Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54424 readers

447 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others

Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):

💰 Please help cover server costs.


Ko-fi	Liberapay

founded 1 year ago

MODERATORS

[email protected]

Is Stremio a honeypot? (sopuli.xyz)

submitted 5 months ago by [email protected] to c/[email protected]

63 comments fedilink hide all child comments

Does anybody have the impression that Stremio may be a honeypot of some sort?

Thay are allegedly a legal service where some nefarious actors provide torrenting plugins etc. I tried to find out how they were financed, and found northing but a site purportedly selling "Web3" advertising, and filled with technobabble nonsense. No address, no way to purchase their services no GDPR notice or anything...

All I can find regarding their safety are "It's legit, nothing has happened to me so far" comments in reddit and other boards.

They have your email, they host the service, they can track all you do...

Seems kind of fishy.

Ive tried it, ironically, to watch stuff that I pay for, I have Netflix, prime video, Disney... But Stremio gives me much higher resolutions.

Even though I live in a country where sailing the high seas is not persecuted, as long as you are the end-user and you derive no profit, I'm going to delete my account (made with an email address I have for bullshit stuff ), make a new one with a truly disposable email and get a VPN.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 10 points 5 months ago (2 children)

Isn't it open source?

[–] [email protected] 40 points 5 months ago

If you are not hosting, it having a repo on Github makes no difference. The server you are connecting to might have a different service running and you cannot know.

[–] [email protected] 12 points 5 months ago* (last edited 5 months ago) (3 children)

Is every open source app audited? Look at the XZ near disaster. And XZ is pretty critical software. Open source doesn't mean it's safe by default, it means that the code can be read.

[–] [email protected] 34 points 5 months ago

The XZ topic was way more complicated than that and overly exaggerated by some people. Open source is still the closest thing we have to "safe by default".

Still, as someone else stated, if you're not hosting it's not truly open source as you can't really verify the actual code running behind the server.

[–] [email protected] 30 points 5 months ago* (last edited 5 months ago)

IMO the XZ thing shows the strength of open source, some turbo pedant found the backdoor within about an hour of it being released because a program took 0.3 seconds longer to start. That wouldn't be possible in a closed source app that can't be debugged properly.

[–] [email protected] 13 points 5 months ago* (last edited 5 months ago)

Yeah, but usually with open-source software you get like 150 Github comments complaining and outlining their shady business practices... If there's something to complain about.

The XZ disaster is an example for sth else. There are probably more backdoors in proprietary software that we just don't know about. And they can just keep it hidden away and force the manufacturers to do so. No elaborate social engineering like in the XZ case needed... And no software is safe. They all have bugs and most of them depend on third-party libraries. That has nothing to do with being open or closed source. If so, being open provides you with more of a chance to catch mischievous behaviour. At least generally speaking. There will be exceptions to this rule.