Kazaa Lite: spyware-free version

Pig Hogger writes "According to this VNUNET article, KAZAA-Lite, a new hacked version of spyware-ridden KAZAA file-sharing software is being circulated, sans spyware. The new, improved version has apparently been hacked by a russian programmer, as a matter of course."

Oh the irony!

A program used primarily for copyright infringement has been reverse-engineered and redistributed. Does this mean that the DMCA has officially cancelled itself out? :)

Re:Oh the irony!

[mancxvi]

No no no.

Grokster has all the same stuff minus Brilliant. It makes no difference.

Re:Oh the irony!

[snol]

get the source, get the jdk, compile it yourself, and gee whiz, a no-spyware limewire, free for the taking.

Reason #84

[ekrout]

Spyware, reason #84 to use free/open source software.

- Eric
Founder, monolinux

Re:Reason #84

[mgv]

Spyware, reason #84 to use free/open source software [slashdot.org].

Yes, and they will just change the fast track logon server if too many people use this software to lock out this version.

If they did it to Morpheus, I can't see why they won't lock out this code either.

Mcihae;

Re:Reason #84

[sewagemaster]

i guess the article forgot about this :-\

"It would be difficult to block Kazaa Lite clients from accessing the Kazaa network simply because of the openness of the system which lets millions of users log on simultaneously."

Re:Reason #84

Additionally, if they do it they will certainly be flushed down the toilet along with Morpheus. Basically, Morpheus was de-centralized. The moment they put in central authentication servers to block open source/free software clients pig-backing on "their" network, they got sued promptly by the record labels. Guess why? Much easier target after such a brilliantly stupid move.

Re:Reason #84

Much easier target after such a brilliantly stupid move.
Stupid move? One of the famous quotes from the kazaa people at that time came from the dutch "programer" who simply let the implementation to cheap rusian programers. Ever wondered why the encryption was sufficient to fend of the gift people for a long while (speculation: until there was a specification leak (the "giffers"?)) but the user interface was horible and the whole thing was unstable? i gues that when you use random rusion coders thats what you get. Anyway the quote "within a year I will be rich or in jail". They weren`t in it to create the ideal p2p net anymore, when they found out about how much money people where willing to pay to have their software embeded in the installer (not just the real bad and secret spyware, go trough the grokster installler. grokster must get milions for software for which is clearly asked if you want it, on top of their plain spyware income)

Re:Reason #84

[gabec]

note that it was KaZaA itself that kicked Morpheus off their FastTrack network...

yeah thats what I want...

[notsoanonymouscoward]

software thats been hacked by a friendly neighborhood russian hacker. its new kazaa light, with new and improved spyware, and a few extra trojans as an added bonus!

Re:yeah thats what I want...

[sinserve]

Naah, with 80,000 downloads so far, I guarantee ya the commies will be beating
the japs in clock-cycles, and this wont be your ideal "earth simulation" research.

I knew it man, America's next threat will not come on student visas, it will be downloaded
by drunken college kids. Now all our dells and gateways are belong to them.

All bigotary aside, kudos to the coder who did this, he took an entry from my todo list. Oh
well, better go back downloading my Frank Zappa (can ya believe it, they have him on Kazaa :-)

--

Re:yeah thats what I want...

[glwtta]

Yeah, we damn russian hackers just can't knock it off, I mean I even hack into my development server every time, instead of just logging in. It's a good thing I'm a lousy admin, though, so it's usually pretty easy.

Did I miss something?

[doorbot.com]

Every time there's a Kazaa-related article, everyone posts links to the free, sans-spyware version. I think most people already have it if they want it.

I guess now that it's got the ".com" instead of ".tk" it's official and thus gets its own Slashdot story...

::rolls eyes::

Re:Did I miss something?

Yep just read any spyware article and search for kazaalite

Ironic...

[SaxMaster]

The site for the KAZAA without adware/spyware is chock full of pop-ups for "free cellphones" and the like.

Re:Ironic...

[19Buck]

The site for the KAZAA without adware/spyware is chock full of pop-ups for "free cellphones" and the like.

Hey the guy's gotta pay his bandwidth bill somehow right? Why should he be forced into forking out his own Rubel's just so you can get free software AND no pop up's?

Here's a hint for you:
Disable Javascript

and/or Use a Popup killer[it's actually download.com]

Don't like the example I provided? Google is your freind Plenty of options there.

And just so i'm not accused of being offtopic (grin), ages back when I first learned about Kazaa/Morpheus, I completely distrusted the validity of the BDE B3D projector software.

It installed itself completely seperate from (and silently) the main program. Yet after removing it (seperately, with it's OWN Uninstaller) Kazaa/Morpheus whined that a "required" component was removed, and it refused to run.

**COUGH** Yea ok.... where's that Uninstaller hm? Time to gut the registry again and seek out rogue DLL's.

Required my butt... and Kazaalite proves it.

Now someone just needs to write a plug-in for it that will automatically pingflood any one client that tries to download 10 files off you at once! =)

(Yes, i'm fully aware that you can configure the max number of DL's, the above is meant to be funny!)

Re:Ironic...

[Edward+Teach]

I wouldn't know. I use Mozilla with no pop-ups.

Kazaa Lite

[mikers]

Been using it for 2 weeks now.

Boy is life good without tons of popups.

And my firewall hasn't busted Kazaa Lite doing anything funky either.

Low popups, low funk, all good.

yummy.

Re:Kazaa Lite

yeah try uninstalling the stuff crashes you pc lol

can you repeat that?

[zephc]

"a new hacked version of spyware-ridden KAZAA file-sharing software is being circulated, sans spyware"

soooo... you're trying to tell us that its spyware-free?

</sarcasm>

Re:can you repeat that?

Wow, the headline summarized the article? What shee r audacity.

Re:can you repeat that?

Actually, I've gone to the trouble and effort to packet sniff this one: Nothing. Just pure P2P

-Guard

mirrors

[DanThe1Man]

There are some mirrors at http://www.kazaalite.tk/ when kazzalite.com crumples under the slashdot effect.

I'm at 50, so I'm not karma whoreing.

Re:mirrors

[advid]

In a similar (although completely different) vein, might I recommend Gnucleus, which is an open source fileshare program (whose code was recently appropriated by the well-known Morpheus).

Re:mirrors

So what if one guy has a billion karma and the next guy has 0? What difference does it really make?

well, one guy has a billion karma and the other guy has 0, doesn't take a mathamagician to figure that out...

Re:mirrors

Nice to see your mirror went down before the real site.

A most heartfelt "Bravo" to you, good sir.

Re:mirrors

[dimator]

I'm sick and tired of people saying they're at 50. Some jokers put it into their .sigs. Who gives a damn? Any dumb shit can do it; if you have an IQ above room temperature, it shouldnt take you more than a month of relevant posting.

Re:mirrors

[motardo]

I prefer http://www.kazaalite.nl even though it's ugly as sin :)

-motardo

Re:mirrors

Whoever marked this as flaimbait is a moron.
Almost as dumb as the guy who said "I'm at 50 so I'm not karma whoring" - He's still whoring. Just because a number in his user prefs doesn't go up doesn't mean that he's not whoring.

Re:mirrors

[OblvnDrgn]

Yes, how dare someone place a link that some people might find useful! And one that relates to the story as well! Shame, shame I say. Obviously the only reason anyone would try to be relevant and give a mirror is because they are a cheap whore! I mean, gaining karma is such a horrible sin, and it's so important to every day life, even more so when someone is already at their max. Then they're just showing off! Absolutely shameful.

On second thought, I better edit this to be more sarcastic. I'd never want to get modded funny instead of flamebait. I'd be a whore too!

Re:mirrors

[Dwedit]

Morpheus added ad banners and spyware to Gnucleus, and then tried to take credit for writing it. That is just a total scumbag thing to do, but at least they distributed the source, and followed the GPL.

Re:mirrors

[blibbleblobble]

I'm at 50, so I'm not karma whoreing.

I'm at 50 too -- do you think we can sell the accounts on ebay?

Re:mirrors

[Kallahar]

gnucleus is gnutella, not fasttrack.

Huge difference, I've never found anything that I was looking for on gnutella, unfortunately...

Travis

wine

[sewagemaster]

has anyone have any sucess running this under wine? since this is now the lite version, i doubt that it needs IE and should therefore work?

Re:wine

[Rysc]

I tried it under wine, but it died without getting very far. Of course, my wine is spectacularly old; you may have better luck with a more recent build.

Re:wine

I used my CrossWire installer to try to install it. It died during the install. I then searched out the .EXE and tried to run it. I got it to come up. It let me log in, but if I would try do a Search, Traffic, etc it would die.

Re:wine

[Osty]

has anyone have any sucess running this under wine? since this is now the lite version, i doubt that it needs IE and should therefore work?

"Lite" in this case means removing all the scumware from Kazaa, not removing IE (because it uses IE for content, and while you may think IE is "bad", it's not typically considered scumware). Thus, it still requires IE, and if that keeps the normal Kazaa from working under WINE, this version will be no different.

