I was just reading through the interview process for RED, and they specifically forbid the use of VPN during the interview. I don’t understand this requirement, and it seems like it would just leak your IP address to the IRC host, which could potentially be used against you in a honeypot scenario. Once they have your IP, they could link that with the credentials used with the tracker while you are torrenting, regardless of if you used VPN while torrenting.

  • Console_Modder@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    10
    ·
    2 months ago

    That whole thing looks shady as hell. To me it seems like the whole interview process is meant to collect all the data they can about you, whether it is to sell the info or to hold on to it for… reasons. Also a private, invite/interview entry only community that strictly prohibits the use of a VPN or TOR and is based around sharing media? Bruh. Either they are sharing something a lil more illicit than your standard rips of Hollywood movies, or this is a honeypot to catch the kinds of people who share that kind of stuff. Everything about this is all red flags and alarm bells

    • Draconic NEO@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 month ago

      Seems like a honeypot to me, telling people to use something other than their home’s connection. Kind of difficult to prove. Really seems like they want that information specifically for the purpose of going after those people, since you know, ISP subscriber ID, can’t get that if they use the Library, a friend or acquaintance’s house, or an Inn or AirBnB, not saying you couldn’t track someone down with those if you wanted to, but it’s not as convenient.

    • DominusOfMegadeus@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 month ago

      I got confused and sus when I saw the words “interview process.” I wasn’t sure if I was understanding. My interview process was a chill dude in a lemmy chat sending me a link. So far it’s been awesome.

      • undefined@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        3
        ·
        1 month ago

        If that lemmy user was found out to have invited someone they didn’t know, from a random website like lemme, then they would be banned and everyone they’ve ever invited would as well.

        Other than being invited by someone who is already on the site and you know personally the standard way is to do the interview process. The interview is mostly questions about music quality and music files and serve to make sure that you can read and apply that knowledge so that they don’t have to moderate as much if you try to upload shitty rips of music on the site.

  • online@programming.dev
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    edit-2
    1 month ago

    For the known top trackers, it’s to have more control over nefarious users such as duped accounts, banned users and potential law enforcement trying to sign up. Sure it’s not a bulletproof solution to deal with bad actors but it’s still an effective way. You gotta remember that these trackers are free (yet private). The admins/operators don’t get paid, so last thing they want to do is waste time dealing with such users.

    At the end of the day you still have to trust them with your real IP, but it’s mostly to protect themselves afaik. I obviously can’t speak for every tracker out there.

  • index@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    ·
    2 months ago

    and they specifically forbid the use of VPN during the interview.

    Don’t trust anyone who does that

  • TwiddleTwaddle@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    2 months ago

    RED is so not a honeypot. Y’all paranoid. If your threat model includes hiding your IP from one of the most respected private trackers in the game, then you should probably stick to public where they don’t care if you use a different VPN every time you log in.

    • tatterdemalion@programming.devOP
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      1 month ago

      My point wasn’t so much that I think RED is shady but that exposing my IP seems like an unnecessary requirement to join. Why can I not have my membership tracked via an anonymous account? If they are concerned about account harvesting or something, then the interview already seems like a good enough measure, accompanied by seed ratio minimums.

      • Draconic NEO@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 month ago

        You know how in these kinds of discussions there’s always a bunch of nobodies who come crawling out of the woodwork to defend the person or group being accused or pointed out for doing shady shit. I don’t know it just seems weird and suspicious. Apparently I’m not the only one who noticed because they’re getting rather aggressively downvoted.

        • undefined@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          2
          ·
          1 month ago

          I’ve been on red for over 7 years now. It’s one of the best resources for music on the internet. Calling members “nobodies” for defending a community we care about is pretty lame.

          I understand being skeptical about requiring the use of home internet to connect to the site. But, it’s kind of a requirement to keep people from avoiding bans, using accounts with stolen credentials, or selling invites (big problem).

          • Draconic NEO@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 month ago

            I’ve been on red for over 7 years now. It’s one of the best resources for music on the internet. Calling members “nobodies” for defending a community we care about is pretty lame.

            Disagreed, people will defend their community whether it’s a good community or not. And yes you and the others here sticking up for them are nobodies to me, and likely to the rest of us in the thread. People think the practice is shady, and they’re right to, a tracker could easily use such information against you if they fold or turn. But see, people who are with them either don’t think of these things or they deliberately avoid the topic because, like you yourself said, they’re defending a community they care about. So even if the ones they follow do things that are generally sketchy or seen as unacceptable they will still stick up for them, because they are there and they care about them and are willing to ignore the bad and shady stuff.

