Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chrome and Firefox Block Pirate Bay Over 'Harmful Programs' (torrentfreak.com)

Posted by msmash on from the malware-attack dept.

An anonymous reader shares a TorrentFreak report: Chrome and Firefox are actively blocking direct access to the The Pirate Bay's download pages. According to Google's Safe Browsing diagnostics service TPB contains "harmful programs," most likely triggered by malicious advertisements running on the site. Comodo DNS also showed a "hacking" warning but this disappeared after a few hours.

43 of 86 comments (clear)

  1. Better just block the whole internet by elrous0 · · Score: 5, Funny

    Only way to be sure.

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:Better just block the whole internet by Opportunist · · Score: 1

      How do I feel about a Nazi bitch? Well, until a moment ago I didn't know her and now I consider her good enough to hopefully soon become fertilizer.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  2. They are doing the user a service? by Anonymous Coward · · Score: 1

    Think of it as an ad block on steroids.

  3. Hah! by newcastlejon · · Score: 2

    Works fine for me, and that's not something I get to say very often when using Safari.

    --
    If God forks the Universe every time you roll a die, he'd better have a damned good memory.
    1. Re:Hah! by ewanm89 · · Score: 2

      the download pages have been added to google safe browsing blacklist.

    2. Re:Hah! by Alumoi · · Score: 2

      Oh, you mean that checkbox (Block dangerous and deceptive content) any sane persons unticks after installing?
      Of course there are people thinking Firefox has an adblocker baked in an let this option checked, but they soon find out it's not the case.

    3. Re:Hah! by Rakarra · · Score: 1

      Oh, you mean that checkbox (Block dangerous and deceptive content) any sane persons unticks after installing?

      I've never unchecked that option and the few times it's ever blocked a site, it was actually a malicious site.
      Why not keep it checked, unless you're going to compromised sites?

  4. But not Forbes? by Ol+Olsoc · · Score: 4, Informative
    A site that demands you allow them to install malware, and has proven already to have done so.

    I already block them for that reason.

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    1. Re:But not Forbes? by drinkypoo · · Score: 1

      My browser extensions make Forbes not work so if I go there accidentally I have no problem. I use noscript and ublock origin to handle this kind of stuff, and I have the "protections" in Firefox turned off because the Mozilla Foundation is not actually qualified to determine what I should see. I leave that up to someone who is good at it.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    2. Re:But not Forbes? by No+Longer+an+AC · · Score: 1

      My browser extensions make Forbes not work so

      No, Forbes made it so your browser doesn't work.

      It's the fight they're offering. Oh, you users want to use adblock? Fine, we'll make our site unusable to you.

      My response?

      Fine, I'll go somewhere else. (Forbes doesn't have any exclusive news content anyway).

  5. TOR - The Onion Router by DrYak · · Score: 1

    Meanwhile, http://uj3wazyk5u4hnvtk.onion/ continues to work (as long as your have a Tor proxy running, obviously)

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  6. It just gives you a warning by ArtemaOne · · Score: 4, Informative

    It isn't a block, it is a warning. Works just fine.

    1. Re:It just gives you a warning by ravenshrike · · Score: 3, Insightful

      Hey, expecting the average pebkac to click a button saying they acknowledge the high probability that the website in question will infest their computer is entirely too difficult. As for TPB, it has been worse than normal recently, enough that I immediately run MWB and S&D after visiting.

    2. Re:It just gives you a warning by ewanm89 · · Score: 1

      Which is why google probably flagged something in one of those worse than normal adverts.

    3. Re:It just gives you a warning by AHuxley · · Score: 2

      First they put in a warning, and I did not speak out—
      Because it was not a block.

      --
      Domestic spying is now "Benign Information Gathering"
    4. Re:It just gives you a warning by thegarbz · · Score: 1

      To be fair given the amount of malware on those torrents is it really a false warning?

    5. Re:It just gives you a warning by Opportunist · · Score: 2

      Well, not really, but if that was the justification, I question the lack of warnings on ads.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    6. Re:It just gives you a warning by nut · · Score: 1

      It isn't a block, it is a warning. Works just fine.

      Today it's a warning.

      --
      Never trust a man in a blue trench coat, Never drive a car when you're dead
    7. Re:It just gives you a warning by ArtemaOne · · Score: 1

      Yeah, and several days ago too.

  7. what we need here is a mentality reset by Anonymous Coward · · Score: 5, Insightful

    It is true there are advertisements that have malicious effects, if you load them and/or run their javascript (which is idiotic to go running). It is also true that malicious native OS executables can be found on sites like TPB. Even moreover, it's almost certainly true that I could work around whatever "block" they have put in place.

    However, let's hold the bus just a sec. Harmful things exist, but I do NOT want Google / Mozilla / the US Govt / China / the EU / my homeowner's association / insurance company / whoever making my choices for me about what I should see, run, what sites I can visit, and what information is harvested for who to sell to who.

