µTorrent Web Beta Privacy FAQ

I'm concerned that the µTorrent Web servers see and keep a record of all of my torrent activity. Why should I use a service that exposes my private information?

The µTorrent Web servers do not see the details of your torrent activity. If you add a torrent, for example, we know that a torrent was added, but not the torrent URL or infohash.

How is this so? µTorrent Web uses a cryptographic protocol called SRP, the Secure Remote Password protocol. SRP is an authentication and key-exchange protocol. In µTorrent Web, your web browser serves as the client and your µTorrent client as the server. The µTorrent Web servers act only as a channel between the two.

When you log in to µTorrent Web, your browser uses JavaScript to authenticate to your client, without ever sending the password over the connection. As a byproduct of this authentication, SRP allows each side (browser and µTorrent client) to independently arrive at the same value for a cryptographically-strong secret. This secret is then used as a session key to encrypt the body of the request (which contains the infohashes, URLS, etc.) using the AES encryption standard. This occurs entirely in your web browser, before the request is sent to µTorrent Web for proxying to your µTorrent client.

SRP has two other features worth mentioning:

1. An attacker or intermediary who has access to the entire SRP negotiation should gain no information which would enable him to recover the password. It is effectively a zero knowledge proof (http://en.wikipedia.org/wiki/Zero-knowledge_proof) to the server that the client has the password.
2. SRP provides perfect forward secrecy: even if an adversary is able to somehow compromise your password, it will not allow the decryption of past sessions. If a session key is compromised, it will not allow an attacker to recover the password. http://en.wikipedia.org/wiki/Perfect_forward_secrecy

More information about SRP is available here: http://srp.stanford.edu/whatisit.html

An early version of SRP is described in RFC2945: http://tools.ietf.org/html/rfc2945

More information about AES is available here: http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

How can I be sure that what you say about µTorrent Web privacy is true?

The easiest way to check is to use a tool like Firebug. Observe the Ajax requests and note that each request and response body is hex-encoded ciphertext. If you set breakpoints in Firebug's JavaScript debugger, you can call the same encryption/decryption functions µTorrent Web does and recover the plaintext. This will confirm that we're sending regular µTorrent WebAPI requests, subject to some modifications – e.g. moving torrent infohashes and URLs out of the query string and into the request body -- in order to keep your data private.

You can also use a tool like Wireshark, but you won't be able to decrypt the bodies. You're also welcome to read the µTorrent Web JavaScript source to verify that it works as described.

I still don't trust µTorrent Web. I'm going to (not update/switch clients/use the regular WebUI).

We understand that µTorrent Web is not going to be a good fit for everyone. If you don't want to use it, just leave 'Enable Remote Access' unchecked in your µTorrent preferences and we won't send requests to the µTorrent Web servers. If you'd like to use the regular WebUI instead, do so. We plan to merge some of the µTorrent Web user interface improvements back into it so that our standalone WebUI users can also enjoy an improved µTorrent web experience.

µTorrent Web is still in beta, so the details will continue to evolve. We've seen enough interest in the project and questions about privacy that we felt it was time to describe the general approach. We hope to help our users make an informed choice about their privacy by being transparent about our goals and making the preservation of our users' privacy a guiding design principle.