Re:wine

[nexex]

using latest debian the install dies with:
fixme:font:LFD_InitFontInfo font '-sun-open look glyph-----19-190-75-75-p-154-sunolglyph-1' has unknown registry 'sunolglyph' and character encoding '1'
fixme:mpr:WNetGetUserA ((null), 0x412f55e8, 0x405553b0): mostly stub
err:module:MODULE_LoadLibraryExA Loading of native DLL C:\Program Files\KaZaA Lite\kazaalit.exe.manifest failed (error 193), check this file.
err:module:MODULE_LoadLibraryExA Loading of native DLL C:\Program Files\KaZaA Lite\shared.ico failed (error 193), check this file.
fixme:shell:IShellLinkA_fnSetShowCmd (0x403b3f10)->(showcmd=1)
fixme:shell:IShellLinkA _fnGetShowCmd (0x403b3f10)->(0x40554cac)
fixme:shell:IShellLink A_fnSetShowCmd (0x403b9a74)->(showcmd=1)
fixme:shell:IShellLinkA _fnGetShowCmd (0x403b9a74)->(0x40554cac)
fixme:shell:IShellLink A_fnSetShowCmd (0x403b3e2c)->(showcmd=1)
fixme:shell:IShellLinkA _fnGetShowCmd (0x403b3e2c)->(0x40554cac)
fixme:shell:IShellLink A_fnSetShowCmd (0x403b3e2c)->(showcmd=1)
fixme:shell:IShellLinkA _fnGetShowCmd (0x403b3e2c)->(0x40554cac)
fixme:shell:IShellLink A_fnSetShowCmd (0x403b3e2c)->(showcmd=1)
fixme:shell:IShellLinkA _fnGetShowCmd (0x403b3e2c)->(0x40554cac)
Wine failed with return code 5

but it does appear under the wine 'start' menu, and it will start to load but dies with this:

err:menu:MENU_ParseResource not a string item 0800
fixme:ole:CoRegisterMessageFilter stub
fixme:shdocvw:CWebBrowserImpl_AllocObj ()
fixme:shdocvw:WBPCI2_GetGUID stub: dwGuidKind = 1, pGUID = {00000000-0000-0000-0000-000000000000}
fixme:shdo cvw:WBPCI2_GetClassInfo stub: LPTYPEINFO = (nil)
fixme:shdocvw:WBQA_QuickActivate stub: QACONTAINER = 0x405560ec, QACONTROL = 0x4055612c
fixme:shdocvw:WBPSI_InitNew stub
fixme:shdocvw:WBOOBJ_Close stub: ()
fixme:shdocvw:CWebBrowserImpl_Destructor (0x40386fb4)
wine: Unhandled exception, starting debugger...
err:seh:start_debugger Couldn't start debugger ("debugger/winedbg 134661992 84") (2)
Read the Wine Developers Guide on how to set up winedbg or another debugger

Re:wine

[JPriest]

Microsoft did make an IE for unix, runs fine on slackware 8.

Re:wine

runs fine for me, install and all, take a look here. this gives you all the info you need to run it. also, the same method works for kazaa which i also used before i found kazaa lite. good luck, should run fine, but has a few small issues. if you end up with really tiny fonts on the search tab, change your .wine/config line in the font section called resolution to something above 105 and it should be fine. only other problem i've run into is that the tooltips for searches/downloads don't display the normal info, they instead only say "test". well, enough rambling, heres the url:
Wine AppDB page for Kazaalite

Re:wine

[plam]

Thus, it still requires IE, and if that keeps the normal Kazaa from working under WINE, this version will be no different.

If you have a real Windows install, then WINE will run Kazaa (more or less) properly; the display is somewhat incorrect and it crashes from time to time (but, hey, that's Windows, eh?). I guess that WINE without Windows won't run KaZaA.

Re:wine

site is here

What the hell is the exe extension?

[PD]

Is this some sort of CPM joke? This thing doesn't run on my computer. I tried doing chmod +x and downloading it multiple times, but it still doesn't work.

Besides that, the files are 10 days old. That's old software. How do I know that there hasn't been any bitrot?

Re:What the hell is the exe extension?

[Robotech_Master]

You might want to look here, instead, then.

Very Short Review

[GreyOrange]

I have tried it and it seems to use less resources, probably because it doesn't run those wierd ads that use up extra computer resources, and popup windows.

Then you might be interested to know...

[baudbarf]

...that I read slashdot several (dozens of) times a day, and this is the first time I was even made aware of the existence of a spyware-free Kazaa! So in summary; I am one of those people who want it but don't already have it.

Just more evidence that just because you visit a website religiously, you can still miss something right under your nose.

I'm gonna check it out now.

Re:Then you might be interested to know...

[freeweed]

Not to beat a point to death, but on the last 3 or 4 Kazaa related stories, there have been at least 4 posts each that were moderated past 3, that had a direct link to the kazaalite.tk site. Don't see how you could have missed those easily...

Regardless, my personal opin is that kazaalite is such a great piece of work that it pretty much deserves its own story :)

as a service to those who didnt make it in....

[Brightest+Light]

Here's the text.

Kazaa Lite is 'spyware free' says creator
By James Middleton [19-04-2002]

Hacked version of file sharing software Kazaa users can now get hold of a hacked version of the peer-to-peer file sharing software which claims to be spyware free.
Earlier this month Kazaa users discovered that the client software includes what is effectively a Trojan program which connects to another network called Altnet and taps the user's processing power and storage space.
Brilliant Digital Media, the company behind the stealth peer-to-peer software, plans to activate the software on users' machines in the next few weeks and sell the resources to be used for distributed computing.
But recently released Kazaa Lite software is a hacked-up version of the Kazaa client without the third party software or banner adverts.
Created by a Russian programmer known only as 'Yuri', the illicit Kazaa Lite was developed as an alternative 'non-misleading' version of the software.
Kazaa Lite has also caught the attention of Sharman Networks, the developer of the original Kazaa software. Sharman said that it will vigorously defend its rights but has not said that it will take legal action against Kazaa Lite.
It would be difficult to block Kazaa Lite clients from accessing the Kazaa network simply because of the openness of the system which lets millions of users log on simultaneously.
KazaaLite.com has reported over 80,000 downloads since the program was released and no interoperability problems with the Kazaa network.

More info can be found at Kazaalite.com.

Re:as a service to those who didnt make it in....

[Aceticon]

Iuhuu Karma come to me baby - i'll give you one real cheap.

Re:as a service to those who didnt make it in....

Wow, I got this program exactly half a day before slashdot posted the article. Lucky me.

Re:as a service to those who didnt make it in....

[Sancho]

It would be difficult to block Kazaa Lite clients from accessing the Kazaa network simply because of the openness of the system which lets millions of users log on simultaneously.


I'm not so sure about this. BDE's license says that it can execute code on the machine. Presumably this means that some form of RPC is implemented in Kazaa-bloat / BDE. As such, they could execute code that does a check for a "legal" version of Kazaa and, after a week or so, block clients that don't have the most recent version. Further hacking to get around this would definately be "circumvention" and subject to the DMCA.

This also breaks free, open source clients, but then, I doubt people who worship the almighty dollar really care.

Re:as a service to those who didnt make it in....

[Kallahar]

Back when Morpheus got kicked off the network, sharman proved that they can remove clients from their non-centralized fasttrack network. They did this by changing the code in Kazaa to force-upgrade the supernodes (and thus all the clients) and changed it so that at a certain date they would all stop allowing connections to/from morpheus clients. They were able to do this because Kazaa clients were dominant on the network.

Now, think if Kazaa LT becomes the most popular fasttrack client. If sharman tries this again they would only succeed in knocking themselves off the network. The ubersystem would then truely become free (unless the kazaa LT guys do a fasttrack force-upgrade scheme).

The future is bright :)

Travis

Exactly!

[PastaAnta]

Instead of Kazaa et al I have switched to Gnucleus. This is one of the only real Open Source Gnutella network clients for Windows. For Linux there are so many great Open Source Gnutella clients.

It works great. No spyware or addware, and since the Gnutella network is an open P2P network it can be expected to exist when all the other proprietary networks have been closed.

Re:Exactly!

[big_hairy_mama]

Hmm, can somebody post their favorite gnutella clients for Linux? Personally, none of them are nearly as nice, usable, and feature-friendly as Gnucleus and Bearshare (and Kazaa), which is precicely the only reason why I still run Windows in a VMWare VM.

I've searched and I've searched, but

* Limewire is the only one that cuts it in my book, but it has become too simplified (I no longer have the power to watch connection statistics or have good control over downloads, in the newer versions).

* Qtella is nice, but missing major features like auto-selection of multiple hosts for the same download. It also has a few rough edges; for example, on my box I have to kill it manually to really shut it down after closing the window.

* GTK-Gnutella is nice, but the interface is clunky, and seems to have stagnated.

And most of all, none of these clients have the ability to "set it and run", downloading large files over the course of a few days and from many different hosts. Napshare (based on GTK-Gnutella and designed to run unnattended) tries, but succeeds more in downloading lots of pieces of random files overnight than the one file I want. The windows clients seem to have all implemented things like automatically re-searching for new hosts in order to get the remainder of a failed download. This, in my book, is the number one feature missing from all non-Windows clients, AFAIK.

Also, basic niceties like auto-detecting the "forced IP address" (the IP of my router/firewall, rather than my private subnet) so that I can receive push downloads are missing, something which I love about Bearshare.

So if anyone can correct me, please do. Otherwise, this is a call to arms to Linux Gnutella developers. Forget innovation -- until the nicest features of the Windows clients have been implemented, nothing else can happen.

Re:Exactly!

[sameb]

>* Limewire is the only one that cuts it in my book, but it has become too simplified (I no longer have the power to watch connection statistics or have good control over downloads, in the newer versions).

You know LimeWire is open source (I'm on the dev mailing list). You can fix it all you'd like.

sam

Re:Exactly!

