|
uTorrent and BitTorrent clients have 'highly critical' security hole
|
|
The following comments relate to this news article:
article published on 13 August, 2008
Secunia has issued two new ?highly critical? security alerts, one for uTorrent, version 1.7.7, build 8179 and the second for the official BitTorrent client, in version 6.xx.
?A vulnerability has been discovered in BitTorrent, which potentially can be exploited by malicious people to compromise a user?s system,? the alert says.
The vulnerability was originally discovered by Rhys Kidd ... [ read the full article ]
Please read the original article before posting your comments.
|
AfterDawn Addict
23 product reviews
|
13. August 2008 @ 15:02 |
Link to this message
|
|
|
|
Advertisement
|
 |
|
|
|
lxfactor
Senior Member
|
13. August 2008 @ 15:27 |
Link to this message
|
|
screw u .torrent
|
|
tavek
Suspended due to non-functional email address
|
13. August 2008 @ 15:53 |
Link to this message
|
|
are people that cheap to not buy giganews with ecryption protection, cmon. GIGANEWS FTW! NEWSGROUPS FOR ALL!
|
Member
|
13. August 2008 @ 16:46 |
Link to this message
|
Originally posted by tavek:
are people that cheap to not buy giganews with ecryption protection, cmon. GIGANEWS FTW! NEWSGROUPS FOR ALL!
I heard that Newsgroups don't as much stuff as torrents thats why i haven't made the switch....
|
Senior Member
3 product reviews
|
13. August 2008 @ 17:52 |
Link to this message
|
Originally posted by core2kid:
I use Azureus, thats safe right?
Yeah we should be good, it's made by different people though it's not impossible to have the same security hole.
|
Member
|
13. August 2008 @ 18:45 |
Link to this message
|
Well, a lot of trackers have banned version 1.8 and above for fear that it is sending data to MediaSentry and other companies. And, it's closed source so a lot of people cannot even analyse it and find out if it is true. Why not switch to something else? Azureus and Halite are great clients, both support encryption and ipfilter.dat.
|
AfterDawn Addict
|
13. August 2008 @ 19:52 |
Link to this message
|
Quote:
I heard that Newsgroups don't as much stuff as torrents thats why i haven't made the switch....
Actually they have the same, but "stuff" seems to hit torrents before they hit newsgroups.
|
|
varnull
Suspended permanently
|
13. August 2008 @ 22:34 |
Link to this message
|
sheesh.. they only just found this out.. Dan posted about this hole 2 years ago ;) It's an old one, goes right back to bitcomet days.
|
|
rvinkebob
Member
3 product reviews
|
13. August 2008 @ 23:11 |
Link to this message
|
Originally posted by varnull:
sheesh.. they only just found this out.. Dan posted about this hole 2 years ago ;) It's an old one, goes right back to bitcomet days.
I knew there was something familiar about this. Though I think I first heard about it around 2-3 months ago.
By the way, sorry if this is an ignorant question, but what in the world is a newsgroup and does it work? Why does it cost money?
This message has been edited since posting. Last time this message was edited on 13. August 2008 @ 23:11
|
|
ydkjman
Member
|
13. August 2008 @ 23:29 |
Link to this message
|
Originally posted by tatsh:
Well, a lot of trackers have banned version 1.8 and above for fear that it is sending data to MediaSentry and other companies. And, it's closed source so a lot of people cannot even analyse it and find out if it is true.
Is this really true ?
This message has been edited since posting. Last time this message was edited on 13. August 2008 @ 23:30
|
|
EricCarr
Member
|
14. August 2008 @ 00:27 |
Link to this message
|
If you own a computer with a connection to the internet, you are open to be hacked or attacked. That's the bottom line. All the updates from MS, torrent files, P2P. No one is fully safe.
|
Junior Member
|
14. August 2008 @ 07:55 |
Link to this message
|
I got a Feeling the Riaa Got Something to o with this. whether its to scare us, or they found the exploit i dunno
|
|
susieqbbb
Suspended permanently
|
14. August 2008 @ 08:18 |
Link to this message
|
|
i use other torrents utorrents are garbage and have always been garbage.
|
Member
|
14. August 2008 @ 14:23 |
Link to this message
|
so are older bittorent files ok? or should i just download Azureus, now called Vuze? I just got a new comp so im tryin real hard not to screw it up at all
|
|
trick1
Suspended due to non-functional email address
|
16. August 2008 @ 05:42 |
Link to this message
|
That's old news, just re-printed. Rhyskidd posted the discovery months ago on several security lists.
It's a THEORETICAL flaw. There is NO evidence of an exploit in the wild.
