Distributed Computing Program Hidden in Kazaa

The_THOMAS writes: "A federal securities filing Monday revealed that the hugely downloaded Kazaa P2P (file sharing) software contains a piggyback program which will create a second, new, network controlled by Brilliant Digital. They plan to awaken the software, already on millions of computers, within the next four weeks. The program will be used to host and distribute other companies' content and may be used for distributed computing. Read the details here."

Better than Spyware...

[JoeLinux]

Which is better...something that reports back your habits, or something that uses spare cycle time for something constructive?

Joe

Re:Better than Spyware...

[Shiny+Metal+S.]

Which is better...something that reports back your habits, or something that uses spare cycle time for something constructive?

And what if it uses spare cycle time to process and report back your habits?

Re:Better than Spyware...

[eltriggo]

how will you know? you didn't know when it was downloaded to your machine.

What some people won't do

[ackthpt]

To rip, mix and burn their customers...

April Fools!

[bdigit]

No file sharing software contains spyware!

reminds me of an old saying

[flynt]

P2P = good
Distributed computing = good
p2p + distributed computing = bad.

This reminds me of something my dad once told me regarding his school lunch as a boy. Just because kids like spaghetti, and kids like peanut butter, doesn't mean they'll like spaghetti and peanut butter.

Re:reminds me of an old saying

[pjdoland]

Or to paraphrase Matt Groening:

The French are funny. Sex is funny. Comedies are funny. Why is it that no French sex comedy is ever funny?

Re:reminds me of an old saying

[ackthpt]

This reminds me of something my dad once told me regarding his school lunch as a boy. Just because kids like spaghetti, and kids like peanut butter, doesn't mean they'll like spaghetti and peanut butter.

This is a bit more like taking a bite out of an apple and then seeing half a worm left it in.

Re:reminds me of an old saying

[Crazy+Diamond]

You can pick your friends. And you can pick your nose. But you can't pick your friend's nose.

Applied to P2P this would be:

You can pick your peers. And you can pick your computations. But you can't pick your peer's computations.

Re:reminds me of an old saying

[jc42]

> Just because kids like spaghetti, and kids like peanut butter, doesn't mean they'll like spaghetti and peanut butter.

Well, if they're the kids of typical computer geeks, they'll be very familiar with Thai and Vietnamese food, so peanut butter on spaghetti won't strike them as the least bit odd. But they might complain that you left out the scallions and bean sprouts, and maybe it could use a bit of hot pepper sauce.

Sounds pretty neat

[Alizarin+Erythrosin]

This actually sounds like a really cool thing, but my qualm with it lies in tha fact that they would be using MY bandwidth to "to host and distribute other companies' content, such as advertising or music. Alternatively, it might borrow people's unused processing power to help with other companies' complicated computing tasks."

I don't like the idea of this network siphoning MY bandwidth (that some may have a monthly limit on) for their purposes. And yes, I do understand that they said "with the owner's permission" but what's to say they're not just saying that as a "cover my ass" line?

Re:Sounds pretty neat

[Danse]

And yes, I do understand that they said "with the owner's permission" but what's to say they're not just saying that as a "cover my ass" line?

When you installed the software and agreed to the EULA, you gave them permission. That's what they mean.

Its real, alright.

Unfortunately, the clause to allow kazaa to use your CPU cycles has been around since the day morpheus came out..

Time to switch to giFT!

Re:Its real, alright.

[delta407]

Well... no. KaZaA (or some other stupid capitalization) technically isn't using your CPU cycles... well, it is, but not for distributed computation. It's some other client, which (evidently) no one knew about. In any case, as far as I know, there was no such clause; no one knew about it. Plus, there need not be a clause, if the embedded program pops up a message box explaining what pushing "Yes" means. They don't need to include that in the license if you explicitly agree to it later.

What I find interesting is the fact that they could distribute some other program -- even if it is a "stub" program -- inside of something as widely used as KaZaA is kind of impressive. Surely, some one would have noticed... but if they did, they must have remained pretty quiet. Has anyone heard about this before Brilliant Digital said something?

Additionally, as a sidenote, giFT is pretty cool. Granted, the website does need some work, they actually have to release the new version (so you don't have to suck it out of CVS), and so forth. However, it's still pretty cool. Not the largest network, but if we were to get even 1% of Slashdot to join then OpenFT would be in excellent shape.

April Fools?

[KanSer]

Are we sure this isn't april fools stuff?

Firestorm

[GrokSoup]

While ignorance is no excuse, that seems the only one given that Kazaa/Brilliant apparently tip users off to this crazy strategem in the user agreement. That said, I can't understand how this isn't a trojan -- installing an app with no explicit warning on a third-party computer? Shame, shame.

Re:Firestorm

[wholesomegrits]

Their explicit warning is similar to the cry heard on many newsgroups one asks a simple question: RTFM. They do put the "i agree" buttons at the BOTTOM of the page for a reason.

The devil's in the fucking details. That's for sure.

Re:Firestorm

[aminorex]

And Windows XP is different.... how?

Re:Firestorm

[Danse]

KaZaA is a program used exclusively to steal music, movies, and software.

You would have to remove the word "exclusively" from that sentence for it to have any hope of being considered accurate.

Re:Firestorm

[Melantha_Bacchae]

generic-man wrote:

> KaZaA is a program used exclusively to steal music, movies, and
> software.

I wouldn't know about that, having (thankfully) never used it. I get my mp3's off my extensive CD collection (Manilow, Mozart, Mothra, etc. -and that's just the M's ;).

> Windows XP is an operating system. It can be used for legitimate
> purposes.

Juno can be used for legitimate purposes. It started a distributed computing plan that required the user's computer to remain on at all times and connect to Juno regularly (at the user's expense if their access number was a toll number). That created a real storm of controversy.

Google can be used for legitimate purposes. Its toolbar is also a distributed computing application.

And please, do not think for a minute that Microsoft is far behind. Microsoft Research had a project called "Millenium" that called for distributed computing among other things. Millenium's marketing name appears to be ".Net". Ever heard of it?

If you have Windows XP, you have agreed to let Microsoft install any "upgrade" it wants to on your computer. That's all they need to sneak one of these applications on your computer and start harvesting CPU cycles, if they haven't already.

Ultimately, Millenium is to be a global super-cluster of all the Windows computers (if not all the computers period) in the world. Your data and applications will be stored where ever Millenium wants them to be stored (maybe even on one of your competitor's hard drives?!?). Both applications and multimedia content will run on a pay as you use basis (with digital rights management). The file system will be a universal data store based on SQL Server (say bye-bye to your favorite standard file formats). You will boot your new PC with the Millenium disk, and after a process similar to today's product activation, your computer will join (be assimilated by) the Millenium network. About the only thing different between .Net (the reality so far) and Millenium (the research project) is that Java (the Millenium Java VM was called "Borg") has been replaced by C#.

The above post is ***not*** an April Fools joke. It is based in part on documentation available on Microsoft's web site (http://www.research.microsoft.com/research/os/Mil lennium/mgoals.html and http://www.research.microsoft.com/research/sn/). The only "fool" is the person who sits by and lets Microsoft use this to gain control of the entire computing industry on this planet forever (or at least the thousand year kingdom that is what the word "Millenium" means).

What happens when you embrace and extend Godzilla? Nuclear heartburn!
See "Godzilla 2000" (released in Japan as "Godzilla 2000 Millenium") for details.

Re:Firestorm

[AndroidCat]

Kazaa is also a program to annoy the hell out of me when someone decides that my IP address just must be a Kazaa machine (even though all my ports are stealthed) and keeps trying over and over again to connect.

I hate rebooting my machine (every few weeks). I get assigned a new and usually "dirty" IP address - it takes a number of days for the Kazombies to go away!

I'm tempted to learn enough of the Kazaa protocol to be able to unload a "death packet" on the most persistent of idiots.

Well... I hope I'll be able to bill them.

[1010011010]

I hope Kazaa users with get a monthly check for CPU and bandwidth consumption from their theftware. Or maybe the money will go to... pay the RIAA/MPAA tax, so "shared files" will be free, and legal, to the user.

I'll bet not.

Trojan horse

[nebbian]

If a trojan program is useful, does that make it any less of a trojan? Where do you draw the line? To my mind, people have downloaded a program, expecting it to do one thing, and really it has a payload that con do something completely different... Makes me wonder what else the makers of this 'brilliant' scheme aren't telling us about it :-)

Re:Trojan horse

[aminorex]

That's why you should run open source software.

If you agree to terms that permit them
to do this, you don't have much to complain about.

Re:Trojan horse

[Danse]

Huh? What if I'm using an open source compiler? Hardware is another matter, but one that is dealt with differently. I don't sign (or click) an agreement when I buy hardware, so they would not be able to sneak in some sort of trojan legally as this company seems to have done. And if they can't do it legally, then it becomes a major liability for the company if it is discovered (and it would be discovered eventually), and someone would likely go to jail for it.

Re:Trojan horse

[krogoth]

I do mind. I run distributed.net on all my computers, and I want any other processor-selling program to get the hell off them.

Re:Trojan horse

[Danse]

To my mind, people have downloaded a program, expecting it to do one thing, and really it has a payload that con do something completely different...

To my mind, this says people are stupid and should've read the damn EULA that they agreed to before they clicked "I agree."

Re:Trojan horse

[Cally]

Just shows that you should read the license before installing your free lunch... otherwise, you get what you deserve. I've no sympathy with anyone wailing "but I didn't /realise/ that's what "Read the small print" meant!"

Re:Trojan horse

[CaseyB]

When it comes down to it, you are going to have to trust some software, somewhere.

Not true. One doesn't need to run software to create software. How else was the first software written? It's just a luxury we've gotten used to.

Wait a second...

According to their licensing agreement, they're allowed to use any extra storage space and/or cpu usage. What happens if you run out of space on your HD because of this and delete their files? Could they have the right to say that you aren't allowed to delete these files because it's their intellectual property?

Re:Wait a second...

[Sancho]

Not likely, although they could shut off your access to Kazaa because of the file deletion.

Then again, if you're out of hard drive space, that probably wouldn't matter.

