BitTorrent Closes Source Code

An anonymous reader writes ""There are two issues people need to come to grips with," BitTorrent CEO Ashwin Narvin told Slyck.com. "Developers who produce open source products will often have their product repackaged and redistributed by businesses with malicious intent. They repackage the software with spyware or charge for the product. We often receive phone calls from people who complain they have paid for the BitTorrent client." As for the protocol itself, that too is closed, but is available by obtaining an SDK license."

It was only a matter of time..

[LingNoi]

.. the moment Bit Torrent was commercialised and started playing with the big TV guys this was bound to happen. I'm just surprised it took so long.

Malicious software re-packaging is a lame excuse too.

Re:In related news...

[weak*]

In further related news, nobody gives a fuck because everybody likes utorrent better anyway (I go as far as to run it in WINE and it's still slicker than Azureus.).

Suddenly feeling pretty vulnerable without my fire coat...

So....

[RyanFenton]

What's the name going to be for the upcoming auto-encrypted open-sourced fork of Bittorrent?

Ryan Fenton

Re:other open source clients?

[ScrewMaster]

Affect them? Hardly at all. Let's face it, other teams have grabbed the ball and are running with it. The official Bit Torrent folks are going to have to work to stay at all relevant, "premier reference implementations" aside.

The argument doesn't scan..

[Paranoia Agent]

I'm a bit confused by this. Isn't this what licenses are for? Why not just sue the people selling and profiting from your open source product for breaking the license? It just seems to me that the reasoning doesn't make much sense. There are plenty of examples of people selling closed source software that's "free" to people who don't know any better(like Kazaa) and are less tight-fisted with their money than I am. It seems to me that decisions like this don't scare off someone someone who wants to resell your program to make a buck, doesn't help someone so incurious as to not wonder if there is a free version of the software they are being asked to buy, but does hurt the person who just wants the source for their own reasons. Am I wrong?

Re:If only...

[ScrewMaster]

Yeah ... sounds like the Bit Torrent folks just shot themselves squarely in the foot. I doubt the Azureus developers, for example, have any need whatsoever for an SDK, official or otherwise. It's just a protocol people, nothing more, and it's far too late to close it up.

Re:other open source clients?

[gujo-odori]

Does anyone "know" how it will impact other clients? No, we don't "know" that, however, a reasonable estimate would be "not much, if at all."

utorrent may be the single most popular BT client as TFA claims (OTOH, most of the peers I see are Azureus and Ktorrent. I don't know if that's just because I'm in the odd niche of only doing legal stuff over BT (no, it exists, really Linux and *BSD ISOs), or if most people are using those, I don't know.

Either way, what I expect will happen if they go totally closed will be much like what happened with SSH. After the official SSH became closed and proprietary, the OpenSSH project picked up where they had left off, and while SSH is still in business and has a product line, OpenSSH took over the market and is now far more popular, on both the client side and the server. If BT totally closes everything off and makes the protocol incompatible with open versions, I think we can reasonably expect to see the open source version fork and take over the BT market.

Re:It was only a matter of time..

[_Sprocket_]

RTFA. They aren't closing the source, they are purchasing uTorrent and keeping uTorrent's source closed. They will still be releasing an SDK. They will still support the old client. They're just moving on to work on a closed source project.

Sure they're releasing a SDK... but under what license? Yes - they're maintaining the Open Source client... with a protocol that they hint they will be leaving behind. Want to keep up? Get the SDK. Again - under what license?

No. It doesn't sound like business as usual to me.

Re:It was only a matter of time..

[pilot1]

They are not "releasing" an SDK. They are making one available for licensing under currently unknown terms (the article didn't say and I was unable to find any licensing terms using the website's horrible search function). The excuse the article gives for keeping uTorrent's source closed is the repackaging mentioned by the GP, as I mentioned. As for supporting the old client, I'm unable to find anything that indicates it will be upgraded to support changes in the BT protocol.

Re:RTFA and I'm confused

[Brian Gordon]

Hm, it seems to be referring to UPnP (which I have vehemently disabled on my router).. but I wonder if they have any idea what they're talking about [bittorrent.com]. If you can't accept incoming connections that just means that your client initiates all transfers of data, not that you're completely incapable of uploading. Good clients like utorrent (and apparently not Bittorrent 6.0) will give/trade data without being asked if there's available upload bandwidth. Not the best for efficiency (though I should think it'd at least volunteer less-available data first) but it gets you a high ratio nonetheless.

