Spyware Makers Resent Cleaned-Up Versions

Tri0de points to a ZDnet artcle on a programmer who's taken it upon himself to release spyware- and adware-free versions of popular file-sharing programs. "'He's done Grokster and iMesh. And he's not alone. His work, now available through the Grokster and iMesh networks themselves, joins that of other programmers who have previously "cleaned" programs such as Kazaa and Audiogalaxy in a campaign against "adware" and "spyware." Is the shoe on the other foot?'"

Of course! It's their $$

[Jon+Howard]

Where's the funding going to come from?

Be VERY wary

[grahamsz]

I'd be very suspicious of 'cleaned' applications floating about on p2p networks.

Whilst it's likely the author had your best interests at heart there's some chance he didn't.

It wouldn't be too hard to build a trojan into one of these, and if it were done well you could have your trojan version of kazaa send requests onto the network that immediately identify to anyone watching that it's an infected copy.

That'd would mean that the trojan wouldn't have to either 'phone home' or be detcted by randomly portscanning subnets.

however this still might be the lesser of two evils.

Re:Be VERY wary

[56ker]

Does anyone know if there's a non-spyware version of CuteFTP?

Re:Be VERY wary

[Jon+Howard]

I'm really sorry if this comes across as rude, I certainly don't mean for it to be, especially because I consider you to be extremely correct.

How is this Insightful?! If people don't know not to run untrusted binaries from untrusted sources, we need a serious wake-up call!

Come on people! This should be as obvious as "never pick up random hitchhikers stumbling in an alley in the middle of downtown Shanghai - especialy if they're impeccably dressed!".

Re:Be VERY wary

It wouldn't be too hard to build a trojan into one of these

Something like a secret p2p network for distributed computing and serving ads?

Re:Be VERY wary

[56ker]

Do you know of a site I can download it from - or would a search on WS_FTP and download be sufficient?

Re:Be VERY wary

[rosewood]

Might I side recomend SmartFTP (www.smartftp.com) -- I stopped using WS_FTP ages ago for Cute and dropped cute for smart

Re:Be VERY wary

[JZ_Tonka]

For all we know, this "someone" could be from the RIAA or MPAA, tracking downloads of individual users.

Sounds paranoid, but if some script-kiddie can make a "cleaned" version of a file-sharing program and distribute it for the convenience of the software's users, what's stopping people with less noble intentions from doing the same thing and releasing it to unsuspecting users.

Unlikely, yes, but it should make people pause before they download and use this kind of program from an unproven source.

Re:Be VERY wary

[Jinky]

It's at Ipswitch.com.

Re:Be VERY wary

Try ws_ftple.zip from here

Re:Be VERY wary

[gwernol]

How is this Insightful?! If people don't know not to run untrusted binaries from untrusted sources, we need a serious wake-up call!

Come on people! This should be as obvious as...

Well just because its obvious to you does not mean its obvious to everyone. There are lots of people who are just learning to use P2P networks and sites like Slashdot. How are they supposed to learn the "obvious" things if we're not allowed to tell them?

Kazaa et al. are new services themselves. They've only been around for a couple of years, and they've been in the "mainstream" for considerably less time than that. Plenty of people don't work on Internet time, they don't rush out and adopt every new technology within a few days of its launch. And yes, a lot of these people (I'd guess) read Slashdot. Don't forget that the vast majority of Slashdot readers don't post; therefore posters like you and me are highly unrepresentative of readers.

I don't think we're anywhere near the point, even in the Geek community, where we can stop giving out these warnings because they are "obvious". So yes, I think this was an insightful post.

Re:Be VERY wary

[fishebulb]

since the record labels are claiming that the company running the p2p is responsible for what is trading, the record labels would therefore be providing the software. that could be construed as giving permission

Re:Be VERY wary

If people don't know not to run untrusted binaries from untrusted sources, we need a serious wake-up call!

Judging from the number of times in the last eight months or so that i've listened to my roommate on the phone to his parents becuase he downloaded something off KaZaa and ran it, and it trashed his computer, and he then figured out that whatever virus that had hitched along with the thing he downloaded had emailed itself to everyone on his address book...

And judging from that the last four times my girlfriend went home to her parents house from college to visit, she came back bitching about how she spent the entire time at home fixing her parents' computer-- which was only broken becuase her idiot little brother ran hundreds of warezed and x-rated executables he downloaded off KaZaa, and she was the one who had to clean them off..

I'd say people need a serious wake-up call.

Also please note that even *if* everyone on slashdot is smart enough to know to avoid running binaries that came from an unverified source, the comment you're responding to is still insightful given that these days, *viruses and worms affect us all, even if they are not on our personal computers, even if only a little*. As evidence, i offer my apache access_log, clogged as it is with Code Red/Nimbda access attempts. If virus/worm writers find a new vector for their work, that's just that much more hassle and I SEND YOU THIS FILE IN ORDER TO HAVE YOUR ADVICE for the rest of us.

Re:Be VERY wary

[DragonMagic]

I used to use CuteFTP, still have the box from the retail version, but when I had to reregister it after a format, I had to email them THREE times to finally get a response to get the proper registry file in order to have it become fullware instead of shareware.

I got tired of CuteFTP's crud, and moved on to a free Windows FTP client that is a little better than CuteFTP. It's called SmartFTP, at http://www.smartftp.com/

Check it out, well worth the look, and completely free.

Re:Be VERY wary

[dbazile]

It's called FlashFXP. :)

Like I tell my friends, there's a relatively small learning curve, but in the end, you can't beat this program for FTP stuff.

Re:Be VERY wary

Just get an old version of CuteFTP, such as version 1.8

Re:Be VERY wary

[ncc74656]

I'd be very suspicious of 'cleaned' applications floating about on p2p networks.