They should pay you

[Dr.+Tom]

Of course they need your permission to do this; in fact they should pay you when they use your cycles, bandwidth (that you already pay for), disk space, etc. My computers are all at 100%, thank you, I don't have any spare cycles to give away for free. Nor do I have disk space to store some l0ser's pr0n or crappy bootlegs. And don't even ask me about bandwidth.

At the very least, they should let you have a large discount on downloads when you opt-in. For example make them free. Plus a credit based on the bandwidth they steal *cough* use.

Re:They should pay you

[tshak]

They should pay you for their spending on R&D to write software that you can use for free. Right. If you don't like it, use a competitors, or write your own.

Re:They should pay you

[Dr.+Tom]

Actually I don't run KaZaA. I never ran any music downloading stuff, ever. My desktop computer (an Alpha) doesn't even have speakers. I never download anything that isn't posted on the web. In particular, I don't have any shareware, copyrighted material, or anything like that. When you say "we all do it" I guess you mean that you do it. But not me.

And I pay for local phone calls, too (I live in Japan) so bandwidth == money. I'd never use a product that forced me to spend arbitrary amounts of money (which, if you agree to their EULA, is just what they do).

what a joke!

[Monkelectric]

Im not sure if this is an april fools joke or not ... I would guess not because unlike the other jokes, this one is liabel. So assuming it is not, the quote "...We're trying to create a secure network based on end-user relationships."

Sneaking software onto peoples computers to create a good relationship with users ? ... or did they mean a good relationship with b3d's clients?

Re:what a joke!

[0xB]

I'm not sure if this is an april fools joke or not

It's in their annual report and I don't think the SEC like jokes.

Re:what a joke!

[Gojira+Shipi-Taro]

Then they have just committed corporate suicide. Glad I don't hold any of their stock...

Revenge

[0xB]

Once the client starts receiving and transmitting data it shouldn't be hard to get a rough idea of what's being transmitted and then we can start sending duff data to their servers.
It doesn't matter whether we know what the data is or not, it just going to be a binary chunk with probably a checksum somewhere. Fill their servers with random data and see how long they want to continue using our resources

Re:Revenge

[Jester998]

As an alternative to your idea, the article stated that the software will be automatically "updated" to allow new features... once the data starts flowing, I wonder how hard it would be to, ah, "submit a patch". :)

I'll _finally_ have my beowulf cluster. :)

- Jester

Re:Revenge

[ansible]

This is the thing that concerns me most.

How well is this software written? Are there buffer overflows or other security problems?

Massive potential for security problems.

Re:Revenge

[AndroidCat]

If they've got distributed computing and remote software updating, they 0wn3z j00! (And so does anyone who breaks their protocol.)

Sigh...business as usual

[NotoriousQ]

I find it very sad, that companies will trick the user into installing the software without the knowledge. I mean, how many users would mind a spare cycle burner to help the service they like. I mean if they included the abviosly visible message (not hidden inside license agreements) saying something like "We are providing this service free of cost to you, but in return, this service will install software that will use your computer while it is not being actively used by you, and only while kazaa is running. Unfortunately, if you do not wish to run this program you will not be able to run kazaa as our finances depend on it. We promise that no information about you or your files will be used." If such a message came from a company with not a bad reputation (winamp comes to mind), i would install the program, as would many other users, adn both parties gain. When it is done in secret, it only damages the company rep, thus making it even harder for them to make money..

Furthermore, it seems that the wasted cpu tiem is becoming a precious commodity, which I am currently donating to seti, with no financial compension (in other words I am not selling the cpu time). I wonder how long till the government will accept donated cpu time as a real donation, so i can put it on my tax return....hmmm, i am thinking about at least a dollar per unit, and i am now at 780 units, that makes it 780$ deducted from taxes, and if it is a dollar per hour....

that could be a hefty some for stuff donated to a good cause....

maybe someone at seti would give me a receipt...hey, that would mean more people doing units for them...could be beneficial to both sides...

Re:Sigh...business as usual

[adolf]

Quoth:

If such a message came from a company with not a bad reputation (winamp comes to mind), i would install the program

I guess you didn't realize that Winamp is Nullsoft is America Online whom is also the proud owner of Time Warner, among other things.

Is there really a reason to go about trusting, implicitly, this "winamp" organization of which you speak?

Re:Sigh...business as usual

[Cally]

I find it very sad, that companies will trick the user into installing the software without the knowledge I find it very sad, that companies will trick the user into installing the software without the knowledge

Who's been tricked? It's right there in the license agreement. Read the fscking article.

Re:Sigh...business as usual

[s390]

I don't recall where I saw it today, but there was an article focused on AOL/TW and how disappointing it is to its stockholders, especially all the former Time-Warner stockholders.

Basically, AOL/TW is now worth about one-third of what the two companies were worth prior to the merger. Expected "synergies" haven't been realized - AOL/TW's biggest advertiser is... AOL/TW. And AOL hasn't executed on acquiring or leveraging the millions of cable subscribers hooked to Time-Warner.

But the article did compliment Steve Case for having realized AOL stock was ridiculously over-valued... and spending it quickly, before reality set in.

AOL/TW's stock is about $26 now, way down from its high. The article quoted analysts saying that most of that value is Time-Warner (about $22), with AOL only worth about $2 per share.

I thought it was interesting....

Open Source

[gandalf_grey]

If there's ever been a reason to support open source software, this is it. I think the plan is interesting, and ambitious. However, it's paramount that users know the function and operation (or at least be able to know) of software installed on their machines.

I realize that this is an "opt-in" program, but it could just as easily been something else written by a disgruntled employee. And who would have known?

Re:Open Source

[aminorex]

How many users of Windows XP understand how the
NSA backdoor keys work in IE6? Maybe 100?
Users accept this crap because Microsoft is a
trusted brand. That's fine for them. It works.
It may not be fine for you.

The situation with Brilliant Digital is exactly the
same. People trust the Kazaa brand. They agree to
the terms, and everyone is happy.

There's no scandal here. If you prefer not to
use the software, by all means, don't use it.
Brilliant isn't a monopoly, you know. You do
have choice.

And if you don't want to trust brands, you can
always fall back on peer-reviewed open source
software.

Re:Open Source

[tshak]

If there's ever been a reason to support open source software, this is it. I think the plan is interesting, and ambitious. However, it's paramount that users know the function and operation (or at least be able to know) of software installed on their machines.

Let's see... The vast majority of users have the technical skill to read and comprehend the first couple of paragraphs of the EULA which clearly explain what the software does or what it may be used for. Or, the vast minority could spend unwanted hours wading through 1,000,000 lines of source. Heck, even if it was an Evil Company(tm) that didn't disclose this info in their EULA, it's not that hard (and a common practice of geeks) to packetsniff what's going in and out of your network. How do you think we found out about all of the Real spyware? Not with the source, Luke.

Re:Open Source

[gandalf_grey]

It's not a matter of the end-user being able to understand code. Someone out there will be able to read it, and blow the whistle long before such an issue arises. Many eyes...

Re:April Fools?

[JebuZ]

Given that the supposed quote from the Terms of Service given in the page doesn't actually appear in the Terms of Use listed on the KaZaA site, it's probably safe to assume it's a joke.

sad but true - it's real AND messy

[ted+danson]

It's legit, irritatingly enough.

The program hides itself in different locations all over your hard drive, including copies of itself in your OS root and /system32 folders (if you're running Windoze)

It's a bitch and a half to purge. There's no unistaller, and it's got dozens of registry entries to manually erase.

(Search for 'bde' and 'b3d' on your HD and your registry to make sure you get it all.)

I can only imagine the looks on people's faces when a gigantic 3D Cameron Diaz appears on people's computer screens and commandeers their system.

Re:sad but true - it's real AND messy

[Skuld-Chan]

An easier way to uninstall b3d is just to click on add/remove programs->b3d view->remove - presto - she's gone :) - and kaaza doesn't even complain.

Yes windows is sometimes easy to use...

Re:sad but true - it's real AND messy

[imuffin]

Two Words: Ad-aware and Zone Alarm. Ok, i guess that's three words.

Ad-aware is a free program that searches and destroys crapware. It's automatic and seems to do a great job.

If it misses something, Zonealarm will let me know before the crapware calls home.

I once installed Kazaa. It installed and worked fine... And then, about three days later some Gator agent tried to access the 'net to download and install Gator. It even waited a few days so I'd be less likely to suspect Kazaa as the culprit!

Sounds like outright theft

[Jucius+Maximus]

"To my mind, people have downloaded a program, expecting it to do one thing, and really it has a payload that con do something completely different..."

Unless they are hiding behind some ultra-fineprint legalese, I would say this is theft. They are stealing your computer resources, electricity and time without your permission.

I have always been suspicious of KaZaA so I never downloaded it. I am stragely glad that my coursework keeps me more busy than I need to be so I don't spend my time infecting my machine with spyware file sharing apps. (Must leave now ... assignment is due tomorrow.)

Re:Sounds like outright theft

[nhavar]

The problem I see is that the terms of service could be considered vague since the original documentation and purpose of the software is by nature distributed, in that it's a distributed file system. The user assumes by downloading and setting up the program that resources are being used in the furthering of file sharing and this helps him and the other users he's sharing with. It could be seen as misleading and misrepresentation - the classic bait and switch. The users get what they want but when they're not looking - bang! Someone takes their clock cycles.

The argument that they "agreed" to this before hand is bunk. I think it goes hand in hand with shrink wrap licensing. You can't agree to something when you don't know what that something is or it's too loosely defined and allows so many interpretations.

I'd like to see how enforceable a click through license is on a virus or trojan "I agree to allow (unknown entity) to install software on my machine that may or may not compromise the security therein. Additionally I grant (unknow entity) the right to use information provided by me for commercial gain and/or entertainment purposes. This information may be obtained from files or programs installed on my system. I hereby relinquish (unknown entity) from all legal responsibilities and refuse any further legal recourse should running this program cause damage to either the computer running it or to myself... > >" Then just write a harmless "flaw" in the program that makes ">" not work and VOILA! all nice and legal!