This will become

[iminplaya]

The "new and improved" RIAA approved BitTorrent protocol. This is the official one that won't be throttled by your ISP. Full of DRM goodies for Hollywood to control.

Re:other open source clients?

[arth1]

Does anyone "know" how it will impact other clients? No, we don't "know" that, however, a reasonable estimate would be "not much, if at all."

The problem being that when one company has near monopoly, and in the eye of the public is indistinguishable from the product, they can close source, then change the specs (even if the spec is published), and the open source alternatives won't be able to compete.
This is partially because they'll always play catch-up, and partially because they won't be able to improve the specs themselves -- if they do, they'll become incompatible, and crushed by the product everyone uses.

Example of just this effect: RTF, which Microsoft bought back in 1990. Open source RTF readers are usually several versions behind, and anyone expecting to read RTF documents no matter what version have to use the latest Microsoft products to do so. This is not what the situation was like back when RTF was still open (despite being proprietary), and DEC let anyone see the coming changes.

And that's the best case scenario. The worst case scenario is if they close the specs too. That, of course, will kill them in the end, but in the mean time it's going to cause lots of grief.

Re:Oxymoronic: thief cries thief !!

[Anonymous Coward]

worst post of 2007 so far

What's the negative of closed source in this case?

[SilentChris]

Out of curiosity, what exactly is "wrong" about them closing the source in Bittorrent's case? I mean, if it was an OS or something where security was critical I could see a problem. But really the only "benefit" I saw from the source being available was a bunch of clients that just leeched without sharing their bandwidth.

I know it's not the Slashdot party line, but not everything benefits from open source. Perhaps more importantly, this sets a bad precedent for companies that want to release code. If they ever have to pull back they have a PR mess on their end. Most PR flacks will just say not to release code to begin with.

Re:Not RTFA? Read this at least.

[Firehed]

Oh big deal. In a big fit of irony, the SDK will hit Bit-torrent within minutes. At the end of the day, Bit-torrent is mostly used for piracy, so Bit-torrent, Inc, of all organizations, should realize that this is an absolutely useless attempt at who-knows-what.

Alternately, all of the open-source clients could develop a separate protocol that they would all implement in parallel to the official one. A fork of sorts, but expect all clients to end up supporting both/all when all is said and done.

GPL, BSD and dirtbags.

[twitter]

One of the things Stallman and company have not managed to fully explain is how exactly I'm supposed to hunt down the "dirtbags" that take my GPL'ed code and repackage it like... well, BitTorrent. Or Audacity. Never mind adding spyware or whatever. If there's enough of them I'll spend more time in court than at the keyboard writing code contributing to his dream. Why not just use a BSD-style license if what I'm trying to do to begin with is help fellow developers, and just spare myself the post-release gastric discomfort?

I'm not sure why you would mind if someone repackaged your software as long as they did nothing wrong with it.

The Free Software Foundation recommends that you give your copyright to them to make sure that no one uses your software to harm others. They have been very successful at getting companies to live up to the terms of the GPL. There is nothing much you can do about spyware additions other than force GPL release of code, so that those additions can be seen and removed.

Releasing under a BSD license gives your fellow developers freedom, but also allows them to add malware that can't be seen and removed. M$ loves your code. If that does not cause you discomfort, you have not thought through what they are doing to you or what they think of you. [slashdot.org]

Heh heh.

[Creepy Crawler]

There's a trap waiting to happen.

If they merge uTorrent (non-free, closed) with the older "BitTorrent 5.0" (open source, free), hell's going to break lose if there's any GPLed patches in the open source that Bram didn't make.

GPL applies to even "lowly" patchers and debuggers code, as it does to the 10klines per day guys.. (joke)

Im ready for a torrent of gpl-violations

Re:What's the negative of closed source in this ca

[k3vlar]

It wasn't about clients that leech bandwidth, it was about clients with great interfaces, and additional management methods, such as uTorrent or Azureus' web management. In my opinion, the mainline client was so lacking in features that I considered it to be unusable. Bittorrent owes some of it's success to the fact that there are so many great clients for people to choose. If you're looking for simple, try uTorrent or Transmission. If you need advanced features, try Azureus. People like this kind of choice. It saddens me to see this, as it means that clients might eventually become less compatible with closed-source revisions of the protocol, and we'll lose some great file-sharing software.