Whilst it's likely the author had your best interests at heart there's some chance he didn't.

It wouldn't be too hard to build a trojan...

...and how, exactly, is this different from the spyware-infested version you get directly from Kazaa (or whoever)?

Getting back to the original article for a minute, one of the legal tacks being considered by Kazaa is that they claim you can't (among other things) pass along derivative works. Has anyone considered distributing spyware-free file-sharing clients as patches to the "official" releases? You're not distributing a derivative work. LAME began life as a patch to the ISO (?) reference MP3 encoder, and that worked well enough until they could write a new encoder from scratch.

Re:Be VERY wary

[ealar+dlanvuli]

not to mention all the brillian people at my college who don't read /. who gladly download any *.exe and run it, sometimes even using the (sarcasm) perfect virus-checker over it.

About as effective as randomly injecting yourself with blood samples, and sometimes glancing at them under a microscope to see if you notice anything wrong..

Re:Be VERY wary

[Qrlx]

I guess I'm grumpy tonight, but what's wrong with goin' to the good ole CLI cmd.exe and typing FTP when you want to, um, ftp?

Maybe it's me, I just don't see how adding a GUI to FTP helps much. Of course I don't do it very often, you are prolly some mega web designer with a thousand ftp sites to log into every day.

Still, it reminds me of the mac user whose way of expaining the FTP server wasn't responding was to say "the dog isn't running."

Fetch, boy! Fetch!

Re:Be VERY wary

[goatkoran]

GOAT KORAN
Classic 1 HIT ME IN THE SHITTER BABY, UGH HUH
Classic 2 Oh yeah, in the shitter some more, in the shitter.
Classic 3 More Ass stretchin goodness.
Female Goater My pussy is too small for this melon.
Goatse Grandpas - GRANPA GOAT S3X0R5
Son of a Goat - Holy fucking son of a goat. Kinda looks like Tako from behind, but to be sure I'd have to ask CowGryl Kneel
1 Oh, pardon me sir, would you happen to have any ANAL LUBE?
2 UNGH FART, pssssbt, ungh, tweeep, squeaaaaaak ungh
3 PFFFFFFFFFFT AHH pffft
4 FOOOOOOOOOOOOF blud dribble dribble
Prime Number Shitting Goatse SE THE Prym3 number flow like the river SHIT
Goatse Returns! Fuck yeah, the goat man is a coming back to Trollaxor

1 You Will Love to Goatse on all the things of Internet.
2 Will Search and initiate to new members, and you will show the way to the light (www.goatse.es.org)
3 When they return of to see our God Goatse, you mock of them.
4 To fuck, to fuck that are shocked the planets!

Goatsex goatsex GOATSEX Goat Sex animal sex bestiality
Of all the animal sex in the world, the one that suffers the most abuse from modern sexual habits is the large barnyard, otherwise known as the animalsex Our animals were intended by nature to function as a smoothly flowing sex systems, in order to promptly flush digestive wastes from the body.
The large barnyard is one of the four main elimination systems of the world. In Chinese medicine all the internal sex are paired. The large barnyard is paired with the zoo. Your puppy (dog/horse) is made up of four main sections:
(1) ascending, (2) transverse, (3) descending sex & the (4) sigmoid. It's total length is approximately 5 to 5 1/2 feet and it ends at the anus where feces eliminated from the body. The small pony's length is approx. 26 ft. long. They are called large and small not because of their length but because of their width & diameter.

* g o a t s e x * g o a t s e x * g o a t s e x *
gcccccccccccccccccccccccccccccccccccccccccccccc cgc c
oc/ccccc\ccccccccccccc\cccccccccccc/cccc\cccccc co
a|ccccccc|ccccccccccccc\cccccccccc|cccccc|cccc cca
t|ccccccc`.ccccccccccccc|ccccccccc|ccccccc:cc ccct
s`cccccccc|ccccccccccccc|cccccccc\|ccccccc|c ccccs
ec\ccccccc|c/ccccccc/cc\\\ccc--__c\\ccccccc :cccce
xcc\cccccc\/ccc_--~~cccccccccc~--__|c\cccc c|ccccxc c
*ccc\cccccc\_-~cccccccccccccccccccc~-_\cccc|ccc c*
gcccc\_ccccc\cccccccc_.--------.______\|ccc|cc ccg
occcccc\ccccc\______//c_c___c_c(_(__>cc\ccc|c cc co
accccccc\ccc.ccCc___)cc______c(_(____>cc|cc/cc c ca
tccccccc/\c|cccCc____)/cccccc\c(_____>cc|_/ccc c ct
scccccc/c/\|cccC_____)ccccccc|cc(___>ccc/cc\cc c cs
eccccc|ccc(ccc_C_____)\______/cc//c_/c/ccccc\c cce
xccccc|cccc\cc|__ccc\\_________//c(__/ccccccc |ccx
*cccc|c\cccc\____)ccc`----ccc--'cccccccccccc c|cc*
gcccc|cc\_cccccccccc___\ccccccc/_cccccccccc _/c|cg
occc|cccccccccccccc/cccc|ccccc|cc\cccccccc cccc|co
accc|ccccccccccccc|cccc/ccccccc\cc\cccccc ccccc|ca
tccc|cccccccccc/c/cccc|ccccccccc|cc\cccc ccccccc|t
sccc|ccccccccc/c/cccccc\__/\___/cccc|cc cccccccc|s
ecc|ccccccccccc/cccccccc|cccc|ccccccc| ccccccccc|e
xcc|cccccccccc|ccccccccc|cccc|ccccccc |ccccccccc|x
* g o a t s e x * g o a t s e x * g o a t s e x *

Re:Be VERY wary

[mccalli]

Whilst it's likely the author had your best interests at heart there's some chance he didn't.

