ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    My Journey to Becoming a Linux End User on Linux Mint

    Scheduled Pinned Locked Moved IT Discussion
    linuxlinux desktoplinux mint
    116 Posts 15 Posters 39.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stacksofplatesS
      stacksofplates @Dashrender
      last edited by stacksofplates

      @Dashrender said:

      @johnhooks said:

      The torrent file comes from the website, then it builds from the seeders.

      What prevents the hacker from seeding a bad torrent?

      They would be the only one seeding it.

      Everything sent through a torrent is hashed, so they would somehow have to change everyone's copy of the ISO.

      DashrenderD 1 Reply Last reply Reply Quote 0
      • DashrenderD
        Dashrender @stacksofplates
        last edited by

        @johnhooks said:

        @Dashrender said:

        @johnhooks said:

        The torrent file comes from the website, then it builds from the seeders.

        What prevents the hacker from seeding a bad torrent?

        They would be the only one seeding it.

        Everything sent through a torrent is hashed, so they would somehow have to change everyone's copy of the ISO.

        hack the page, call it a new version - seed the fake one to torrents - ok probably to many places to get caught.. but still possible.

        stacksofplatesS 1 Reply Last reply Reply Quote 0
        • stacksofplatesS
          stacksofplates @Dashrender
          last edited by stacksofplates

          @Dashrender said:

          @johnhooks said:

          @Dashrender said:

          @johnhooks said:

          The torrent file comes from the website, then it builds from the seeders.

          What prevents the hacker from seeding a bad torrent?

          They would be the only one seeding it.

          Everything sent through a torrent is hashed, so they would somehow have to change everyone's copy of the ISO.

          hack the page, call it a new version - seed the fake one to torrents - ok probably to many places to get caught.. but still possible.

          Right, it would take so long for that to happen that it would kind of be useless. If you change the direct download ISO then you've got everyone who downloaded it. However that's not the case with the torrents.

          There is also no guarantee that anyone will seed from you either. You could sit there all day and maybe only a couple people seed a few parts from you.

          1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @Dashrender
            last edited by

            @Dashrender said:

            @johnhooks said:

            The torrent file comes from the website, then it builds from the seeders.

            What prevents the hacker from seeding a bad torrent?

            MD5 Checksumming 🙂

            DashrenderD 1 Reply Last reply Reply Quote 0
            • DashrenderD
              Dashrender @scottalanmiller
              last edited by

              @scottalanmiller said:

              @Dashrender said:

              @johnhooks said:

              The torrent file comes from the website, then it builds from the seeders.

              What prevents the hacker from seeding a bad torrent?

              MD5 Checksumming 🙂

              I meant doing their own seed, not trying to replace the real one.

              JaredBuschJ scottalanmillerS 2 Replies Last reply Reply Quote 0
              • JaredBuschJ
                JaredBusch @Dashrender
                last edited by

                @Dashrender said:

                @scottalanmiller said:

                @Dashrender said:

                @johnhooks said:

                The torrent file comes from the website, then it builds from the seeders.

                What prevents the hacker from seeding a bad torrent?

                MD5 Checksumming 🙂

                I meant doing their own seed, not trying to replace the real one.

                Nothing prevents it and it is happening all the time.

                scottalanmillerS 1 Reply Last reply Reply Quote 1
                • scottalanmillerS
                  scottalanmiller @Dashrender
                  last edited by

                  @Dashrender said:

                  @scottalanmiller said:

                  @Dashrender said:

                  @johnhooks said:

                  The torrent file comes from the website, then it builds from the seeders.

                  What prevents the hacker from seeding a bad torrent?

                  MD5 Checksumming 🙂

                  I meant doing their own seed, not trying to replace the real one.

                  MD5 doesn't prevent them from doing it, it prevents anyone from downloading it. Torrents, as we know, are just random upload / download systems. You always checksum something coming from them.

                  1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @JaredBusch
                    last edited by

                    @JaredBusch said:

                    Nothing prevents it and it is happening all the time.

                    It's what BT is best known for, in fact.

                    JaredBuschJ 1 Reply Last reply Reply Quote 0
                    • JaredBuschJ
                      JaredBusch @scottalanmiller
                      last edited by

                      @scottalanmiller said:

                      @JaredBusch said:

                      Nothing prevents it and it is happening all the time.