Re:Sounds like outright theft

[Peyna]

You can't sign a contract agreeing to something that is illegal though. Sort of like the mafia trying to sue me because I agreed to whack someone for them and didn't follow through.

Re:Sounds like outright theft

[Martin+S.]

Unless they are hiding behind some ultra-fineprint legalese, I would say this is theft. They are stealing your computer resources, electricity and time without your permission.

Even if the ELUA wording is water tight, KaZaA have deceived people into agreeing toit.
Theft by deception is still theft and since agreement was obtained by deception, the EULA is worthless.

Re:Sounds like outright theft

[AndroidCat]

Didn't you read the P.S. in the EULA: "Oh, and by the way, you consent to install our propritory version of BackOrifice."? :^)

Re:Sounds like outright theft

[Peyna]

YMCANAL (you most certainly are not a lawyer). Whoever told you that is wrong. Examples that come to mind that are pretty similar to this case are AT&T including a clause in a contract for Long Distance that stated that you could arbitrate against them. Also see the section here about legality.

Fun and games

[Hostile17]

I see great potential for fun here. Think about it, They rent out your hard drive to someone, who uses it host advertisment, or demoware or music. You, being the wiley Hacker guy, replace the content porno or pirated music/software and let the fun begin. Optionaly you can sue them for using your hardware and bandwidth for morally objectionable purposes.

Re:URL! Always look at the URL!

[banky]

Yes, it's a dead giveaway it is owned by C|Net.

Distributed computing, etc.

[Alien54]

Well, the question is, could something like this be used for other less desirable purposes.

I am thinking of everything from the Classic Napster to DDOS, reverse engineering, or what ever.

The long term trust issue is the point here. pre distributing this capability in the client in advance of notifying me is annoying in the extreme.

I have added the following features without asking sounds like an MS tactic.

watch Passport become a distributed computer app for MS development projects, for example.

feh.

Can anyone argue why this ISN'T immoral?

[erroneus]

I can cry and complain all day long that this is just wrong. It's immoral. It's subversive. It's sneaky, nasty, low-down, dirty, shitty, crappy, stinky and generally F'd up!! I can get a lot of people to respond in agreement I'm sure.

I want to hear from intelligent and thoughtful people about why they think this should be okay?

When I run a program, it's because I expect a desired result. The result is generally expected and that's why I run it. Among such programs are web browsers, email clients, video players, etc. I also use Bearshare.

I think it's a simple matter to include advertising in the client software and if it's free to use like Bearshare is, it's FAIR. I know it's there. It's pretty damned obvious. If I don't want to see the advertising I can either (a) not run it or (b) run the Borland resource editor and see if I can't pull the component out of the software causing me distraction. I don't to (b) because it's too much trouble and I don't mind it that much. I can't do (a) because I love getting random treasures from across the net from generous and often stupid people. (try searching for common filenames associated with personal files such as resumes or digital pictures... it's a hoot! Naked strangers! yeah!)

Anyway... I'm straying from my point. I'm writing to solicit intelligent and thoughtful rationales for adding 'secret software' into such programs.

Re:Can anyone argue why this ISN'T immoral?

[tshak]

I'm writing to solicit intelligent and thoughtful rationales for adding 'secret software' into such programs.


A) It's not secret software. You agree to an EULA which clearly mentions this "feature".

B) Essentially, Kazaa is not free. Instead of paying money, you agree to paying CPU cycles. It's a simple form of bartering.

C) They're not a monopoly, and they're not leveraging an existing monopoloy to push this product. Therefore, they make the terms (read: Free Market), and as long as those terms are fully disclosed (as they are), there is no problem. It is of no burden for you to disagree with said terms and use a competitors product.

I hope that was at least semi-intelligent!

Better than Spyware? Depends.

[ackthpt]

Which is better...something that reports back your habits, or something that uses spare cycle time for something constructive?

From the article:

Brilliant Digital CEO Kevin Bermeister says computers or Internet connections won't be used without their owners' permission. But the company will nevertheless have access to millions of computers at once, almost as easily as turning on a light switch.

"Everybody will get turned on in more or less a simultaneous fashion," Bermeister said. "This will be an opt-in program...We're trying to create a secure network based on end-user relationships."

(emphasis mine)

How many of the installers actually read the agreement and what would you bet the software installs pre-opt-in? I'd like to see what anyone who has installed it has to say to describe this bit of up-front opting in. If it's buried in the end user agreement, then it's about as good as something Dr. Evil would dream up.

I'm currently fed up with what I'll call sneakware, that's pre-installed software on my 2 yr old laptop which has woken up and installed software and changed default settings. I caught Adobe Photo Deluxe changing itself when I went to edit some photos. I can't even figure out how to stop it, short of yanking the phone cord out of the modem when it goes to connect to websites. Bastards. Worst of it is that I actually need to use the software from time to time.

gnucleus

[benjamindees]

Gnucleus is a FAST, open-source window$ client in a relatively stable state right now. It also works in Wine, from what I hear. It has lots of features not present in slower clients like Limewire and, being open-source, doesn't lock out other clients like BearShare does. Morpheus has switched its entire network to Gnutella on a modified Gnucleus client, so there is no longer the "lack of files" excuse for using a proprietary network instead of gnutella. If you download it, be sure to "evolve" to version 1.6.3, as the version on the site is not very stable.

Wait, there's a good idea here...

[drudnick]

OK lots of people use these types of programs, so what if this was put in each one, then the distributed time sold to companies? The money could then go to the RIAA/MPAA. If every user of this software let it run 24/7, this might be a fair way of doing things.

Of course, this would have to be with the user's consent.

The fact is this software DOES cause damage to artists and the RIAA/MPAA. Maybe this would be a good way of offsetting the damage without paying a tax/tarriff/fee.

Re:Wait, there's a good idea here...

[gehrehmee]

Problems:

• It's used to distribute non-music, non-video files
• It's used to distribute music by artists not covered under RIAA members
• Many artists may actually want their music distributed on this network. (In which case, by the same argument that says consumers should pay for access to Kazaa, artists should pay to have their music on Kazaa. Hrm. Then where would we be? :) )

Re:April Fools?

[cheinonen]

Go to cnn.com and look up a stock quote on BDE, you'll find Brilliant Digital Entertainment. It might be a stupid name, but they are a public company.

Re:April Fools?

[Boone^]

Prolly not considering that I just uninstalled the b3d crap from WinXP.

Re:URL! Always look at the URL!

[mughi]

Well, if you go to http://www.news.com/ itself you see the same stories.

Of course, it's http://news.com.com/ in a frame. So either C|Net got hacked, or that's how they're doing things now. Given that whois says CNET owns 'com.com', the latter is more probable.

i doubt it

[Edmund+Blackadder]

would cnet news put in a joke story?

doubt it. they are supposed to be a serious site after all. And printing fake business news can get you in trouble.

nope its real.

Re:i doubt it

[Edmund+Blackadder]

i can get to the same article from cnet.com

it is real me thinks

Supicious URL -- but legitimate

[wufpak]

Yeah, news.com.com seemed suspicious.

But the Kazaa story is also on www.news.com.

It looks like cnet owns the .com.com domain, too:

Registrant:
CNET Networks, Inc (COM2994-DOM)
235 2nd Street
San Francisco, CA 94104
US

Domain Name: COM.COM

You forgot two things...

[ackthpt]

You left out 'IANAL' when it comes to interpreting the law -and- proof that that spare capacity has value upto or exceding $5,000 (which when you get down to it can be a bit tricky to really establish a value on)

As for without your opinion, how about looking over whatever license or installment agreement you just happened to click through quick just to get it up and running... Though they may not hold much water, it's another bit up the hill for you and your actual lawyer to run, when you go to prosecute.

Re:You forgot two things...

[BlueUnderwear]

You left out 'IANAL' when it comes to interpreting the law -and- proof that that spare capacity has value upto or exceding $5,000 (which when you get down to it can be a bit tricky to really establish a value on)

Does this $5000 threshold apply to each individual computer, or does it apply as an aggregate for the damages on all? trojaned computers. If the latter, it would be trivially reached. Oh, and btw, people have been indicted for similar offenses in the past.

Re:You forgot two things...

[Heironymus+Coward]

more to the point: I clicked on the link and read the original article, and it implies that the click-through licensing agreement will appear when they activate the software. in other words, no one has agreed to anything yet, and brilliant says they will not run the software without the end-user's permission.

Re:You forgot two things...

[Jouster]

Except (from the EULA displayed when installing the Kazaa software):

(b) You hereby grant BDE the right to access and use the unused computing power and storage space on your computer/s and/or internet access or bandwidth for the aggregation of content and use in distributed computing. The user acknowledges and authorizes this use without the right of compensation. Notwithstanding the above, in the event usage of your computer is initiated by a party other than you, BDE will grant you the ability to deny access.

You hit "I agree" on this thing in order to install the software. Thus, they are not exceeding the rights you have explicitly granted them.

Jouster

Re:You forgot two things...

[Fat+Casper]

IANAG (I am not a grammarian)

Excerpt (from your excerpt of the EULA)

Notwithstanding the above, in the event usage of your computer is initiated by a party other than you, BDE will grant you the ability to deny access.

The (not yet established as legally binding on the end user) EULA grants them their rights, but if the wording on the imminent pop-up is at all obsfucatory, then the users will have a case. They have not yet hit the "I agree" that matters, and a window that (months after they failed to read the EULA) pops up in the middle of an AIM chat is going to get clicked on immediately, simply to get it out of the way. The users will have a good case if they want one.

The story said that it was impossible to install without clicking yes, but that the trojan could be removed later without affecting the P2P preformance at all. Pray tell, did the EULA mention that? There's opt-in and there's opt-in. Deceptive practices simply blow. Any agreement that cannot stand up in the light of day is no agreement at all.

I want to coin a term for this

[Edmund+Blackadder]

i would like to coin a term for this practice. Compulsory P2P. Sounds catchy, doesnt it?

Re:I want to coin a term for this

[Reziac]

And as we all know, all things not compulsory are forbidden.

