BitTorrent DNA Vulnerable to Remote Hijack
Written by Ernesto on January 03, 2008A recent reports suggests that the BitTorrent DNA, which is bundled with the mainline client, is an “exploitable” version of uTorrent without the user interface. It is suggested that it is possible for any websites to offload content to the btdna.exe, without the user’s consent.
BitTorrent DNA is used for p2p streaming of online videos. It works like this; the user who wants to watch a stream has to install the BitTorrent DNA application, which is also bundled with the BitTorrent mainline client. When the user plays a BitTorrent accelerated stream it will not only download data, but also upload it to other people who are watching the same stream, similar to a regular BitTorrent download.
It turns out that the DNA application is almost identical to uTorrent. “All of the resources are there, dialogs, icons, etc. It is a full blown µTorrent client that just doesn’t display it’s User Interface” writes Wefixedtheglitch, who reverse engineered the application.
The algorithm has changed a bit of course. Pieces are no longer picked at random because this doesn’t work for streaming, so it has to start with getting the first bits, first. Another difference between uTorrent and DNA is that the latter has a built in webserver. This server is used to stream media from localhost or 127.0.0.1, but also introduces some vulnerabilities.
Wefixedtheglitch reports: “It is not impossible for ANY website to hijack and offload content onto your “btdna.exe” process. I consider this risk as “HIGH” and do not recommend users to have the “btdna.exe” software installed on their systems due to these risks, especially if your ISP limits/charges you for bandwidth overages.” This claim was backed up by an additional researcher upon TorrentFreak’s request.
This report contradicts an earlier statement from BitTorrent Inc. CEO Ashwin Navin, who told TorrentFreak: “BitTorrent DNA only accelerates content that a user clicks on. It does not anticipate user wants, or pre-load a user’s PC with content they did not explicitly ask for (via an HTTP request from a webpage).”
One thing is for sure, BitTorrent DNA isn’t perfect yet. Several users reported that it slows down their web-browsers, with Linksys router owners being particularly affected. We have contacted the BitTorrent team about this slowdown issue before and they told us that they are working on a fix. I have no doubt that they will also address the security issues if there are any, but for now I think it is better to uninstall the application when you don’t need it.
DNA automatically starts with Windows, and has to be uninstalled separately from the mainline client. It is pretty well hidden and many users probably don’t even know that btdna.exe is running, as its only noticeable when the Windows task manager is opened.
Update: We received a response from BitTorrent Inc.
The blog post suggesting BitTorrent DNA is an “exploitable” version of uTorrent is erroneous. The blogger you cite should have been more diligent in his/her research, but one can hardly expect reliable information from an anonymous blog. While it is possible for any application to send requests through btdna.exe as a simple proxy, the DNA client will only accelerate authorized URLs that are registered by BitTorrent Inc. in the DNA service center. When an authorized URL is passed to the proxy, the DNA client connects to a managed infrastructure that includes a high performance tracker that introduces the client to DNA peers who have also requested the same file. The DNA service center also includes a real-time
dashboard that provides our customers visibility and control over their accelerated content, as well as better management over their entire content delivery infrastructure.
As far as the user is concerned, BitTorrent DNA only receives data that a user requests. Like any BitTorrent transfer, it is ‘private’ in that it never uploads anything you yourself haven’t requested from a webpage. It does not anticipate user wants, or pre-load a user’s PC with content not explicitly requested via an HTTP request from a webpage. Our terms for DNA
require websites to disclose to users why and how DNA improves the experience for video, software, and games with P2P acceleration.
Furthermore, BitTorrent DNA when fully released in BitTorrent mainline will allow users to see and fully control DNA activity through the mainline interface. Currently DNA is being deployed as a stand alone application, but DNA functionality will be added to mainline seamlessly in the future. We have standardized our development for PC clients on the uTorrent codebase. Mainline 6.0 was the first to leverage this codebase, and our DNA client also leverages the uTorrent codebase but includes many new enhancements beyond uTorrent for things like video streaming for example.
