Home > Technology > BitTorrent >
While it's nice to share a bottle of fine wine with a loved one over a tasty meal, some things are better not to share. Take the torrent client web interfaces, for example. They might be convenient, and in some cases look great, but without security, every download has a global audience, including new torrent transfers added by passing strangers.
The word 'open' in a connected world can be a good thing. Open source, for example, or open library. At other times the opposite may occur; Unnecessary ports left open on a router come to mind.
For millions of people who use devices that seem to configure themselves, whether something is open or closed is irrelevant. If a device immediately works as promised, that is often enough. The problem with some Internet-connected devices is that to work out of the box in the hands of a novice, security gives way to ease of use, and that can end in disaster.
Torrent Client WebUI
Many of today's torrent clients can be operated through a web interface, commonly known as a WebUI. A typical WebUI is accessed through a web browser, with the client's IP address and a specific port number providing remote access.
In a LAN environment (the part of a network behind the router, such as a home), the torrent client's web interface serves local users, that is, those with direct access to the local network, usually over Wi-Fi. The problems start when a torrent client's WebUI is exposed to the Internet at large. Generally speaking, instead of the client being restricted to IP addresses reserved for local uses (starting at 192.168.0.0 or 10.0.0.0), anyone with a web browser anywhere in the world can also access the user interface. user.
In many cases, a WebUI can be protected with a password or by other means, but when users can do it themselves, many never do, despite warnings. That could end in disaster if the wrong person decides to rampage from the other side of the world.
Specialized search engines
Internet-connected devices are easily found using services like Shodan, census, Walk away and Onyphe.io and those that are misconfigured abound.
The image above shows a WebUI for the Tixati torrent client. With zero security, everything is in plain sight, just as it is to the person operating the client, whoever they are. This means that all downloads and uploads can be examined, including the data related to those transfers, as shown below.
It can take just a couple of minutes to find hundreds of open clients. A common WebUI seen in the wild belongs to qBittorrent, but the vast majority of it is locked down, just as it should be.
that's not ideal
For reasons that aren't entirely clear, Android's torrent clienttTorrent' is quite popular in Russia.
People may install tTorrent on always-on set-top boxes so that the latest movies are ready as soon as they get home from work or the local bar. The problem here is that with a fully exposed WebUI, people can find out what the Russians are downloading.
The average Russian citizen probably doesn't care if strangers find out about their Mortal Kombat habit; they made the decision to download it, so that's it.
But what if strangers passing by at night had an influence on the content consumed locally? What if those strangers decided to use their control of an open WebUI to share news from the other side of the world, downloaded directly to their new friend's Android device?
If they did, it might look a lot like this...