In this case, I'm not so sure that was a joke. How long til the distributed computing part is used to watch what you download from the P2P network, and perhaps send a meaningful sample of each file (frex, enough to convict) to the RIAA's lawyers??

Re:The USA PATRIOT Act to the Rescue!

[tshak]

I granted no access nor privilage to use my systems, to any employee of Brilliant Digital Entertainment Inc.

Except the EULA you agreed to. We can all argue how much weight an EULA has, however, this point concludes that you are no longer looking at a simple patriot act lawsuit, but a challenge against an EULA's legal power. I don't think a few CPU cycles from a now publically known "feature" will cause enough "damage" to constitute any sort of a lawsuit.

Re:The USA PATRIOT Act to the Rescue!

[CleverNickName]

If this software utilized any cycles on my system, it will impact performance causing me expense which will rapidly increase to the $5000 threshold (a cumulative threshold). I granted no access nor privilage to use my systems, to any employee of Brilliant Digital Entertainment Inc. [slashdot.org] so as soon as any command is issued, affecting the behavior of any software installed on my computers, the employees and officers of Brilliant Digital Entertainment will imediately have become guilty of computer crimes under the Computer Fraud and Abuse Act as modified by the USA Patriot act.


Thank god you are helping us all in our noble fight against terrorism.

Let's Roll.

Fighting sneakware

[Sheetrock]

I'm currently fed up with what I'll call sneakware, that's pre-installed software on my 2 yr old laptop which has woken up and installed software and changed default settings. I caught Adobe Photo Deluxe changing itself when I went to edit some photos. I can't even figure out how to stop it, short of yanking the phone cord out of the modem when it goes to connect to websites. Bastards.

You might have tried something like this already, but if not download or buy a package that monitors programs that try to access anything through TCP/IP and warns you when a program is trying to do something you haven't authorized over the network. Tiny Personal Firewall has worked out pretty well for me and is free for home use. It works in most cases, unless the application has a legit reason to use a particular port and also uses it for something you wouldn't expect. Adobe Photo Deluxe doesn't sound like it'd fit into that category, however...

Re:Fighting sneakware

[NoData]

You might have tried something like this already, but if not download or buy a package that monitors programs that try to access anything through TCP/IP and warns you when a program is trying to do something you haven't authorized over the network.

Zone Alarm from Zone Labs is another free firewall that performs this job splendidly for my Win2K set up.

Re:Fighting sneakware

[ryanwright]

Sygate personal firewall is also free for home use. I've had prior experience with their commercial software and have nothing but praise for it. Their personal firewall software also works very well...

Re:April Fools?

[Gojira+Shipi-Taro]

Excuse me, but that's TANSTAAFL

"There Ain't No Such Thing As A Free Lunch"

If you're going to use a Heinlein quote for Evil, get it right, please...

And for the record, look at the date on the story, it's got to be an April Fools joke, possibly misreported a couple times over. If they actually tried that, they'd be DOS'ed out of existance...

Re:FYI, Kazaa License

[dh003i]

Where in this license does it say,

"You hereby grant (Brilliant) the right to access and use the unused computing power and storage space on your computer/s and/or Internet access or bandwidth for the aggregation of content and use in distributed computing," the terms of service read. "The user acknowledges and authorizes this use without the right of compensation."

It doesn't. I've done a search, and those words aren't there. The word "Brilliant" isn't said once in the entire license.

I'm not saying this license is great, but its not all that bad either.

Most of it is unenforcible bullshit designed by KaZaA to cover their ass in terms of IP claims of violations.

They can terminate your account at the stop of a dime. But you can also easily create a new account at the stop of a dime.

They claim that any disputes must be resolved in their country. Unenforcible. US courts don't enforce decisions made by foreign courts, so foreign courts have no influence over US citizens.

And so on. Most "termination of license" crap is completely unfenforcible, neither legally nor practically.

Huh?

[Danse]

What do you mean "hiding" something in the license agreement? If you read the agreement, as you are supposed to do, before clicking "I agree", then you would know what you were agreeing to. If you don't read it, then you deserve to get screwed.

Re:Huh?

[Sancho]

Deserve to get screwed? Bullshit. EULAs are written by lawyers, for lawyers. Most people who run Kazaa wouldn't even understand that particular clause in the EULA if they'd even gotten to it with all the legalese in there.
Furthermore, contracts aren't legal if one or more of the parties did not fully understand the implications of the contract (read up on cases where people just signed on the X without reading the contract in full view of a notary public--in almost all cases the contract was declared null and void).
If EULAs are found to be legal contracts, this should apply, should it not?

Re:Huh?

[Sancho]

So will you pay for the legal fees? Or maybe Best Buy should, since they sold the computer in the first place.

Computers are only as inexpensive as they are due to Microsoft and the standardization of a user-interface/api. Sad but true. And if everyone who wanted to use the computer actually had to hire a lawyer first, computers wouldn't have become as prevalent, the internet wouldn't be what it is, most likely we would not be here.

Nice knee-jerk reaction, but there is really a lot more behind this situation.

Re:Huh?

[Danse]

Yep. The problem is that you, and everybody else, should demand easier agreements from the companies you purchase software from. Or you should simply not buy their software.

Re:Huh?

[Danse]

So will you pay for the legal fees? Or maybe Best Buy should, since they sold the computer in the first place.

Nope. You're the one entering into the agreement with the software company. You should be responsible for obtaining whatever help you need to understand that agreement. If you can't afford to understand the agreement, then you probably shouldn't agree to it. If enough people did this, then software makers would be forced to simplify their license agreements. But since nobody bothers to read the things, they take full advantage of that fact. Like it or not, those that don't read and understand their agreements are contributing to the problem and deserve what they get.

I agree that standardization has made PCs cheaper, but I don't think Microsoft is helping much in that area. They've helped make them easy enough for regular people to use, certainly, but MS software has been comprising a greater and greater portion of the cost of a new computer for years now.

There's a subtle logic at work here

[circletimessquare]

There's something tricky going on here that is not immediately apparent if all you do is look at and knee-jerk react to this story:

I download Kazaa. I download Kazaa because Napster doesn't work anymore. Napster doesn't work anymore because the music companies say it rips them off. I don't care about ripping off music companies. But that makes me think: I can see how I'm ripping off artists. Gawd I love Kazaa! But I feel bad about ripping off artists.

BDE through Kazaa wants to use my computer cycles? Well geez, I feel bad about getting all this great music for free... I owe somebody something... Oh alright, that's a fair exchange.

The power of guilt.

Mark my words, people will accept this barter, except for one small problem: the artists still aren't getting paid!

BDE is getting away with murder: benefiting off of artists by proxy, and benefiting off of consumers, through guilt.

Re:There's a subtle logic at work here

[mgblst]

the artists still aren't getting paid!

With the current cd for cash model, the artist doesn't really get paid either!

Re:There's a subtle logic at work here

[Fantastic+Lad]

BDE through Kazaa wants to use my computer cycles? Well geez, I feel bad about getting all this great music for free... I owe somebody something... Oh alright, that's a fair exchange.

Yeah, I was thinking much the same thing. Except my conspiracy oriented mind-set makes me want to add that it was probably even pre-planned from Napster onward. --With the ultimate goal of planting the deep suggestion, "You Will Submit." --Nudging ever wider that channel in your mind through which tomorrow's shepherds, sheerer's and butchers will lead you against the currents of both logic and any remaining sense of self preservation.

But then, I ponder these things rather too deeply sometimes. . .

-Fantastic Lad

Re:URL! Always look at the URL!

[mister+sticky]

jeez, april fools day has turned all us slashdotters into a bunch of cranky, trust-no-one cynics.

oh wait..

Re:Geography

[Kris_J]

I thought the window for AF crap was supposed to close at midday April 1. You know, if you're following tradition rather than just using it as an excuse to be annoying.

Jesus, stop your damn whining

[nobodyman]

You don't want to pay for your new NSync CD.

You don't even want to pay for the software that allows you to steal the new NSync CD.

Yet you complain that *somebody* in the chain is trying to make money? What socialist wet dream are you living in, anyhow?

EULA

[ralian]

No hoax here, folks:

From the Kazaa EULA, addendum section on BDE:

4(b) You hereby grant BDE the right to access and use the unused computing power and storage space on your computer/s and/or internet access or bandwidth for the aggregation of content and use in distributed computing. The user acknowledges and authorizes this use without the right of compensation. Notwithstanding the above, in the event usage of your computer is initiated by a party other than you, BDE will grant you the ability to deny access.

Interestingly as well:
5. Term; Termination.
(a) This Agreement will be effective as of the date you accept this Agreement and will remain effective until terminated by either party ("Use Period").
(b) BDE may terminate this Agreement at any time by providing notice to you. You may terminate this Agreement at any time by ceasing use of the Software and Services and destroying or removing from all hard drives, networks, and other storage media all copies of the Software. Upon any termination, all licenses and rights to use the Software and the Services shall terminate and you must remove the Software from your computer equipment and dispose of all originals and copies of the Software in your possession. The following Sections shall survive any termination of this Agreement: 2, 3, 4, 5, 6, 7, 8, 9 and 10.

So you can't terminate once you've accidentally clicked "OK". Although you sort of wonder how they're going to apply section 4 once you've "destroyed or removed from all hard drives, networks, and other storage media all copies of the Software."

Re:EULA

[drew_kime]

From the EULA:

You may terminate this Agreement at any time by ceasing use of the Software and Services and destroying or removing from all hard drives, networks, and other storage media all copies of the Software.

From a post above:

The program hides itself in different locations all over your hard drive, including copies of itself in your OS root and /system32 folders (if you're running Windoze)

It's a bitch and a half to purge. There's no unistaller, and it's got dozens of registry entries to manually erase.

So in order to terminate the agreement, you have to purge the program and all associated files from your system. Then they don't provide an uninstaller that makes it reasonably possible to actually do that. Perfect.

