Demonoid Down For a Week, Serving Malware Laden Ads

hypnosec tipped us to reports that Demonoid is still down after a suffering a massive DDoS last week, and that the domain is now redirecting to a malware-ridden spam site. Notable for surviving a CRIA mandated shutdown, this may be lights out for the torrent tracker: "To begin, while Demonoid’s admin told us that he would eventually bring the site back online, he clearly has other things on his mind. A really important family event puts a torrent site nowhere near the top of his priorities. ... Demonoid has been experiencing staffing issues this year. As we mentioned in an earlier article, there were rumors that one or maybe more Demonoid staffers had been questioned by authorities about their involvement in the site."

the kick in the pants I needed

[Skarecrow77]

to finally start researching private newsgroup servers.

Re:

[SuricouRaven]

The NNTP protocol is a real mess for binaries, really. Severe overheads, awkward packing. There is a reason for those PAR2 files - because delivery is too unreliable to use without them. If you're looking for a non-p2p method of file distribution, you'd be better off with some sort of simple file server - HTTP, even old-fashioned FTP (Which will soon have you loathing NAT). You'll soon run into two problems though: It costs a fortune, and any sizeable pirate service with such centralisation will eventually

Re:

[Mashiki]

7zip is awkward, and parity files are difficult to use? And here you are posting on /.? Okay there. I'd hate to see what happens if faced with a CLI.

Re:

[asdf7890]

Having to collect the files together, waiting for that last one of the number you need to recreate the original content because for some reason it hasn't made it to your server's feed yet (or it has expired on your server and you need to wait for a repost), not having the content nicely indexed on the tracker we site, and so on, is more hassle than dealing with torrents.

OK, there are sites that do some of that indexing (but they are potentially subject to takedowns and DoS attacks as much as torrent inde

Re:the kick in the pants I needed

[JMJimmy]

What's needed is decentralized p2p indexing so taking down any given site doesn't affect the ability to locate files. How to accomplish this is beyond me but I'm sure it's possible.

Re:the kick in the pants I needed

[SuricouRaven]

As I proposed. It can be done - and we know it can be done, because Freenet is exactly that. But Freenet is made for dissidents and activists, and it's anti-tracking measures are accordingly paranoid: Performance is sacrificed in order to make it near-impossible to tell what anyone is either publishing or retrieving. This makes Freenet slow. Really slow.

What you want can be done - it'd have to involve hashes, or better yet hash trees. All it needs is someone with the skill and will to impliment it.

Re:

[SuricouRaven]

There is a sort of unspoken agreement on Freenet regarding that subject. Everyone knows it exists, but speaking of it is taboo.

Re:

[RaceProUK]

You mean something like this [thepiratebay.se], maybe?

And for those with dick ISPs in the UK (and maybe elsewhere), use the Pirate Party UK mirror [pirateparty.org.uk].

Re:

[SuricouRaven]

We've really got two problems to solve: Getting the metadata, and getting the data. They need very different tools.

Getting the metadata is the indexing task - it's been done by websites ever since the appearance of Sharereactor back in ye old days. The challenge isn't to shift lots of data, but to provide a way to filter out the dud files and fakes, and find the links to the files you really want. The Pirate Bay does this.

Getting the actual data is another problem though: You need a way, given a hash*, to

use ntp just for the torrent

[jago25_98]

How's about using NNTP just for distributing the .torrent only :-)

I did a quick search... amazingly I haven't seen anyone doing this?

Re:

[berberine]

I haven't had to use a PAR2 file in years. The delivery of binary files are just fine for me. Maybe I'm the exception to the rule, but I just haven't had problems with incomplete files in at least four years. Many of the bigger usenet servers do offer downloads via HTTP as well.

Who was going to sites like Demonoid...

[BlastfireRS]

...and not using some form of AdBlock anyway?

Re:

[Skarecrow77]

hell not just adblock, but also noscript, and https everywhere.
my browsing experience can be a pain in the ass, but at least it's relatively safe.