This is where an application like Virtual PC comes into its own. I have a clean virtual machine, with W2K installed (and kept up to date with patches etc.), a few file sharing clients and nothing else whatsoever. This machine is never used. Instead, I make a copy of it and run that. Then, every couple of weeks or so after the adware has become unendurable, just delete the copy in use and replace it with a new copy from master.

Works perfectly. Spyware can try spying all it likes - I'm not using the machine for anything except use of their own networks, so there's nothing there for them to look at. Also, even if I am '0wn3d' through some obscure hack, it's only an isolated virtual machine and it'll only exist for a maximum of a week or two.

Cheers,
Ian

Re:Be VERY wary

[arkanes]

Well, it's handy to have that tree view. That said, I use command line for 90% of my FTP needs. The other 10% I use EliteFTP (nagware, no ads).

Re:Be VERY wary

[sir99]

It's not script kiddies who release cracks. They don't have the experience, or likely the intelligence for that. I agree though, it wouldn't pay to trust those people too much

Re:Be VERY wary

[i_am_pi]

I'd recommend NcFTP. Very nice command-line client. Link here

Pi

Re:Be VERY wary

[Qrlx]

When I have the urge to transfer a lot of files, I zip them first, which makes them one file. Plus it's smaller than the sum of its parts.

Also, if drag and drop is that important to you, you could just do it from IE.

Re:Be VERY wary

[shotfeel]

The difference is that if your typing is as bad as mine, the GUI user is done downloading while I'm still trying to figure out which of the 5 filenames had the typo. Heck, even without typos, 5 clicks and an enter (or click) is faster than typing 5 filenames and an enter.

Besides, depending on what you're using, it isn't always as clear that the "dog isn't running" when using a command line.

Besides that, simple folk like me are mesmerized by animated dogs and progress bars/indicators.

Re:Be VERY wary

[shotfeel]

I remember when the first upgrade to Mac OS X was leaked prior to release. I was shocked by the number of people who were clamoring to download it from "anonymous" sources so they could be the first to try it out.

I can only hope that at least some of them paused when a dialog box popped up asking them to authenticate themselves as an admin user (as all OSX upgraded do).

Well whoopdie do

[batobin]

Great. Spyware makers resent cleaned up versions. But guess what? CONSUMERS RESENT SPYWARE!

In my own opinion, spyware makers have no right to complain. Is there something I'm missing?

Re:Well whoopdie do

[nomadic]

In my own opinion, spyware makers have no right to complain. Is there something I'm missing?

They have every right to complain.

We have every right to ignore them.

Re:Well whoopdie do

[Bilestoad]

Yes. If you accept a license that says that you can't reverse engineer what you're installing and you do, then legally you're screwed. Morally is a whole other issue, and I side with the "cleaners" - but they have grounds to make your life hard.

Spyware makers give themselves right to complain by making you grant that right when you download and install. Sadly courts do usually uphold click-through licenses (as the article says).

Re:Well whoopdie do

[batobin]

Good point. They should just realize, though, that we wouldn't be forced to break their license if they didn't practice bad business.

I hope everybody at Kazaa is reading this right now.

Re:Well whoopdie do

[mian]

Yes. If you accept a license that says that you can't reverse engineer what you're installing and you do, then legally you're screwed. Morally is a whole other issue, and I side with the "cleaners"

Yeah, morally i'm with you.. but what I don't get is how lightly everyone takes Windows licenses especially, and then if anyone breaks the GPL they have a million geeks with pitch forks chasing after them.. if anyone reverse engineers a Windows program, to release a Linux version of a client, against the wishes of the author noone cares because it's apparently for a cause or something, just seems like a bit of a double standard, don't get me wrong I don't think the authors wishes or actions (including spyware) are always right, but it's still their wishes and their software so they can release it however they want, and their wishes should be abided by, if you don't agree with them don't use it.

I write both Windows and Linux software and have used the GPL a few times and it just seems like any non free-GPL type license is considered not worthy and taken with a pinch of salt.

I remember one guy who reverse engineered my Windows software against the license to hack it up, release again on his own site etc modified said directly to me something like it's your fault for not including a license, so when i proceeded to show him the license which not only exists, not only has to be agree'd to before installing but says you may not reverse engineer he laughed and said i don't read those things anyway.. ofcourse this guy probably wouldn't abide by the GPL or any license.

Re:Well whoopdie do

[mindstrm]

What if I didn't install it? What if I disassembled the installer without going through the clickthrough agreement? At that point, only standard copyright law exists to protect the authors.

Re:Well whoopdie do

[orkysoft]

Well, sue the guy, then!

Re:Well whoopdie do

[morgue-ann]

GPL protects the expression of an idea which is protectable under copyright law. I could look at some GPL'd code, write a function spec, throw it over a wall & have someone else recode it & be in compliance.

Reverse engineering something like the Xing DVD player is extracting the idea (which is not protected) to create a new expression. On one hand it's harder because you have to disassemble object code, but on the other it's easier to keep your clean room clean because all source code is almost guaranteed original.

Stripping crap out of an expression of an idea & re-publishing that expression is infringement. It's a derivative work.

I agree with you that GPL violators vs. Kaaza copyright infringers is hypocritical, but you're trying to lump all reverse-engineering in with Kaaza lite. My non-infringing case of r.e. might violate a EULA, but EULAs have a much more tenuous legality than the old copyright law GPL is based on.

Did the guy who r.e.'d your code really reverse engineer it or take portions out verbatim? "hack it up, release again" sounds like the latter, which is NOT what happened in the case of DeCSS or bnetd.

Re:Well whoopdie do

>said directly to me something like it's your
>fault for not including a license

This guy got the copyright laws the wrong way around. You do not have to give/show him any license at all. If you do not give him a license, then he does not have any right at all to use your software.

His excuse for hacking your software (no license) is really a confession about breaking copyright laws, since a license from the copyright holder is the only thing that could give him any right to use the software in any way.

The reason most software companies have you agree to some 'shrinkwrap license' agreement, is usually because they want to limit your rights further than the copyright laws already does. Also it makes it harder to plead ignorance in a court of law.

AFAIK this laws are quite similar in US, Europe and most of the world due to some internatinal conventions.

BTW: The GPL license is based on this legal presumption.

Re:Of course! It's their $$

[magicslax]

1)Create client for swaping music
2)?
3)Profit!!!

The irony is sweet

[Slash+Veteran]

P2P networks complaining that their software has been ripped off, and that pirates -- ermm, users -- aren't treating their intellectual property fairly. Har.

Re:The irony is sweet

I think it's more ironic that you're posting during this so-called blackout with that link in your sig.

Re:The irony is sweet

[Arandir]

Join the Great Slashdot Blackout [slashdot.org] April 21-27

Ummm, how can you reconcile that sig with your post dated 07:22 PM April 25th, 2002? I'm beginning to suspect that none of the MCAA bashers are going to boycott TAOTC either.

Re:The irony is sweet

I too support the blackout, but I dont want to participate

but thats for a journal discussion

Re:The irony is sweet

[bhsx]

Speeking of irony, you know that it's April 25th right? You might wanna take a look at your .sig ;)

Re:The irony is sweet

[archen]

How are the rest of us slash dotters supposed to know unless people post on Slashdot to tell us?

A vicious cycle yes? =P

Re:The irony is sweet

[Decimal]

See my .sig

South Park episode

[Veramocor]

wasn't that a south park episode.

1)Steal towns underwear.
2)?
3)profit!!!

Re:South Park episode

[mqduck]

Please ignore the above troll/bastard. If only karma mattered for Anonymous Cowards, he'd get the negative karma he so right deserves.

Re:South Park episode

Yeah, that's right.

It ought to be :

(Score: -1; Ridiculing someone [probably American] unable to grasp irony )

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Look

Though I despise RMS, I am sure the Free Software Foundation would like to have a few words with you.

trading spyware free p2p programs .

[Last+Warrior]

good for them.
Im sure the manufacturers of these p2p softwares that prefer to spy on thier customers or make it a mandatory defect in thier product will surely lash back with the same force that the media companies have done over sharing of thier content.

I may be in the minority, but regardless of the security and method for providing spyware and adware programs, but i will always opt out of any program that includes any such feature.

There will always be an option that does not require a user to install spyware.. as long as there are watchdog groups to keep us informed of these little unhyped "features".

LW

Re:trading spyware free p2p programs .

[Billkr]

The problem is that many of the software packages do not allow you to opt out of their spyware. They simply install it and may mention it in their EULA. Go download Kazaa and see if you have any option to opt out of their spyware. Unfortunately there is no such option.

Re:trading spyware free p2p programs .

[Hamshrew]

I think he was saying that as long as programs include spyware, someone else will be there to release a castrated version.

There's a difference

[AgentStarks]

between ad-ware and spyware.... especially since the spyware in RadLight uninstalls Ad-Aware. Sure there's something saything that it will disable Ad-aware buried somewhere in the EULA, but we all know how long and complicated those things are.

Personally..

[JippyNickers]

It wouldn't be too hard to build a trojan into one of these..... however this still might be the lesser of two evils.

Yeah.. I'd rather have a message come up on my screen once a month saying "You have been Own3D!!" then have any god damn popup ads over and over and....

=-Jippy

Re:Personally..

[Meowharishi]

If it bothers you so much then why do you use the software? I personally hate popups and spyware so guess what I do? This may shock you: I SEEK OUT ALTERNATIVES!!

egads the humanity!!

Re:Personally..

[JippyNickers]

What.. You mean alternatives for the Internet?

Fool.

=-Jippy

Re:Personally..

No, alternatives to your mom's cooch.

Re:Personally..

[Meowharishi]

No, troll, I mean the fact that I enjoy a whole slew of Internet apps that fill every conceivable desire I have right now and not a one of them pops up ads or spies on me.

No one is putting a gun to anyone's head and forcing them to use Kazaa. Show some individuality, for God's sake!

Re:Personally..

[JippyNickers]

I mean the fact that I enjoy a whole slew of Internet apps that fill every conceivable desire I have right now and not a one of them pops up ads or spies on me.

Well, I award thee a cookie.

Jeesh. What I said was popup ads are annoying. If you say you have somehow found some strange new "ad-free Internet" (without using AdAware that causes every page to crash), then I award you two cookies. Truly, I am not worthy.

=-Jippy

Re:Personally..

[Meowharishi]

If you say you have somehow found some strange new "ad-free Internet" (without using AdAware that causes every page to crash), then I award you two cookies. Truly, I am not worthy.

Sites have a right to pursue revenue. The sites that are the worst abusers of pop-ups and pop-downs are generally pron and warez sites, anyhow. For the mainstream sites -- well, if such-and-such.com annoys you with their advertising model, there are dozens and dozens of alternative competitor sites that you can choose from. I'm sure that amongst those somewhere you will find the content you desire without the ads that you don't.

Pop-Up Blocker is a great piece of software that you can turn on and off pretty quickly if you happen to be trying to find some good porn (or warez).

How about a version that uploads unreliable data?

What would happen if someone were to release a version that created bogus and unreliable information making their data collection unreliable and worthless? The data would have to be indestiguashable from real data or at lease hard to distiguish and yet provide enough noise to make the current collection of data unreliable.

Certainly an interesting concept.

Fair use?

[grahamsz]

These companies are trying to advocate that it is fair use to take something you paid for, rip it into another format (removing some of the superflous data), and trade it on their networks... [personally i agree with that]

Yet it is wrong to take something you paid for (remember they provide it FREE - they dont provide it in exchange for spying on you and stealing your cpu cycles - they say FREE), rip it into another format (removing some of the superflous data), and trade it on their networks.

Get real, this is going to cause more damage to their legal cases than anything else.

Re:Look

[ipsuid]

Of course you mean free software, as in beer, not Free Software, as in speech. I wouldn't really be interested in these programs until I can download, modify, and compile the source myself. In the end, your privacy is only limited by your ability and the ability of those you trust. This spyware debacle is yet another reason to promote the issues tackled by the Free Software movement. Even if you aren't a software programmer, having the source available allows for public review, and tons of intelligent information on which to make a value based judgement. Spyware, or even cleaned spyware with a closed source does not allow this.

Ar the "Lite" programs actually ad-free?

I was wondering if thes Kazaa-Lite/Morpheus-Lite etc. programs were truly ad free and bundle free? I would like to know the truth from other people besides the maker of the software.

Re:Ar the "Lite" programs actually ad-free?

[generic-man]

I installed Kazaa Lite recently, having never installed a file sharing program since I got my new hard drive. Although most of the ads have been removed, and I don't see any suspicious processes in the background, Kazaa will randomly pop up a web page on its own. Fortunately, I have Pop-Up Stopper, so the pop-up is closed immediately. :)

So it's not 100% ad-free, but all of the really egregious spyware stuff appears to be gone.

Re:Ar the "Lite" programs actually ad-free?

[duren686]

Really? I haven't had any random pop-ups from Kazaa lite. I've also found that it is faster and connects better than the manually-castrated Grokster that I had before.

Re:Ar the "Lite" programs actually ad-free?

The popups are from the Kazaa main app,
the spyware has been removed, not the
"Start" page. The popups come from the
desktop.kazaa.com website. Edit your
hosts file to point it somewhere else.

I have read that it looks for an "index.php"

Hope this helps!

-T

Integrate

[hackwrench]

Now if only someone would write an integrated client that works across all the p2p networks.

Re:Integrate

[MagPulse]

Kazaa and the old (good) Morpheus both use the FastTrack network, while most other clients use the Gnutella network. Judging by the popularity of FastTrack clients, it isn't worth the effort to write a client that can access both networks. If a serious competitor to FastTrack emerges, then maybe.

Re:Integrate

[badasscat]

"Now if only someone would write an integrated client that works across all the p2p networks."

Where are those Trillian guys when you need 'em?

Re:Integrate

[Istealmymusic]

Good luck. FT encrypts all tranmissions except for peer-to-peer downloads. Dr. Damn, as revealed in the interview on Zeropaid, did not change any code. He simply used ResHack to remove spurious dialog elements, and wrote a nifty installer that installs a safe cd_clint. Not to downplay Dr. Damn's software, but it's not feastible to integrate other networks with FT without creating a separate program, and that requires knowledge of the FT protocol.

Ironically, the RIAA itself leaked an internal memo which contains information that could help in cloning FT. Again, the RIAA's internal memo on FastTrack is an excellent read. Perhaps, with the help of the RIAA, we can create our open FastTrack client.

Spyware outside the states, legal?

Those of you in the states might not realize it, but in some other countries (include my country, Namibia), spyware in general is considered illegal. Brings up an interesting question for using Kazaa in this country, distributing the spyware version is illegal, but modifying copyrighted code is likewise illegal... a rock and a hard place?

Some helpful legislation regarding the matter passed down from Windhoek:

"... futhermore that it is unlawful to include features in software which circumvent the users privacy without express permission from the user, methods of automatically obtaining permission (such as the inclusion of excessive end user license agreements [EULA]) are also unlawful unless done so in such a manner as to cause hot grits to be poured onto a naked and petrified natalie portman."

Re:Spyware outside the states, legal?

I heard there was a similar law in some other sub-saharan countries when I was doing work overseas as a lawyer, I wonder how such legislation works in practice. It doesn't seem like something that would fly in the USA but you never know.

Re:Spyware outside the states, legal?

[Renraku]

Well, if spyware is illegal in your country, don't use Kazaa. Simple as that. Porn is probably illegal in some countries, so should that nation sue and sue and sue because its citizens can have access to unregulated porn online? No. What you do with programs/information/porn is your own choice.

Re:Spyware outside the states, legal?

But what if he has a legit use of a program like Kazaa? File sharing is something that everyone can benefit from in one way or another. I think the point he is trying to make is that there are two illegal options he has here, but which is more wrong? Violating copyright laws on an already illegal program, or distributing a program that is illegal to begin with?

Furthermore does the program have the same copyright laws protecting it if it is illegal software?

Re:Spyware outside the states, legal?

[Eagle5596]

I think he's brought up a valid point, who has more rights here, users or companies distributing software?

As a user I have a right to my personal privacy, and a right not to have my information distributed without my knowledge. Yes they may say it's spyware in the EULA, but I rarely read those for "small" programs (read not an OS or major application). Do I have a right to modify code which violates my personal rights? Or does the company producing the software have a right to their intellecutal property remaining intact to give them a revenue stream?

Unfortunatly I'm not a lawyer and can't begin to answer these questions, but I think they are important ones we as a society need to consider.

Re: Popup ads == Evil

[smartipants]

Those popup ads are the most annoying feature thats has ever been added to a web-browser.

I just tried out this new tool called Stumbleupon which lets you websurf with a single click, and after only about 20 stumbles I had 10 popads on my screen.

Curse the person at netscape who thought pop-ups would be a great new feature to add...

Why didn't RIAA think of that?

[geophile]

I think it's very funny that it took another hacker to figure out that kazaa etc. could be disabled in this way. If the RIAA had any brains at all, they would have figured this out and ... uhh ... wait a minute, maybe Yuri == RIAA?

Re:Why didn't RIAA think of that?

[SageLikeFool]

If anything organizations like the RIAA would want to add "features" that control the way content is used and distributed, not remove and allow more of this piracy that leaves artists everywhere cold, hungry, and alone to fend for themselves in the cruel, cruel world that we live in. KAZAA and the RIAA are similer in the fact that they both want to control the means by which we consumers interact with the things we aquire, legal or otherwise. Essentially, they change the packaging (and sometimes even the content) of the entertainment which consumers are likely to seek out. They are at best a method of funding, advertising, and distribution for the content creators. At worst they are little more then middle men charging tolls to consumers and possibly hindering some or many of the content creators themselves.

Re:Why didn't RIAA think of that?

[gnovos]

If the RIAA had any brains at all, they would have figured this out and ... uhh ... wait a minute, maybe Yuri == RIAA?

No Yuri!=RIAA... Come on guy, you answered you own question right there when you put "RIAA" and "had any brains at all" in the same sentence.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re: tech people work for free

[mozkill]

isn't it obvious that the days of tech workers getting paid are over? we work for free now... because there is too many of us. competition is fierce...

Re Hacked Spyware

[Archangel+Michael]

Why doesn't someone come up with a hack that fills the Spyware home Database with useless information? I mean the data fields that phone home should be easy to fill with meaningless information but seamingly valid data?

This would render any information gained worthless until scrubbed of the offending dirty data. And the scrubbing of dirty data would leave dirt, and/or scrub valid data.

Another option would be to Flood the home servers with pure junk traffic. Or maybe even both?

How about sending home a destructive payload? It should be easy to hack the data fields of the database so that it ends up running the DB server into the ground.

Any other ideas?

Re:Re Hacked Spyware

I'm all for it.. Where do I sign up?

Re:Re Hacked Spyware

a) They (he) don't have offices. You have to determine the location of his trailer from the post office records.
b) He doesn't have female secretaries. Or any employees whatsoever.

Re:Re Hacked Spyware

hmm...
you give Score:5, Interesting
to something that is nothing more than an attempt at organizing a DoS attack. I'm glad we support these kinds of things now.

Methinks the site should really be named SlashDoS.

Re:Re Hacked Spyware

[Vladimir+Pizdenko]

> How about sending home a destructive payload? It should be easy to hack the data fields of the database so that it ends up running the DB server into the ground. Any other ideas?

I have other ideas: Why not you just stop useing it if you not like it? Why you think it is good to D.O.S. theyre server bacouse you not like it? They make network and you not like it: you don't must use it but you want use it, and you say this network is bad so you will break it now? Why you think it is good to brake theyre network? Why you think this brakeing is better then not using something you not like? I am sory but I think it is doing like a litle baby.

Re:Re Hacked Spyware

[Annamite]

Many of us have done this in one form or another for a long time now. Come on, who would deligently type in your _real_ information to registration forms out there?

Even when forced for valid email for verification, we provide them with a spared junk email account. What? You haven't done so already?

And yes, the more destructive thing to do to these ad-dependent, info-tracking services is the method you mentioned. But who else would provide free services any more if everyone 'd do this. You know too well when you use/leech the services that you have to offer them something in return right? Nothing? Darn, you must be naively stupid.

In a way, the smarter people or more informed people will not open up their wallet and give out their credit cards numbers, SSN, home addy, home phone numbers to everyone that walks by. However, some others will do. I guess it is a way of life. Some will take advantage of the free services more than others.

Annamite

Re: Popup ads == Evil

[geoffsmith]

Get mozilla. It has popup filtering built in. Trust me, it is a *godsend*

Self-interest

[Faust7]

Whilst it's likely the author had your best interests at heart there's some chance he didn't.

Some chance, but in my opinion very very little. Even virus writers and whatnot love P2P networks. Users are what allow these networks to exist, ergo, it doesn't make sense to attack them. I doubt someone would be willing to sacrifice access to music and warez just to see some trojan or virus succeed. And I don't think this is naive; after all, the networks haven't self-destructed thus far.

Re:Self-interest

[amokk]

I have to disagree with this comment.
It's nice to assume that everybody is good-spirited and well meaning, but as we all know, that is not the case.

Is the average "white/gray hat" hacker going to release a bastard of a program on P2P networks? Probably not.

The problem is that a lot of people, (collectively referred to as "script kiddies") don't even think about the consequences of their actions. When they are spread an infected copy of a popular program, they are doing it so that they can say to their friends "d00ds, look what I just did" and won't take the time to consider the morallity or ethics of their actions.

No, the networks aren't likely to come crashing down and self-destruct, but at some point, people are at least going to be wary of downloading binaries off of P2P networks.

Re:Self-interest

I'm not so sure it's that simple. How often do people--who are obviously filesharers themselves--schemingly rename .mpg or .avi files thereby diluting the ability to quickly get the file a person is looking for? (e.g. Panic Room turns out to be Orange County--of course I'm assuming here as I've never, ever, ever exchanged any copyighted material in my life, I promise.)

It would be pretty easy to imagine these ya-yas thinking it would be really clever to rename KaZaA KaZaAlite without taking out any of the spyware.

Buyer beware!!
Er...

