If you use this, forewarned is forearmed.Torrents Time is a new technology that allows users to instantly download and watch torrented material right inside their browser. Torrents Time benefits from a built-in VPN server and has seen a rise in popularity after The Pirate Bay (TPB) and Kickass Torrents (KAT), the Internet's biggest torrent portals, added live streaming buttons to their sites employing its technology.Users who want to use
...Torrents Time fails to implement CORS, leaves users vulnerable to attackAccording to Mr. Sampson, Torrents Time does not properly implement CORS (Cross-Origin Resource Sharing), a crucial Web security mechanism that prevents resources from being loaded from different domains.This means that an attacker could create a malicious Web page that mimics a regular page (popup) created by TBP or KAT, and add their own malicious code, which, because of an improper CORS implementation, would be allowed to execute.Mr. Sampson discovered that he could open a Torrents Time video player inside this malicious page and serve the user the torrent files they wanted. This could let the user think they're accessing a trustworthy Torrents Time video player, when, in reality, the attacker could be delivering malicious code in the background while the user is watching a movie.
Wednesday, February 24, 2016
TOR web browser is a security nightmare
TOR is a network designed to let you access the Internet anonymously. Torrents Time is a browser plugin that lets you download torrents and watch them directly in your browser. It looks like it's a sucking chest wound of security fail: