Page 1 of 1
"Attackers Can ‘Steal’ Bandwidth From BitTorrent Seeders"
Posted: Wed Aug 20, 2014 12:15 am
by ionice
From
http://torrentfreak.com/attackers-can-s ... ds-140819/
In an article published in “Computers & Security” Adamsky and his colleagues reveal an exploit which allows attackers to get a higher download rate from seeders than other people.
In technical terms, the exploit misuses BitTorrent’s choking mechanism of clients that use the “Allowed Fast” extension. Attackers can use this to keep a permanent connection with seeders, requesting the same pieces over and over.
The vulnerability was extensively tested in swarms of various sizes and the researchers found that three malicious peers can already slow download times up to 414.99%. When the number of attackers is greater compared to the number of seeders, the worse the effect becomes.
The impact of the attack further depends on the download clients being used by the seeders in the swarm. The mainline BitTorrent clients and uTorrent are not vulnerable for example, while Vuze, Transmission and Libtorrent-based clients are.
Does anyone know if the latest version of Transmission is vulnerable? Or are there any mitigation measures one should be aware of?
Re: "Attackers Can ‘Steal’ Bandwidth From BitTorrent Seeders
Posted: Wed Aug 20, 2014 2:32 pm
by cfpp2p
Update: The article was updated to clarify that only older version of Libtorrent were affected. According to the research Transmission currently has the “Allowed Fast” code commented out, but it could become vulnerable when it’s implemented.
http://torrentfreak.com/attackers-can-s ... ds-140819/
Re: "Attackers Can ‘Steal’ Bandwidth From BitTorrent Seeders
Posted: Wed Aug 20, 2014 3:59 pm
by cfpp2p
BEP 6 is inactive.
It wasn't used but commented out 03/07/11 at changeset 12111
https://trac.transmissionbt.com/changeset/12111/
peer-msgs.c
/*updateFastSet( msgs );*/
I can't tell from the article what or how exactly the tests were performed. The simple inaccuracy of originally stating transmission was vulnerable ( unless they were editing source code to produce the effects ) makes me think the credibility of the research article is not as high as it should be.
Re: "Attackers Can ‘Steal’ Bandwidth From BitTorrent Seeders
Posted: Thu Aug 21, 2014 12:34 am
by ionice
I see, that's good to hear.
Thanks for the info cfpp2p!
Re: "Attackers Can ‘Steal’ Bandwidth From BitTorrent Seeders
Posted: Sat Aug 23, 2014 2:09 am
by Astara
Maybe they don't want to have every message submitted
for moderation and wait up to a day to see if their message was
even accepted.
Re: "Attackers Can ‘Steal’ Bandwidth From BitTorrent Seeders
Posted: Sat Aug 23, 2014 3:56 am
by Astara
x190 wrote:Astara, the issue has been resolved.
But not the issue of why he didn't submit it in the first place or why I don't bother.
IMO, never having seen a bug-tracker that requires approval before being allowed to submit or update a bug, it feels like they are trying to hide something. They may very well, NOT be, but operating outside of what is normal still causes people to speculate and wonder why.
I did get that the base issue posted about was temporarily dealt with.
One thing that might stop such a client -- if transmission kept track of
what pieces it had sent to 'who', then it would know if many multiple
retries are being done.
If they ask for the same piece "too many times" (? greater than 2?)
in a row, maybe they should be 'snubbed' for a while, OR just put at the bottom of the BndWth priority queue.
Re: "Attackers Can ‘Steal’ Bandwidth From BitTorrent Seeders
Posted: Mon Aug 25, 2014 9:00 pm
by cfpp2p
BEP 6 is a relative to super seeding and the opinion varies whether the original super seeding is all that good anyway. It can appear that these kind of protocols can cause unwanted behaviors and certainly the stealing of bandwidth would qualify as unwanted.
Partial BEP 6 via haveAll and haveNone ( originally implemented by
https://trac.transmissionbt.com/ticket/1549 ) has been implemented for a long while. Way back when it was done It seemed a good decision to have BEP 6 commented out, and it still does.
https://trac.transmissionbt.com/search? ... tension%22
https://trac.transmissionbt.com/search?q=%22bep+6%22
https://trac.transmissionbt.com/search?q=%22bep6%22
Transmission doesn't allow the stealing of bandwidth vulnerability as published in “Computers & Security”by Adamsky and his colleagues, lets be clear about that.
Re: "Attackers Can ‘Steal’ Bandwidth From BitTorrent Seeders
Posted: Tue Aug 26, 2014 12:45 am
by Astara
Actually I think the topic is a bit ludicrous to begin with.
I mean you have people giving away bandwidth (I seed 24/7), and someone talks about "stealing" the BW that I am giving away for free??... Yeah, I
know its about a potential unfairness in the distribution mechanism, but still, taken in the larger context, it seems a bit silly to be talking about "stealing"...
Re: "Attackers Can ‘Steal’ Bandwidth From BitTorrent Seeders
Posted: Wed Aug 27, 2014 4:08 pm
by cfpp2p
Astara wrote: Yeah, I
know its about a potential unfairness in the distribution mechanism, but still, taken in the larger context, it seems a bit silly to be talking about "stealing"...
agreed