by design – so I can backtrace the security hole, report it on my blog, show readers how to avoid it and sometimes I repaired the win7 box post-trauma. If machines could get purple hearts, that box has a couple and is quite sick with adware as I write.
uTorrent specifies on their site “No downloading of copyrighted material” and seems to indicate that you can’t use uTorrent to download content not approved and licensed for file-sharing BY THEM.” —> This is TRUE unless you know how to hash a magnet-link and open a torrent locally and leave it wide open for down/up mania.
I thought the p2p nature of file sharing would obfuscate the origins and destination of each file. I further thought the hashing would make identification of the filename or its contents, source, destination, etc too difficult to crack for an interested 3rd party to look any further into.
—normally it would. What my ISP saw (and I tested the limits of what they’d notice) was 20 or 30 gigs coming in and out of my IP almost every day.
THAT triggered SOMETHING that runs on my ISPs SSL –
IF(DATA_IN > SOMETING || DATA_OUT > SOMETHING){INVESTIGATE(); SendWarningEmail(cx);}
So I disabled uTorrent as per their request. Limit and max_rate of packets test is completed.
One week of ~30GB transferred (15dn-15up) is enough to set off a flag at — communications —> Limit per day is <30Gb for daily usage and probaby <200Gb per week. Note that I was TRYING to set their alarm as my readers had been curious.
Hashing and p2p masks neither the IP NOR the filename. Lesson learned. That was the point.
Again…great blog – will add it to my shortlist of "Blogs that don't suck 2014," to be published around yrs end.
I WOULD knock you for the js popup when I bookmarked….but it's actually a good idea, people who bookmark MAY ACTUALLY want to subscribe. Still the popup???….cmon dude! I think you're above that.
Also – consider mentioning that you "consulted for" Microsoft. Do you really want tech readers, especially software engineers to know that you were on the payroll? xD
Lulz,
Tapper7
Leo
The popup timing was coincidental. I think it’s set for 30 or 60 seconds, not related to the bookmark. Should also show up only once every 6 months (unless you clear cookies).
As for Microsoft – on the contrary, I’m quite proud of the time that I put in there. It was a wonderful experience.
Frank
Great Article and helped clear up a few questions but what are your thoughts on this: On Christmas Day 2014, AT&T sends me the alert due to being a part of the “participation in the Copyright Alert Program”. I don’t have or use any of these so called P2P’s (that I know of). I do use Google Drive & Google Music. Do you think that could be triggering it? Those are the only things I can think of that are putting my data out there and that’s for backing up purposes only. I’m a little ticked b/c I don’t share things nor do I have care to but what triggered this and is there a way to search all my devices for P2P so I don’t have to worry about this anymore? Thanks again!
Leo
I’d be shocked if it were limited to only P2P protocols. I’m sure traditional file up & download protocols, and maybe even a few backup protocols are monitored. Only solution I’m aware of is to encrypt prior to uploading.
Bobby Weatherston
Sky my ISP has given my ip information to an internet troll I am now waiting on a letter from them demanding money is this legal
Leo
I’m not a lawyer, so I have no idea. You’d have to contact an attorney in your area.
Ahmad Ahmed
Hi Leo if you get warning from your isp about downloading illegal content and you stop downloading it for a while how can you tell them to remove the warning stars that you get from them
Mark Jacobs
They should eventually go away. If not, your only option would be to contact your ISP directly by phone or email.
Graham Matsiko
Hello guys, just read through the comments but i have a query which wasn’t answered .
I am working on a project and I would like to know if it is possible for ISPs to track only downloads made on their network. If that is possible which applications can be used to achieve this.
I will be grateful for any contributions.
Mark Jacobs
An ISP would only be able to see the traffic which passes through their own servers
Don Coleman
For months now I have stopped using uTorrent. And have done a factory reset on my pc. But I’m still getting warnings from my ISP (Time Warner) is there a way the files are still sharing? And if so, how do I get it all to stop?
Leo
If you’ve turned everything off that you know of, the other possibility is that there’s malware on your machine. Run up-to-date scans.
Edwin
Ok my question is i use p2p programs like Limewire and uTorrent can the ISP see what the files I’m actually downloading are? And would they care? I don’t download any new movies or anything like that I always download old movies of 10 years older that on available in my country tv shows and fansub from anime and that.
Ed
Leo
Depends on the specific program. Most now use encrypted connections, which would seem to mean that no, the ISP can’t see the files, only that you’re using p2p protocols and servers.
Mike
Thanks for the article. Never occurred to me they can see the type of data from ports