Stop using uTorrent

Topic

New Reply

Tavis Ormandy, the gifted gunslinger from Google Project Zero, has a new warning: Stop using uTorrent, both as a program running on your computer, and
[See the full post at: Stop using uTorrent]

1 user thanked author for this post.

AJNorth

Reply | Quote

Replies

qBittorrentPortable guy 🙂

1 user thanked author for this post.

AJNorth

Reply | Quote

I use BitTorrent. Assume that’s safe? If not, qBittorrent is on Ninite so it must be safe, surely.

Reply | Quote

Nevermind that, after some light reading on other sites I decided to install qBittorrent onto my system. My goodness, how I love ad-free programs! I do have some torrents that from time to time I help seed using BitTorrent. Is it possible to transfer those torrents over to qBittorrent so I can continue seeding them using that program, or do I have to download the torrented files all over again?

Reply | Quote

Useful article here on this issue and some recommends in the comments.

https://torrentfreak.com/bittorrent-client-utorrent-suffers-security-vulnerability-180220/

Reply | Quote

Techradar:

The best free alternative to uTorrent 2018: leaner, more secure torrent clients  (2018.02.21)

Reply | Quote

<soapbox>

The subject of this thread is good, except I might expand it to: Stop using file sharing software!

Who would begin to imagine that running such software could EVER be a remotely safe or reasonable thing to do in today’s computing security environment? Not to mention the questionable legality and morality of downloading and sharing other people’s property.

I can’t think of anything that represents as big a loss of control and risk than having some promiscuous application blithely copying data to and from your computer with random other users’ computers out there on the wild Internet. And of course the software itself could be mining your personal data (don’t begin to think all the security holes that could be taken advantage of by executable software are now patched). Are you HOPING for an infection, identity theft, or to have your bank account drained? Do you think that doing immoral and wrong things is helping you or anyone?

If you need/want a program, do the research, vet software using its trial capabilities, and buy the best one out there for your task from its author. Treat others with the respect and honesty you’d prefer they treat you with.

</soapbox>

-Noel

9 users thanked author for this post.

LH, SueW, David F, JohnW, Bill C., Microfix, AJNorth, lurks about, Capella

Reply | Quote

Good Day Noel,

Points well taken!

Speaking strictly for myself, the only media files that I might download that would have (or be presumed to have) copyright protection are those that I personally own hard copies of, with the possible exception of some long out-of-print music (and an occasional OOP film). Needless to say, all files are downloaded to a sand-boxed folder, then thoroughly checked for malware before any attempts to play. (I have also up-loaded a very small number of long-OOP recordings).

Cheers,

AJN

1 user thanked author for this post.

Noel Carboni

Reply | Quote

Good points, Noel. Users should vet the source of any software they install. It is much easier to vet a website or use a curated app store/repository as the source. Torrenting has always struck me as dodgy for most and for Linux distro much slower than a direct download.

Reply | Quote

You aren’t wrong. However, it’s not a moral violation to download & help redistribute a GNU/Linux system if is offered as torrent by the creators of said distribution. Even though the torrent specification has file chunk hash verification, the final ISO file still needs to be checked before for use.

A person still has to verify legally purchased software!

Reply | Quote

“Stop using file sharing software! Who would begin to imagine that running such software could EVER be a remotely safe or reasonable thing to do in today’s computing security environment? Not to mention the questionable legality and morality of downloading and sharing other people’s property.”

Yeah, such as Debian (https://www.debian.org/CD/torrent-cd/) or Ubuntu (https://www.ubuntu.com/download/alternative-downloads).

Did you know that W10 uses P2P for updates by default? https://docs.microsoft.com/en-us/windows/deployment/update/waas-optimize-windows-10-updates

Edit for content
Please follow the –Lounge Rules– no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

 

Reply | Quote

Noel, by “Stop using file sharing software!” do you mean ‘Stop using Windows 10’ as well? I can understand (and support) your point about sharing illegal downloads but that’s the ‘use’ which is wrong, not the ‘mechanism’ itself (similar to the gun control argument that it’s not the weapon but the person pulling the trigger that’s wrong).

Microsoft uses peer-to-peer file sharing in Win 10 by default for (IMO) sound financial and ease-of-use reasons, for example: by reducing its bandwidth costs of using various Content Delivery Networks. Whilst I think it’s a shame MS doesn’t make this particularly clear, at least it’s easy to switch off (for people who know that it’s there and how to).