Re:Self-interest

[snol]

What you say makes sense, I just have never seen it happen. As a Windows user I used to run lots of cracked shareware, update the shareware, update the crack, repeat, toss in a nice gutted Photoshop 5 with some leet group's ifo file in it... never once got a virus (all those cpu cycles wasted running Norton!) I would think that running random cracks and keygens all the time would be a pretty good way to get a virus but I never heard of it happening to anyone.

Re:Self-interest

[10am-bedtime]

self-interest for a virus writer might include using p2p technologies for transport, etc. success for a virus writer may have complicated roots.

thi

Re:Self-interest

And that's why IRC networks aren't attacked on a regular basis- everybody loves P2P networks and it doesn't make sense to attack them.

Oh, wait.

Re:Self-interest

[plumby]

I'm surprised it hasn't happened yet (or maybe it has and I haven't heard about it), but surely it won't be long before the RIAA and other anti-piracy groups get someone to start putting this sort of app onto P2P networks.

Re:Self-interest

The reason for this is that it's in the interest of the crackers to deliver clean warez, or else their status will drop into a bucket in the community.

If you are on the gnutella network, there's quite alot of hacked clients that are trying to spread viruses and porn-links to any search. This problem will grow since there's always someone who think it's l33t to screw around with others.

Re:Self-interest

[hazyshadeofwinter]

I don't know of any viruses that attack p2p networks *directly*, but try this experiment:

1. Fire up a gnutella client, or whatever yer p2p of choice is.
2. Search for ".vbs"
3. Count the files named "Britney Spears NAKED SEXY XXX.jpg.vbs" or similar. Gee, what's that do? It's only 24k, let's snag it!

Re:Self-interest

[thomas.galvin]

My brother caught a virus from a warzed copy of Norton from Kazaa. I thought it was the funniest thing I had seen in ages.

Re:Self-interest

[Heck+Tate]

Virus writers use email as well, but that doesn't stop them from writing email viruses. Script kiddies use IRC, then proceed to DoS the crap out of it. While it is logical to not attack the very service you are using, that never seems to occur the those that do.

Hexedited software

[k_d3]

As for myself, I agree with spyware-cleaned software. We could all do without "Big Brother" watching our every keystroke. However, I'm just slightly concerned about some user we've never heard of distributing software, doing who-knows-what to it, as it could just be opening another door to trojans. I mean, come on, which would you prefer -- spyware or a posibly backdoored/trojanized version of a program? I'd stick with the spyware.

Re:Hexedited software

[AngryAndDrunk]

I understand your paranoia, but let me ask you this: how do you know that the spyware itself isn't backdoored and/or trojaned to high heaven?

Just because it's being created by a "reputable" company (after all, all companies are 100% trustworthy, right?), and not some backroom hacker, doesn't make it guaranteed to be 100% on the level. After all, they kept pretty quiet about it being there at all, who's to say they're beinghonest about what it does?

Brand-name damaged

[kindbud]

"They're essentially hackers and rippers," Hemming said. "Basically our brand name is being damaged quite significantly by these activities."

Yeah I can understand that. After all, consumers have associated the Kazaa brand with intrusive spy software. Removing the spyware does great harm the Kazaa brand, which everyone knows and expects to be full of it.

Re:Brand-name damaged

[djmurdoch]

After all, consumers have associated the Kazaa brand (TM) with intrusive spy software. Removing the spyware does great harm the Kazaa brand, which everyone knows and expects to be full of it.

You seem to think that the customers are the users. Wrong. It's the same funding model as broadcast TV: the customers are the advertisers. The users are the product.

Having a significant proportion of Kazaa users avoiding the ads damages its reputation with their customers, who can no longer trust their traffic reports as being surrogates for eyeball counts.

Re:Brand-name damaged

[OzJimbob]

Wow. That's the most interesting /. comment I've read in months. (no I'm not being sarcastic). I've never thought about advertising-based media being structured like that, but it's very true isn't it?

Re:Brand-name damaged

[thewheeze]

He didn't say customer, he said consumer. The end user is the consumer. We are being damaged by Kazaa's activities.

Re:Be VERY wary - Who do you trust more?

[Glorat]

That's hitting the nail on the head. Who do you trust more? Do you trust the original authors who hid the spyware in your program but are possibly giving some legal notice in the EULA (bleh), so they aren't completely rogue, but are ripping you off? Or do you trust the rogue programmer who claims to have fixed the spyware but maybe has slipped his own trojan in instead?

In the case of Kazaa Lite, I trust the rogue coder but I won't have that attitude on patched software for long. I think I would rather wait for my Slashdot peers to "beta test" these patched versions and find out if their computers die, before I even consider downloading patched up pirate software

EULA's enforcement

I'm glad someone has realized EULA's are not a good method of obtaining permission. IMHO it seems that one should have to obtain written permission to get personsal information like that. I wonder what kind of backlash we will see from companies due to their neutered programs? Possibly like the Napster version?

Re: tech people work for free

[Lemmy+Caution]

This is actually what happens in some industries: publishing, film and the like. That especially in the lower levels, people are willing to work for free or close to it, so that it becomes impossible to make a living in it. (How do they do it? More often than not, the ranks of publishing houses and indie film studios are filled with trust-fund kids and rich kids whose folks are willing and able to underwrite the first few years of their careers. The publishing industry in particular is ripe with rich girls who are keeping busy until they get married.)

Comment removed

[account_deleted]

Comment removed based on user account deletion

I don't blame them..

[NickRob]

If somebody took out my soruce of income I'd be pissed... However... it's kind of a moral empass. Spyware isn't moral, but neither is sabotaging somebody else's code. If it was taken to court I would believe that the Manufacturer would win... EVEN if it is a filesharing ap. However, it won't go to court due to the deception and other revelations that will come to court.

For on of the few times, the consumer's win. They get it all.

Re:I don't blame them..