Re:I don't see the big deal with this

[krelian]

If they will give out sdk's as easy as they state then its not so bad.

I am sure it will be easy if you'll agree to the TOS which will be probably require you to implement the protocol including all it's features like say... DRM?

Re:What's the negative of closed source in this ca

[Matt Perry]

It saddens me to see this, as it means that clients might eventually become less compatible with closed-source revisions of the protocol, and we'll lose some great file-sharing software.

I imagine that the "official" client will become less compatible and will become irrelevant as it deviates from the de facto standard established by the existing clients.

Re:So....

[Kadin2048]

Anyone using uTorrent wouldn't be able to connect to people using the new protocol. uTorrent users would have to switch to a new client if its developers refused to update its protocol.

This is true. Here's the scenario I see happening: (I'm using 'Bittorrent' to refer to the company, and 'bittorrent' to refer to the protocol as it currently stands)

-Bittorrent creates a new protocol (I'll call it 'bt2') that is completely incompatible with bittorrent as it currently stands. The new protocol offers heavy-duty user authentication and encryption, and is basically designed to distribute pay-to-watch Hollywood movies, in order to save the studios from actually paying their own bandwidth bills.
-Bittorrent "updates" uTorrent to use the new bt2 protocol, although it would probably be more of a complete rewrite. They ignore the old open-source 'reference implementation,' announce that it's deprecated, and try to get everyone to download the new client.
-People running porn/warez/movies trackers do nothing, keep running the tracker software that they're using right now.
-Some idiot users will undoubtedly go and download the "new and improved" uTorrent, fire it up, and realize that they can't connect to anything, and the .torrents that they get from The Pirate Bay do nothing. (Alternately, I suppose it's possible that Bittorrent could make their 'official client' backwards-compatible with bittorrent as well as bt2, in which case users could potentially use the Bittorrent-supplied client to download their warez ... though they'd have to be a bit of a retard to use a client supplied by a company that's in bed with the movie studios to download pirated content.)
-Users delete new uTorrent, go back to old version, or get Azureus instead.

Going forward, I think that what'll happen is there there will either be a complete fork, with Bittorrent splitting completely from the mainstream community and producing a client that's used only for commercial applications (distributing movies, etc.), and which can't connect to most non-commercial trackers, or they will continue to produce uTorrent and try to play both sides of the street with it: connecting via the new protocol to commercial trackers for pay-to-watch content and the regular protocol to all other trackers so that it doesn't get totally ignored by users.

However, this puts Bittorrent in the unenviable position of having to constantly keep up with the OSS side of things, and doesn't really threaten the openness of the protocol. Any way you cut it, they're going to be following, not leading.

What am i missing

[KevMar]

Did they just say that the issue with open source was people taking the source code and doing there own thing with it? I thought that was the whole point of it.

Re:It was only a matter of time..

[SolitaryMan]

Malicious software re-packaging is a lame excuse too.

This excuse is exactly what pisses me off the most. I mean, you want to close the source? Fine, just don't act like you're "doing it for the children".

Re:other open source clients?

[Alioth]

It'll be just like when SSH Inc. closed SSH. Guess what - SSH Inc's ssh implementation is no longer the reference implementation - instead, OpenSSH has become the reference implementation. BitTorrent Inc. can say they are the reference implementation as often as they like but it won't make it true - instead, an open BitTorrent implementation will probably become the reference, and just like SSH Inc. BitTorrent Inc. will fade towards irrelevance (although they may continue to exist).

Re:Not RTFA? Read this at least.

[Rakshasa Taisab]

Err, so I need to obtain an SDK license to see the latest specs so I can implement them in my client?

Well, fuck them.

Traffic Shaping...?

[Anonymous Coward]

I think there's a danger here that any new closed version of the BT protocol (sufficiently different fromt the original) could become the de facto standard for MAFIAA-approved drmed downloads.

Then they could put pressure on the ISPs to block the old protocol using traffic-shaping. Their argument being that the old protocol is only used to steal copyrighted material (e.g. Linux ISOs.....oh, wait..!).

Azureus seems fast and capable on my machine.