As others have mentioned various Linux distros also make use of file sharing… primarily because it’s cheaper than alternatives.

I don’t have a problem with file sharing per se (hence my use of online ‘Public’ folders to distribute info, scripts, etc.). It’s a useful mechanism which, as you’ve noted, can be misused… like so many other things in life.

Reply | Quote

To be quite honest I lost a ton of respect for Microsoft when I saw that they implemented peer to peer sharing of Windows Updates. It’s just a ridiculous idea, IMO, and I would suggest disabling it in a heartbeat!

Don’t forget that this the same company that drills into you that you HAVE to update your system every month to cover up their never-ending security holes. Do you think their peer to peer Windows Update process is magically exempt from being taken over? Didn’t we just have a thread about how much of the data delivery isn’t even encrypted?

And besides vulnerabilities we see how reliable Windows Update has become lately… It’s not exactly perfect software.

I’m not a stick-in-the-mud; I have been a lifelong early adopter – of tech worth adopting! But some things are just obviously Bad Ideas. That’s my general opinion of file sharing and it’s not going to change any time soon.

I imagine a lot of folks feel as though their use of file sharing software is legitimate and warranted, and much of it may well be. Of course I’m sensitive to stepping on toes here, but some things just need to be said. I won’t apologize for my negative opinion of torrents, which is based on more than a fleeting fancy – I feed my family from sales of my software online.

Not meant for anyone here in particular, but food for thought:

It’s a personal choice whether you want your computer participating in sketchy network activities. Feel free to interpret the word “sketchy” as you like; just don’t lie to yourself about what you’re really doing.

-Noel

5 users thanked author for this post.

SueW, David F, Cascadian, JohnW, Elly

Reply | Quote

Sketchy network activities such the topic of this blog post is why I stopped using any client torrent software.

Reply | Quote

Noel, interesting points!

I have had an uneasiness for a long time with using torrent software.  Just prefer to avoid in general, but I have used it under Linux to download new distros, etc.

But I have never used it with a Windows box.  I might consider using it on a dedicated gaming machine, or something without any personal or business info stored locally.

It’s not the torrented files themselves I worry about, but rather the potential for the torrent software itself to be hijacked.  The multiple network connections to random computers just gives me the creeps.  The potential for mayhem if compromised would keep me from sleeping at night.

Windows 10 Pro 22H2

2 users thanked author for this post.

Cascadian, Noel Carboni

Reply | Quote

It’s not all as you think Noel … https://torrentfreak.com/2017s-piracy-is-dangerous-rhetoric-was-digital-reefer-madness-171230/

Generally, people who torrent know something about what they are doing and securing their machines. The same can’t be said for most other computer users.

Seems to me the Win 10 P2P delivery of upgrade/updates is potentially more problematic given it uses the computers of people who, chances are, don’t know what’s going on in their machines.

Or maybe MS know a thing or two about P2P? Hmmm … who knows.

Googles ad delivery would be a good way of delivering malware, etc …

Reply | Quote

Noel, … on the topic of piracy

I’ll just leave you with a very good quote from a great man, by the name of Richard Falkvinge:

Ironically, the exact same discussion about sharing knowledge and culture was held when public libraries were introduced into law in the 1850s, when publishers had argued that people should be banned from lending books from one another. The more things change, the more they stay the same.

EDIT html to text – contents may not appear as intended

Reply | Quote

Wait, people still use Utorrent? Why would they do that when there’s qbittorrent and Tixati? lol I thought Utorrent was dead, considering their utterly pathetic attempts to destroy a perfectly good torrent client with advertisements and useless updates.

Reply | Quote

Where can I download the earlier 2.2.* version of utorrent that is pre-ad and pre- this problem?  Thanks.

Reply | Quote

I did the same (g)

source:

 

http://www.oldversion.com/windows/utorrent-2-2-1-2

 

 

Reply | Quote

bosun1 and others –

1)  Should I first UNinstall uTorrent 3.4.2.32239 before installing uTorrent 2.2.1, or should I just install 2.2.1?

I would prefer to keep prior settings and unfinished torrents, but could also live without them.

2)  If I install qbitTorrent (without uninstalling uTorrent), will qbitTorrent pick up my prior settings and unfinished torrents?

Thanks.

Reply | Quote