famusc Posted November 29, 2007 Report Posted November 29, 2007 Hi,please could you make authentication optional in next version of uTorrent?It's very annoying having to put a user and password to go on.If you could add a checkbox in uTorrent WebUI settings, it would be very very appreciated.Thanks
Firon Posted November 30, 2007 Report Posted November 30, 2007 Absolutely not.If you don't wanna use the inputbox, then use the url format http://user:pass@host:port/gui/
Lord Alderaan Posted November 30, 2007 Report Posted November 30, 2007 famusc that is a stupid thing to do. Not only will everyone be able to edit your torrents and settings, everybody WILL be able to find you. Because I could simply goto any peer in my peer lists who is running µtorrent and could try getting in without u/p. I just take his IP and port, goto my browser and type http://his_ip:his_port/gui/ and BAM! I can change everything in his µtorrent. There would be no real use for me but I could have some fun...This HTTP Basic auth is flimsy as it is.
famusc Posted November 30, 2007 Author Report Posted November 30, 2007 Ok, but I'm in a private addressed isp so I'm not visible from the internet plus my computer is behind a router with no port forwarding set. So I use WebUI just to remote control uTorrent that is on another pc. We could say I use it locally...
Lord Alderaan Posted November 30, 2007 Report Posted November 30, 2007 Ok. I believe its probably safe for you (by setting an alt webui port and not mapping it in the router).But do u want µtorrent risking the safety of >99% of its webui users?Because people will use that option just because it is easy without knowing how dangerous it is even if you set 3D-flaming-danger-don't-do-this signs right next to the option. And once this gets out all kinds of idiots will abuse this to have some fun with someone else's µtorrent just too feel slightly more hackerlike.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.