[Glytch]

On an aging Athlon XP2100 using Azureus 2.5.0.4, top is reporting 0.6% CPU and 60MB RAM used. Currently it's downloading at the highest speed I can get on my ISP. I'm only seeding 2 torrents and downloading 1 (with 67 total connections) so maybe it's not a fair stress test, but it feels pretty quick and capable to me.

Re:KTorrent too CPU hungry

[TeXMaster]

I wouldn't call KTorrent 'lightweight'. Even with low CPU settins, it routinely eats up between 30% and 50% of my CPU cycles, with spikes in the 100% (old P4-M 1.6 GHz)

Re:In related news...

[Zeio]

Response to this: fork and die.

BitTorrent/Bram just sealed a casket. Charging for a protocol is like charging for TCP. And with Azureus Vuze and mldonkey out there who cares.

There is room in this world for basically Microsoft and maybe IBM to charge for "protocols," (like the ability to stream WMV and play it), but to open and then close = fork and die.

That Ashwin guy is a rug-merchant type, he knows how to wheel and deal and do the CEO thing, but I think he doesn't get why his company isn't a commercial success, and closing the source code isn't going make commercial miracles happen - this is like a fish flopping around on the deck of a fishing troller. . To throw is words back at him, a bottled genie cant grant wishes.

You think the content companies, and Yahoo, and all the other people trying to trickle-channel or channel media with P2P don't have the specs for a protocol like this? What would prevent them from DIY rather than pay BT? Nothing.

Re:rtorrent pwnz

[baadger]

I think you lost all credibility when you said to -O3 it...

Re:other open source clients?

[ajs318]

You mean there is a closed-source SSH implementation?

I'd always thought OpenSSH on OpenBSD was the reference implementation. And anyway, when you're talking about any kind of security software, the ability to audit the Source Code should be the first item on your tick-list. If you don't know for sure what it's doing, it could be doing something nasty that you don't want; and security software would be the most obvious place to insert malware.

Re:rtorrent pwnz

[Anonymous Coward]

CLFAGS JUST KICKED IN YO!

I run Gentoo myself but -O3 is largely pointless 99% of the time ... it does help if the kernel and libc are well optimised, but extreme app optimisation is usually hardly noticeable. For the record, -Os is quite often better than -O3 these days because smaller code means more of it fits in cache, and modern CPUs are so fast that memory access tends to be a bottleneck. -funroll-loops is frequently recommended too but it's not magic, sometimes it's damaging because it makes the code bigger.

Re:In related news...

[TheRaven64]

My final year project as an undergrad was designing and implementing a protocol for roughly the same target as BitTorrent. BitTorrent started to become popular after I had begun working, and so I tried to compare my protocol to theirs for the final dissertation. It always amazed me that a protocol could become popular with no documentation; the only protocol documentation I could find was the (Python) code for the official client.

After finding out as much as I could about the protocol, it seemed like every time there was a design decision to be made, they picked the wrong one. The protocol has a staggering overhead, no possibility of adding multicast if it becomes widely deployed, and the out of band channels are designed in such a way as to make it trivial for anyone with a basic understanding of game theory to create a client that leaches a huge amount more than it uploads.

Hopefully this move will encourage the IETF to ratify a decent peer to peer protocol (have they even got a P2P WG yet?).

Re:In related news...

[MrHanky]

The type of sensationalism you'd expect from a lower class of blog than /.? I hate to be the one to spew clichés, but are you new here? Without sensationalism, how could the editors rile up the readership and create the discussion so needed for repeated page views and the advertising income so needed to pay for their hard, honest work?

Re:In related news...

[snemarch]

If BitTorrent inc. hadn't purchased torrent, it'd be entirely a non-issue since their client more or less sucks, and the current protocol is already well explained far and wide, with lots of opensource clients available.

a lot of people are using torrent though, so if BT inc starts doing protocol changes, they could potentially shatter the BT "community". We can only hope that, in case they do this, people won't cling on to t religiously but move to another client...

Re:irrelevance

[Alioth]

A net revenue of over 9 million euros is hardly irrelevant.

Actually, it does. E9M is a tiny company - I know specialist companies which deal with only one industry who make ten times that revenue.

In any case, you completely missed the context. Does SSH Inc. continue to set the standard? No. They are reduced to following the lead of OpenSSH, which is now the de-facto reference implementation after SSH Inc. went closed source. It doesn't make any difference whether they make E9M or E900M, they are still irrelevant in the context of being the reference implementation.

