Why does qBittorrent download search indexes when I click update, and do I need to worry about being infected because of it?
Are you talking about search plugins? If you are, that’s expected behaviour.
“Note that python plugins/scripts are, by its nature, not considered to be safe. Therefore any use of the unofficial plugins is at your own risk. It is a good practice to audit/take a look at the plugin/script before you install.” (From the link)
Have a look at Jackett or Prowlarr (and the rest of the arr suite), it would greatly reduce your attack surface if you are worried about that and they are very easy to set up if you look for the servarr wiki.
It seems like the gif of how it looks wasn’t included here it is https://postimg.cc/nXRSKTYZ any drawbacks or disadvantages of using Jackett and Prowlarr.
Yeah, that’s happening because you installed and enabled those plugins, and as long as they are maintained, they will be getting updates from time to time.
any drawbacks or disadvantages of using Jackett and Prowlarr.
Not that I know of. You’d have to configure flaresolverr because of certain websites cannot be accessed if you don’t pass the CAPTCHA, and that’s about it.
Edit: Yeah, I checked now that I was on the computer and seems that I was wrong. Checking for updates installs and enables a small list of plugins without any more input from the user, and even though they are open source, that is not cool.
If you are on the “Search” tab and click on “Search plugins” and check for updates (like on the gif above) you can check if they are installed and if they are enabled, from there right click them to do whatever you want.
I had the same thing, I never installed a piratebay plugin but when I clicked check for update it magically appeared
Yeah, I was wrong before. I don’t like this one bit, but I very much doubt there is any malicious intent from anyone at qBit.
Hopefully someone more knowledgeable than me will step in and offer some insight.
I don’t believe there are any malicious intentions, but there are two other things that i don’t like. Their forum only permits sign-ups with Gmail and Outlook, and their website has a very strict Cloudflare DDoS protection police. I understand the rationale behind Cloudflare’s DDoS protection policy, but I would prefer if they used another DDoS protection provider.
Their forum only permits sign-ups with Gmail and Outlook
I went to see if it was true because I found it hard to believe, but you are right. I don’t understand why it is like this, given the nature of the program and the whole philosophy behind it.
I guess that we can consider ourselves lucky that they don’t use Google’s CAPTCHA.
Tomorrow I will raise an issue on their repo, I want to see what is the official stance on all this bullshit.
Thanks for making a issue. Can share the link with us so that we can follow the discussions.