L'uso di Tor per il torrenting è il modo in cui molte persone sono state catturate.
So what's the fix? There are two answers here.
The first answer is "don't run Bittorrent over Tor". We've been saying for years not to run Bittorrent over Tor, because the Tor network can't handle the load
The second answer is that if you want your Bittorrent client to actually provide privacy when using a proxy, you need to get the application and protocol developers to fix their applications and protocols. Tor can't keep you safe if your applications leak your identity.
The third attack from their paper is where things get interesting. For
efficiency, Tor puts multiple application streams over each circuit.
[...]
What's the fix? The same two fixes as before: don't run
Bittorrent over Tor, and/or get your Bittorrent developers to fix
their applications. But as Tor developers, this attack opens up an
opportunity for a third fix. Is there a way that we as Tor can reduce
the damage that users can do to themselves when they use insecure
applications over Tor? We can't solve the fact that you'll shoot
yourself in the foot if you use Bittorrent over Tor, but maybe we can
still save the rest of the leg.
One approach to addressing this
problem in Tor's design is to make each user application use a
separate circuit.
Another answer is to separate streams by destination port. Then all
the streams that go to port 80 are on one circuit, and a stream for a
different destination port goes on another circuit.
We've had that
idea lurking in the background for a long time now, but it's actually
because of Bittorrent that we haven't implemented it: if a BT client
asks us to make 50 streams to 50 different destination ports, I don't
want the Tor client to try to make 50 different circuits. That puts
too much load on the network.
I guess we could special-case it by
separating "80" and "not 80", but I'm not sure how effective that
would be in practice, first since many other ports (IM, SSH, etc)
would want to be special-cased, and second since firewalls are
pressuring more and more of the Internet to go over port 80 these
days.
link