Mass Owning of Seedboxes - A Live Hacking Exhibition. (media.defcon.org)

submitted 4 days ago by Chewy7324@discuss.tchncs.de to c/piracy@lemmy.dbzer0.com

9 comments fedilink hide all child comments

Sadly there's no recording of this talk.

top 9 comments

sorted by: hot top controversial new old

[-] HappyTimeHarry@lemm.ee 8 points 3 days ago* (last edited 3 days ago)

Oh no, what if someone hacks my seedbox and... Uses it to also pirate things?

Aside from just changing the api keys if i notice abuse, i really could not care less if other hackers use my seedbox credentials or "steal" my downloaded files.

This is a fun exercise but ultimately it just goes to show the benefit of a seedbox, even if your box gets "hacked" its not like you would be storing any kind of private/personal info on there... Right?

[-] Chewy7324@discuss.tchncs.de 4 points 3 days ago

Depending on the tracker once you notice a stolen API key it might already be too late. E.g. if they tank your ratio or break the rules in another way.

I could see the real source IPs for all other users in last logs.

Also, they mention in the slides that some seedbox providers allow users to find the IPs of other users connecting to the seedbox. Using a VPN for ssh might be advisable to protect your privacy from other users.

Otherwise your right as it won't impact your network at home.

[-] Chewy7324@discuss.tchncs.de 11 points 4 days ago

This makes me glad to no longer be running prowlarr on a seedbox (or anything else for that matter). Unless you're racing, or you've too slow of an upload, having a torrent client bound to a VPN (or gluetun/namespaces/...) is cheaper and seemingly more secure.