[big_hairy_mama]

This is a lot more than fixing a bug or crash. This is about adding *features* (and more than one feature at that), and unfortunately I don't have the motivation to spend a few weeks/months of my time to do it. Open source is great, but only for people who are motivated. Me, I have other things to do :(

How long will it last?

[martissimo]

According to this this article Sharman Networks is planning on taking action against Kazaa Lite...i figure it wont be long till their network wont work properly with the program (much like Morpheous).

Oh well im sure those fun-loving Russians will fight back when it happens, should be fun to watch

Re:How long will it last?

[phalse+phace]

Sharman Networks should just save themselves the hassle/trouble/headaches and forget about taking any action. The genie's been let out of its bottle. With over 80,000 downloads so far (not to mention the thousands of /.ers), this thing is gonna spread like wildfire.

Re:How long will it last?

[Metrollica]

You fucking idiot. KazaaLite is exactly the same as Kazaa minus the spyware and the added software installs. Both programs share the same executable file and system files. Morpheus was different from Kazaa because it was licensed. I am sure Kazaa has the power to shut down the network, but it would cut off both themselves and KazaaLite. The only thing Sharman can do is take legal action against anyone hosting KazaaLite on websites and make it harder to remove spyware and hack future versions of Kazaa.

Re:How long will it last?

[Ilgaz]

Hmmm... You forget something. In fact they forget it. What happens if installer exe copies itself to users shared files folder? Right, P2P :-) How they can shut down 80M servers?

If they manage to stop it (we all know they have that power), it will be a proof for RIAA whatever that its a centralized network.

IMHO people should use gnucleus (http://www.gnucleus.com) and WinMX (OpenNAP protocol) but anyway...

Re:How long will it last?

[Glorat]

It's hard for Kazaa to mass change the protocls they are using as it could break too many clients... unless of course their first use of their spyware is to check for the new version and force a download!

Here comes the the biggest spy/trojan-ware versus the stripped down version

Re:How long will it last?

[horza]

The Instant Messengers constantly change their protocols to try and break their rivals that log into their network, without that much success. The more diligent clones seem to have little trouble keeping up.

Phillip.

Re:How long will it last?

[jred]

Nonono, you're supposed to say, "mod me down for offtopic" if you want to get modded up. If you ask to be modded up, you'll get modded down (since you're at -1....)

Re:How long will it last?

And they'll update their client and you'll be locked out of the network.

And this time they'll verify the Cydoor DLL, to make sure it's not a fake.

Putting this on Slashdot was way counterproductive.

Re:How long will it last?

Apparently you haven't been using Kazaa very long. There have been several client updates that force you to use the new client, lest you be unable to connect to all other users of that client.

They will do it again, only much smarter this time.

Re:How long will it last?

I think you'll notice that the hacked Kazaa clients don't attempt to reimplement the protocol, they just hack the Cydoor DLL and make sure the other crap isn't installed.

If I wanted to keep you out, I'd keep all of my protocol translation code in some form of bytecode, and transfer it to proper clients every day as I randomly changed the protocol.

If you attempted to circumvent my security of the bytecode and fake your client into getting it, I would sue you using the DMCA.

Stop thinking you're in a position of power when you're begging at someone else's troth.

Re:How long will it last?

[Pig+Hogger]

From the WIRED article:

Kazaa Lite has caught the attention of Sharman Networks, the Australian company that purchased Kazaa earlier this year, and in a statement released Wednesday said that the company, " will vigorously defend our rights and take action against parties engaged in misrepresenting our software. Consumers are being deceived with ripped off and highly suspect code, and we are determined that their rights, enjoyment and machines are not prejudiced."

Yeah, right. Look who's talking.

Re:How long will it last?

Did you read the parent post?

> i figure it wont be long till their network wont work properly with the program (much like Morpheous).

ie, They shut down the author and his site and then they change their protocol. Of course, does the Russian government give two shits about the U.S.'s piracy problems? Perhaps his ISP will...

Spyware

[olman]

For the DIY-crowd, ad-aware will clean up the mess Kazaa leaves behind without too much hassle. Grab it here. It's quite nice package, too. I have it running at every startup and it's not that rare to get a "visitor" regularly. In fact, it's so nice I've been thinking of investing the $15 for the plus-version.

Re:Spyware

In fact, it's so nice I've been thinking of investing the $15 for the plus-version.

suurrrrrrrrrrrree you are, you cheap fucking bastard

Re:Spyware

[Jagen]

ad-aware is cool, and after you have finished with kazaa will help clean up. However if you use it to remove the spyware Kazaa will complain about missing components and refuse to run, hence the need for the version in this topic

Re:Spyware

[ethx1]

Dont bother spending money on the plus version. I have it and it is not any better. It just comes with some other program called Ad Watch that runs constantly and scans for spyware. If you use Ad Aware constantly (as you do, when it runs on startup) you are fine.

Re:Spyware

[Dwedit]

You still need the fake cydoor replacement, otherwise you can't use Kazaa.

Re:Spyware

The file name is called cydor.dll and you can download a dummy version of it (that does not report back home). Replace the original file with this one and life is good.

Re:Spyware

[Sancho]

How about supporting quality software? I realize that they offer the free version, but I still believe in supporting software/media/etc. that I use regularly.

Is it actually SPYware?

[EggDye]

This is something I've been wondering about this Kazaa controversy. Sure, an unwanted program designed to take up your hard drive space and CPU cycles is "bad"-ware. It is certainly "undisclosed"-ware and "unwanted"-ware. I would even go so far as to say it is "Flushing Kazaa's reputation down the toilet"-ware. However, is "spy"-ware the right term? While a distributed computing program probably does report a fair amount of information back to the main server, it isn't usually designed to spy of the user.

What I find very strange about this whole thing is why Brilliant Digital Media wasn't more upfront about their program. Would the average computer user totally reject the upfront trade of "You get to use this neato-keen file-sharing network for free, and all you have to give us is a little bit of the computer time and space you aren't using"? I guess it would have just killed them to be honest and straightforward about the deal users were making. To paraphrase a saying "The respect you give is the respect you'll receive".

Re:Is it actually SPYware?

[sinserve]

The correct name is "malware"

--

Re:Is it actually SPYware?

[Fletch]

Sure, an unwanted program designed to take up your hard drive space and CPU cycles is "bad"-ware. However, is "spy"-ware the right term?

No, it's not.

You're right, the Brilliant Digital Media app is not technically spyware. However, the Brilliant Digital Media app is far from the only thing that comes along with kazaa's official installer.

You also get the Gator "companion," and Cydoor's "ads on software." -- Both of which certainly are "spyware."

Re:Is it actually SPYware?

[rhizome]

It has nothing to do with respect or trading functionality for CPU cycles, it has to do with this malware being a big marketing experiment. Marketing is about manipulating the desires of potential customers, and straightforwardness and honesty is antithetical to manipulation.

Re:Is it actually SPYware?

[kraf]

Yes it is.
It extends Internet Explorer, where the spyware is keeping track of all of the sites you visit and sends your trail to a centralized host. There, your surfing habits are analyzed and sold to online marketers.

Re:Is it actually SPYware?

[anshil]

I say it's not, got any proof on hand?

Re:Is it actually SPYware?

[CashCarSTAR]

One of the spyware programs Kazaa installs is called "CommonName" This "plug-in" actually forwards yahoo webserchs, and browsing on certain common sites through the commonname.com website. They don't even try to hide it. I think that's spying enough..don't you think?

Re:Is it actually SPYware?

[asavage]

The only problem is, kazaa/Grokster users with broadband don't have any space left on their harddrives. Usually within 24 hours of burning a CD I have downloaded another 600-700 Megs.

Been there, enjoyed that

[ebmedia]

I found kazaa lite a few weeks ago while looking around for a new p2p program, and have been using it exclusively.. it's good stuff! If you use ad-aware, you'll see that it really is what it says it is.

Other options

[Begemot]

There is whole lotta other progs like: Morpheus, Gnutella or WinMX and they play fair (all links are reviews).
Why should I even consider using something with spyware?

Re:Other options

BECAUSE IT IS SPYWARE FREE
That is what the phrase "spyware-free" in the title of this article refers to. See?

Re:Other options

[duren686]

Well, if you had bothered keeping up with P2P at all, you would see that:

a) Morhpeus was Kazaa, now is Gnutella
b) Gnutella sucks ass
c) WinMX isn't quite as good as Kazaa
and
d) Kazaa-lite is specifically spyware-free.

Re:Other options

WinMX is better than Kazaa, and if you add NapMX, becomes overwhelmingly better than Kazaa.

Re:Open Source contains hidden terrorist messages!

[NoMoreNicksLeft]

Dude, when you borrow Billy Gates comdex speech like that, you're supposed to give him formal credit for it by citing him in a footnote, at the very least. Otherwise, you're plagiarizing. It may be no big deal on slashdot, but when you go to highschool, and yes college someday... they'll expel you for that. So it's best not to make any bad habits. Here, I'll help. Add something like this to the bottom:

** Portions of this slashdot post were originally authored by William Gates, CEO Microsoft Corp., and presented orally at the 2001 Comdex convention. This post may contain both verbatim speech, and approximations of the ideas he attempted to convey.

It's been awhile, and your english teacher may give you red marks, but he/she won't be able to accuse you of turning in work that isn't your own. (Note: this won't get you off the hook, if the assignment was meant to be original, and not a research paper).

Russians and computers

[Bombcar]

What is it lately? They are all over the web in many different areas. What has caused the russian boom?

