From owner-freebsd-stable@FreeBSD.ORG Tue Dec 18 23:19:09 2012 Return-Path: Delivered-To: stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2590D47C for ; Tue, 18 Dec 2012 23:19:09 +0000 (UTC) (envelope-from nomadlogic@gmail.com) Received: from mail-vb0-f43.google.com (mail-vb0-f43.google.com [209.85.212.43]) by mx1.freebsd.org (Postfix) with ESMTP id C7D0F8FC0C for ; Tue, 18 Dec 2012 23:19:08 +0000 (UTC) Received: by mail-vb0-f43.google.com with SMTP id fs19so1594710vbb.16 for ; Tue, 18 Dec 2012 15:19:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Jf75/Zip3IWFaEYfN2ChD8MZRoBnCh4xouzoL4DYtpQ=; b=jdWSR2PZ0MaPWdp7UuwM3r+39NL7asi9+9+zssYGkxRzFIYONMSuq07LyYJ1F77+7K f6/SSl5omz+EJqzFXU4kqrXq1Bfd5+LDw+GjCZAg2QoLZi6k5UeRJ5wxfz6w5ughmV2T EDCqIN9r3JfqAT0y/tKw7tMzpys937ZCRHMNfcBb0eqa2kNfzspUO2VOevrh7GTHH7Zt ncCj86Q7acOkV1lUWFgOl5EKWujrqanbI1LEI7hEqd27MMnloZl1iPyDaD/ME9gW+iN9 W0+PTaFNUTP4xpuu+7aqVsTPigBHIN+BGnOxfEy8VEAJHOo5Dod1yUylsWiqKgkiPjbk sbVA== MIME-Version: 1.0 Received: by 10.52.66.34 with SMTP id c2mr5043843vdt.62.1355872747863; Tue, 18 Dec 2012 15:19:07 -0800 (PST) Received: by 10.58.221.230 with HTTP; Tue, 18 Dec 2012 15:19:07 -0800 (PST) In-Reply-To: References: <50D0308A.9000200@digiware.nl> Date: Tue, 18 Dec 2012 15:19:07 -0800 Message-ID: Subject: Re: No more torrents..... From: pete wright To: Peter Wemm Content-Type: text/plain; charset=ISO-8859-1 Cc: Eitan Adler , stable@freebsd.org, Willem Jan Withagen , Chris Rees X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Dec 2012 23:19:09 -0000 > > A hybrid of bnbt, xbnbt, xbtt, and something else that I don't recall > the name of. We ran the seeders from py-bittornado in curses mode in > about 15 screen sessions.. by hand. > > The tracker/indexer code had an open http connect proxy in it (!). > The code was particularly difficult to work with and looked extremely > light for defensive programming. (string buffer overflows, the > works). > > The bottom line is the nice indexer / tracker / stats thing we had > isn't something I feel we can trust. > > I do believe we can/should publish trackerless/dht torrent files to go > with the release binaries. > > Perhaps an initial web-seed might work, otherwise we could have a few > folks with good ftp connectivity do an initial seed from the ftp > files. I would be very much be willing to assist with seeding if we make dht torrent files available from my nodes located in downtown Los Angeles for west-coast and APAC network presence. as an aside: I have been running libtorrent/rtorrent for a bit and it seems like a pretty decent platform for building on. having said that - I am not a security researcher and would be keen to hear if libtorrent/rotrrent suffers from these similar issues? -pete -- pete wright www.nycbug.org @nomadlogicLA