#2359: Passkey exposure
-----------------------+------------------------------------
Reporter: non7top | Owner:
Type: bug | Status: new
Priority: critical | Milestone: Future
Component: core | Version: other (please specify)
Resolution: | Keywords:
-----------------------+------------------------------------
Changes (by ancient):
* cc: ancient@… (added)
Comment:
As you can see in a related upstream issue:
https://code.google.com/p/libtorrent/issues/detail?id=198 there is no data
leak when the .torrent file is marked as private. If the contents of the
.torrent file are private (such as a passkey being included) it should be
marked as a private torrent.
Data breaches can only occur in cases where you're using a public .torrent
file for private data. If "several huge russian trackers" are having data
breaches as a result of it, then it's a result of their inability to
recognize the difference between a public and private torrent file.
The fact that this issue exists is troubling to me. These trackers are
essentially demanding that the Deluge developers to add a patch to Deluge
to account for the tracker developers incompetence in the creation and
maintenance of their torrent collection. Publicly sharing the tracker data
is completely within the spec on a public torrent.
--
Ticket URL: <http://dev.deluge-torrent.org/ticket/2359#comment:1>
Deluge <http://deluge-torrent.org/>
Deluge project
--
You received this message because you are subscribed to the Google Groups
"Deluge Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/deluge-dev.
For more options, visit https://groups.google.com/groups/opt_out.