Re:Not RTFA? Read this at least.

[Crayon Kid]

FUD is pretending that bit torrent is NOT used mostly for piracy.

No, FUD is when you blame a protocol or software for the way people are using them.

"TCP is used mostly for piracy." There. It's probably true, too. Kinda sounds silly when you pick on TCP, doesn't it, and yet so righteous when you pick on BT. Why is that?

Must be that whole OSI model nepotism thing, playing favorites with lower levels, damn you ISO!

Re:It was only a matter of time..

[Ernesto Alvarez]

You are not considering that PEX and DHT were both extensions of the protocol at that time, and it is possible to communicate with non-capable clients with no problems.

If the new bittorrent protocol is not compatible with the old one, people will probably stick with whatever works (meaning the old protocol, since most pirate BT trackers probably won't be switching).

If they add an extension, most clients not willing to license the SDK will probably ignore it, especially if it's not beneficial (imagine mainline clients doing DRM and everyone else not caring at all).

The only possible leverage they could get would be if they managed to invent something beneficial that cannot be copied. If it can be copied, unlicensed programmers will probably get together to make their own version (like they did with PE).

You should also remember the ruckus the announcement of the uTorrent purchase caused. What the uTorrent community feared seems to be happening right now, and they'll probably leave, or keep using older versions of uTorrent instead of upgrading (meaning more power to the old BT side). I know several people that kept copies of uTorrent 1.61 precisely for that reason.

In the end, if they try altering the protocol (tracker or P2P part) they will probably find themselves banned. The most important players in the BT field are the pirates (try convincing TPB to switch) and open source distributors (Debian won't touch that new licensing with a ten metre stick).

The only niche they might take is software upgrade for commercial applications. And unless they play their cards very well, it will only end in a bunch of fragmented networks. And if someone sends a copy of the old BT to the IETF or W3C (as some people said in this thread), it might be game over.

Re:In related news...

[Shakrai]

I go as far as to run it in WINE and it's still slicker than Azureus

Yes, but at least I know that Azureus isn't reporting what I'm downloading back to the mothership. You know, the same mothership that has signed deals with members of the MPAA [betanews.com].

Anybody using a closed source bittorrent client to do anything more aggressive then download a Linux distribution is insane, IMHO.

Re:In related news...

[AlanS2002]

if BT inc starts doing protocol changes, they could potentially shatter the BT "community"

That's only if there client had enough of a market-share to make the modified protocol the de-facto standard. If most people continue to use clients other than those owned by BitTorrent Inc. and trackers continue to work using the same protocol, it shouldn't matter what BitTorrent Inc. do to the protocol. That is as long as no one else follows lead.

Re:In related news...

[TheRaven64]

There are a few unrelated problems lumped into the category of peer-to-peer. One is content distribution; e.g. TV replacement things. These are best served by a tree-topology, since they have a single origin. This is already done for things like the iTunes store, which caches data near the edge of the network. Whether multicast is useful here really depends on how many people close together want to receive it at the same time. For news, podcasts, etc, multicast is ideal. There are a few systems that implement multicast at a higher level, which are likely to be useful; you stream to relays, relays stream to geographically close destinations, recursively.

One big problem with BitTorrent is that it isn't aware of the topology of the network, and so tends to use the most expensive bandwidth (e.g. transatlantic) in spite of the availability of cheaper alternatives. Home users don't care, because they pay a flat rate, but their ISPs do.

Re:In related news...

[Anonymous Coward]

They laughed at me on /. when I said some private trackers and some privacy enhancing IP block lists which are really concerned about privacy (not piracy essentially) started to block Bittorrent and uTorrent.

Please live with the fact that Bittorrent protocol started with good intentions but currently it is under real evil hands.

The "DHT" is the key. That is the primary concern of those "paranoids". When there is DHT involved, there is a central server. Excuse me if I trust to an open source client such as Azureus rather than some people acquired by billion dollar companies and still have face to beg for donation to my face on OS X acting like independent developers.

For the "open source" part, I wouldn't care less. Limewire is open source and even had face to bundle a "limeshop" control panel on OS X, yes, first actual Mac spyware until some "paranoids" started to flood forums with that fact and they pulled it from distro.