Saturday, 22 December 2012

Implications of using BitTorrent and other peer2peer software

Programs such as BitTorrent are popular for sharing and downloading files.

However, apart from the legalilty of sharing copyright material,  there are serious security concerns that whilst someone might be downloading the latest James Bond film, "adult entertainment" or Dr Who episode...  the P2P(Peer-2-Peer) software could also be used as an easy access tunnel into the user's computer.

Computer Security is all about trust.  Can the developers of the P2P software be trusted to do a good job and produce code that doesn't have hidden back doors or is just full of bugs and vulnerabilities?  What's more, can the actual source of the file be trusted not to have tampered with the files before they make it available? - If it's the latest game or Office package that's being downloaded, then how can it be guaranteed that one of the program files haven't been changed to include a virus?  In short - there is no guarantee! The computer is at high risk of being compromised.

From a technical point of view, Peer to peer software such as BitTorrent, will share important details with other users connected to the same peer network.  These include things like IP address, TCP-IP port number and the type and version of program being used.

This means that a hacker connected to the same network will have all the details they require to try and hack into everybody else's computers.  The IP address tells them where a computer can be found on the internet that is actively accepting connections and data on a specific TCP-IP port plus they also know what program is listening on that port - all they need to do then is research the specific P2P program and find if it has any exploitable vulnerabilities.

It's such an important and potentially dangerous situation, its worth re-iterating the issue in big bold letters.  A P2P program is advertising to the world where a potentially exploitable computer is located ,how to connect to it - bypassing any form of firewall protection - and most importantly of all, it's accepting data from unknown sources!

All it would take is for a malicious hacker to find and use an exploit that can be sent through the stream of P2P data and adjust their datastream accordingly.  Like so many security breaches, the person being hacked into wouldn't know that their system has been compromised.

Using P2P software, such as file sharing through BitTorrent, is like digging a tunnel from someone's lounge to outside the local pub - yes it might be great in getting a drink when it's raining, but the downside is that it also serves as a direct link - for any dodgy Tom, Dick or Harry into the house - bypassing any security features such as locks and alarms.    

As you can probably tell, the author of this blog does not condone the use of these file sharing technologies!

No comments:

Post a Comment