1.8 is no longer a beta.
|
|
chrissd
Newbie
|
18. August 2008 @ 09:30 |
Link to this message
|
|
No evidence of the exploit being used doesn't mean it hasn't or won't be used. Just means that you haven't yet seen it. Though anyone who knowingly uses flawed software knowing it has security holes almost deserves to be hacked..
|
|
Mez
AfterDawn Addict
|
18. August 2008 @ 09:43 |
Link to this message
|
trick1, Oh yeah!
I will be forwarding this thread to a bitcomit user who has stopped opening torrents with it because some of his jobs were downloading but nothing was happening. We both came to the same conclusion, drop Bit Comit and in the meantime kill the jobs that have gone wacky.
Anyone using a P2P ought to be watchful for things that don't add up.
|
|
Mez
AfterDawn Addict
|
19. August 2008 @ 10:06 |
Link to this message
|
|
Sorry to be an alarmist! The anomily is probably not part of a plot for hijacking your computer. The data does not appear to be going anywhere on my friends computer. After reading this artical, he freaked out and spent the night figuring out what was going on. He did a controled test on one of the anomilies. He could not find where the data was going. We can presume the blocks were being discarded and not used somewhere else.
It is safer to carefully check into things that do not add up than presume everything is safe.
|
|
mrk44
Suspended due to non-functional email address
|
21. August 2008 @ 03:56 |
Link to this message
|
Never liked utorrent....always had bad performance....now with this little security hole, it's even worse....glad I didn't use it.
I use BitTyrant...I know it's old, but it works better than anything I've used.
This message has been edited since posting. Last time this message was edited on 21. August 2008 @ 03:57
|
|
Mez
AfterDawn Addict
|
21. August 2008 @ 06:50 |
Link to this message
|
|
mrk44, what you you like about it? I have never heard of it.
|
|
mrk44
Suspended due to non-functional email address
|
21. August 2008 @ 15:33 |
Link to this message
|
Cooler Master HAF 932 - Asus Maximus II Forumula - Intel Core 2 Quad Q9550 @ 4.00GHz - 2x2GB Corsair Dominator DDR2/8500 1066 Mhz - Corsair HX1000W PSU - Asus EAH5870 Graphics Card - Western Digital Velociraptor 300GB HDD - Western Digital Caviar Black 1TB WD1001FALS HDD - LG CH10LS20 Blu-ray Drive - Asus Xonar D2X Sound Card - Logitech X-540 5.1 Surround Speakers - Samsung P2370HD Monitor
|
|
varnull
Suspended permanently
|
21. August 2008 @ 15:43 |
Link to this message
|
Sorry Mark, but that's bull.. the maximum speed you will ever get from a properly configured torrent client is your maximum line speed. You can't get 200mbps over a 10mbps cable.. simple as.
Rules of the game are changing.. the undernet is becoming stronger with more users every day. Investigations are ongoing into good darknet torrent sites and clients. TPB need to force encryption of packets through the tracker.. become more like a private tracker. I know they are getting more and more annoyed about the ip gathering spies wading through the swarms.
For now only use a torrent client which has peer blocks and encryption.. older exploited and compromised clients are no longer acceptable...
As for ”torrent.. how can anybody trust a closed source application which is owned and made by macrovision?
|
|
mrk44
Suspended due to non-functional email address
|
21. August 2008 @ 16:05 |
Link to this message
|
|
varnull: Well, actually I wasn't saying that you get higher speeds than your line speed, just better performance on certain torrents on which you don't achieve max speeds.... Anyway, what do you suggest for a good client?
Cooler Master HAF 932 - Asus Maximus II Forumula - Intel Core 2 Quad Q9550 @ 4.00GHz - 2x2GB Corsair Dominator DDR2/8500 1066 Mhz - Corsair HX1000W PSU - Asus EAH5870 Graphics Card - Western Digital Velociraptor 300GB HDD - Western Digital Caviar Black 1TB WD1001FALS HDD - LG CH10LS20 Blu-ray Drive - Asus Xonar D2X Sound Card - Logitech X-540 5.1 Surround Speakers - Samsung P2370HD Monitor
|
|
rvinkebob
Member
3 product reviews
|
21. August 2008 @ 22:06 |
Link to this message
|
I personally use Vuze on Windows and Deluge on Linux. They're my two favourite's and very customizable. I might even switch to using Vuze on linux rather than Deluge if it interests me. Though I always get maximum speed on both clients. Deluge is just a little more simple.
|
|
Advertisement
|
|
|
AfterDawn Addict
|
22. August 2008 @ 12:08 |
Link to this message
|
Originally posted by mrk44:
varnull: Well, actually I wasn't saying that you get higher speeds than your line speed, just better performance on certain torrents on which you don't achieve max speeds.... Anyway, what do you suggest for a good client?
Yes I'm curious as to your recommendation as well. :) I used Azureus a couple of years ago and it seemed a bit hoggish at the time. :P
....gm
|
