Archive for the ‘BitTorrent’ Category
The maintainers of the open BitTorrent protocol for file sharing have fixed a vulnerability that allowed lone attackers with only modest resources to take down large sites using a new form of denial-of-service attack.
The technique was disclosed two weeks ago in a research paper submitted to the 9th Usenix Workshop on Offensive Technologies. By sending vulnerable BitTorrent applications maliciously modified data, attackers could force them to flood a third-party target with data that was 50 to 120 times bigger than the original request. By replacing the attacker's IP address in the malicious user datagram protocol request with the spoofed address of the target, the attacker could cause the data flood to hit the victim's computer.
In a blog post published Thursday, BitTorrent engineers said the vulnerability was the result of a flaw in a reference implementation called libuTP. To fix the weakness, the uTorrent, BitTorrent, and BitTorrent Sync apps will require acknowledgments from connection initiators before providing long responses.
Some of the most widely used BitTorrent applications, including uTorrent, Mainline, and Vuze are also the most vulnerable to a newly discovered form of denial of service attack that makes it easy for a single person to bring down large sites.
The distributed reflective DoS (DRDoS) attacks exploit weaknesses found in the open BitTorrent protocol, which millions of people rely on to exchange files over the Internet. But it turns out that features found uTorrent, Mainline, and Vuze make them especially suitable for the technique. DRDoS allows a single BitTorrent user with only modest amounts of bandwidth to send malformed requests to other BitTorrent users.
The BitTorrent applications receiving the request, in turn, flood a third-party target with data that's 50 to 120 times bigger than the original request. Key to making the attack possible is BitTorrent's use of the user datagram protocol, which provides no mechanism to prevent the falsifying of IP addresses. By replacing the attacker's IP address in the malicious request with the spoofed address of the target, the attacker causes the data flood to hit victim's computer.
In its long fight against Internet piracy, the Recording Industry Association of America is gunning for the technology that enables it: BitTorrent.
Brad Buckles, RIAA's VP for anti-piracy, has told the CEO of BitTorrent he's "very concerned about the overwhelming use of BitTorrent Inc. developed clients" in pirating his members' works. BitTorrent software, including the popular uTorrent client, "facilitated approximately 75% of the over 1.6 million torrent based infringement of our members' works last year in the US," Buckles wrote in a letter dated July 30.
"Like it or not, BitTorrenting products are the premier products used for peer-to-peer infringement today," RIAA deputy general counsel Victoria Sheckler told Mashable, which published the letter yesterday. "In private discussions that various people have had with BitTorrent over the last few years, they've refused to address the elephant in the room, which is the piracy over the BitTorrent protocol."
The elementary school teacher claims a forensic examination of the computers seized from the Fairfax County home where he lived with his parents and brother will confirm his suspicions, as well as allegations that his defense counsel erred by not demanding an examination of the drives following his 2012 arrest.
US District Judge James Cacheris agreed to a limited degree and said defendant Robert Fenn "shoulders a heavy burden in seeking to vacate his judgment of conviction." Over federal prosecutor's objections, the judge ruled (PDF) that the defendant could have the media drives examined by forensic experts.
It seems that after the Police bust on The Pirate Bay last year, the domain has habit to go down often. Yes, The Pirate Bay is currently offline and the reason for the outage is still unknown (The word out there is that Game of Thrones pirates may have overloaded the server). Even if the Game of Thrones is the reason, the main party to be blamed is The Pirate Bay’s team. The […]
This is a post from HackRead.com Read the original post: The Pirate Bay is down, Reason: Game of Thrones fans?