Wednesday, May 25, 2011

TorrentFreak Email Update

TorrentFreak Email Update

Major Vulnerability Found in Leaked Anti-Piracy Software

Posted: 25 May 2011 04:28 AM PDT

TMGAs detailed in our earlier reports, anti-piracy company Trident Media Guard (TMG) recently failed to secure some of their systems. Blogger and security researcher Olivier Laurelli, aka Bluetouff, originally reported the breach which included a wide open virtual ‘test’ machine containing various tools. These, of course, spilled into the wild.

From the various files made available, some were easily viewable with a standard text editor, others – such as an executable called server_interface.exe – were more tricky. Thanks to a admittedly fairly hostile Full Disclosure security report we now have a clearer idea of what the package is capable of.

Penned by ‘CULT OF THE DEAD HADOPI’, the report refers to TMG as “Too Many Gremlins” along with reports not to expose them to bright lights. In it the server_interface.exe code is described as a Delphi service to which anyone can connect and start sending commands, no authentication (username/password) required. Perhaps even more worrying is a script which accepts auto-updates.

“An attacker can use the ‘Auto Update’ feature (\x82) to force the server to download updates from an evil FTP server he controls. Of course, a downloaded file is executed
just after the download,” write the researchers.

“Hence, anyone who wants to raise an army against Too Many Gremlins, look for an open port on TCP 8500,” they add.

The implication here is that if this software was present on all TMG servers, in addition to being able to turn them on and off at will a hacker could take them over with custom code of his own choosing, potentially creating “an army” which could be used to attack TMG or indeed, anyone else.

Commenting on the research, Bluetouff told TorrentFreak that the discovery of the vulnerabilities mean that the French 3 strikes program might already have been compromised.

“If TMG is vulnerable to injectioning on the system used to provide IP addresses to the HADOPI, the whole process is fu**** up,” he explained.

“Someone could for example inject the Culture Ministry’s IP range, or worse, gain access between TMG and HADOPI’s VPN by stealing certificates… then gain access to a huge amount of personal data,” he added.

“For instance we don’t know if this new ‘test server’ leak can compromise the LAN(S) of TMG with this exploit. Opacity is even for HADOPI. That’s why they went to audit TMG’s infrastructure with the CNIL [French Data Protection Office].”

“Anyway, this new episode shows that HADOPI was right to close their access,” he concludes.

That closure of access is a reference to Hadopi severing their Internet links to TMG once they found out about the leak and resorting to shifting IP addresses around by DVD and the postal system instead. That is hardly efficient and undoubtedly TMG will be working hard to get back into the 21st century.

Source: Major Vulnerability Found in Leaked Anti-Piracy Software

OneSwarm: The Privacy Aware BitTorrent Client

Posted: 24 May 2011 02:35 PM PDT

oneswarmThose who’ve been reading TorrentFreak for long enough may remember how the MPAA and RIAA accused a printer at the University of Washington of copyright infringement a few years ago.

With their research, the researchers pointed out that gathering evidence on BitTorrent downloaders is full of pitfalls.

Perhaps not coincidentally the same research group is also behind the “privacy preserving” BitTorrent client OneSwarm, currently developed by Tomas Isdal and Michael Piatek, two PhD students at the University of Washington.

Unlike other regular BitTorrent clients, OneSwarm allows users to share files only with a selected group of friends. While regular and public BitTorrent downloads are also supported, the privacy settings allow users to obscure the source of a transfer by sending it through multiple intermediaries.

“Virtually everyone on the Internet is a content producer, but today we only have one model for sharing: sign over the rights to your work to a website, with the hope that it will respect your privacy,” researcher Michael Piatek told TorrentFreak commenting on the importance of privacy on BitTorrent.

“OneSwarm is an attempt to provide an alternative. Our view is that private data sharing is an essential service in free and open societies,” he added. How the various privacy settings work is explained in detail in the video below, posted by the OneSwarm team.

Although OneSwarm has been in development for a while, the researchers have made its source available on GitHub in an update this week. Binaries and the source code are available for Windows, Linux, and Mac OS X platforms.

We tested OneSwarm, and although the browser interface is something you have to get used to, the download speeds are more than reasonable. This is also confirmed in one of the academic papers published by the OneSwarm team (pdf). In a performance comparison they found that it outperformed other “private” sharing options such as Freenet and BitTorrent over Tor.

Users have to be aware though, that while using the ‘public’ mode transfers are not anonymized.

That said, an Open Source effort to allow more privacy controls for BitTorrent users is something that can only be encouraged. The next step many BitTorrent users are looking forward to is the arrival of a fully anonymized BitTorrent client with decent speeds.

Source: OneSwarm: The Privacy Aware BitTorrent Client
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)