Re:Who was going to sites like Demonoid...

[s0nicfreak]

People that want sites like Demonoid to survive and therefore support them by viewing ads?

Re:

[westlake]

People that want sites like Demonoid to survive and therefore support them by viewing ads?

The geek sees an add that helps pay the bills. The judge sees a profit-making web site.

Re:

[supersloshy]

You mean people who don't know that you can get malware from ads like this?

I use an adblocker not because I don't like supporting websites but because there's no way I'm risking the chance of an infection like that.

Re:

[s0nicfreak]

I just ensure my computer can't install anything without my permission and use adequate malware protection, which is a good idea no matter what sites you are going to and no matter if ads "like this" are blocked.

I use to run a tracker, I know how much of their own money the people running it must pump into it; viewing the ads is a free way to put a little money back into something I use.

Re:Who was going to sites like Demonoid...

[Skarecrow77]

I've never gotten a virus from warez.
got one from a porn download once, but that was my own fault. i was about 99% sure that it contained a virus, i opened it anyway to see what my anti-virus would do.

took me about 5 minutes to clean up the mess, and that was that. turned out to be pretty good porn too.

but warez? no, never gotten anything from warez.

Re:

[gutoandreollo]

This only tells me you probably need a better antivirus.. :)

Re:

[shaitand]

Actually it suggests to me you need a better anti-virus. The freebies generate false positives left and right and every day people think they are being saved from viruses that weren't really in downloads.

Re:

[MrL0G1C]

I was bored, decided to throw some viruses in a VM and see what it took to root them out without AV. I found several quickly by downloading the newest keygens and cracks off of pirate bay, so it depends on where you get your warez from I guess. noCD cracks often have trojans.

Re:

[Skarecrow77]

I rarely download anything major from piratebay.

one of the nice things about demonoid was that, generally speaking, if a dozen people post comments on a crack or what have you, confirming that they found a virus, the listing gets yanked down. I thusly ran across several things on there that weren't clean, but I never downloaded any of em obviously.

Re:

[bignetbuy]

How long have you been downloading "warez"? A year? There was a time when the keygens bundled with apps included trojans. When "legit OS" versions were modified to load a trojan AND access an IRC channel where it sat...waiting to be abused. When opening a PDF or CHM would cause the computer to open browser windows to ad-infested sites AND click on those ads so the malware author got paid. Etc...etc...etc...

That you've never encountered a virus or trojan doesn't mean they aren't out there...it just mean

Re:

[shaitand]

I can't say I've never encountered a virus/trojan/worm in downloads. I've seen all of the above. For every one of them there are dozens of false positives from free anti-virus software.

Re:

[Skarecrow77]

How long have you been downloading "warez"?

since 1993. How long have you been doing it, because apparenty you're doing it wrong.

I didn't say that no warez was infected, I said I've never been infected. The difference is knowing what you're doing and knowing how to avoid the bad stuff.

Re:

[alexo]

I've never gotten a virus from warez.

I don't know where you're getting your warez from, but whenever I tried the "DIY try-before-you-buy" approach, it came with all sorts of malware.
Perhaps there is some place where warez are clean but I'm skeptical.

Re:

[Inda]

I going to back you up, as others are dismissing you so readily.

Never, not once in 15 years, have I had a virus inserted into my warez. Never from Usenet, Anon FTP, freesite dumps, IRC, ed2k, BT or anywhere else.

The trick is to stick to scene releases (whatever they are). Search for folder names. Only download RARs. If there's a SFV file, use it.

Once, only once, there was a script inserted in a WMV (yeah, yeah, I know) file. That script failed to download it's payload.

I've had viruses on free CDs attached t

Re:

[Skarecrow77]

thanks for the backup.
it only takes a little paranoia, and a lot of common sense, to avoid getting infected.

