December 12, 2011

You may have never heard of youhavedownloaded.com, but if you recently grabbed movies, music or software from online file-trading networks, chances are decent that the site has heard of you. In fact, you may find that the titles you downloaded are now listed and publicly searchable at the site, indexed by your Internet address.

In many ways, the technology behind the site merely recreates in a publicly searchable way what the entertainment industry has been doing for years: It tracks and records information that users share when they download and upload files on public peer-to-peer file-trading networks. But the free service does have the potential to make people think twice about downloading pirated movies, games and music, because it shows how easily this information can be discovered and archived.

So far, youhavedownloaded.com has recorded more than 50 million unique Internet addresses belonging to file-sharing users. The site is searchable by file name and by Internet address. When you visit, it automatically checks and lets you know if your Internet address is in the database.

Youhavedownloaded.com offers only limited information about its founders. One of them is Suren Ter-Saakov, a Russian native who now lives in a suburb of Philadelphia. I first interviewed Ter-Saakov for a story I wrote in 2009 about the Federal Trade Commission’s unprecedented takedown of troubled Web hosting firm Triple Fiber Network (3FN). The FTC alleged it was hard to find any customers at 3FN that had legitimate, legal content. Ter-Saakov, better known in the Russian Webmaster industry as Mauser, disagreed and successfully sued the FTC to retrieve his domains and servers.

Ter-Saakov said he believes youhavedownloaded.com indexes about 20 percent of the file-sharing activity on the Internet. He maintains that the site was created merely as a proof-of-concept, and that it doesn’t have any commercial application.

“The whole thing started with a theoretical discussion I had with some friends about what is possible to track through software and what is not possible,” Ter-Saakov said in a phone interview.

The database has some serious limitations. For starters, it may contain incorrect information because it doesn’t take into account that many Internet users have “dynamic” addresses that change from time to time. Also, many homes and businesses use routers that employ network address translation (NAT), which can hide multiple users behind a single public-facing Internet address, so that a single Internet address listed in the database may reflect file-sharing activity of multiple different users.

Ter-Saakov said his servers could store timestamps, machine/browser fingerprints and other data that might help more accurately identify individual users. But he said adding those enhancements would make the project more expensive, and that he and his friends had sought to put together the best system they could for less than $300 a month.

“If we wanted to make it more sophisticated or be able [to be able to track a greater share of file-sharing] users, it’s going to be more expensive, and we see no reason to do that.”

The feedback from visitors has been mixed. The site allows Facebook users to comment on their impressions, and the responses range from horror and anger to amusement. Ter-Saakov said he’s also received many emails from users whose information was listed but who deny having downloaded any files (he also said people can have their information removed on request).

“One guy claimed he downloaded stuff only because his grandmother was ill and he wanted to watch a Harold & Kumar movie to cheer himself up,” Ter-Saakov said. “Another kid wrote and said asked to have his information removed because he was downloading porn and was afraid his parents would be able to see what kind of movies he downloaded.”

I’m often asked whether I download movies, music and software from file-trading sites. My answer tends to be an unpopular one, but I believe most of this activity is simply wrong and unethical. I know plenty of people who would never dream of five-fingering items from a store, or walking out on a restaurant tab, but who routinely turn to file-sharing networks to download copyrighted content. Whether or not you agree with my views on this subject, it’s important to remember that file-trading networks are an extremely common and easy way to spread malicious software.


76 thoughts on “Who Knows What Youhavedownloaded.com?

  1. Paul D

    I use a VPN service to try to claw back some of that privacy that some see as ‘quaint’. Every one on the service uses one of a few IP’s. When I went to the site, it showed a ton of stuff that ‘I’ supposedly downloaded. I don’t download illegally. The site is flawed, IPs are not people.

    PD

  2. Monty

    They make it clear on the website for those that take the time to look that the entire site is nothing but a joke on our pathetic media system.

  3. Crypto

    A whopping 20% that doesn’t take VPNs, Proxies, or dynamic IPs into account.
    If you see a list of things you downloaded on that site just laugh.
    Or get usenet access.

Comments are closed.