I almost missed this one: Computerworld recently found out about Brett O'Connor's cool hack to use Amazon's EC2 as a seedbox, and it got them all hot and bothered. O'Connor essentially was able to install Torrentflux on EC2, making it possible to download and seed torrent data from Amazon's servers. Read more about it here, or just go straight to his extensive step-by-step description if you want to know how he did it.

And then go read the Computerworld article and be amazed, especially about the parts that a self-proclaimed security expert contributed:

"'This means that hackers and other interested parties can simply use a prepaid -- and anonymous -- debit card to pay the $75 a month fee to Amazon and harvest BitTorrent applications at high speed with little or no chance of detection,' said David Hobson, managing director of GSS."

Those interesting parties, the article goes on, could then download those torrented files via FTP straight onto a company's server, "resulting in an internal computer infection." Because, you know, every Bittorrent download infects your computer.

Wild stuff, and not only because of the fact that Hobson seems to be completely unaware of the fact that seedboxes have been around for a while. Or even that non-existent 75 bucks a month fee that you have to pay Amazon to infect your servers with those torrents all the kids are talking about nowadays.

Pando CTO Laird Popkin apparently wasn't too amused when he read all of this nonsense, and he ended up contributing my favored comment of the month. Here's a quick excerpt:

"(M)ost of the article comes down to "security firm tries to generate business by making up a new threat". After you filter out the fear mongering, what you're left with is the "news" that some people find it useful to run p2p software to download files onto servers that they pay for using bandwidth and storage that they pay for. If that's hijacking, I suspect that Amazon would love to be hijacked a lot more. :-)"

Tags: , , , , ,