    What we need here is a reset back to the 1980's. I had a computer on my desk - well, probably under, at the time. It did whatever the fuck I told it to. It answered to me. It could access the (then pre-web internet), and there was nobody trying to tell me what was "acceptable". Not that it was bug free, but it generally was written to accept my commands. The FT-fucking-P program was not written to check back with the homeship whether the site was "safe". More and more we see big companies and bigger governments all wanting to tell me what I should be doing, reading, saying, and running. For my own protection. For the children. For the RIAA.

    Control freaks: do please fuck off. Yes, I know, using Chrome and Firefox is optional. I know the internet is not safe, particularly if you are uneducated. But this big brother shit is becoming neigh well unavoidable unless you want to live in a fucking cave.

    1. Re:what we need here is a mentality reset by ewanm89 · · Score: 4, Insightful

      Google's safe browsing list have been in both Firefox and chrome since chrome's first release, and both Firefox and chrome have a toggle to turn it off in the options should you wish. For some reason Google has added pirate bay download pages to the list, according to database lookup it matches the sort of block they usually impose when the site has been compromised either directly or via maleware embedded in advertising.

    2. Re:what we need here is a mentality reset by Opportunist · · Score: 1

      What the fuck is a Nadella? Sounds like some sort of parasite you pick up while swimming in the Ganges.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    3. Re:what we need here is a mentality reset by allo · · Score: 1

      you can. just disable all the crap in your firefox. See ffprofile.com

    4. Re:what we need here is a mentality reset by RavenLrD20k · · Score: 1

      Darth Nadella: I am altering your operating system. Pray I don't alter it any further... not that your prayers, tears, and blood sacrifice matter to me.

    5. Re:what we need here is a mentality reset by omnichad · · Score: 1

      Calm down, now. It's a warning that you can click right on through. It's a whole lot easier than maintaining your own list of sites with malware infested ads and/or drive-by downloads.

    6. Re:what we need here is a mentality reset by the_Bionic_lemming · · Score: 1

      It's not hard to write your own ftp client. Computers still do what you tell them to do if you rely on your own code instead of third party code.

      But yeah, this whole "telemetry" thing needs to legislated against. Specially now that bandwidth caps are gaining teeth.

      --
      _ _ _ Go for the eyes Boo! GO FOR THE EYES!
  8. Not too far from the truth, honestly. by SvnLyrBrto · · Score: 3, Insightful

    I'm not sure about torrent freaks, but TPB and KAT would spawn no end of pop ups and new tabs suggesting you click on their links for free "security scans" and "disk repair tools" of dubious provenance. And Adblock seemed powerless to stop it. No way would I ever take them up on their "generous offers", but I'd bet that many a less savvy or careful user got themselves pwned that way.

    --
    Imagine all the people...
    1. Re:Not too far from the truth, honestly. by Anonymous Coward · · Score: 2, Informative

      ...TPB and KAT would spawn no end of pop ups and new tabs ...And Adblock seemed powerless to stop it.

      This is why people use Adblock AND NoScript

    2. Re:Not too far from the truth, honestly. by TheGratefulNet · · Score: 2

      disable jscript and its fine.

      or so I've heard.

      --

      --
      "It is now safe to switch off your computer."
    3. Re:Not too far from the truth, honestly. by AmiMoJo · · Score: 3, Informative

      Never had that issue with KAT and uBlock. TPB doesn't give me pop-ups but the many "mirrors" do. Make sure you are on the genuine site: https://thepiratebay.org/

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  9. Malware in torrents by gatfirls · · Score: 1, Insightful

    I haven't been on TPB in a long time but I recall there being tons of malware/viruses in application/game downloads. I don't think there is some ulterior motive here.

    1. Re:Malware in torrents by gatfirls · · Score: 1

      Ohh I was sure, I ran everything in a sandbox VM and plenty of them were really nasty trojans etc.

    2. Re:Malware in torrents by Mister+Transistor · · Score: 2

      You realize those are usually put there by the game's manufacturer's, right? They are trying to put the "fear of God" into people (like you) downloading the cracks, etc. as their twisted form of anti-piracy.

      Game crackers/release groups thrive on getting it out first, and doing it right, so why would they promulgate viruses? It would surely ruin the groups' reputation if it got out there.

      Plus, all the anti-malware programs flag such stuff as harmless keygens all as "PUP" or worse, "trojans" or other unspecified malware. This doesn't help the confusion either, as you really don't know if it's benign or an actual piece of malware. Running in a VM is the only solution, and restore prior state after running the "crack", because you really don't know whether it did anything malicious or not.

      --
      -- You are in a maze of little, twisty passages, all different... --
    3. Re:Malware in torrents by gatfirls · · Score: 1

      I have heard the theory that game/app devs do this but I find it hard to believe (in a couple instances maybe but not in any meaningful volume). Regardless of their intentions it would be a huge smear on their company to be authoring malware to thwart piracy.

      As to groups doing this, I don't think that either, it's just people taking the app/game/etc and bundling it with their malware.

      Like I said, I haven't been to these sites in ages but I doubt a whole lot has changed. People who do illegal stuff are very unlikely to complain when illegal stuff victimizes them.