Double Screw Kazaa

[Veramocor]

First download Kazaa lite:

http://www.kazaalite.tk/

It removes all spyware and inserts a fake file which looks like syware so that kazaa can't shut itself down. Kazaa: 'Your stealing my program!" Kazaalite"Stealing is a strong word, we're copy infringing on your program :)"

Then heres the cool thing, edit your "hosts" file. Go ahead search for it. Good you found it. Now any server you don't want to connect to say ads.kazaa.com (just an example.)

type in your hosts file

127.0.0.1 ads.kazaa.com

Everytime kazaa tries to download an add from ads.kazaa.com it'll be looped back to your own computer. No ad!

Of couse kazaa could always just use IP addresses directly bypassing hosts. But they havn't yet.

Another thing, I have no idea whether kazaa lite has this distributed trojan active in it.

It asks permision 1st

[DABANSHEE]

RTFA

Re:It asks permision 1st

[hillct]

The previous poster needs to take his own advice. The mere fact that the employees of this company have the ability to direct the activity of the installed software constitutes the violation, regardless of if that action is to ask permission of the user or to display a window or any other operation the software would not perform without intervention.

--CTH

Re:This aint a good idea

[sinserve]

What a bunch of BS.

The OS takes care of process scheduling. The two never see each other; at
any given instance, the running process has control over all system resources
(atleast memory and CPU, can't speak for devices with built in HW logic.)

Each process owns the system register set, some memory pages, and a desginated
stack area, for a time slice. As soon as its time is up, its context (registers,
memory page descriptros, stack pointers, etc.) is saved, and another process takes
over the system.

This happens too fast for you to notice, but the two processes never see each other.
The only time Kazaa can corrupt the resources of your "decompressor" is when the two
share persistant data (files, database tables/records, streams, etc.) and there is
no way to independently developed, and installed programs can reference the same file
(unless it was a system file, and they both know of its existance. But this is not the
case in windows, which has a registry, and each installed app has its own entry in the
registry, and thus there is no name clashes.)

--

Kazaa Lite

[Dwedit]

What does this mean for users of Kazaa Lite?

Will I be taxed?

[anthony_dipierro]

So Brilliant Digital is providing me with a service, the Kazaa network, in return for another service, use of my computer's storage and spare CPU cycles... First of all, it's a great idea. But I wonder whether or not users of this service will be legally required to pay taxes on their barter income, and more importantly, whether Brilliant will have to mail out 10,000,000 1099-Bs (along with collecting 10,000,000 social security numbers).

Re:Will I be taxed?

[anthony_dipierro]

Watching ads is not a service, nor is it required quid pro quo for watching television. I am free to go into the other room and refuse to watch the advertisements, and I still get the service of television.

If use of CPU and storage space is required quid pro quo for use of the Kazaa network, you have a much different situation from television advertisement. If it's voluntary, a gift in exchange for a gift, with no requirements, then it's not barter. But in that case, I also believe it will not work, in the end (when others catch on, for instance).

Re:Bill Gates murdered???

[nhavar]

april fools joke from '99 or something.

Re:and how exacly would OS save them from this?...

[Florian+Weimer]

how by being open source going to save millions of non technical user privacy?

User agreements for Free Software do not include provisions which allow software manufactures to spy on the users or misuse their computing equipment, otherwise it wouldn't be Free Software.

Re:April Fools?

[Deffexor]

Did someone actually follow the link? Even though it appears to be coming from News.com, it is actually coming from News.com.com

Some owns the domain name: com.com - but it probably isn't C|Net.

I say April Fools! =P

Kazaa Lite

[rjbrown99]

Uninstall Kazaa. Do it now. Then go to http://www.kazaalite.tk and get Kazaa lite. It is 100% the same - minus all of the spyware. It also removes the restriction on 128K bitrate among other things. If you currently use Kazaa, you should go to this page, follow the instructions, and get rid of the spyware crap on your system!

Re:April Fools?

[Deffexor]

Then again, I could be totally wrong:

Domain Name: COM.COM
Registrar: NETWORK SOLUTIONS, INC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: NS.CNET.COM
Name Server: NS2.CNET.COM
Updated Date: 04-dec-2001

/me runs away and hides...

Uninstall BDE?

[anonymous+cupboard]

Kazaa has such a reputation, that I am very surprised that nobody deinstalls the extras and runds the ad-aware program from Lavasoft.

BDE (Brilliant Digital's Engine) is listed separately on the list of programs installed and may be deinstalled. It leaves some very suspicious crap around in the %WINDIR%\SYSTEM32 directory, so after deinstalling and rebooting it is a good idea to remove this as well before continuing (and before you connect to the network).

Regrettably the Gnucleus network still doesn't provide the accessibility to material that Fast-track does. I run both clients and can see the difference, particularly with regards to queuing.

Oh, the horror, the horror, the split infinitives

[screwballicus]

The Grammar Nazi would like to also point out

Would that be "like also to point out" then, in grammar nazi terms? Split infinitive? Ja, mein herr!

an error of grammar

Doesn't seem to be an error of grammar at all. Seems to be an error of the person using said grammar.

Just reciprocating, grammar nazi to grammar nazi. I can feel the love.

Re:April Fools?

[Barbarian]

it's on the front of C|Net news.com as well, they own com.com...

Re:Oh, the horror, the horror, the split infinitiv

[Kymermosst]

Going to lose a karma point for this one...

Just reciprocating, grammar nazi to grammar nazi.

That sentence lacks a subject.

I, however, do not think of myself as a nazi at all.

Like this:

[shepd]

Allow me to explain by example.

void main()
{
doDownloadFiles();
doUploadFiles();
doSpyWare();
doDistributedComputing();
}

becomes

void main()
{
doDownloadFiles();
doUploadFiles();
/* doSpyWare();
doDistributedComputing(); */
}

Sure, it takes a high-school CS student to figure out what to comment out, but once its re-compiled and distributed on KaZaa, the modified version will spread like wildfire.

If the license is truly open source, this wouldn't even be illegal (not that KaZaa users really worry about that anyways).

Re:The USA PATRIOT Act to the Rescue!

[Sancho]

If you're using Kazaa, you did consent. Read the EULA sometime.

4. Upgrades and Access.
(a) You acknowledge that BDE may from time to time provide future programming fixes, updates and upgrades to you ("b3d Updates"), including automatic updates to KaZaA and other software bundled with KaZaA, through automatic electronic dissemination and other means. You consent to such automatic updates and agree that the terms and conditions of this Agreement will apply to all such b3d Updates.
(b) You hereby grant BDE the right to access and use the unused computing power and storage space on your computer/s and/or internet access or bandwidth for the aggregation of content and use in distributed computing. The user acknowledges and authorizes this use without the right of compensation. Notwithstanding the above, in the event usage of your computer is initiated by a party other than you, BDE will grant you the ability to deny access.

Of course, EULAs have yet to be stress-tested in our court system, but are *you* going to have the money to win the court case?

Erik

Distributed doubleclick?

[MadFarmAnimalz]

Under this plan, an ad that a person sees on a Web site might be hosted by a nearby computer running Brilliant's Altnet instead of on a central ad server, as now typically happens with DoubleClick.

Well, this seems pretty much to be the end of ad blocking through firewall rules... Pretty easy to see why doubleclick would like this scheme.

You'd basically never know what host would be spamming your browser...

*sigh*

Re:Oh, the horror, the horror, the split infinitiv

[screwballicus]

I, however, do not think of myself as a nazi at all.

Nor do I. Anyway, by picking on split infinitives, I was clearly being nitpickier than an individual who is employed in the profession of picking nits, who then goes home each night and practises picking nits and in his dreams imagines nits which are so great in number that never could they all be picked. Even the OED now acknowledges the use of split infinitives to be perfectly grammatical. I can't imagine why a germanic language would even acknowledge the existence of such a thing. I still have one English prof who maintains that split infinitives are in all cases inexcusable, but I think he's just a dinosaur.

To roughly quote Churchill on the topic (and this is an almost ALWAYS misquoted phrase. This version is from the Oxford Companion to the English Language and is merely a suggestion for the unknown original form)

"This is the sort of bloody nonsense up with which I will not put"

Have you seen this...

[BillGodfrey]

introduction to distributed computing?

Bill, plug.

Incredible

[TheCrunch]

Am I the only one who thinks these P2P apps are evil?

I used Grokster on my networked Win2K box at home. This box contains my personal files, such as financial info and I also use it to do online banking. So my privacy really matters. I also use this box for work and I have it streamlined and tweaked to run as efficiently as possible. No foolish system tray or startup apps etc...

Well it seems that P2P apps like Kazaa or Grokster work hard to breach my privacy and fudge my system. I've never known software to be so malicious. First, I see that Grokster has web-based ad support. Okay, that's tolerable, they need some form of revenue. But don't think I haven't noticed your "secret" stash of cached ads in my system directory, Mr Grokster. Then I notice the popup ads. Also annoying.. but again I tolerate. I didn't run Grokster for longer than a day and my system can handle twenty browser windows. But then, incredibly, it turns out that the required advert component also sends out information about me, including my browser history. Big no-no, Mr Grokster. Now I have to spend time to counteract this. I found a replacement set of libraries which do not send personal information. From that point on, I figured I was safe. Oh no... this weekend, after a Grokster session, I spotted a strange "extract.exe" on my desktop. Hmmm. How did that get there? I took a look inside and found various executables and libraries. How quaint. I most certainly did not download it. So I searched my system and lo and behold, it seems some ActiveX has automatically downloaded and run this program for me, spreading half a dozen files around my system. Looking through the registry I see that in fact it's installed a browser toolbar. Oh lovely.. just what I wanted. Took me a good half hour to rid my system of it's leeches.

The moral of the story, don't run Grokster. Well fine, I've learnt my lesson and I'm fortunate enough to have another disposable machine to unleash the Grok on. But my concern is the X million people who don't have a clue. The sort who click on "www.yahoo.com.exe". They see Grokster or Kazaa on download.com or whatever, download it and use it blissfully ignorant of what I consider to be a virus. In fact, the only difference I see between Grokster, Kazaa etc.. and viruses is a service. Package your virus as an application and you earn amnesty from antivirus software.