Re:

[mister_playboy]

Registration was open for about 24 hours just before they got DDoSed.

not malware laden

[poetmatt]

this is just retarded. They said they incurred a bandwidth cost from the ddos and turned on advertising to deal with it. I imagine the bandwidth cost before and after the DDOS were probably substantially different. I don't know if they were aware of the bad ads regardless.

Resilience

[dontbemad]

IIRC, demonoid has had several outages throughout the years, some lasting weeks at a time. I would be surprised if this lasted much longer, but I would be far more surprised if this really did spell the end of demonoid all together.

Don't I know it (warning post contains grumpiness)

[RogueyWon]

I've always been forced (by means of parental guilt-trip) to act as tech-support for family, which basically means being the guy who gets roped into decontaminated malware-laden PCs for them, despite the fact I'm in a full time job and earn more than most of them. Yes, the whole "being the guy who knows PCs" thing is really starting to grate as I move further into my 30s, not least because my knowledge is nowhere near as fresh or as deep as it was a decade ago.

Anyway, rant aside, I've been used to dealing w

Re:

[__aaeihw9960]

For a decade now, I've been operating on the basis of "Do I need it? If not, do I want it? Can I justify spending money on it? And if not, is there a free-as-in-beer legal alternative available?"

The problem is that most people don't make it to this point. They only see that FREE FREE FREE FREE, and then use their morals against giant companies/for privacy/ anti-government, what-have-you, to justify their decision. A little bit of research will prove that for most things there is a legal, free version available. It might not be 100% what you want, but it'll be close, and it'll be great considering it's free.

DISCLAIMER: I do pirate things (games usually, or music) to TRY THEM. IF I like them, I BUY T

Re:

[davewoods]

there is no such thing as a good demo anymore.

Ugh, I know right? I miss the good old days when a demo was a 30-day trial, with every feature intact.
Right when dual core processors came out I built a PC with the most expensive processor I could find. Most games would not even recognize the second processor and have tremendous difficulty running. After the FIRST time that happened, I switched to downloading the game first, just to see if it could even operate on my machine. It probably saved me from buying hundreds upon hundreds of dollars of incom

Re:

[Johann Lau]

And you post posts that say *zero*. Talk more.

Re:

[jdastrup]

obligatory link to The Oatmeal: http://theoatmeal.com/comics/computers [theoatmeal.com]

Don't do support for family for free (or at all)

[John Bokma]

Uhm.... how about charging 50+ USD/hour + miles ?

Re:Don't I know it (warning post contains grumpine

[RogueyWon]

Because when you're working full-time, have been doing so for a decade and are generally pretty successful, it really rankles to have people who you only see at Christmas and who only pick up the phone when they have a PC problem expecting you to jump to their aid in the way that you did when you were a teenager or student with plenty of free time.

Re:

[war4peace]

I have developed this method of appearing to be helpful and trying to resolve the thing over the phone but invariably reaching the "I don't know about that" conclusion, and pointing them to a repairshop. After a few such occurrences they stopped bothering me. It also helps that all my relatives live at least 100 miles away and I don't own a car so they don't expect me to travel to fix whatever they broke.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[jakimfett]

Oh man...this is techie porn, right here. Time machine+win updates+one click installs=awesome.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[adolf]

Hairyfeet,

I've been reading your banter for years, and while I generally perceive that you're trying to be helpful, this is the first time that you've helped me.

Thank you for re-introducing me to WSUS Offline (the last time I saw that concept was many years ago and somewhat broken and/or German), and Comodo Time Machine (which I'd not yet found).

These things will make my life, and the lives of my customers, immeasurably easier.

Best regards,

adolf

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[aaaaaaargh!]

In my personal experience pirate sites are relatively safe even when browsing them from Windows, I've never had any problems with sites like solarmovie.eu, demonoid.ph/demonoid.me or thepiratebay.org. Actually, I've personally had less problems so far with pirated content than with dysfunctional DRM schemes. Perhaps your relatives are a bit too careless or need better anti-virus software? (Porn sites, on the other hand, are full of malware.)