Re:Russians and computers

[Z4rd0Z]

Now that communism has fallen, Gorbachev is finally allowing computers to be sold at the Russian chain Fryovitch's.

Wait a minute...that was a while ago.

Re:Russians and computers

Huh? Was this supposed to be funny? Jesus, that's about the weakest attempt at humor that I've ever seen. It has no relevance at all to Kazaa, so it's not even on-topic.

Damn, boy -- stick with your day job. You're not ready to be here.

Re:Russians and computers

we are incredibly smarter than our western colleagues

Re:Russians and computers

Let me know when you find the shift key.

Re:Russians and computers

see the DMCA

Re:Russians and computers

[gabec]

I don't remember exactly who it is, but there's some guy that makes cracks to software (I remember him saying that he was sued by Macromedia for cracking their stuff, but that probably doesn't narrow it down) and for some strange reason he has a website. Anyway, on his website he (or maybe in an article he cites on his website) mentioned how, in order to help the economy, and thus the general state of well-being of Russians, they've initiated schools for youngsters where they're taught computer programming from young ages, so by the time they're 18 or so they're badd-ass mofo's capable of a decent professional wage (and a healthy amount of software cracking, apparently).

Bandwidth

[guamman]

I loaded Kazaa onto a computer of mine and used etherpeek to check the incoming and out going traffic. It turned out that at certain times the spyware traffic was enough to clog a standard 56K modem. If this hacked version works, I'll be more glad about the increased bandwidth that is freed up than who gets to look at the webpages I visit.

I see nothing!

[m_chan]

No, I swear! I'm not looking! By the way, you already have that Portman jpg by way of four other names, don't you want a Pepsi?

Oh, for the love of Christ, NO! Not another fake Kournikova! You really must try this latest FREE Nokia Cellphone!!!

bittersweet irony...

[drik00]

is it ironic to anyone else that the same folks that are fighting the good fight by making powerful and useful peer-to-peer information technology are the same ones that fsck us by selling their souls to advertising schmoe's just to make a buck, causing them to give us exactly what we want, and exactly what we hate at the same time??

Just ironic.

Re:bittersweet irony...

I think they realize that their target market consists of theives, and that attempting to sell the client itself wouldn't end well for them.

So, like every other dotbomb-style business, they decided advertising was the money-maker of the future. They understand that while their target audience are going to spend all of their time stealing, they also know that they're not overly bright. They'll install crap-ware when they install the program, and they'll leave the program running in the background while they jerkoff. This will certainly help to inflate the advertising dollar of Kazaa.
Of course they did a really shit job of forcing these ads on you, since writing compiling a dummy Cydoor DLL takes less than two minutes.

Kazaa Spyfree

[catwh0re]

I have also come in contact with a similarly hacked version, called KaZaa Spyfree, which is basically current kazaa, with cydoor dummy files, shopping/license agreements/buddy/introduce a friend/ads(yes there is a way to cut them all out without killing the app) as well as all the other recent spyware found inside

Re:Kazaa Spyfree

I have also come in contact with a similarly hacked version, called KaZaa Spyfree, which is basically current kazaa, with cydoor dummy files, shopping/license agreements/buddy/introduce a friend/ads(yes there is a way to cut them all out without killing the app) as well as all the other recent spyware found inside

You know the regular version of KaZaa comes with those things too?

Come on now,

[pornaholic]

"spyware-ridden"...

"sans spyware"

Isn't that just a little repetitively redundant?

Re:Come on now,

[Z4rd0Z]

Isn't that just a little repetitively redundant?

Isn't your own statement a little "repetively redundant" as well, or are you just trying to be ironic?

Re:Come on now,

The word 'sans' is French for 'without'. Why am I not surprised that so many Slashdotters appear not to know this? I guess a college education is worth something after all.

Re:Come on now,

[civilizedINTENSITY]

Its good to be good. Its nice to be nice. Its redundant to be redundant. ;-)

Re:Come on now,

isn't 'repetively redundant' an oxymoron
?

Re:Come on now,

Who cares about French? It is Latin for "without".

What's with the popups at the Kazaa Lite site?

[aquarian]

I can't stand the irony- an ad-busting version of Kazaa, being distributed from a site rife with popups!

Re:What's with the popups at the Kazaa Lite site?

Do you have a better idea for how he is going to pay for the bandwidth?

Re:What's with the popups at the Kazaa Lite site?

[liquidsin]

he has to pay for his bandwidth somehow. it's a lot better to do it that way than to install apps on our computers for the advertisers benefit.

Gnucleus

[og_sh0x]

If you want Kazaa without Spyware, why not use Gnucleus? Gnucleus is the open-source client that Kazaa and Morpheus are directly descended from. Get it here.

Re:Gnucleus

[dpete4552]

Kazaa has nothing to do with Gnucleus, is not "decended" from it, uses no code from it, and is not related to it in any way, shape, or form.

Re:Gnucleus

Gnucleus = gnutella network

Kazaa = fasttrack network

There's a difference, Ignorant.

Re:Gnucleus

[og_sh0x]

My mistake, you're right. Morpheus is the only one descended from Gnucleus' code base. It's on Gnucleus' news page.

Re:Gnucleus

I think you have that confused with the Morpheus Preview Edition which uses the gnutella network.

With that being said I've tried Gnucleus on a win2k pro box but the thing seems to crash every couple of minutes. I have yet to find a (free,opensource) decent and up to date gnutella client for windows which is stable. Anyone else have problems with gnucleus too?

Big deal

[t_allardyce]

Big deal, you could already loose both spy-ware and advertising with a simple crack and registry edit...

Re:Big deal

[duren686]

The point of this is to make it easier for us lazy-ass bastards who don't want to fiddle with our registry manually.

Ironic...

[scrm]

... that I'm offered a free cellphone and $500 cash in two pop-up windows on loading Kazaalite.com.

Is a "hacked" version more trustworthy?

How much more trustworthy can this hacked version be? At least the makers of the official product have some accountability.

Two common misconceptions in this thread..

[Yakman]

I've noticed two common misconceptions - that the people running Kazaa (Sharman Networks?) can block this client easily. And also that they can stop the client being hosted on websites.

First, it's not that easy to block the client because the client is the same as the one you get from the Kazaa website, it's just had all the spyware and other crap removed. So basically the only way Kazaa could block it is by releasing a new client version and blocking all old versions.

That'd mean all users would need to download a new client (not just the users of Kazaa Lite). Plus the guy would just remove the spyware from the new version and put that up as Kazaa Lite again.

Secondly, if they somehow get the guy to stop allowing people to download from the website the guy can just go and stick it on Gnutella or another P2P service and magic - suddnely it's on 1000s of computers out there.

Basically, as someone else has said, the cat's out of the bag.

Re:Two common misconceptions in this thread..

[Skirwan]

Secondly, if they somehow get the guy to stop allowing people to download from the website the guy can just go and stick it on Gnutella or another P2P service and magic - suddnely it's on 1000s of computers out there.

Is anyone else out there chuckling at the shear meta-hilarity of this whole thing? You're talking about using a peer-to-peer network used primarly for piracy to distribute an illegally modified binary used to connect to another peer-to-peer netowk which is also used primarily for piracy.

We're rapidly approaching the point where the effort it takes to pirate something is less than the effort of going to a store and actually buying the damn thing.

--
Damn the Emperor!

Re:Two common misconceptions in this thread..

[martissimo]

i've been wondering how they would block access for a few minutes myself.

First of all it would certainly have to involve a new client, i think that much is a given. Wonder if they could work out some sort of check when you request a file that would compare a MD5 of their files or something. Certainly would take a fair bit of coding to pull off, but i would guess that they could figure out something if they are willing to spend the time coding it.

i loved this line: Consumers are being deceived with ripped off and highly suspect code, and we are determined that their rights, enjoyment and machines are not prejudiced

sounds like they described their own code pretty well right there

Re:Two common misconceptions in this thread..

[smcv]

Wonder if they could work out some sort of check when you request a file that would compare a MD5 of their files or something

I seem to remember AOL did this briefly with their IM program to prevent/discourage another app (things like Trillian, Gaim, and Jabber, although I'm not sure which of those existed at the time) using their network; they requested the checksum of random byte ranges from the executable at random times. Shortly afterwards, the clone program's installation instructions included "Place a copy of the Windows AIM executable in this directory, so we can do checksums on it." This didn't last long.

There's really not a lot you can do to prevent unauthorised clients connecting to a public network if the people modifying the client have sufficiently low-level access (observe the problems game developers have trying to prevent modified binaries from joining their servers) - any checksum-type solution doesn't necessarily work, because how do you make sure it's the connected executable whose checksum you're getting?

Re:Two common misconceptions in this thread..

[martissimo]

any checksum-type solution doesn't necessarily work, because how do you make sure it's the connected executable whose checksum you're getting?

excellent point, however i dont suppose they really care if you are running their client... they only really care if you are running the damm crapware that comes with it which makes them money. so if the checksums were performed on the crapware to make sure it was un-altered?

Re:Two common misconceptions in this thread..

[Shiny+Metal+S.]

Secondly, if they somehow get the guy to stop allowing people to download from the website the guy can just go and stick it on Gnutella or another P2P service and magic - suddnely it's on 1000s of computers out there.

Or stick it on that Kazaa network. As some people say, it's very good for that sort of thing. No, really, if they would block it then they would have to block all of the warez/"pirate" traffic on their network (i.e. 99% of the traffic on their network) after demonstrating that it's possible, and just go out of business.