            I understand being skeptical about requiring the use of home internet to connect to the site.

            Clearly you don’t because if you did you wouldn’t even bother trying to stick up for them, making excuses for them, or trying to make me feel bad for calling you and the others who stick up for them what you are to people here, nobodies.

      • undefined@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        2
        ·
        1 month ago

        People selling invites and ban avoidance is why they do this. I was sketched out when I first had to do this like 7 years ago and I can tell you I don’t regret it for a minute. RED has an invites forum that will get you invites to some of the best trackers out there.

        In my experience, almost all of the private trackers worth joining require you to connect to the site with your home IP. But, you can use your torrent client through a VPN. So the other users don’t see your home address.

        I understand the caution. But, if it scares you away from joining you will be missing out.

      • Omgboom@lemmy.zip
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        2
        ·
        1 month ago

        Why can I not have my membership tracked via an anonymous account?

        Because FEDs and movie studio lawyers would use anonymous accounts. All of these requirements exist for one reason, to protect the site and it’s users. If you want anonymous then you should stick to public trackers.

    • baconman1945@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      1 month ago

      Agree. None of these lemmings must have interviewed for MaM either. FnP didn’t have that requirement, I don’t think, but it’s not out of the ordinary for private tracker interviews.

  • Ganbat@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    1 month ago

    ITT: Wicked coping with some terrifyingly invasive practices from people none of us know. Seriously, some of this stuff is super concerning.

  • SaltySalamander@fedia.io
    link
    fedilink
    arrow-up
    3
    ·
    2 months ago

    If you’re this concerned, just stick with public trackers or usenet. Private trackers have rules for a reason. If you’re so paranoid about them, avoid them.

    • Imgonnatrythis@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 month ago

      Wouldn’t call it paranoia so much as standard operating procedure for safe pirating. Everyone has their own risk tolerance but IP guarding during anything involved with pirating is the norm.

  • Bear@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 months ago

    I’m part of a private tracker site. I’m pretty anon to them. They have an email but I use a VPN all the time. They had a requirement of having the same IP, so I just used one specific server.

  • Lojcs@lemm.ee
    link
    fedilink
    English
    arrow-up
    0
    arrow-down
    1
    ·
    edit-2
    2 months ago

    Their speedtest requirement also seems to be about geolocating you.

    Edit: Also would anyone explain why they prefer mp3 to aac and don’t even mention ogg? And what’s the point of uploading both cbr and vbr mp3s? Isn’t it ogg>aac>mp3 vbr>mp3 cbr quality wise?

    • TwiddleTwaddle@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 month ago

      The speedtest requirement is to ensure that you can seed effectively. Its for the overall health of the network not so they can geolocate you. If geolocation was a concern, then your IP would be plenty.

      • Lojcs@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 month ago

        They say that they don’t have a minimum speed requirement and the speedtest result doesn’t affect your application. Also considering that they specify that you choose the node geographically closest to you (instead of the lowest latency one) and the only other information in the test is latency, it does sound like they’re either looking for vpns or your location.

        IP is quite unreliable when it comes to geolocation, especially if you have a dynamic ip

    • SaltySalamander@fedia.io
      link
      fedilink
      arrow-up
      2
      ·
      2 months ago

      Also would anyone explain why they prefer mp3 to aac and don’t even mention ogg

      Compatibility. Fewer devices support ogg and/or acc than mp3.

    • Chewy@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 months ago

      Most people using these sites prefer the lossless codec flac anyway, which can be transcoded to anything.

      MP3 320kbps and MP3 V0 is transparent to most (all?) people, so there’s not much of a reason to go with a newer codec, except for space savings.

      There’s not even much of a reason to go with 320kbps, as V0 achieves the same quality with smaller files. That’s why almost nobody actually downloads MP3 320.

      I personally think MP3 is there for historical reasons, as I don’t see a reason for using lossy codecs for archiving purposes. Just download flac and transcode it once or on demand on a media server for streaming.

      • undefined@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 month ago

        I exclusively grab FLAC. Never 24 bit. I downloaded a few to test and couldn’t hear a difference. There are plenty of people who care about mp3 though.