But anyway there is an easy remedy: Install GNU/Linux for them and

Re:

[davewoods]

Baahaha! Good advice for getting rid of pesky family members posted by something that looks like a spam-bot. Nice.

I remember the good old days when

[Stirling Newberry]

stopping people from getting information about sex and contraception was supposed to solve some problem or other.

i started missing demonoid when chris marker died

[Anonymous Coward]

i went to download some of his more obscure movies (and they're all pretty obscure) and without demonoid i had to pause for a second and think where will i get them? especially since only a few have been released on DVD. well i still found them but it really remind me what a wonderful culture resource demonoid was. i mean any obscure movie from anywhere in the world was probably on there, likewise for music. although i'm still looking for a copy of communist Polish camp classic Hydrozagadka with english subs. wasn't even on demonoid! at least not with subs..

Re:

[Larryish]

i miss BTJunkie.

BTJunkie had EVERY FUCKING THING!!!112

Dammit.

Re:

[war4peace]

This.
My movie/music tastes are pretty strange at times, and I am genuinely trying to buy some obscure movies or albums. Problem is, they can't be found anywhere any more. Some have been released by Iron Curtain state owned companies (communist era stuff from Czechoslovakia, Poland, Romania, URSS), some were released by now-bankrupt companies, etc. Digital copies are the only chance, and now with less and less large torrent sites around, the chances of actually watching that obscure movie or listening to tha

demonoid.me points to 127.0.0.1

[RockoW]

For me demonoid.me points to localhost so if you're being redirected to a malaware website your system is compromised.

Re:

[Anonymous Coward]

Either that or you are serving the malware yourself :3

Re:

[shentino]

Or demonoid's dns got compromised.

So like...

[Westwood0720]

...where am I to torrent stuff now? /sadpanda

Update

[twocows]

According to the article in TFA, which has been updated, the ads were put in place deliberately by the site admin to recoup some of his costs. Presumably, he didn't know they were full of malware.

Re:

[Anonymous Coward]

"I'm shocked, shocked to find that the people who buy ads on my site dedicated to illegal activity would be involved in some sort of illegal activity", said the admin. "I thought these were all fine, upstanding companies."

Good info...

[redizhot]

Was wondering what was happening.

Re:fuck all you

[present_arms]

fuck all you pirate assholes anyway. I hope you get a virus that blows up your hard drive, you anti-business pricks.

you forgot to add yours sincerely MPIAA :D

Re:

[Stizark]

I have a couple friends who... acquired some of the professional imaging and video software. They used to play with it as a hobby. They then went to school, and are now working-- one designing movies, the other games. They even admit that they probably would never have gotten to where they are without that. The schools that they ended up going to asked them to exhibit some of their work.

Re:fuck all you

[fluffythedestroyer]

I usually pirate software before I try them. If it's worth it, I will buy it. Same thing with games. Is it worth it to spend 60 for a 8-16 hours game that I will trow away in the garbarge or let it gather dust in my cabinet cause I only played it once ... or is it worth 60$ cause I still play today and the replay value is very strong. With software, is it worth 50$ and more depending on the usage I need from it. lots of software are just overpriced for my needs. That's bad cause I know some software that I would buy the their price is very questionable.

Prove to me..or us here, people of /. that piracy is anti-business. Give me stats, hard numbers to make me shut up. Afaik, piracy helps business in an indirect way like it or not.

Re:

[shentino]

Don't be silly.

Businesses don't hate piracy because it makes them lose money

They hate it because it threatens their monopoly control of the market.

Re:I supplement custom hosts files w/ better DNS t

[LodCrappo]

good info and something I'll have to check out, but I'd add that at least OpenDNS is practically malware in itself due to their screwing around with dns records to advertise to you. they even break SMTP by returning MX results for *everything*, which point to them.... a user on your network fat fingers an email address and the message ends up with opendns? I don't think so.

the others might be great tho, will try them.