Re:Two common misconceptions in this thread..

[Nogami_Saeko]

Oh yes, I've noticed and been having a good little chuckle at this one too.

Poor poor Kazaa... Someone has hacked their precious little client to take out the advertising...

...So they're not making any money...

...So they're thinking of lawsuits...

...Just like the RIAA...

...They're powerless to stop it!

Money makes the world go 'round, it makes the world go 'round...

Re:Two common misconceptions in this thread..

in fact - YES.

for me it's even too much worries & money to buy even CD-R's for the things i download.

Re:Two common misconceptions in this thread..

[_Sprocket_]

so if the checksums were performed on the crapware to make sure it was un-altered?

Have your trojan (in the good sense) app check the newest install file. It could locate the required file, generate a checksum on the requested offset of that file, and then return it... all without ever having to install the malware. And since it deals with the latest install file (either user-supplied or auto-downloaded?), the "authentication" is automagically updated as new install files become available.

Re:Two common misconceptions in this thread..

[Kintanon]

That right there is why I no longer pirate shit! Back in the BBS days and the early days of the commercial net (early to mid 90s) it was easy to find reliable, working, cracked warez. Now you can't find shit on the web, most of the peer to peer networks aren't much better, FTPs are all huge Ratio sites... It's just a pain in the ass to try to Warez anything, I can work an hour of overtime and buy whatever the fuck I wanted to Warez...

Kintanon

Re:Two common misconceptions in this thread..

[mwise]

Eh! They locked out their own curses-based linux client (as well as other third party apps that used the network) and simply told their "legit" users to download a "security update" from the kazaa website or the netowrk itself.

They have control over the sharing protocols, so they can fiddle with them as much as they like.

Re:Two common misconceptions in this thread..

[MichelleHart]

But there *are* checksums to do with the spyware already implimented. During the Kazaa-lite install, it warns you that it's going to plunk down a .dll file that AdAware will pick up as part of a type of spyware, because the Kazaa servers do a checksum-type-thingamy on it, but that it's been crippled.

Re:Two common misconceptions in this thread..

No, the Cydoor DLL is just called by the client. Instead of cracking the client to stop needing Cydoor, they just make a dummy Cydoor DLL with the functions Kazaa uses.

Re:Two common misconceptions in this thread..

It's actually remarkably easy to pirate shit. Going on the web to find stuff has never been a good idea.

Re:Two common misconceptions in this thread..

"the cat's out of the bag"

I think in this situation, bagel may be more appropriate than bag.

Re:Two common misconceptions in this thread..

[martissimo]

But there *are* checksums to do with the spyware already implimented. During the Kazaa-lite install, it warns you that it's going to plunk down a .dll file that AdAware will pick up as part of a type of spyware, because the Kazaa servers do a checksum-type-thingamy on it, but that it's been crippled

I'm aware that it leaves "neutered" versions of the .dll files, which leads me to believe that kazaa checks for the *presence* of the .dll's and not checksums of them, after all if the .dll is different, the checksums would be as well

Re:Two common misconceptions in this thread..

[jjeffries]

Kazaa is distributed over Kazaa. The installer downloaded from them has just enough capability to get onto the fasttrack network and grab the rest of the Kazaa software. By default, everyone running Kazaa is sharing this file.

Has anyone tried to replace the stock share with the hacked version? That would kick ass!

Re:Two common misconceptions in this thread..

>>We're rapidly approaching the point where the effort it takes to pirate something is less than the effort of going to a store and actually buying the damn thing.

Um...I hope you meant "more than".

Re:Two common misconceptions in this thread..

>> That right there is why I no longer pirate shit!

I can't say I've ever done that.

Now, in my day, I've pirated music, movies, software, books... but there's just something about being a "shit pirate" that keeps me from considering getting involved in it.

Re:Two common misconceptions in this thread..

[civilizedINTENSITY]

No actually its just the opposite. Its getting easier and easier to circumvent unduely restrictive measures. The infrastructure is now in place. People know of its existence and how to use it.
:-) And thats a good thing :-)

Re:Two common misconceptions in this thread..

Whatever, you still sound like a butt pirate to me.

Re:Two common misconceptions in this thread..

[Cryptnotic]

Trying to find something in a store is a pain in the ass. And for something digital, there's no reason it should be. I drove to 4 different stores to find a copy of Grand Theft Auto 3 for Playstation 2. If I could have downloaded it, I would have. Forget the money part, it's just more convenient.

Then there's the fact that games, movies and music should be cheaper once you cut out the plastic disc duplicators, booklet printing machines, plastic jewel cases, retail markup, and distributor markup. I really think it's those people who are opposed to digital distribution more than the actual "content producers".

Re:Two common misconceptions in this thread..

[Black_Logic]

"We're rapidly approaching the point where the effort it takes to pirate something is less than the effort of going to a store and actually buying the damn thing." As soon as we admit this.. 'They've' won!

Re:Two common misconceptions in this thread..

[gabec]

Ok, two things... first, they've done it before. (made previous versions incompatible with the network forcing upgrades) and second, it seems to me that if they can do *that* then it implies they really *are* centralized.

M$-Ware

[bushboy]

Ok, I've downloaded this funny kazaa-lite thing, what I want to know, is how do I get rid of this trojan that's been running on my i386 for a while - it's commonly known as "The microsoft XP Trojan ?"

Oh yeah - I remember now, format my HD and install Linux !

How silly of me :)

For those of you still getting unwanted pop-ups on websites - er, have you been living in a cave or something ? - time to switch to a new browser ... - one with a back button that does what it's meant to do ... go back

Re:M$-Ware

I'm sure women can't resist a man with such wits....

Warezdot.org???

[WhaDaYaKnow]

WTF? I mean, are we going to see front-page links to warez copies of AutoCAD here soon, just because we don't agree with the way Autodesk wrote their software?

It baffles me, because the link is obviously to a piece of software that is not legal, no matter what license agreement or personal feelings.

For a site that is supposed to be so Open Source aware this seems especially strange. Open Source does not condone piracy. Instead it allows for alternatives. So why not have an article about a good Open Source alternative, instead of linking to illegal software?

(Yeah, I don't like spyware either, but if people are stupid enough to install it, then that's there bad. It's an other thing for the company to make it clear that the spyware exists, but these are law-technical issues. Which should be dealth with seperately.)

Re:Warezdot.org???

please put a large wooden stick in your a$$ and stop shouting crap.

stuff like this is put on a site like this because the editor's think it maybe of interest for its regular readers. if 50% of /. users were interested in pirated adobe photoshop, we would indeed see the links here.

and don't tell open source is against piracy. - open source is the copyright infringement (better term than brutal piracy) of the elitist smart. "we don't hack kazaa to kazaa-Lite, we write our own" - check out the GiFT - GiFT isn't FastTrack project.

if you write yourself a client, that connects to a proprietary network, where the client identifies itself wrongly to not be blocked out, it is not legal either, but it's already found its way to freshmeat.org...

Re:Warezdot.org???

[dimator]

Why shouldn't /. post a link to this? If there are ass-bandits who create software with embedded spy/scumware, I see it as poetic justice that people learn about and use a non-shitty alternative. (And seriously, how much more 'illegal' is this than software that already allows you to leech mass quantities of software/music/etc that you didnt pay for?)

Re:Warezdot.org???

[_Sprocket_]

WTF? I mean, are we going to see front-page links to warez copies of AutoCAD here soon, just because we don't agree with the way Autodesk wrote their software?

You have a valid point tossed in with all the blame towards Slashdot. That point being the question of how legal and/or moral it is to hack and distribute freeware to remove undesired functionality (and would it make any difference if the app in question wasn't freeware). But I have to disagree with the overall tone of the post.

First, this is a valid event. It is part of the backlash towards Kazaa for their business practices. And it is a popular action too, judging from the article and the fact that the last few times Kazaa has been the subject of a Slashdot article, Kazaa-Lite gets multiple mentions.

For a site that is supposed to be so Open Source aware this seems especially strange. Open Source does not condone piracy. Instead it allows for alternatives. So why not have an article about a good Open Source alternative, instead of linking to illegal software?

Let's not confuse issues here. This has NOTHING to do with Open Source. Heck - Kazaa has nothing to do with Open Source software itself. Though the suggestion to mention Open Source alternatives is a fair one.

Re:Warezdot.org???

[WhaDaYaKnow]

please put a large wooden stick in your a$$ and stop shouting crap.

Ah, a good indication that the rest of your comment is going to be worth reading.

stuff like this is put on a site like this because the editor's think it maybe of interest for its regular readers. if 50% of /. users were interested in pirated adobe photoshop, we would indeed see the links here.

Yes, and I'm indicating that I'm not interested in seeing links to software that infringes on copyright. You do, I don't. (btw. you don't have to shove something up your rear because you made your viewpoint known, as far as I'm concerned)

What I am trying to say is that if you want to be taken seriously by a justice system, you are going about it the wrong way by endorsing copyright infringement.

and don't tell open source is against piracy.

Huh?

- open source is the copyright infringement (better term than brutal piracy) of the elitist smart. "we don't hack kazaa to kazaa-Lite, we write our own" - check out the GiFT - GiFT isn't FastTrack project.

Sounds clever, but you are missing the point. Kazaa-lite is based on the original binary, which by default is protected by copyright law. Nuf said.

On the other hand, implementing the protocol in 'clean-room' software, be it Open Source or not, has NOTHING to do with copyright. I know the DMCA is trying to say so otherwise, by basically moving reverse-engineering into the copying domain, but this still has to be proven to hold up in court.

if you write yourself a client, that connects to a proprietary network, where the client identifies itself wrongly to not be blocked out, it is not legal either, but it's already found its way to freshmeat.org...