Slashdot articles and anti-spyware sites keep us geeks in the loop, but that doesn't help the masses. Only laws help the masses. There must be some law somewhere that states such practices to be illegal. Tricks used by these programs such as placing independent components in the system directory posing as actual system files, running programs without permission, not informing users of these hidden "features" and so on, are clearly malicious.

I'm for P2P networks, but clients such as these seriously rub me the wrong way and I'll be glad when the RIAA eats them. I just pray for a nicer client to take their place.

Suicide not guaranteed

[dstone]

Then they have just committed corporate suicide. Glad I don't hold any of their stock...

I disagree. What they've done sounds very rude and deceptive to me. But it may very well be legal and may result in them staking a claim in an emerging, lucrative market. Thus, the company's perceived value may increase and shareholders may be pleased. I'm not predicting that their stock price will rise with certainty, but I don't believe it's a foregone conclusion that this will tank it. Talk to a penny-stock promoter good at spinning publicity. He/she'll tell you that there's almost no such thing as bad publicity for an upstart. A piece of news (or even a rumor) like this that puts them on the map and on traders' tongues may be just what their stock price needed. Time will tell. Afterall, we only need to look to companies like Verisign with horrible, headline-making security and privacy goof-ups and deceptive practices to see that their rude actions and policies do not result in corporate suicide. (Unfortunately.)

If they've committed any type of "suicide", it's simply image-suicide in the eyes of a very small, elite crowd (ie, Slashdotters, privacy defenders, etc.) The market and shareholders may not care about this.

spyware

[stud9920]

I think I have discovered yet another effect of cydoor. As you know, cydoor is installed with kazaa. Once some months ago, I noticed that IE6 and or OE6 crashed when I tried to use the keyboard under unknown conditions. I decided to reinstall windows XP without further looking. Some reinstalls later, I found what was responsible for the crashes : they occured ONLY when kazaa was running, and yet more often when kazaa was not running minimized. One month ago, I found a dummy dll to replace cydoor's cd_clint.dll but only returning dummy values, without spying on me. Since then, not once did IE6 or OE6 crash ever again. To me it is obvious that cydoor is trying to keylog on me, and gets blocked by either windoze XP, either by zonealarm. Do you have more info on the matter ? Isn't this perfectly illegal ? (I do netbanking from that computer). Hasn't the boss of cydoor been involved in creditcard fraud ?

criminal trespass

[maxpublic]

Given that no EULA has the force of contract law anywhere in the U.S., it's rather doubtful that it could be used as 'consent' for utilizing spare cycles in a legal fashion. The company is treading dangerous ground here and just begging to be bitch-slapped with a lawsuit.

While I doubt a serious argument could be made for damages, unless the EULA is upheld by some clueless court then using the spare cpu cycles of personal computers clearly constitutes criminal electronic trespass as outlined in the PATRIOT act. And, as we know, this automatically brands one as a terrorist.

I don't use Kazaa but I can't imagine that very many users will be happy to have their 'spare' cpu cycles appropriated for someone else's gain. Just another reason to dump this software in the electronic crapper.

Max

Most p2p sucks

[Bender+Unit+22]

Now I dont know if it's a joke or not, but still after installing Kazaa and most other p2p programs, warning lights in Ad-Aware(2) from Lavasoft lights up like a xmas tree.
Bearshare is the only one I can manage to install and get rid of all the snooping, I think.

My take on this

[The+Mayor]

Why don't we simply hack the protocol used by Kazaa for this thing, then flood the system with false/bogus data? Kind of like a DoS to these guys. Or would that violate the DMCA? Can a protocol be considered a form of copy protection?

hehe...just a thought. Of course, I'd never actually spend any effort doing this, but I'd gladly join in if such a client were available.

Re:Oh, the horror, the horror, the split infinitiv

[cheekymonkey_68]

Nor do I. Anyway, by picking on split infinitives,

Shame on you for picking on split infinitives.

Even the Oxford English Dictionary approves of split infinitives now.

To roughly quote Star Trek on the topic.

James T. Kirk was way ahead of his time in deciding "to boldly go" into far-flung galaxies. The "Star Trek" captain was out there splitting infinitives in his 1960s TV science-fiction series long before the "official" green light was given.

Now, in the New Oxford Dictionary of English (NODE), 30 editors and 60 consultants around the world have sided with Captain Kirk and given their blessing to what some grammatical sticklers still regard as anathema or worse.

Indeed, the compilers not only approve of splitting infinitives but also seem bent on dividing the English-speaking world - or at least the part of it that cares about language and grammar.

Among the volume's more than 2,000 new words and phrases, split infinitives rub shoulders with "shock jocks," "Blairite," "alcopops," "tamagotchi," and "zero tolerance" as acceptable present-day usage.

So there....

They *do* deserve to get screwed

[Anonymous+Brave+Guy]

Deserve to get screwed? Bullshit. EULAs are written by lawyers, for lawyers. Most people who run Kazaa wouldn't even understand that particular clause in the EULA if they'd even gotten to it with all the legalese in there.

Most people who run Kazaa are using it to break copyright laws, in the full knowledge that doing so is illegal. Furthermore, they are using a tool they don't know much about (hence this thread) because their greed outweighs their common sense. Like the man said, they deserve to get screwed.

Go ahead and mod me down. I don't mind burning karma if that's what it costs to tell the truth.

Re:They *do* deserve to get screwed

[MadAhab]

Oooh. You're so brave!

So it's primarily the fact that users may possibly breaking the law that makes tricking them with a EULA written in an untested and perhaps not even legal contract in fact both legal and ethical. How many classes of Ethics 101 did you say you'd been to?

I helped someone install realplayer yesterday and they helpfully "agreed" you to a bunch of things by putting a bunch of unchecked boxes inside a combo box, while putting the checked ones down below, where you had to scroll to see them and are unlikely to look, since the unchecked boxes suggest that "no by default" is the answer. Sneaky and unethical? Yes. So what, I'm sure there must have been some illegal intent that makes it ok... not that you can spell "ethically challenged".

Re:They *do* deserve to get screwed

[Anonymous+Brave+Guy]

Excuse me? You're defending people who use Kazaa for illegal purposes, hypothesising about reversing an agreement knowingly entered into on the basis of legal technicalities, and then accusing me of being "ethically challenged" in the same post?! You, sir, are a hypocrite of the highest order.

And by the way, no, I didn't say at any point that I condoned the behaviour exhibited by those involved with that EULA. I just lack any sort of sympathy for those who fell for it.

I don't think so...

[Anonymous+Brave+Guy]

Sure, it takes a high-school CS student to figure out what to comment out, but once its re-compiled and distributed on KaZaa, the modified version will spread like wildfire.

<sarcasm> Sure, that's why there are so many high quality, open source alternatives available, and why everyone uses them instead of Kazaa. </sarcasm>

Sorry, but the objective evidence just doesn't support your claim.

Re:I don't think so...

[ivan256]

It's not that there aren't open source alternatives, but that the open source alternatives have no marketing budget. Most people use what's crammed down their throat. They've been trained not to think for themselves.

Oh yeah. --Forgot to add. . .

[Fantastic+Lad]

For such domination to work, one must agree to it.

As such, it is important that people be aware that they are being used; they must be aware of spyware and corporate manipulations, they must in fact have the choice of not opting in.

And not opting in, I notice in this case, has become harder than just hitting the 'Decline' button on the install page. It has gone deeper; choosing is now predicated on there being a general awareness that corporate entities always want something in return for free goodies even if the string is all but invisible. (Though, not so invisible that it isn't reported on popular news forums. . .)

The meat just doesn't taste right if it isn't agreeable.

-Fantastic Lad

From Kazaa Terms of Use

[famazza]

From Kazaa Terms of Use:

About new features:

• 4.2 We may add, delete or change some or all of the Software functionality provided in connection with KaZaA at any time. This may include download of necessary software modules. Any new features that augment or enhance.

This means that they can do whatever was needed to add this distributed network stuff.

About downloads/installations without your explicit approval:

• 4.5 You acknowledge that KaZaA or parties appointed by KaZaA may from time to time provide programming fixes, updates and upgrades to you, including automatic updates to the KaZaA Media Desktop, through automatic electronic dissemination and other means. You consent to such automatic updates and agree that the terms and conditions of this Agreement will apply to all such updates.

This means that Kazaa may send you updates without any warning, and you agreed with this.

Conclusion, everything Kazaa is doing is legal. They are not doing anything there's not in the Terms of Use accepted by every user.

Cranial saw and foresnips

[stinkydog]

You can remove the BD app from your system, it just take some patience and a little brute force. After the giant evil cameron diaz attacked, I wacked the BD app with a combination of file deletions and reg edit. Interestingly enough, Kazaa still works.

SD

The Price of Free Software

[MBCook]

Well let's face it, free software costs money. Right now all free software is either given away (Linux), or ad supported (KaZaA). We have seen many ad supported things fail in the last year from lack of revenue, so maybe this is the next logical step. I don't know about the rest of you, but I don't mind giving away my CPU cycles while I'm using a program if it means that I won't have to pay to use it. KaZaA is great, and the ads in it are small. Give me KaZaA with distributed computing any day over KaZaA with half of my screen a giant flashing add that says "If this is flashing then you've won $1,000,000 in penis enlarging, cancer curing, brain improving, lose weight while you gorge yourself on sweets pills." My only regret is I feel that they should have told us users that this was there. I wouldn't have minded. The only thing that I don't like about all of this is that they tried to do it behind my back.

peanut butter on sphagetti

recipe using both peanut butter and spaghetti:

1 serving of spahgetti
3 tablespoons of soy sauce
1 tablespoon of peanut butter
1 tablespoon olive oil
1 tablespoon of sesame oil
1 tablespoon balsamic vinegar
1 half of a cucumber, chopped
pinch of green onions
pinch of cilantro
pinch of salt
pinch of pepper
pinch of garlic powder
pinch of powdered ginger

mix everything but the spaghetti together, and put in the fridge
boil the spaghetti, and when done, put in a colinder and keep moving it under cold water until the spaghetti is cold
thouroughly drain the water and mix it in with the peanut butter mixture
refrigerate for 15 minutes and serve!

cold sesame noodles, just like the chinese restaurant makes. garnish with sesame seeds and carrot shavings if you like.

