BitTorrent Share Beta - Quick Network Usage Analysis
Post by trog @ 06:11pm 06/01/12 | Comments
Share is a new application for sharing files between users from the developers of BitTorrent, offering a more private file sharing experience.
Disclaimer: The investigations in this article were done based on a single test. While I think they are fairly accurate it would be great if someone else could do some more testing and see if they agree with my conclusions.
BitTorrent (the company) have released a new application for private sharing amongst friends called Share. The tiny client (~500kbyte download) aims to simplify the often painful process of sharing large files, and uses things like "HD videos" and "high-res photo collections" as an example of things that people commonly want to share.
At the risk of wild speculation, it seems to me this move is clearly intended to provide a mechanism for users to share files without feeling like every move they make will be subject to having privacy invaded by people snooping on the existing BitTorrent mechanism. A big focus of Share is on privacy - the front page states: "You can choose exactly who gets access to the files you share. Set up groups to share with friends, family and co-workers, or just send a file to one person."
I was pretty interested in this statement, as I wasn't sure how this would be possible given that some of the other words on the home page are "powered by BitTorrent". Without using private trackers, there is not a lot you can do to stop people snooping on file sharing if you're using standard BitTorrent stuff, so I was curious to see what mechanism Share used here.
The front page also says that Share is "built on top of an innovative file-sharing technology already used by over 100 million people a month" - clearly meaning BitTorrent here, or so I assumed. I further assumed that this meant Share was using BitTorrent technology to share files - that is, you'd create a torrent file from whatever you wanted to share, it would magically hook into a tracker, and you'd distribute the torrent file to your target user group - figuring all this would happen seamlessly behind the scenes of the new application and all the gory stuff would be neatly hidden behind a clever UI. But I thought I better actually use the application to see how it worked.
So I fired it up and had a look. It is immediately accessible - you just download, install, run and are greeted with a screen asking you to do nothing other than drop in a file and give it a recipient - an email address or you can hook into Facebook. I threw in the Quake 3 demo and sent it to a colleague's email address to see what happened.
Once you drag the file on there, it throws up a little dialog saying it is "creating a package" - if you're familiar with creating torrents, you would recognise this as the step where it creates the torrent file by doing a SHA1 hash to generate the required metadata. No surprises here.
However, once that step was complete, I was immediately surprised to see that the file started uploading straight away - despite the fact that my colleague wasn't at his computer.
What the...?! If it was actually using BitTorrent, I would have expected it to not start doing any uploading until my colleague had accepted the request. BitTorrent only will upload to peers that are requesting downloads, so if there were none it should be sitting there doing nothing.
My second thought was that maybe it was uploading to other peers that had coincidentally also were downloading that file. That seems technically feasible, if they are doing shared hashes across every single upload - but I thought it was unlikely as I didn't think too many people would be trying to share this file on day 1 of the launch.
So I looked further, firing up tcpview.exe from SysInternals.
I did see some weird peer connections popping in and out - you can see in the screenshot the two red connections are just random places; as I watched they vanished to be replaced by other (seemingly) random connections. Not sure what was going on there.
But I did notice the amazonaws.com connections, so I fired up Wireshark to see what traffic was flowing. I noted that most of the traffic was UDP traffic going to these Amazon connections, which you can see below (sorry for the ugly redaction):
I noted at this point the transfer had done the last 50%, which was roughly 20+Mbytes, equivalent to what Wireshark had observed - so concluded that the file I was sharing had been uploaded to some Amazon space somewhere.
This was interesting. It appears that Share is not a p2p technology like BitTorrent, but instead a typical client/server arrangement that uses Amazon for storage.
To further test this, I uninstalled the client and reinstalled, logging in as the target user to retrieve the file. No other uploading instance was running, but the download started, sucking down bytes very rapidly (I was pretty impressed with the download speed actually!):
Just to be sure I ran Wireshark again and confirmed that all the downloads were indeed coming from an amazonaws.com domain:
As another experiment, I tried to re-share the same file to someone else. It performs the hash/torrent generation, but skipped the upload step. This could just be clever client-side caching or something, but I would be massively surprised if their back-end system didn't have some awareness of duplicate files, in order to save bandwidth re-uploading the same files. I would guess (wild speculation here) that for popular files that many people are sharing it will keep them in the Amazon system for a longer period of time (so they're only paying for download costs); rare/individual files will presumably expire.
It should be noted that this was a single experiment done under only one set of circumstances. It is entirely possible that Share does do some p2p sharing - for example, when all clients are online at the same time it would make sense to do that, and it seems likely that clients sharing the same content will take advantage of the p2p mechanism as well. However, there is at least this one scenario where Share uses storage to keep files.
The big question I have - if p2p is available as a transport mechanism - is whether it will share bandwidth between networks of friends - for example, if I'm share the Quake 3 demo between my group of friends, and there is a separate group of users also sharing that demo, will there be any network transfer between the two groups? I would expect/hope not, given the privacy statements on the front page, but there are obvious network advantages to doing so.
At this early stage, it looks like a pretty good system for quickly and easily sharing files between users - I can certainly see myself using this to share big photo collections with my family (I was actually just wondering how to send them the Christmas photos earlier today!).
However, I was hoping this would end up being more like the ill-fated Nullsoft WASTE software - a private network p2p file sharing system created by Winamp creator Justin Frankel that just shared between peers you selected, making it an extremely secure and safe way to share content between users. Unfortunately it was almost immediately killed by Nullsoft's parent company AOL, and despite some valiant attempts to resurrect it, never really went anywhere.
I have been waiting for years for someone to re-create something like it as it seems an obvious extension to the p2p mechanism - especially in the age of Facebook where it is even easier than ever to connect privately with your trusted friends. Whether BitTorrent Share is the solution we have been waiting for though is still up for debate!
Update: After writing this someone from BitTorrent, Inc got in touch with the following extra information:
Hi Trog, I work at BitTorrent and was reading your post tonight. Cool analysis. To clarify, Share is P2P, however we will initially host an uploaded file in the cloud. That way if you turn off your computer, a friend will be able to download it. Plus, you get the immediate benefit of two seeds, which results in a faster download.They have a blog post with some more info, but I've also asked them to clarify exactly what will be happening with cross-network sharing and a few other things.