splintax Posted December 7, 2005 Report Share Posted December 7, 2005 I've written about this on my blog, along with some info and a little tutorial on the internal tracker for those of you who don't know what it is.But since I don't want to come off as just shamelessly plugging my blog, I'll write basically what the problem is here... µTorrent runs an internal tracker on your port with no setting that I know of to disable it (and if there is one, it should be disabled by default, IMO). Any connectable µT user is detectable in the peers list, along with their IP and port, and you can then use them to track your torrents.I consider this a minor security threat, since if the torrent becomes popular, this wastes your resources, and could also lead to legal countries in some parts of the world if the content tracked (on your PC without your knowledge) is illegal.Thoughts? I might have missed something, but tests with my friends with them all running default settings indicated that I'm right.. Link to comment Share on other sites More sharing options...
Firon Posted December 7, 2005 Report Share Posted December 7, 2005 You did.bt.enable_tracker This enables or disables the embedded tracker. The tracker URL is http://your.ip:port/announce (domains do work). It does allow external torrents.(it's in the beta, go grab it) Link to comment Share on other sites More sharing options...
splintax Posted December 7, 2005 Author Report Share Posted December 7, 2005 Ah. This wasn't as a result of me bringing this up in IRC (about a week) earlier?Just didn't notice anything happening so I thought I would post in the forums, too.Is that option off by default? Link to comment Share on other sites More sharing options...
Firon Posted December 7, 2005 Report Share Posted December 7, 2005 Yeah, it's off by default.I think it might've been DWKnight that got ludde to add it Link to comment Share on other sites More sharing options...
1c3d0g Posted December 7, 2005 Report Share Posted December 7, 2005 Yeah, it's good thinking. Now at least n00bies are "shielded" by default from their own ignorance. Link to comment Share on other sites More sharing options...
splintax Posted December 8, 2005 Author Report Share Posted December 8, 2005 Alright then. It just worried me a little since I recently discovered that there is a port column (hey, it was off by default too ) so you don't even need an external app like TCPview to get one...I don't understand what you're saying 1c3d0g - I can't see any way of blocking someone from using your computer as a tracker or even detecting it, so I wouldn't call someone 'ignorant' for having their PC open as a tracker.. :| Link to comment Share on other sites More sharing options...
Ares Posted December 8, 2005 Report Share Posted December 8, 2005 @splintax: He's saying that because the new version ships with the tracker disabled, "n00bs" won't have it turned on by default and not even know it's there, posing a security risk. It's "pre-blocked" for them, so they don't have to worry about it.-Ares Link to comment Share on other sites More sharing options...
1c3d0g Posted December 8, 2005 Report Share Posted December 8, 2005 Ares: right on! This way, if a user messes with the default settings, they're on their own and µTorrent will not be held responsible. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.