this post was submitted on 18 Jun 2025
296 points (99.3% liked)

Technology

71582 readers
3578 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
296
Resurrecting a dead torrent tracker and finding 3 million peers (kianbradley.com)
submitted 23 hours ago by fantawurstwasser@feddit.org to c/technology@lemmy.world
53 comments fedilink hide all child comments
top 50 comments
sorted by: hot top controversial new old
[–] LovableSidekick@lemmy.world 3 points 28 minutes ago* (last edited 26 minutes ago)

I'm a developer but have utterly no experience with torrent architecture, or for that matter anything outside of standard web services and the kinds of things companies do. But I've been wondering if BitTorrent technology would be usable for federating content for things such as Lemmy. After reading that somebody was begging for money to offset the $5k/month they were spending to run an instance (I mean, that shows true dedicaton but holy crap dude), it seems like a distributed architecture would make a lot of sense than somebody having to foot the bill for a big-ass server. I just personally wouldn't know where to begin on a project like that, but maybe if somebody with the right combo of skills and experience gave it some thought...

[–] Alphane_Moon@lemmy.world 95 points 23 hours ago (1 children)

Funny how the author immediately decided to shut everything down when he realized the number of peer/torrents still sending requests to the domain.

[–] evidences@lemmy.world 88 points 22 hours ago (3 children)

Orphaned domains like this are interesting, there was a defcon talk, I think, where the presenter bought a bunch of blacklisted orphaned domains just to see if anything would try and connect to them. They got hit with so many botnet clients trying to phone home.

[–] LettyWhiterock@lemmy.world 13 points 14 hours ago

Please post a link if you're able, that sounds like a very interesting watch.

[–] MysteriousSophon21@lemmy.world 34 points 19 hours ago

Yeah those orphaned domains are a goldmine for security researchers, there was a similar talk at blackhat where they showed how expired domains from major companies still recieved auth tokens and sensitive data for months after expiry.

[–] Maestro@fedia.io 38 points 20 hours ago

Orphaned IPs as well. If you have an IPv4 from your cloud provider and you want to retire it, you should thoroughly scrub your DNS and all other configs before doing so. Otherwise it's trivial for someone else to spin up a machine on that IP address and abuse your domain.

[–] subignition@fedia.io 33 points 21 hours ago (1 children)

That's terrifying.

[–] Imgonnatrythis@sh.itjust.works 19 points 19 hours ago (2 children)

Why?

[–] jayandp@sh.itjust.works 20 points 13 hours ago (2 children)

From a security standpoint, it means tons of people are requesting unencrypted info from random domains that are possibly no longer controlled by the original owners.

This is just random speculation on possibilities, but somebody could maybe figure out the IP of a suspected pirate for example, setup a dummy tracker, wait for that IP to show up, and then compare any requested hashes against a database of known torrents. How legal and useful in court this could be would depend on the country, but it is a weak point.

At the other end of the spectrum, somebody might find some kind of security vulnerability in a popular client's tracker interface, and exploit that for malware purposes by setting up a fake tracker, but that's a bit more of a stretch.

[–] emeralddawn45@lemmy.dbzer0.com 5 points 3 hours ago

I mean they could also just download a million torrents and record the ips of anyone who connects to them to leech, which is what they already do. This is why you use a VPN while torrenting, because you never know who you're connecting to.

[–] Imgonnatrythis@sh.itjust.works 3 points 9 hours ago

I'd recommend always assuming the worst when connecting to torrent trackers. I'm not sure that most of us feel that the trackers we are connecting to are highly trusted providers.

[–] Laser@feddit.org 71 points 18 hours ago

Because necromancy is a forbidden art

[–] cupcakezealot@piefed.blahaj.zone 17 points 20 hours ago* (last edited 20 hours ago) (1 children)

well pls resurrect the struck by lightning torrent because its taking forever to download :(

[–] Zos_Kia@lemmynsfw.com 13 points 20 hours ago (1 children)

If you have access to real debrid, sometimes they have insanely old torrents in cache. I've resurrected quite a few decades old bangers from the pirate bay that way.

[–] Appoxo@lemmy.dbzer0.com 4 points 15 hours ago (1 children)

And if there is. Please seed that.

[–] Zos_Kia@lemmynsfw.com 2 points 11 hours ago

I usually do, but in general they're dead for lack of demand

[–] ipitco@lemmy.super.ynh.fr 9 points 20 hours ago

That's the kind of thing that would be cool to do actually, but I'm not server savy enough to make a server that won't die easily under attacks

load more comments
view more: next ›