    4. Re:Malware in torrents by Dutch+Gun · · Score: 5, Interesting

      I can assure you, as a professional game programmer, that I've never even heard of such a practice. That's not to say it hasn't ever been done or tried, but I certainly haven't heard of such an instance, at least from inside the industry. I'm pretty sure that videogame companies don't want people to associate their games with malware either, even if they're not getting a sale. I also don't believe that it's the groups who crack programs' DRM that do this. Like you said, they've also got a reputation that would be damaged.

      As an author myself, I'll be releasing my game DRM-free (well, the PC versions at least, but other platforms are out of my control) and cryptographically signed. Even when it's pirated (which is pretty much inevitable), people will know it's not been tampered with and is safe to play. I'd prefer them to have fun with the game, and maybe in the future they'll become a paying customer.

      --
      Irony: Agile development has too much intertia to be abandoned now.
    5. Re:Malware in torrents by DrXym · · Score: 2

      Most of the malware is in movie downloads. If a movie is in .wmv format, it's malware (Windows Media Player will prompt you to download the "drm" the file is supposedly protected by which will infect you). If it's an .exe, it's malware. If the movie is inside an encrypted .rar or .zip, then it's fake and the accompanying readme.txt will pretend you can get the key if you visit a site serving malware or some other scam.

    6. Re:Malware in torrents by DrXym · · Score: 1
      I expect legit companies do seed networks with broken content that doesn't work, or contains deliberate glitches and engage in other disruptive behaviour. Stuff tat sows confusion, discredits pirate sites and allows them to claw back some sales. They might even post out phony keygens / cracks which don't work.

      But I don't see them posting out trojans because of the potential repercussions if the file was traced back to them. I think you can blame the trojans on others. The first rule of a scam is to make the mark want to do something against their better judgement. The best way to do that is incentivize them into thinking they're getting a game for free or before anyone else. So wrapping up a trojan as a keygen or as a new movie is a perfect way to do that.

    7. Re:Malware in torrents by Rakarra · · Score: 1

      Fake Downloads is a time tested tactic, but putting viruses, malware, etc into fake downloads opens them up to legal liability. So I'd say.. "unlikely."

  10. Re:The Pirate Bay IS full of malware. by yuriklastalov · · Score: 2

    Nah, he's just a fucking retard. P2P filesharing in the early 2000's was a clusterfuck of bogus files masquerading as legit ones, music with jacked up metadata, and slow, unreliable downloads... "Yeah, lets bring back KaZaA," said no one ever.

  11. Unless you and a 100k-1m people... by Anonymous Coward · · Score: 1

    Are willing to significantly crowdfund alternative hardware from the chip fab up to the enclosure and certification, that isn't going to happen in today's computer environment.

    Every cpu/soc manufacturer is pushing hardware with both manufacturer and vendor firmware signing options. All of them have greater than user level virtualization/security features, most of which are under NDA to gain the knowledge necessary to safely program for consumer control of their hardware. Many pieces of hardware now have methods of bricking, warrnty, and drm invalidation if you modify the software, etc.

    In order for the common globalized citizen to have the level of control you are talking about once again, a whole new ecosystem is necessary, from the hardware to the unrestricted documentation (think c64 hardware manuals, combined with dos/unix/minix os internals documentation), to the software toolchain and peripherals firmware.

    All of that is doable, but every year that has passed has seen less protest, and far less done to staunch the flow of rights or provide open solutions. All the 'open' solutions being pushed today are primarily marketing gimmicks utilizing the exact hardware I complained about above. ESPECIALLY intel processors (2/4 computer/laptop replacements I have seen on crowdfunding sites were in fact modern Intel hardware with signed and non-user replacable firmware blobs pieces of hardware with critical security implications. The others were ARM based, and potentially had their own issues depending on trustzone support and the bootloader/firmware included.)

    Unless we see an open hardware equivalent of the bitcoin ASICminer rush happen (note those devices are not a good example for 'open hardware', but ARE a good example of the level of crowdfunding needed!) there is very little chance of liberty returning to the computing field within any of our lifetimes, if ever again.

  12. I'm not surprised by DrXym · · Score: 1
    Some of the ads on TPB are particularly scuzzy. I remember visiting once and an APK automatically began downloading on my phone. Other times when I've gone there sites have to tried to initiate downloads of .exes, popped up with fake virus / malware banners, or promoted software which has 99% probability of being scammy / trojans.

    I realize TPB takes its money where it can get it but it's hardly surprising it's ended up on a blacklist. In a sense it's amazing it's taken so long to happen. Perhaps it should restrict ads to static text, images and a url to prevent drive by infections and some of the sleazier things on there right now.

  13. Stop that shit now! by Opportunist · · Score: 2

    Where the fuck are we supposed to get 0day samples of new trojans?

    ---signed, Antivirus industry

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  14. They don't by allo · · Score: 1

    Googles safebrowsing does. Firefox does it not at all if you disabled the google phone-home-to-make-my-browsing-safer stuff.