Does the owner of the computer own network rights?

[ClarkEvans]

This software assumes that the owner of the computer (who installs the software) owns the right to the bandwith. In some places (commercial offices and schools/universities) this assumption isn't right or is suspect. I would bet that these fellas may have a nice law-suit on their hands (can you say preliminary injunction) by large corporations or universities who stand to loose alot of bandwith once this service is turned on. Furthermore, I bet some DSL/Cable agreements have anti-server clauses. This software would cause the user to violate their clauses and potentially disconnect them with fines from their ISP. All-in-all, it's bad business, bad karma, and it'll catch up to them.

Some observations

[Rogerborg]

• Bermeister said the company had been testing the technology along with ad giants DoubleClick as a way to serve ordinary Web ads more quickly. Under this plan, an ad that a person sees on a Web site might be hosted by a nearby computer running Brilliant's Altnet instead of on a central ad server, as now typically happens with DoubleClick.

"Quickly" is mendatious. The majority of end users will have port 80 traffic cached by their ISP, and you can bet that cache will be juicy-full of DoubleClick stuff. My ISP routes all traffic via my local access point, even traffic to other people under that access point, and they run a cache at the access point. So even if I were to get ads from the guy next door, it would still be slower than getting them from the cache. All this would do would be to cut down DoubleClick's bills for uncached accesses, and (interestingly) stop me blocking DoubleClick using my hosts file. If this latter reason is actually material, then it's a sad indicator that the ad market has given up any pretence that ads are in any way connected to revenue. If I've gone out of my way to actively block your adverts, and you force them on me anyway, what exactly are your chances of gaining one red cent in revenue from me? Farcical.

• Bermeister said. "This will be an opt-in program..." [...] the software would show a pop-up box explaining the network's function and giving people a chance to turn it off

Hey, opt-in, opt-out, what's the difference, eh? To apply an equally muddled metaphor, they'll probably burn that bridge when they come to it.

• People who allow their computers to be used will be compensated somehow, possibly with gift certificates or free videos, the company's filing said.

Ah. Anybody with a typical residential DSL/cable connection should check their contracts. There will almost certainly be a clause in there that prohibits providing services to third parties, and especially selling services to third parties. Most ISP's have tolerated filesharing up to now because it's (generally) an active use thing. And CETI@home is low bandwidth, fully opt-in from the user side, and non-commercial. But this might be different. It's a commercial company using ISP bandwidth to make profit, and pass some of that (a very, very little) back to residential users, who have only agreed in general to provide services, not on an active case by case basis. This might be where ISP's start to draw the line.

Do it yourself KaZaA lite?

[CyranoDB]

Or, to do it yourself in Windows, remove BDE folder from Windows root directory; remove all bde* files from windows\system directory; remove ad cache folder from Windows\system directory; remove cd_* files from windows\system directory; clean registry of all cydoor, B3D and Brilliant entries, then install cd_clint.dll from the following site http://www.cexx.org/dummies.htm into the Kazaa folder.

Might also want to unistall the B3D updater from the startup files and take uninstall b3d projector from the add/remove programs list (it doesn't really remove brilliant anyway). This kills all ads as well as removing the spyware. After doing those and changing the bitrate quality allowed for audio files, I can download up to ten files at once, run quarter screen video, play solitaire and have notepad and Opera running without taxing my machine (Athlon XP 1500, 512M PC133, cable connection.)

Second thought, it might be easier to just download the lite version.

EULA's changed since that version (but not much)

[mactari]

That's not what's there now -- http://www.kazaa.com/en/terms.htm

But the fact that 4.2 isn't even a complete thought....

==============
4.2 We may add, delete or change some or all of the Software's functionality provided in connection with KaZaA at any time. This may include download of necessary software modules. Any new features that augment or enhance [sic]
==============

... makes me wonder if the web-site hasn't been updated. And it basically says the same thing in a little different terms, sans the bit about clauses outliving terminiation (I didn't see that when skimming, at least).

Anyone know where the EULA quoted above came from?

Re:The USA PATRIOT Act to the Rescue!

[EricLivingston]

Unfortunately, if you download this software you give them permission to use extra cycles and storage space on your computer. It's in the EULA. So, laws such as that (apparently) won't work for you. Pretty nasty stuff...

Nope, this is the current EULA

[ralian]

I actually went out and downloaded Kazaa just to check the EULA on it. I'm pretty sure they haven't changed it in the last 10 hours. Here it is (fucking lameness filter won't let me post it):
Kazaa EULA.txt

I'm planning on blocking it

[macdaddy]

Forget what was in the EULA that the user consented to. I as a network administrator do not permit my users to use their bandwidth for commercial purposes. If this really is something that Brilliant is planning, they'll lose a campus full of users in the process. We're not going to stop our users from downloading music (although we will slow it down so it doesn't affect other users) but we will not permit our resources to be used for commercial purposes. I'll block KaZaa if that's their real intent.

Re:I'm planning on blocking it

[macdaddy]

Sorry, I might not have worded that well. I don't *want* to block P2P apps like Kazaa. We purchased an expensive PacketShaper to slow it down so we wouldn't have to block it. However if this piggy-back program with Kazaa suddenly starts using our resources for a commercial purpose (ie, distributed Akamai), then we will block it. We can not permit the resources at this educational institutional to directly be used for commercial gain. I hope that's worded better. If they actually do this, they will lose their users on this regent's university's campus.

Excellent business plan follows

[Jeppe+Salvesen]

This is a really good idea! More and more people have pretty potent computers (more or less) permanently connected to the internet. These are idling, wasting cycles most of the time.

So - why not make a distributed network where you pay people to process data for you? They download the client, sign up necessary information for you to pay them, and fire up their client. Client runs at the lowest priority, doing calculations in the background while they enjoy whatever they enjoy doing in front of their computer.

Currently, several such projects are underway, except they're free. If I got a few bucks a month for running some software on my computer, I'd be pretty happy.

If this thing got big, the computing power would be immense, probably equivalent of really hairy supercomputers. Imagine literally millions of good, solid computers running a thin client, silently crushing numbers.

You could even persuade ISPs to optionally distribute the technology, since the income from running the client could help finance the broadband connection, thus increasing their customer base.

Hmm. Whaddya think? Is there a market for this?

Re:FYI, Kazaa License

[mindstrm]

Such clauses are not enforcable. They are not rational.

Nobody in a *real* contract negotiation would *ever* agree to such a term.

Re:Peanut butter and spaghetti

[HiThere]

I take it you've never tried Tan Tan noodles. (Essentially peanut butter and spaghetti.) They are quite delicious. I recommend them to anyone who isn't afraid of the calories. True, they have a bit of soy sauce, and a bit of pepper sauce mixed with the peanut butter. And possibly more (I haven't seen a recepie).

But just because something doesn't sound good to you, and just because you encounter a bad implementation, doesn't make it bad.

I imagine that after a bit of a shake out P2P + distributed computing will turn out to be an excellent dish. That doesn't mean that this is a good implementation. It appears to have too much centralized control. But with a few changes to the recepie...

Microsoft has the same trojan horse...

[GutterBunny]

No really! It's not an april fools joke! If you start typing any deragatory remarks about Microsoft, the trojan will ...../*I love my new Internet Explorer technology from Microsoft..*/

I know most of you won't believe me. But just in case, to disable it type in ..../*XP is just fabulous*/

Re:Distributed computing -- personal risk?

[Reziac]

To rephrase the above post -- how long will it take for someone to hack into/hijack the distributed computing system, whereby they can use it for DDoS, reverse engineering, sending spam, or whatever.

And per a point I brought up when Juno did this -- what if their network is doing something that is legal where they are, but is illegal in YOUR location? Who goes to jail -- You, or Brilliant's people, or Kazaa's people?? Three guesses, and the first two don't count.

Surprised not to see this linked:

[brad3378]

This is what I've been using for about a month or two:

http://www.kazaalite.tk/

KaZaA lite works just like the original,
but Without Banner Ads and the other fluff like the Bonzai Monkey.

Try it this way ...

[HiThere]

The current implementations of P2P computing tend to be invasive and, ok, evil. (I'd rather save that word for more intense areas, but the concept's the same.)

The reason that they are evil tends to be because they are the creation of commercial entities that intend to make money by stealing you information. This is not inherent (though on the MS systems that I am familiar with there is no effective security to prevent this from happening).

Commercial entities need to have something to sell. If you want to get a service from them, then you will need to pay them in some way. The "freebies" that they offer will always be a hook. Always. You may not be the intended target, you may steal the cheese, but the hook is there. Red Hat is trying to get commercial companies to buy software maintenance and development services. As a commercial entity, they distribute Linux at not much more than cost to lure in potential customers. It isn't free, but the hook is still there.

Non-commercial entities need to be able to pay for the activities that they engage in. So do individuals. You can always take an economic view of an organization or individual, and it must always either balence or yield a profit. Or be drawing down assets.

If you buy a pig in a poke you are likely to end up with a cat instead of a pig. Open source is partially the requirement that one be able to look into the bag before buying it. But if you can't, then you should expect that the seller is going to take such advantage of the fact as he can. Becuase he frequently will.

This isn't to say that Kazaa is in this case acting unethically. They have indicated that they will ask permission before adding computers to the distributed computing system, so one should, perhaps, wait until we find out how they will interpret that before getting outraged. They might not just say "the license already gave us permission". But it's also true that we can't know what will occur later. The license that was reported seems to be similar to the MS XP license in that it essentially gave them permission to install arbitrary software. And I find it quite difficult to feel comfortable with that. Especially on a system that gives essentially no protection against rogue software. (Similarly, on Linux I'm uncomfortable with the programs that require being run with root permissions.)

Computer Misuse Act 1990

[Martin+S.]

If anybody in the UK has been foolish enough to fall for this Trojan they I'll draw your attention to the Computer Misuse Act 1990. Trojan's are illegal.

'The Computer Misuse Act 1990' Section 1;

1.--(1) A person is guilty of an offence if--
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at--
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.

http://www.hmso.gov.uk/acts/acts1990/Ukpga_19900 01 8_en_1.htm

The Computer Misuse Act 1990

[Martin+S.]

If anybody in the UK has been foolish enough to fall for this Trojan; I'll draw your attention to the Computer Misuse Act 1990. Trojan's are illegal under UK Law.

'The Computer Misuse Act 1990' Section 1;

1.--(1) A person is guilty of an offence if--
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at--
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.

http://www.hmso.gov.uk/acts/acts1990/Ukpga_19900 01 8_en_1.htm

Re:Oh yeah. --Forgot to add. . .

[gordguide]

Apparently, some versions of cydoor (the spyware/ad trojan installed with Kazza) installed first, before the Kazza installer displays anything on your screen. Decline to install Kazza, but you still had cydoor running (next reboot, as a startup process). This is not the kind of behavior typical of any benign intent.

Criticism apparently caused cydoor to create a new (current) version, with some offensive behaviour allegedly removed (UID, install upon launch of the host program's installer, "uninstaller" does nothing, etc).

Still, extending any form of trust to the likes of cydoor and Kazza is simply out of the question. "A leopard can't change his spots".

Get Ad-Aware now, everybody (using or administrating Windows); but don't stop there. After all you are simply trusting one program to save you from another.

The sad truth is viligance and awareness is our only defense.

About CyDoor:
http://www.cexx.org/cydoor.htm

Shame on you for not reading my post

[screwballicus]

Shame on you for picking on split infinitives.

You didn't read my post. The very next sentence subsequent to the one you quoted read

Even the OED now acknowledges the use of split infinitives to be perfectly grammatical.

But so have you reiterated it:

Even the Oxford English Dictionary approves of split infinitives now.

At least we concur.

Re:The USA PATRIOT Act to the Rescue!

[Sylver+Dragon]

(b) You hereby grant BDE the right to access and use the unused computing power and storage space on your computer/s and/or internet access or bandwidth for the aggregation of content and use in distributed computing. The user acknowledges and authorizes this use without the right of compensation. Notwithstanding the above, in the event usage of your computer is initiated by a party other than you, BDE will grant you the ability to deny access.

I guess the only place that one might readily attack this agreement of use, is the definition of "unused computing power". Now, IANAL, but, from my limited perspective, this seems to be a rather vague term. Is a CPU cycle unused if it is sitting in the "System Idle Process"? Probably. Is a CPU cycle unsed if the machine is not turned on? Are you then violating the EULA by having your machine turned off, or the program not running? Of course, I didn't agree to give them the power necessary to run those CPU cycles.
As for storage space, what constitues "unused storage space"? Would any empty space on my hard drive then be considered availiable for thier use? What if that empty space was allocated for future expansion of a program or database, this is not really unused, just unutilitzed for its intended purpose. Moreover, we all know how well Windows runs when you start running out of disk space, so, some of the free space on your drive must invariably be allocated for this use. So we are left with another vauge, and inadaquite term. I don't think that this part of this EULA is going to hold water if it ever gets challenged.

Re: Except no, laws *don't* help the masses....

[King_TJ]

I agree with you up to that point....
But more legislation isn't the best long-term solution. It's a quick band-aid fix to try to keep people happy. Like most computer legislation, it will end up restricting software that it was never intended to restrict.

The *real* solution is education. The masses aren't smart enough not to click on www.yahoo.com.exe which downloads a virus on their PC? Well, they need to learn then. Maybe they'll start getting more interested in learning after their drive gets trashed a time or two.

Of course, this also leaves lots of room for businesses to profit from building safer systems for "the masses" to use - which isn't a bad idea either.

Don't want to bitch at this but...

[tcc]

"we're sorry for the spyware"

they remove it

a month later

"We're sorry for the spyware"

they remove it

goto 10.

As much as I love the P2P concept, if these guys go out of buisness or get the crap sued from them, I just hope EFF won't protect them in the name of P2P, because these guys aren't the Good Guys(tm). They are opportunists that are hiding behind ignorants and people that want to defend P2P to play their dirty scheme instead of being just dead honest.

It doesn't kill a buisness to mention any spyware or whatever, if people skip the warning and download it, well now It's their problem, but running it and acting like if you were transparent is just plain unethical, they did it many times, it simply piss me off. That's why I am using winMX since the first time I saw Kazaa doing crap to their users. It's been at least reported 2 times here if not more.

Again, being honnest about it won't change much, it'll just remove a FEW users like me and most of slashdot readers that want their privacy. Most of the people won't give a damn, so why being so dishonnest!? it could just trigger lawsuits against them for absolutely no gain.

The proof to this? well look at how many times you saw kazaa and spyware, and look at their userbase still growing (which doesn't make sense but again, MOST people just don't care, they'd sell their souls for free stuff).

Uninstalling BDE

[katarn]

There IS a uninstaller for BDE. In my machine it was under C:/WINNT/bde/ and it was called bdeclean.exe It's also available from the uninstall program. Now for the bad news: The uninstaller left all sorts of files around, including a re-installer. As has been mentioned, do a find on BDE & B3D, but be sure to look under [properties] [Company Info] to make sure it's from Brilliant, since some windows files have bde in their name. The registry was also stuffed full of BDE entries, even after the 'official' uninstall. If it created any files which did not have bde in their name, or if it modified any .ini files, I have would have no idea. Anyone have any information on where else these files may be hiding?

Hey. cool!

[dasmegabyte]

It's freenet without the free!

Seriously, when is somebody gonna prosecute one of these nefarious "free" software companies for attaching rider code with no easy way to remove it? Isn't this a virus, same as iloveyou or anna, attaching itself to something people want to download/lookat and exposing their computers to the world?

Sure, maybe the distributed client has more of a sandbox security model than your average virus. But these are not nice guy brilliant cowboy poet programmers riding into the sunset...they're wagemages forced to design an application to annoy people. Their hearts probably weren't in it. The code is probably full of buffers to overflow and apis to exploit. And since this code arrives along with an app people enjoy, it'll go right past their normal email wariness and antivirus paranoia.

This is dangerous shit.

Re:The USA PATRIOT Act to the Rescue!

[Ryan+Amos]

This operates under the assumption that EULAs mean anything. AFAIK, clickthrough EULAs are not considered an enforcible legal contract (I can accidentally hit "Enter" and not read it. It's hard to "accidentally" sign a contract, a signature means purposeful consent.) Essentially, they mean absolutely nothing.

As an aside, what this will ultimately accomplish is to force colleges and universities to altogether block on-campus access to these clients. The "right to use unused bandwidth" is the problem here. My school tolerates Kazaa by enforcing weekly download caps, so if you run kazaa for a day or two with downloads enabled, you get booted to another subnet which is about as fast as dialup. Anything like this would lead them to disable Kazaa altogether, probably by using some sort of selective port allow firewall. Students will bitch and moan, and it'll be BDE's fault (and BDE will fail, as most of Kazaa's users are college students.) So even if this actually happens, it won't last for long.

I keep telling you guys

[tkrotchko]

Buy Virtual PC. Spend the $200.

Then when you want to run a program you're not sure about, you copy a disk partition file, boot it and then install then install the suspicious program. If it works fine, and you're satisfied, you can load it on your host (real) PC. If not, you wipe the parition and you start all over again.

There are so many advantages to this, its hard to believe more people don't use it.

Re:The USA PATRIOT Act to the Rescue!

[plover]

This is outright theft.

Unused cycles are "optimized out" by my CPU. In other words, it runs slower and consumes less electricity when not being used. Most modern CPUs go into a low-power-consumption mode when not actively performing real processing. If you doubt this, check your CPU temperature while it's been sitting idle with a blank screen for an hour or two. Compare that to the temperature after playing an hour of Quake III or even just running a graphics intensive screen saver for an hour. I know I could certainly feel the difference when I was running the distributed.net client at home.

So, I "hereby grand BDE the right to access and use the unused computing power" is another way of saying I will freely donate my electricity? Let's find out just how "free" that is.

First, let's assume that you pay $.10/kWh for electricity. Let's also assume that you leave the computer powered on constantly. Finally, let's assume that your computer consumes 60W when idle, but 120W when actively crunching numbers. So that's an extra 60W/hr you spend on behalf of Kazaa.

60W/hr x 8766 hours = 525960 watt-hours per year.
525960 / 1000 = 525.960 kWh per year
525.960 * .10/kWh = $52.60 per year.

Let's look at it a different way: Assume there are 2,000,000 KaZaa users.
60W/hr * 2,000,000 = 120,000,000 watt-hours.
Thats 120 megawatts per hour.
I think they need to file an Environmental Impact Statement before releasing this kind of crap.

Re:Suicide not guaranteed but risky

[Minupla]

Relying on this is dangerous though, because of what a previous consulting firm I worked for called "The CNN Factor". If it comes out on a slow news day and you end up on Lou Dobbs, your stock will tank. Even if there are 1000 other firms doing exactly the same thing, even if it's 100% legal.

Hell, ask the folks at Anderson how having an image problem can equate to corporate suicide. You might get away with it 100 times, but time 101 you end up on CNN, and that's enough.

Thanks

[Arker]

Thanks for the link, Kerio is nice. I was running ZA Pro, but the 'for dummies' interface was annoying me. I'm uninstalling ZA now.

For those who pay by the Megabyte

[Mandelbrute]

This has the potential to cost those who pay by the megabyte a great deal more than spam costs them. Some ISP's charge several dollars per megabyte beyond their set monthly limits, and it doesn't take particularly long (on scale of weeks) to get an extra few hundred dollars worth of traffic sent to you down the slowest connection if they use this in an irresposible manner. I suspect that they will assume that everyone is on an "all you can eat" internet plan, and shuffle the data around assuming that no-one will get hurt by this.

Re:and how exacly would OS save them from this?...

[mmusn]

how by being open source going to save millions of non technical user privacy ?

Easy: their geeky friends would tell them "Don't download Kazaa: it's dangerous for you. Instead, download OpenKazaa: it's faster, safer, and still interoperates with the original version."

In different words, non-technical users benefit because a few technical users would quickly make a version without the security problems, something that can't be done for closed source code.