Whilst I like the service to the wanna-be-hidden uploader I think this puts you into too much risk yourself.

Imagine someone creates a torrent containing child pornography (of course taking the most extreme example) and uploads it to your server - YOU will be responsible for being the initial seeder of this torrent. I don't believe the laws in the Czech Republic will care that you tell them "oh, but it ain't my data - somebody anonymous uploaded it to my server". You still are seeding it to others.

Not sure about the laws.

I will surely provide the source code after a while so anyone can do an anomymous seedbox like this. otoh, it's not that easy to set up... you have to get the torrent service (I am using transmission-remote) and the tor hidden service running

I think the risk is comparable with running Tor relay.

While I approve of the concept in principle, I fear all the wrong types of people will make use of it. And I don't mean pirates...

True, but this could be said about every truly anonymous internet service. There's for example a huge amount of incredibly scary and wrong stuff available on the TOR network. Child pornography, black market with every possible commodity, contract killing, you wouldn't believe (I did not when I first saw it).

But there are people's lives depending on this service somewhere in the world and that's why it must not be shut down. We may even need more services like it in case other parts of the world go to hell too...

With this kind of services or protocols we can either have no anonymity at all or we just have to accept the fact that this is what we pay for real and absolute anonymity. (And hope that the dangerous freaks will be hunted down and locked down in real world.)

We will see.

I am very well aware of what is going on in "torspace" (some parts of Hidden Wiki made my stomach go inside out). If it will become that bad, I will have to shut it down.

I think he is trying to make something that is open for everybody to use. Trying to control what people use it for is like Comcast trying to throttle bit torrent traffic

Yeah, I'm sure he'll be proud of that in prison;) This is not about the morality of it but about the risks for him.

Besides that, it's not the same. People are free to use any other service while comcast is the gateway and for many the only choice.

The idea and implementation are clever but in essence it's just a custom-tailored Tor gateway, right?

It is verry possible that if more people try it, my server won't handle the traffic.... let's hope not

I like the idea of this project, but how long do you think it will take before your seedbox host gets complaints and shuts down your server? Especially if you'd charge for this service, you can expect a storm of legal action.

I hope that by the time it gets 20 seeders, the torrent has enough "life" to sustain itself, but it's not yet so popular to get any complains.

At 50Mb files, what the hell is the point? Just find an unsecured wifi connection and use a file locker site.

You appear to have missed the words "alpha" and "proof of concept". Further, this is explicitly mentioned as an alternative to file lockers, on the grounds that they can delete the file in the future.

Whether or not this is a good/productive/useful idea remains to be seen, but you haven't really raised a substantial rejection.

I will probably raise it, I just didn't know how much will people use it, but since everyone is uploading just pictures of Rick Astley anyway, I will probably allow bigger files, too.

It's not BT through Tor. Which is good because BT over Tor is a terrible idea :) You sent your file to his server over Tor, and he seeds it via completely normal means until there are 20 other seeds.

Ok. So the "hidden service" is not intended to be anonymous then? Just as a check to ensure that the user knows they are on Tor? Because, in order to be the first seed, you will generally leak your IP. If not, what steps have you taken to make sure the first seeder (the host of this service) are anonymous?

You send your file over Tor. That way no one (not even him) knows who you are. Then he seeds your file for you. You remain anonymous.

Yes, but that's how Tor would work even if he wasn't using hidden services. The point of a hidden service is to give anonymity to the server as well as the client. But in this case, his server isn't getting anonymity because it is simple to locate.

It also protects against man-in-the-middle attacks by exit nodes, though I'm not sure how important that is in this case.

My service is not seeding it anonymously at all.

The only "anonymizing" part is that I stop the seeding after it got 20 seeders (based on what trackers tell me) and delete the file from my disk.

On the other hand, the upload is on hidden service so I can't even possibly know the credentials of the uploader.

What is the point in using a Tor hidden service then? If the point is to give anonymity only to the originator of the file, then they can already do that by connecting to your service using Tor, but not via a hidden service... By using a hidden service you're just doubling the number of Tor nodes that have to transfer the file initially from 3 to 6... The point of a hidden service is to provide anonymity for both parties.

You are right. The only difference is that I am "forcing" people to use Tor to get there, you can't get there without tor

If that's your goal, you could simply block access to your service from hosts other than Tor Exit Nodes. You could do this by combining:

https://www.torproject.org/projects/tordnsel.html

With the mod_access_dnsbl module for Apache.

Why not mix AnonTorrent with Anomos (http://anomos.info/) ?

That seems... awesome.

If this worked as advertised, there would be no need for AnonTorrent :)