back to article uTorrent file-swappers urged to upgrade after PC hijack flaws fixed

Users of uTorrent should grab the latest versions of the popular torrenting tools: serious security bugs, which malicious websites can exploit to commandeer PCs, were squashed this week in the software. If you're running a vulnerable Windows build of the pira, er, file-sharing applications while browsing the web, devious …

  1. Anonymous Coward
    Anonymous Coward

    uTorrent died a long time ago for me, I use Deluge which is under the GPLv3+ for all my Linux and Raspberry Pi image downloads.

    1. Prst. V.Jeltz Silver badge

      well how do you know your more obscure torrent client doesent have the same vulnerability?

      1. Anonymous Coward
        Anonymous Coward

        re: how do you know

        you don't. The same way you don't "trust" any software you didn't write - including the libraries.

        so you practice safe computing, and ensure that any damage is minimised, the same way you would if you were doing it at work.

        1. Jonathan 27

          Re: re: how do you know

          That's ridiculous logic, you can't fully trust software you wrote yourself either. To do so is to assume you're perfect and the software has no bugs. I code all day every day and while my performance reviews are stellar, I still make plenty of mistakes that I'm constantly fixing.

          I'd put open source software you're reviewed the code for (and compiled yourself) to be on the same level as software you wrote yourself. Mostly safe.

    2. Anonymous Coward
      Anonymous Coward

      Not sure why the down votes, uT was instantly down the drain, possibly even infiltrated after v1.6.1

  2. psychonaut

    the desktop app could be abused to allow "any website you visit [to] read and copy every torrent you've downloaded,"

    thats already kind of the point of torrents isnt it? unless you are a leach

  3. Anonymous Coward
    Anonymous Coward

    Got rid of utorrent years ago

    I now use Tribler.

    1. psychonaut

      Re: Got rid of utorrent years ago

      but do you have trouble with your tribbles? there's an episode for that

      1. davidp231

        Re: Got rid of utorrent years ago

        "but do you have trouble with your tribbles? there's an episode for that"

        Two, if you count its sequel. Three if you included the animated one.

        1. psychonaut

          Re: Got rid of utorrent years ago

          ok, you win the geek points there...i only vaguely remember the first one....

        2. Anonymous Coward
          Anonymous Coward

          Re: Got rid of utorrent years ago

          Four if you count the easter egg in Discovery

          1. Alan Brown Silver badge

            Re: Got rid of utorrent years ago

            I've never actually seen a klingon _eat_ a tribble.

  4. Anonymous Coward
    Anonymous Coward

    Given uTorrent went down the "secretly including ad/spyware" route years ago, why does anybody still use it?

  5. This post has been deleted by its author

  6. MrRimmerSIR!


    shags SSDs. I had been using qBitTorrent for a while until the cache SSD started to play up. Then I found out that libtorrent doesn't cache writes like uTorrent does, so the SSD was being hammered senseless. Switched back to an old verison of utorrent, without the advertising nonsense. One write burst every 2s is much kinder to the old cells.

    Does anybody know of a decent client that runs under Windows and does not use libtorrent?

    1. Sir Runcible Spoon

      Re: libtorrent

      Have you considered using a spinning disc for your filesharing needs and then simply running a synch tool to copy stuff across to your SSD?

      1. MrRimmerSIR!

        Re: libtorrent

        I have (and used to have one) but wanted to keep the box as silent as possible without locking it away in a closed cupboard as there is nowhere else to put it. The sizzle of a continuously moving hard drive head was getting a bit irritating.

        1. Alan Brown Silver badge

          Re: libtorrent

          Why not just use a ramdisk for your cache area?

  7. Anonymous Coward
    Anonymous Coward

    I know torrents have other uses besides, but doesn't it seem a bit antithetical to use a proprietary torrent client?

    1. Anonymous Coward
      Anonymous Coward

      Only if they're solely using it for downloading Linux ISOs...

      If on the other hand they're pirating software...then it seems appropriate.

  8. Peter 26

    Better alternatives

    I switched to qBitorrent (qBit) yesterday after reading recommendations on reddit. I was a bit reluctant as there has been so many features added to utorrent that other torrent programs didn't have such as the remote downloading, automatic seed ending, move completed downloads to another folder. But it turns out qBit has all the same features as far as I can see except the annoying adverts. It looks a lot like utorrent did before it went ad crazy. I should have switched ages ago.

    Combined with Transdroid on your android phone for remote downloading and torrent searching, it's a perfect combination.

    1. Anonymous Coward
      Anonymous Coward

      Re: Better alternatives

      uTorrent allows the use of HTTPS proxies to keep you safe. qBitorrent does not, only choice is NONE or SOCKS4 and 5. Not quite the same feature set.

  9. Matthew 17

    I always felt sorry for the makers µTorrent as everyone called it YooTorrent

    So they make a small application, it's small so they decide it could be seen as being positively micro, so they call it MicroTorrent and even shorten that and use the micro symbol µ. However no-one notices and just sees it as a u.

    poor µTorrent :p

    1. Martin-73 Silver badge

      Re: I always felt sorry for the makers µTorrent as everyone called it YooTorrent

      Hmm, i've always referred to it as mutorrent

  10. Anonymous Coward
    Anonymous Coward

    Thank you for the information and I shall update so there won't be a security problem using uTorrent for solely downloading Linux distributions (cough).

  11. dmacleo

    pira, er, file-sharing applications


    so the linux distros I download and seed for torrents are somehow pirating?

  12. GX5000

    Just say no

    Why would you let Java run when asked for uTorreent?

    devious JavaScript code can only run if you allow it to.

    Just say NO.

    1. Anonymous Coward
      Anonymous Coward

      Re: Just say no

      Java != Javascript

    2. Goldmember

      Re: Just say no

      Rookie mistake...

  13. Anonymous Coward
    Anonymous Coward

    uTorrent carrying PUA.OSX.InstallCore ?

    Every uTorrent download for macOS I can find is pinged for carrying "PUA.OSX.InstallCore". I guess that is adware. I can cope with ads displayed by an app but why does uTorrent need to include a separate adware module ?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon