Pirate Bay Browser Streaming Technology Is a Security and Privacy Nightmare (softpedia.com)

← Back to Stories (view on slashdot.org)

Pirate Bay Browser Streaming Technology Is a Security and Privacy Nightmare (softpedia.com)

Posted by timothy on Friday February 12, 2016 @03:05AM from the tradeoffs-abound dept.

An anonymous reader writes: Last week the Pirate Bay added support for streaming video torrents inside the browser in real-time. Kickass Torrents followed the next week. The technology they used is called Torrents Time. A security researcher has discovered that this technology which is a mix of client and server side code is actually a security and user privacy disaster. Attackers can carry out XSS attacks on TPB and KAT, the app runs on Mac as root, attackers can hijack downloads and force malicious code on the user's PC, and advertisers can collect info on any user that has Torrents Time installed.

7 of 72 comments (clear)

Min score:

Reason:

Sort:

Next on the news... by MitchDev · 2016-02-12 03:07 · Score: 4, Insightful

MPAA and RIAA releases tainted movies and music on torrents themselves...
1. Re:Next on the news... by gstoddart · 2016-02-12 03:33 · Score: 4, Informative
  
  You don't need to hear their name, the US government has now been tasked to do this shit on their behalf, they just write the text of the laws and treaties behind the scenes.
  You don't think ICE policing copyright because they're under the control of DHS was an accident, do you?
  Once the agency with the keys to the kingdom polices copyright, you can be more in the background.
  
  --
  Lost at C:>. Found at C.
2. Re:Next on the news... by JustAnotherOldGuy · 2016-02-12 05:53 · Score: 4, Informative
  
  You don't need to hear their name, the US government has now been tasked to do this shit on their behalf, they just write the text of the laws and treaties behind the scenes.
  This is, sadly, an extremely accurate description of how things work now. The corporations provide "advice" and "policy position consulting" in the form of fully-written bills and treaty amendments, and the law makers just staple them into the binder.
  I'm not kidding in the least, this is literally how it woks these days.
  
  --
  Just cruising through this digital world at 33 1/3 rpm...
"the app runs on Mac as root" by Anonymous Coward · 2016-02-12 03:19 · Score: 4, Funny

This isn't a security issue! Modern app appers know that ONLY apps can app other apps, so if you're apping The Pirate App, then only that app can app your apps!
Apps!
Re:So? by houghi · 2016-02-12 03:40 · Score: 4, Insightful

Who expects privacy and security when they use Internet ?
Fixed that for you.

--
Don't fight for your country, if your country does not fight for you.
Re:I hope they hack Linux and BSD users by Rik+Sweeney · 2016-02-12 04:01 · Score: 5, Funny

That's right! One renders your system inoperable, the other is a Windows fatal system error.
(ducks)

--
Summation 2
Re:Oh dear balls. by tnk1 · 2016-02-12 04:03 · Score: 5, Insightful

Even The Pirate Bay itself is quite hacked code.
Remember that these softwares are made by amateurs who spent their time downloading warez instead of getting proper professional programming education.
Actually, I doubt that they lack CS education. What they lack is QA. "Good" developers with educations let this sort of shit through all the time. The businesses who make software actually make an effort to test their software for security and functionality.
The problem with these guys is that coding is sexy, QA is not.