Can you show me any evidence of this statement? Can you point me to ONE case where a judge ruled this?

Re:Warezdot.org???

[WhaDaYaKnow]

You have a valid point tossed in with all the blame towards Slashdot. That point being the question of how legal and/or moral it is to hack and distribute freeware to remove undesired functionality (and would it make any difference if the app in question wasn't freeware).

The fact that it is freeware does not change the copyright that applies to it.

First, this is a valid event. It is part of the backlash towards Kazaa for their business practices

Fair enough, you are right.

Let's not confuse issues here. This has NOTHING to do with Open Source

You are right here too. My point is that it would probably help, if we want to be taken seriously, to link to Open Source alternatives for the Kazaa network, instead of linking to software that infringes on copyright. But I guess, that's not what the 'news' was about.

I guess the bottom line is, that in my opinion it doesn't look very professional to have a link on the front page to software that infringes on someones copyright. No matter how shitty that original software is.

But in all fairness, when someone rips off an Open Source project, they include full links as well...

Re:Warezdot.org???

[WhaDaYaKnow]

Why shouldn't /. post a link to this? If there are ass-bandits who create software with embedded spy/scumware, I see it as poetic justice that people learn about and use a non-shitty alternative.

It will however, as a negative side effect, put amunition in the hands of our 'opponents'. E.g.: 'look they are helping people find illegal software'. But as someone else pointed out, this is news, and for that reason it does make sense the link is posted...

I guess I sometimes confuse /. for being Open Source evangalists, where it really is a news site. As the former, they would have a certain responsibility, especially when it comes to creating an image without blemishes. As the later, they can be objective and post what they want.

(And seriously, how much more 'illegal' is this than software that already allows you to leech mass quantities of software/music/etc that you didnt pay for?)

Well, I don't want to be the judge of that. There are however MANY people here that insist that P2P network are very useful for non-illegal means, although I've not really heard a lot of good examples...

Re:Warezdot.org???

[_Sprocket_]

The fact that it is freeware does not change the copyright that applies to it.

Oh, certainly. I agree. However, I tossed that bit in there because I seem to remember some legal finding awhile back that specifically mentioned the price paid for software or somesuch (I probably shouldn't go off on tangents when I'm tired).

I guess the bottom line is, that in my opinion it doesn't look very professional to have a link on the front page to software that infringes on someones copyright. No matter how shitty that original software is.

Yea, but the links provided included an article too. Though, I guess it would be much more interesting if the article was on CNN or MSNBC, etc.

Re:Warezdot.org???

[tftp]

There are however MANY people here that insist that P2P network are very useful for non-illegal means, although I've not really heard a lot of good examples...

An example you want? Here is one, judge for yourself how good it is.

There are countries other than United States, and those other countries often have sane copyright laws (probably because they didn't have legislature as corrupt as US one). In those countries music and other works of art fall into public domain much faster than in USA.

Some works were always in public domain. Take, for example, songs of Vladimir Vysotsky, even when he was alive. Other works, of other artists, were copyrighted but became public domain long ago, according to laws of that country.

It is a big mistake to treat the whole world as an extension of USA. The world is much larger, and it is not obeying the same insane laws that americans do. Most of the world does not even care about american "top 40" or whatever it is called. Most people on the planet would not listen to those sounds even if they are paid to do so. Finally, most artists in the world have nothing to do with RIAA.

Re:Warezdot.org???

[Pig+Hogger]

The fact that it is freeware does not change the copyright that applies to it.

So what? Just like when you buy a magazine, you're allowed to rip-off the pages and paste them into a scrapbook (or sell them on e-bay), so you oughta be allowed to excise the parts of a copyrighted program you just bought that you don't like, EULA notwithstanding (cause the EULA can clamour whatever it wants, it certainly can't remove your LEGAL RIGHTS.

Re:Warezdot.org???

[ymgve]

There are however MANY people here that insist that P2P network are very useful for non-illegal means, although I've not really heard a lot of good examples...

Game demos. Have you ever tried to get one of these right after the release? I tell you, it's hell if you don't know of any good updated local mirror. If the game companies started distributing game demos via p2p networks it'd be a LOT easier to get them.

kazaa-lite

Seems it's not so 'clean' after all -

Cydoor - cd_lint.dll

Well I'll be darned ! - still trojaned :)

Re:kazaa-lite

[Colz+Grigor]

Seems it's not so 'clean' after all -

Cydoor - cd_lint.dll

Well I'll be darned ! - still trojaned :)

If you were intelligent enough to compare file sizes, however, you'd notice that the cd_lint.dll is different than the cd_lint.dll that comes with the bloadted and user-abusive version of Kazaa.

Now why would you suppose that is?! Perhaps it's because Kazaa checks for the cd_lint.dll and won't run without it? Yup. That's it!

So the cd_lint.dll that comes with Kazaa lite still has all the components that Kazaa checks for, but it does nothing.

No trojans for Kazaa Lite, but I think the world would appreciate if you would continue to use them. You're not ready to breed.

::Colz Grigor

Re:kazaa-lite

Well, if I do breed, hopefully my offspring will not be as anally retentive as yourself...

One can only hope, eh ?

Re:kazaa-lite

it even says during install "kazaa lite will put a dummy cd_clint.dll in the install folder, this is a harmless version that does nothing, although older ad-aware versions mark it as spyware. this is not true and please choose 'ignore' on this file when running ad-aware"

so we can safely assume that this person cannot read. if microsofts EULA has text like "bill g. is allowed to rip your still beating heart out of your chest if you refuse to burn your linux box" he wouldn't even notice...

Re:kazaa-lite

[srand]

It's a dummy dll - to fool some routine in the program that checks to see if it's there. It
doesn't do anything.

Re:kazaa-lite

Wow I must be azz intelligent azz u, 4 I too have read the reedme. We 2 r soooo L337

U R fiendly H4X0R H4ckSmurf!

Re:kazaa-lite

so we can safely assume that this person cannot read. if microsofts EULA has text like "bill g. is allowed to rip your still beating heart out of your chest if you refuse to burn your linux box" he wouldn't even notice...

I'm pretty sure that was on the EULA for Visual .NET, but I just clicked-through as usual.

No, they're opposites.

[smcv]

"spyware-ridden"...
"sans spyware"
Isn't that just a little repetitively redundant?

No, they're opposites.

dictionary.com says:

ridden Pronunciation Key (rdn)
...
adj.
Dominated, harassed, or obsessed by. Often used in combination: disease-ridden; grief-ridden.
Source: The American Heritage® Dictionary of the English Language, Fourth Edition

Yeah, but..still might have something funny

[uberstool]

I'm looking at the Kazaa search interface
and hauntingly reminds of The Registers recent story about the Windows XP search companion. I am not a code head, but it appears to me that Kazaa's search functionality is based on something native to Windows. If Kazaalite propagates, and if it is in fact based on this parasitic search functionality, would MS get to see any of what is searched?

http://www.theregister.co.uk/content/4/24815.htm l

Re:Yeah, but..still might have something funny

Just because it looks somewhat similar (input box left, some options below it, results right) doesn't mean it's based on something in windoze. The way windoze searches and shares files has nothing to do with KaZaA, and it would probably be more difficult to base it on something in windoze than to write you own stuff. It just needs IE because of the adds (popup and banners), and probably because of the webpage you see when you press the start button in KaZaA. That's also why i think it won't work in wine, because KaZaA Lite still has that start button, and needs IE to render that page.

Re:Yeah, but..still might have something funny

As The Register article grudingly admits, all the
Windows XP search interface actually does is
to download some template files.

In other news ....

a fact that has been on slashdot comment sections numerous times for about a month has finally reached slashdot editors.

woohoo

This isn't so new...

[Choppa]

I did this a few months ago. Instead of hacking KaZaA, I hacked the CyDoor DLL, replacing the old on with my version that simply does nothing.
You can get the code at: http://www.bakedbeans.com/cydoor/

This won't work.

[fredistheking]

If ad-aware is run with any new versions of kazaa installed, it will remove a certain .dll file that kazaa requires. Kazaa will give a error message that says a required .dll was not found and wont run. Of course this .dll is only part of the adware/spyware and is not really needed. Kazaa-lite replaces this .dll with a dummy file so it will still run.

In other news...

[haedesch]

compressing TIFF files with JPEG compression _reduces_ bandwith usage

Russky's on the side of FREEDOM? WTF?

So, what tf is up with RUSSIANS being on the side of FREEDOM?? That's so fuscked up. Remember better dead than red? No one else seems to. Oh well. The world is going down hill.

Re:Russky's on the side of FREEDOM? WTF?

[L1nUx+h4x0r]

No, no. Have you noticed that comunist nations always have democratic or republic sounding names?
Democratic People's Republic of Korea
People's Republic of China

It would be, "The Democratic People's Free Capitalist Republic of United States in America"

Re:Russky's on the side of FREEDOM? WTF?

So, what tf is up with RUSSIANS being on the side of FREEDOM?? That's so fuscked up. Remember better dead than red? No one else seems to. Oh well. The world is going down hill.

Yeah! Remember when the U.S.A. was fighting against fascism?

Re:Sharman Networks?

oh dear fucking god, those motherfucking commericals...

CHA CHA CHA... CHARMIN

whoever thought that up should be shot in the groin with a shotgun

How complicated was this hack?