                      It's what BT is best known for, in fact.

                      Only in your opinion.

                      nadnerBN scottalanmillerS 2 Replies Last reply Reply Quote 0
                      • nadnerBN
                        nadnerB @JaredBusch
                        last edited by

                        @JaredBusch said:

                        @scottalanmiller said:

                        @JaredBusch said:

                        Nothing prevents it and it is happening all the time.

                        It's what BT is best known for, in fact.

                        Only in your opinion.

                        Well, my opinion too. Probably more out of ignorance, of the finer workings & uses, as I've never needed to download anything via BT. Most people that who use it, that I know (which isn't many), only use if for movies/TV shows.

                        scottalanmillerS 1 Reply Last reply Reply Quote 0
                        • stacksofplatesS
                          stacksofplates
                          last edited by stacksofplates

                          Downloading images is pretty safe. If you download torrent file A from the website and then it's hacked and torrent file B is uploaded, you don't receive any pieces from file B. Whoever uploaded the second image would need to somehow use the exact same md5 hash for the new file as the old one. The program hashes each piece you download and compares the both the hash for the piece and the whole hash.

                          tl:dr you can't just rename a file and have people download it from you and mix it with the real file. And even if you could, they would have to get the one part that you changed from your file since you're the one seeding it. It would take forever to infect any real number of people.

                          1 Reply Last reply Reply Quote 0
                          • stacksofplatesS
                            stacksofplates
                            last edited by

                            Once again, the whole issue came from a WordPress insecurity.

                            1 Reply Last reply Reply Quote 0
                            • DashrenderD
                              Dashrender
                              last edited by

                              How are people finding the BT tracker in the first place? from one placed on the WordPress site? right?

                              So the hackers put a new BT Tracker, along with a new MD5 hash on the site.. and awayyyyyyyy we go.

                              stacksofplatesS scottalanmillerS 2 Replies Last reply Reply Quote 0
                              • stacksofplatesS
                                stacksofplates @Dashrender
                                last edited by

                                @Dashrender said:

                                How are people finding the BT tracker in the first place? from one placed on the WordPress site? right?

                                So the hackers put a new BT Tracker, along with a new MD5 hash on the site.. and awayyyyyyyy we go.

                                But they would only be seeding from each other. Anyone with the real file wouldn't get anything from them at all.

                                DashrenderD 1 Reply Last reply Reply Quote 0
                                • DashrenderD
                                  Dashrender @stacksofplates
                                  last edited by

                                  @johnhooks said:

                                  @Dashrender said:

                                  How are people finding the BT tracker in the first place? from one placed on the WordPress site? right?

                                  So the hackers put a new BT Tracker, along with a new MD5 hash on the site.. and awayyyyyyyy we go.

                                  But they would only be seeding from each other. Anyone with the real file wouldn't get anything from them at all.

                                  Just like anyone who downloaded from the site before it was hacked would be safe, only those who start the BT after the hack would be affected by the new BT Tracker - that's all I was saying.

                                  Anyone who downloaded the ISO direct the day before the hack isn't affected by the hacked version now.

                                  stacksofplatesS 1 Reply Last reply Reply Quote 0
                                  • stacksofplatesS
                                    stacksofplates @Dashrender
                                    last edited by stacksofplates

                                    @Dashrender said:

                                    @johnhooks said:

                                    @Dashrender said:

                                    How are people finding the BT tracker in the first place? from one placed on the WordPress site? right?

                                    So the hackers put a new BT Tracker, along with a new MD5 hash on the site.. and awayyyyyyyy we go.

                                    But they would only be seeding from each other. Anyone with the real file wouldn't get anything from them at all.

                                    Just like anyone who downloaded from the site before it was hacked would be safe, only those who start the BT after the hack would be affected by the new BT Tracker - that's all I was saying.

                                    Anyone who downloaded the ISO direct the day before the hack isn't affected by the hacked version now.

                                    Right. That's why I was saying the torrents are safer though. If I have the torrent file, I could download a thousand copies even if they change it mid download and never be touched by it.

                                    It would take forever to download if they did it the torrent way since you would only have as many seeders for the few hours it was up (sorry can't think of a good phrasing for that).