Not all P2P video streaming is created equal, and we strive to offer progressively downloaded video maintaining as much of the efficiency “rarest-first” offered in traditional BitTorrent. Making video streaming with BitTorrent work reliably and efficiently is non-trivial engineering, and we’ve spent quite a bit of time getting it to be the best implementation available.
The best place to visualize DNA video in action is here:
Or for full length movies and TV shows here:
Previously: Conspiracy Against Shareaza and Open Letter to the Recording Industry
Next: US Pirate Party Endorses Barack Obama
144 Responses
Pages: « 1 2 3 [4] 5 6 » Show All
Excellent web site I will be visiting often
I consider that beside Your site there is future!
Hi, all. Nice site…I really like your site ! Good job man.
Its a service “passworded” for acceleration features…by whether URL resides on uTorrent trackers.
Of course URLs have been forged since the mid-1990s. So its not exactly secure “passwording”. Actually the easiest would be to use old HOST file trick to redirect queries to uTorrent servers to your own tracker.
Unless that whole communication is encrypted with asymmetric keys. Doubtful.
Security never stands in the way of money ideas though.
And uTorrent itself admits that standard proxy service goes through unimpeded. The old open mail relay issue. The fast it doesn’t suck an accelerated amount of bandwidth is sort of a moot point.
I am really scared of this program..
Torrent isn’t save.. the RIAA is all over it.. we usually proxy or tor though, or use other means to mask our connections.. OR use secure trackers
Ok, well this is using just a public tracker where all of the ips are going to be saved, and to top it all off guys, the file is ALWAYS RUNNING.. so whenever you change your ip, the RIAA can find you..
And not only the RIAA, who knows what this program can do, we already know that it can “Share Media” but what exactly does that media have to be..
Our pc? Our applications?
What if our apps are comprimised, or sensitive files, and then basically we will be committing a crime, wheither or not we know it, and unfortunately the law isn’t up to speed and if you are doing this, eventually something is going to happen…
I really don’t think its a good idea to have this installed on your pc, I had it on mine and I had NO IDEA.. I just installed bittorrent to use on my private tracker (usually I don’t even use bittorrent) and I uninstalled the program, afterward this btdna was still running..
I am nervous.. this is insane..
Hi our little brothers.
Looking for information and found it at this great site…
Great Site - really useful information!
Hi, all. Nice site…I really like your site ! Good job man.
I browse and saw you website and I found it very interesting.Thank you for the good work, greetings
I consider that beside Your site there is future!
This is very interesting site
btDNA was running days after I had last used DNA to download torrents. This goes against DNA’s blurb on http://www.bittorrent.com/dna/whatisdna/ which claims that it only runs for a short while. It starts again after a reboot (but only when the installer of DNS logs on.) It also uses NAT-busting techniques to open up reverse paths. Confirmed using Wireshark and a temporary install of ZoneAlarm (thanks to Acronis :)
A nasty piece of work. I have found that using Add/Remove programs on “DNA” is sufficient to remove it.
Andrew Hilborne
Thanks so very much for taking your time to create this very useful and informative site. I have learned a lot from your site. Thanks!!
This website is very nice and colorful too. Its nice to have something to show others where you attend church and to show all the smiling people filled of the goodness of the Lord. You have a wonderful website here. May God rich bless you always.
Check out my new site:)
I have always wanted a compendium of novena prayers. Thank you for sharing all these prayers with us. It brings joy and happiness to everyone. I know, I do feel that way.r
Your work is marvelous!!’
i love this site.
Nice post. I\’ll return.e
Check out my new site:)a
This site is really superb!!! Thank you for you work! Good Lucky
Many interesting information on your site - keep up good worka
I can find the prayer I want. I thank God for this website.t
Hi, everybodyp
Pages: « 1 2 3 [4] 5 6 » Show All
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.