[fasteddie203]

I haven't used Kazaa in months, before they started adding the spyware. But is the spyware part of the Kazaa application or a separate app loaded by the installer?

If it's a seperate program then it should be easy to update the hack everytime they change anything on the server side.

If it's an integral part of Kaaza then it's impossible to separate them - just like IE is part of Windows - just ask Micro$oft.

Re:How complicated was this hack?

[EdMcMan]

echo '0' > spyware.dll

Re:How complicated was this hack?

i dont care about no f_cking registration u can suck it lol... this is []||/|G0f$|/|4[]3 , and ALL of it has spywarz and sub 7s and whatever else u can think of... if its not from the orig source, u dont know what it has... and whats with the money sign? j00 think ur 1337? =D so the moral of the story u gota give something to get something nothings free u dipsh*ts

Re:Didn't used to be.

It had no popups about a month back, then everyone suddenly heard about it at once and he had to choose between going off the web and taking his software with him, or putting adverts on his page.

I think he made a good choice.

Besides I hardly think its ironic anyway, he advertises it as Kazaa without the spyware, not adware. Cydoor is also blocked due to their past behaviour, and I wouldn't trust their software either.

Poor business model

[fasteddie203]

I wonder if Sharman Networks would have bought Kaaza if they knew their profit could be so easily hacked away.

Xware

[elite+lamer]

The sheer amount of terms being made up on the spot here is mind-boggling. Sure, I've heard of spyware, malware, and etc...but I'm sure some of these are made up! Everyone and their brother are using a new term: crapware, monkeyware, Kazaaware, or some other inane Xware name. Has anyone thought of calling Kazaa software?

Come on now

[pornaholic]

from smcv:
>No, they're opposites.
>dictionary.com says:
>ridden Pronunciation Key (rdn)
>...
>adj.
>Dominated, harassed, or obsessed by. Often used in combination: disease-ridden; grief-ridden.
Source: The American Heritage® Dictionary of the English Language, Fourth Edition

from Z4rd0Z:
>Isn't your own statement a little "repetively redundant" as well, or are you just trying to be ironic?

Isn't that just a little repetitively redundant?
(Taken in the original context of course...)

So Now We Trust The Russians To not Spy???!!!!

Oh my god.. this is a joke.. non-spyware from the russians hahaha.

What's to be learned from it?

[software_non_olet]

P2P must be OpenSource - all else is the same old crap in new clothes only. Hacking it doesn't make it any better - it's still hidden source from my point of view.

I'm not going to run anything 'free' on my hosts which is not OpenSource. Full stop.

Life as a Windows user...

Spyware, viruses, exploits...

Awwwww...isn't life grand?

Re:Open Source contains hidden terrorist messages!

[NoMoreNicksLeft]

Meant as a joke. Maybe a bit too long, could have been 4 or 5 lines shorter, I'm sure. Do they hand out free crack with the mod points, or what? I hope someone with half a clue m2's this.

Don't sweat it

[Electrawn]

No, you are correct. Slashdot posters need to properly credit their sources. Also, the editors need to take journalism 101. Also, the moderation system is broken.

So what else is new?

How do I know kazaalite is not malware as well?

[stain+ain]

It took a while to realize what kind of spyware kazaa was, even with lots of people using it for a long time.
Now we have this 'hacked' version with the spyware apparently removed. I don't know the author, there is no company behind it, it is not open source... and nonetheless we all jump over it, trusting it does what it says...
How do I know it doesn't contain some extra spyware?
I have not any indication that kazaalite is not a legitimate software, but again, I have not any indication on the contrary... I think there is something very wrong in the way we accept and instantly trust new software.
My question is WHY should I trust this more than kazaa?

Re:How do I know kazaalite is not malware as well?

[Frozen-Solid]

It is fairly easy to tell that it does what it say it does, because 1) no more ads and 2) most computer savyy people can tell what else is installed along with one program by simply looking at the control panel add/remove programs (did you ever notice b3d projector) and for additional folders in the Program Files folder. Plus the new version uses less resourses then the original, not to mention not having to pull down ads from the internet which in turns ups your available bandwidth a bit.

Re:How do I know kazaalite is not malware as well?

[liquidsin]

watch your firewall logs. look for anything unauthorized going out. run ad-aware after you install it. you should never ever ever automatically assume that any piece of software is safe unless you wrote it yourself (you know, if you want to be all paranoid...).

Re:How do I know kazaalite is not malware as well?

[Kallahar]

Simple fact is that hackers are now more trustworthy than corporations.

Wait, it's been that way for years! :)

Travis

Re:How do I know kazaalite is not malware as well?

[paulvandiepen]

You can't tell whether the Spyware/Trojan etc is not using the same channel that it uses for p2p down/uploads (and you have to allow in your firewall policy). Your Firewall logs can give you only positive evidence of hitchhiking apps, not negative.

Linux version?

[Jacek+Poplawski]

What happened with Linux version of Kazaa client? Are there plans to make it back?

Re:Linux version?

[Ashcrow]

Since they have gone through a good amount of change in code and (I belive) network they have pulled the Linux version. No one was working on it really. If you'd like to see it come back email them via their responce form on kazaa.com

Re:Linux version?

[Robotech_Master]

There is a Linux fasttrack-type client, giFT. However, it can't access the KaZaa FastTrack network, due to their encryption. ("No control over the network," my foot!) It can only trade with other people running giFT.

As for KaZaa's own Linux client, I don't know, though I find myself a bit in doubt. After all, you can't pop up ads in a text mode client, nor can it run trojans...

Firewall the client?

[loply]

As it stands, I dont have a firewall/bridge in my house, but soon I will, and £10 says there is a way to ensure the malware in Kazaa doesnt call home. Or does kazaa not like being masqed in the first place? Its nice to see Kazaa Lite, hope it stays available.

Its called "News for Nerds ..."

/. is not only a "Open Source" advocacy site. This site has also posted several stories about decss, Napster, PS2Crack, and numerous other programs which have questionable legal status.

P2P-networks suck compared to ftp...

[BeyondALL]

P2P-networks (all of them) cannot compete with good old ftp-tranding anyway.
First, they are too slow, and second... what's up with all those movies etc. that is renamed to something other than what they are.. does anyone think they get more credit if they spread more GB's on these networks... ?
How hard can it be to make some friends on the net and download from them, and for mp3 there is only one: Audiogalaxy never let meg down :)

Russian law

[k98sven]

Just a thought: Given that Russia does not have a DMCA-type law,
how motivated would they be to extradite these guys to the USA?
(Given, of course, that they figure out whodunnit)

It seems to me the russian police have a bit more important things to do..

Any russians here who'd like to comment on this?

Re:Russian law

[ParserONE]

I think the Russian police wouldn't be motivated at all to extradite anyone to the USA for any Kazaa related charge.

Kazaa was a Dutch business, based in Amsterdam. Recently it has been sold to Sharman networks in Australia.

So there's really no point in sending anyone to the USA to stand trial since there's not a single American citizen or company involved here...

Re:Russian law

[civilizedINTENSITY]

Is this even illegal where it was hacked?

Wrong name

Some people would think that this version lacks features instead of spyware routines and would not download it.

I'd have put more efforts in hacking the protocol, like the folks at OpenFT did some time ago.

Yeah, its kinda old news...

[Lispy]

i read it on CHIP (!) already. And this is like CNet, yesterdays News today in german. But i gotta admit this works and i use it.

Kazaa really sucked and when im running Win2k (yes, its a dualboot machine) i keep it open, much less performance greedy than the official Kazaa, what makes me believe in the spyware-free promise. I am writing redundant silly stuff?? Yeah, no wonder just got back from a weekendlong LAN, and had no sleep at all...

gnite,
Lispy

I posted this at least two weeks ago

But apparantly spyware wasnt big enough of a nuscance then.

Can Kazaa "lite" be found...

[NorthDude]

On Kazaa?

Well...

[muffen]

...they probably moved all the adverts from kazaa to popup windows on their webpage :)

Re: Well...

[duren686]

Maybe so but how often do you visit the Kazaa-lite webpage when you up and download files over the service?

It's better to get a few popups when you download the thing than to get a lot over the hours that you leave it on to download DivX mov^H^H^H^H^H^H^H^H^H independantly-produced media.

There is still another step

[OneInEveryCrowd]

Ad-aware doesn't detect or remove the Brilliant Digital Entertainment stuff either. You have to use add/remove programs in the control panel.

I like that Cydoor mimic though, you might be able to put it in the windows system folder and fool other programs as well.

Life as a Linux user...

...Nope, nothing here. Oh look, my web server just said beep. I have a visitor!

Awwww...isn't life grand?

It's already existe

[Beretta+Vexe]

It's already exists since one month, it's in french and it's named Omega. http://membres.lycos.fr/bakamx/

Ur getting this wrong

[idontneedanickname]

what they mean is freespyware ,not spyware-free...
i mean come on, they wouldn't post it if it weren't somewhat better on the matter of spyware than the original is, now would they? right? then again...

--tzan

so where's the source?

[YOND+R+BOY]

If he has nothing to hide, why not open source the project? That way we could see all the trojans he didn't put in. oh yeah, and then I could port it to BSD!!! I say we email the author and start a petition!!!
danceanthems@kazaalite.com

Re:so where's the source?

He can't give you the source because he dosn't have it! All he has done is take the downloadable binary from Kazaa's site and broken or removed all the ad and spy .dll's. He hasn't actually edited any of the source.

So how would YOU pay for the bandwidth?