                                    DashrenderD 1 Reply Last reply Reply Quote 0
                                    • DashrenderD
                                      Dashrender @stacksofplates
                                      last edited by

                                      @johnhooks said:

                                      @Dashrender said:

                                      @johnhooks said:

                                      @Dashrender said:

                                      How are people finding the BT tracker in the first place? from one placed on the WordPress site? right?

                                      So the hackers put a new BT Tracker, along with a new MD5 hash on the site.. and awayyyyyyyy we go.

                                      But they would only be seeding from each other. Anyone with the real file wouldn't get anything from them at all.

                                      Just like anyone who downloaded from the site before it was hacked would be safe, only those who start the BT after the hack would be affected by the new BT Tracker - that's all I was saying.

                                      Anyone who downloaded the ISO direct the day before the hack isn't affected by the hacked version now.

                                      Right. That's why I was saying the torrents are safer though. If I have the torrent file, I could download a thousand copies even if they change it mid download and never be touched by it.

                                      It would take forever to download if they did it the torrent way since you would only have as many seeders for the few hours it was up (sorry can't think of a good phrasing for that).

                                      What would make the BT tracker go away? I admit that I don't understand how trackers work - so maybe there is a way to kill bad files out in BT land.

                                      But you'd only be safer with a BT IF you downloaded the BT Tracker before the hack... just like anyone who was downloading the file from the WP site would be safe if they downloaded before the hack...

                                      All of this matters only if you are looking to get the download while the hack is in place, that's all I'm saying.

                                      stacksofplatesS 1 Reply Last reply Reply Quote 0
                                      • stacksofplatesS
                                        stacksofplates @Dashrender
                                        last edited by

                                        @Dashrender said:

                                        @johnhooks said:

                                        @Dashrender said:

                                        @johnhooks said:

                                        @Dashrender said:

                                        How are people finding the BT tracker in the first place? from one placed on the WordPress site? right?

                                        So the hackers put a new BT Tracker, along with a new MD5 hash on the site.. and awayyyyyyyy we go.

                                        But they would only be seeding from each other. Anyone with the real file wouldn't get anything from them at all.

                                        Just like anyone who downloaded from the site before it was hacked would be safe, only those who start the BT after the hack would be affected by the new BT Tracker - that's all I was saying.

                                        Anyone who downloaded the ISO direct the day before the hack isn't affected by the hacked version now.

                                        Right. That's why I was saying the torrents are safer though. If I have the torrent file, I could download a thousand copies even if they change it mid download and never be touched by it.

                                        It would take forever to download if they did it the torrent way since you would only have as many seeders for the few hours it was up (sorry can't think of a good phrasing for that).

                                        What would make the BT tracker go away? I admit that I don't understand how trackers work - so maybe there is a way to kill bad files out in BT land.

                                        But you'd only be safer with a BT IF you downloaded the BT Tracker before the hack... just like anyone who was downloading the file from the WP site would be safe if they downloaded before the hack...

                                        All of this matters only if you are looking to get the download while the hack is in place, that's all I'm saying.

                                        Right. Ya I was thinking someone made it sound like you could infect someone else who was downloading the torrent by just changing your ISO. Im on my phone so I don't feel like trying to find it in the posts lol.

                                        1 Reply Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller @JaredBusch
                                          last edited by

                                          @JaredBusch said:

                                          @scottalanmiller said:

                                          @JaredBusch said:

                                          Nothing prevents it and it is happening all the time.

                                          It's what BT is best known for, in fact.

                                          Only in your opinion.

                                          I'm pretty confident that the majority of the public thinks of BitTorrent primarily as a place that people get infected.

                                          JaredBuschJ 1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @nadnerB
                                            last edited by

                                            @nadnerB said:

                                            @JaredBusch said:

                                            @scottalanmiller said:

                                            @JaredBusch said:

                                            Nothing prevents it and it is happening all the time.

                                            It's what BT is best known for, in fact.

                                            Only in your opinion.

                                            Well, my opinion too. Probably more out of ignorance, of the finer workings & uses, as I've never needed to download anything via BT. Most people that who use it, that I know (which isn't many), only use if for movies/TV shows.

                                            I know of no one who uses it for anything else. I know that people do, but I've never run into one.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 2 / 6
                                            • First post
                                              Last post