February 25, 2018

Warning To Pirates, Yarrrr!

A few days ago, I found that one of the private trackers I'm part of was firing up red all over my torrent program.  Nothing from that place was responding, but the other trackers still seemed to be working.  Oh crap, have they gone away?  I quickly visited the site, expecting to get a message saying they'd gotten a C&D, or had been DDoS'd into oblivion.  Imagine my surprise when everything seemed to be fine!  I looked in the attached forum and found out what was going on.


I've been using ÂµTorrent for a very long time, long enough that I can't remember if I've ever used anything else.  While it's been updated a gazillion times, I've kept using version 2.2.1 over the years... I gather there's been some adware built into the newer versions?  Anyway, ÂµTorrent has served me very well and faithfully.  And the tracker site, which I've been using for nearly as long as I've used ÂµTorrent, had blacklisted all versions of it.  Apparently there's been a rather unpleasant security flaw discovered in it, and Bittorrent Inc lollygagged on patching it... to the tune of more than 90 days.  When the flaw was announced after three months, Bittorrent finally released a patch that for all intents and purposes, didn't work.  Oh, it broke the exploit, to be sure... but in such a way that it didn't actually fix the flaw.  I'm not a software guy so my understanding may be incorrect, but from what I've read the patch took the metaphorical keypad lock that the exploit used... and moved it six inches to the left.  When the exploit went looking for the keypad lock, it wasn't where it was supposed to be.  Tah-dah, all fixed!  

For, like, an hour.  Then the guy who discovered the flaw in the first place "moved" the exploit and voila, vulnerability still around.  Because of this, and because the patch only "fixed" the newest versions of ÂµTorrent, the private tracker blacklisted it.  As it turns out, the situation is a little more nuanced than that... for example, version 2.2.1 is apparently missing the keypad lock entirely and thus may not be vulnerable. The recommendation from everybody involved that isn't Bittorrent and ÂµTorrent appears to be "move to a different program."  While there are dozens of torrent programs out there, after a hour or two of research, I've decided to move The Pond to qBittorrent.  It's open source, there are no ads involved, the exploit doesn't exist on it, and it appears to operate in a manner that's very familiar to µTorrent users.  While I'd rather continue to use what I'm used to using, oh well.  If you too hoist the black flag, you may want to look into this matter as well.


Posted by: Wonderduck at 04:05 PM | No Comments | Add Comment
Post contains 464 words, total size 3 kb.

February 02, 2018

What's Wonderduck Watching? Winter 2018

Been quite a long time since I did one of these... long enough that I can't remember the last time.  Which tells you one of a couple of things.  1) I never really did them as a regular gig, and B) I haven't been watching all that many shows per season, because III) there's been a lot of not-very-good anime recently.  And I've been the optimist of the group!


But this season seems... different.  Now that most shows are at least four episodes in, I'm fairly sure about what's what, and there's three series I'm definitely watching, another that I'm going to at least pay attention to, not to mention not one but two new Fate/Nasuverse shows!  So What's Wonderduck Watching?  Click "more" for... well...
more...

Posted by: Wonderduck at 10:01 PM | No Comments | Add Comment
Post contains 1033 words, total size 8 kb.

<< Page 1 of 1 >>
23kb generated in CPU 0.0173, elapsed 0.3801 seconds.
43 queries taking 0.3675 seconds, 222 records returned.
Powered by Minx 1.1.6c-pink.