[Simon+Carr]

Many things are free, but bandwidth and hosting are not in that list (even if you think they are, and if you do, it's time to wake up from fantasy land).

If you like this free version, I'd click on those links, even if they are "annoying", and "waste valuable seconds of your day you could be using to look up photoshop'ed naked jpegs of the cast of Enterprise".

No irony, really.

Re:So how would YOU pay for the bandwidth?

[Da+Masta]

No irony, really.

Actually, the irony is there.

The guy is using advertising popups to pay for his bandwidth on his server which is serving a version of KaZaa that prevents IT from gaining advertising revenue. I don't mean to take sides, but suddenly it's okay for one l33t h4x0r dude to use ads, but not for another company simply because it stands to make a shitload more money than him, or for whatever other reason?

I think the original poster's point still stands, and would have gotten a +1 Funny from me if I didn't feel so obligated to defend him verbally instead.

Re:So how would YOU pay for the bandwidth?

[majorero]

Ahhh, but his site doesn't pretend to be something other than what it is. Installing spyware on my machine without my permission is a far cry from a few pop up ads.

While I see your point...

[smashcasi]

I think this does fall in the realm of "stuff that matters".

Whatever one's personal feelings are regarding the P2P "community", the simple truth is that it's eventually going to change the way we buy music, movies, and probably everything we purchase in digital form. Personally, I find the whole thing fascinating.

Another truth is that while we can make all the ethical arguments we want, we (the geeks) are the ones to blame. Who creates the technology to make pirating so ridiculously easy? We do. Who dreams up and builds P2P networks that are nearly impossible to shut down? We do. Of course on the flip side we are also building the measures to prevent such copying or at least make it extremely difficult, but for every talented person doing their best to stop piracy there is another equally talented person ready to take on whatever challenge the other dreams up.

My point here is not to endorse anything, but rather to say that whatever you personally may think about the whole thing, the repercussions will effect us all.

Pot v. Kettle, CIV-02-93283

So what happens when people start distributing K-Lite over Morpheus? Will Sharman sue StreamCast for copyright infringement?

(ring ring)
"Hello? Pot? This is Kettle. Yo' black!"

Even if you wrote it yourself

[Veramocor]

You should be careful, you could have split personalities like in fight club. One a nice guy another an evil spyware producing hacker!

Uhhhhhhhhh

[cjsnell]

Be careful of saying things like "the only way Kazaa could block it is...". There is always another way. In fact, I thought of one while reading your post:

Imagine that one of the pieces of spyware is designed to send out an "I'm alive!" message to a central server, to let it know that it has an activated client. This isn't too hard to imagine, I don't think. Suppose Kazaa blocked access to its network to any host that did not send an "I'm alive!" message. There you go, it's blocked.

Now, the Russian folks could combat this with two different techniques: modify the Kazaa client itself to send out the "I'm alive!" message, but this will likely cause CRC/integrity checks to fail.

The other possibility is to create a new process that sends the "I'm alive!" messages to the spyware servers. Problem with this is, it isn't much better than the spyware it replaced, in terms of system and network resources.

Re:Uhhhhhhhhh

[horza]

Imagine that one of the pieces of spyware is designed to send out an "I'm alive!" message to a central server, to let it know that it has an activated client. This isn't too hard to imagine, I don't think. Suppose Kazaa blocked access to its network to any host that did not send an "I'm alive!" message. There you go, it's blocked.

Kazaa would lose the ability to say the use of its software is out of its control, as it is no longer truly peer to peer but falls back into the client server model. This could have legal ramifications for them down the road.

Phillip.

Re:Uhhhhhhhhh

[Sancho]

As I stated in an earlier post, it would be trivial to use BDE's software which executes arbitrary code to automatically update every user's Kazaa--at least, all the ones using a legit version. Then Kazaa would be splitting their P2P into two networks: one that uses hacked and free clients, and one that uses "official" clients. They can prevent legit versions from connecting to hacked versions in said update, and the updates would propogate every time a legit user checked for an update or "allowed" the BDE software to update Kazaa.

And they could do it all without a centralized server.

That said, it should be easy to block specific files in the same way, meaning that the defense of "it's p2p, we can't control it" was moot the second they added any code into the client that allowed for some form of RPC.

already there

[tortap-0]

Thats one of the main reasons why people do warez. How are they otherwise going to get the latest stuff? The stores are slow so its easier to just warezed it. Ok, most of the time its just a money issue. But I for one warezed Quake3 as soon as I could to get some extra practice, then I bought the game when it eventually hit the stores where I live.

Warez are a lot more convenient than actually buying the products. Maybe not so much in the US and other countries where broadband or adsl isnt as common as Sweden. Here the p2p underground has a real stronghold. Whatever you want, its probably the fastest way to get it on Direct Connect. If you have a phat pipe (10 Mbits or so) and some 50-100 Gigs worth of movies/progs you can access the best hubs. 6-800 users and 15-20 Tbytes of data, that will keep you busy for a while. And thats just one hub of many.

My real name is Flame Bait

The Gnutella network sucks ass in comparison to FastTrack. It's much easier and faster to find what you need on FastTrack.

I would consider using Gnutella when it's the last P2P on Earth.

Someone PLEASE post an MD5 of this software.

[OpenGLFan]

Quite a few comments mention the availability of this software over the Kazaa network itself, should the main server be taken down or slashdotted.

Could someone with an "official" file from the website please post the MD5 signature of this file, giving everyone who intends to download over Kazaa a small measure of security against downloading a trojan?

Re:Someone PLEASE post an MD5 of this software.

[majorero]

KazaaLite 1.60 - a76e1b0be5d7ce1d03136dc8de2744cc KazaaLite 1.51 - 26ab442cf2741014a9795e52e44ee75d

Let's Show Him Our Appreciation

[lostchicken]

Congrats, sir!

To celebrate, why don't you just hop over to the US and we'll let you explain how you did it at a conference ;-)

Re:Since when?

"At least the makers of the official product have some accountability."

They've never demonstarted this, actually they have demonstarted that they can screw their customers as much as they want and still get away with it.

Author's reason to do this...

[jakobgrimstveit]

This explanation is available within the installer file (v1.6.0, english). All in all, this sounds very reasonable and plausible to me:

*** Important Note ***

Why was KaZaA Lite created?

For the same reason as the one why CNET has recently removed KaZaA from its download listings. Alongside the original KaZaA some third party software is distributed. This normally would not be an issue for me since it is mentioned in KaZaA's legal notice. But in this case this third party software severly threatens our privacy. The software from Brilliant Digital goes even beyond that point, acting more and more like a virus. The real workings of these third party software is not sufficiently explained to the end users by KaZaA. The legal notice is very long and difficult to understand, particularly for those whose native language is not English. Fact is that most users of KaZaA don't even know that there were some third party software installed by KaZaA, or more important what that software does. When KaZaA is uninstalled, the third party software is not removed. Removing all traces of this third party software is very difficult, even the biggest computer geeks have troubles with it. Virtually impossible for an average user. KaZaA should make very clear what is installed alongside the KaZaA client itself and what that additional software does, before an end user downloads or installs the KaZaA client software. This way an end user has the choice of using the KaZaA client including all third party software, or not using the KaZaA at all.
Until this happens I am giving the average user a choice to be able to use the KaZaA client without being mislead by KaZaA. Those who have some real knowledge about computers were already able to make their own 'clean' KaZaA client software.

It is not my intention at all to stop KaZaA from earning advertising revenue. In fact, I am thankfull to KaZaA for creating their great software and the FastTrack network. I only want to make clear that KaZaA has to stop misleading the people who use their software. The majority of the users of KaZaA Lite abandoned KaZaA long before KaZaA Lite was created for the reasons I have outlined above. Or they previously did not wanted to use KaZaA because they were aware of its implications. KaZaA Lite users now are a part of the network. The increased number of users on the network due to KaZaA Lite is beneficial for KaZaA, since a large network attracts new users.

"KaZaA, the way P2P should be". I hope this becomes true in the future.

CPU usage

I've been using Kazaa Lite for a couple of days and noticed that it uses close to the %100 CPU cycles on a win2k box a lot of the time!
Anyone elses notice this?
Does anyone know why?

why do people move from P2P network to P2P network

[shren]

Easy. None of the damn things scale.

Napster was great untill too many people used Napster. Then it was Gnutella, but soon too many people used that too. Then Morpheus, then Kazaa... Each emerges, gains popularity, and is destroyed by it's own popularity.

Here's a clue - any network where a message from a client is supposed to perpetuate to every other client is doomed to failure as the number of users increase. No amount of CPU or bandwidth that we will see in the near future can save it.

Who is starting the next P2P sacrifical network? Might as well get on board before it becomes popular and the honeymoon ends.

what about Morpheus

has anyone tried the new Morpheus?
since we are at the topic of Kazaa.
i know that the new Morpheus has
switched to Kazaa servers and it's
quite a bit toned down from the
old one. but has anyone try it,
and is it any good, and it's
spyware free , right?

thanks

No spyware detected

[DalTech]

I uninstalled kazaa v1.5 and installed kazaa-lite v1.6 a week ago and it is great. No ads or popups. Edited the registry to get rid of the bandwith limit for mp3s. My firewall hasn't detected any unusual traffic. Adaware isn't able to fing anything. And packet trace is clean. Looks good.

Re:Exactly! [luser]

The reason is that file sharing has been around since bandwidth started increasing. Lusers need file sharing applications. Newsgroups, FTP, and IRC.