So, no new music (as all the artists go bust) or updates to *WELL DESIGNED* apps (unlike the FREE versions) is a win!?

Re:I don't blame them..

If somebody took out my soruce of income I'd be pissed... However... it's kind of a moral empass. Spyware isn't moral, but neither is sabotaging somebody else's code.

Way too simple -- I won't sabotage their fucking code if they keep it to hell off muy system. And, no, I won't read a hugeass EULA for every chickenshit little thing I use. It's getting to there the EULAs take up more HD room than the damned bloatware.

An embarrassment to open source / free software

This opportunity for the RIAA to make
predictable remarks would not exist if
there were a good open source file
trading network. (Not gnutella, which
hardly even functions).

File trading networks seem perfect for
distributing i.e. linux ISOs, taking the
load off organizations like Debian that
don't have the money and don't deserve
to have to pay for a lot of bandwidth.

Re:An embarrassment to open source / free software

[Rick+the+Red]

File trading networks seem perfect for distributing i.e. linux ISOs, taking the load off organizations like Debian that don't have the money and don't deserve to have to pay for a lot of bandwidth.

Interesting idea. IANAL, so anyone care to offer opinions on whether stating "The source is available on Kazaa/Grokster/gnutella" would meet the obligations of the GPL?

Re:An embarrassment to open source / free software

[prizog]

Hi, I work for the Free Software Foundation on copyright and licensing issues. "The source is available on Kazaa/Grokster/gnutella" would not meet the obligations of the GPL.

Re:An embarrassment to open source / free software

[mlk]

I have to ask, but why not?
If I set up a box which always shared the source would it? (as then it's no diff than a web server, but the dl would be mirrored).

Re:An embarrassment to open source / free software

Disclaimer that IANAL nor do I work for the FSF, but I have read the GPL at least. :P

Anyway, I would suggest that source being available via file-sharing networks would meet the requirement ONLY if that's basically where you got the binaries too...

However, there is an availability issue. If the distribution methods can result in the binaries being available while the source is not, there is a problem. Simplest solution would probably be to bundle the source and binaries together...

Of course, I only bother with the source myself, ever since I found this wonderful book. ;)

I'd like to see source code shared on such a basis. I wonder if anyone has a good idea for a decentralized version of something like cvs. :P

Re:An embarrassment to open source / free software

[mikeee]

Yeah, this would be really cool for Debian, I think. Hook some P2P goodness into apt-get, and serve out debs you have cached in return. Yummy.

Re:An embarrassment to open source / free software

[prizog]

Disclaimer: I don't use Kazaa.

You have to make the source available from wherever the binaries are available from. So, if you provide the binaries from your box, and you provide the source from your box, then you would be OK, provided that the package containing the binaries mentioned that the source was available from there, and that it was easily possible to find the source. Does Kazaa have "addresses" like URLs? If not, how will the downloader find the source code?

Re:An embarrassment to open source / free software

[DavidTC]

While it wouldn't meet the requirements alone, it would certainly be okay to suggest they look elsewhere for the source first, then come to your site.

All this is pretty silly, anyway, as almost all GPL apps are distributed as source, or are simply compiled source from other people. The first obviously doesn't need source, and the second doesn't either if you've just compiled someone else's source and not modified it, you can just hand them your written offer for the source and tell them to get it from those guys.

While it's certainly possible to write GPL software yourself and originally give out only the binaries and an offer of source, I've never seen anyone do it.

Re:An embarrassment to open source / free software

[mlk]

This does lead to intresting problems w/ the source.
GPG would be used much more than it is now ;)

Re:An embarrassment to open source / free software

[Vladimir+Pizdenko]

Yes. You can read the GPL in www.GNU.org, first read this and you will see youre self.

You can't control 1's and 0's

bag over here cat WAY over here!

Re:Be VERY wary (how to roll your own kazaalite)

[shird]

In the case of Kazaa, its actually quite easy to make your own 'lite' version, there are plenty of sites with instructions on how to do this. Taken from a post to usenet:

/* Install KaZaa 1.6 */

1) Install the new KaZaa, then close the application when all finished.

/* Begin Brilliant Digital Uninstall */

2) In Control Panel, click Add/Remove Programs and find "b3d Projector".
Uninstall this application (make sure all browsers are closed or it won't
work)

3) Find a folder called "b3duninstall" located usually directly in your
Windows folder. Delete this folder.

4) Locate the following files:

> bdedownloader.dll
> bdedata2.dll
> bdefdi.dll
> bdeinsta2.dll
> bdeinstall.exe
> bdesecureinstall.cab
> bdesecureinstall.exe
> bdeverify.exe
> bdeverify.dll

They are usually located in your Windows/System, Windows/System32 folder.
Rename each file adding a ".bak" to the end. (or Delete them if you don't
care about backing them up)

-->Note to Borland users: Borland software creates files that start with
"BDE" as well, so be careful.

/* Brilliant Digital Uninstall done, proceed to Cydoor crippling */

5) Download the dummy cd_clint.dll package at
http://www.cexx.org/cd_clint.zip

6) Go to your Windows/System32 folder. Find "CD_Clint.dll" and rename it to
"CD_Clint.dll.bak"

7) Extract the "CD_Clint.dll" file from the package you got in step 5 into
the Windows/System32 folder (thus replacing the old CD_Clint you backed up
in step 6).

/* Cydoor crippled. */

Re:ummm yeah

[miguelitof]

"They're essentially hackers and rippers," Hemming said. "Basically our brand name is being damaged quite significantly by these activities."

Apparently the whole Brilliant fiasco didn't damange their brand name. Nor did getting delisted by Download.com. Nor did being accused of being unethical by most of the major tech news sources in the United States.

The Kazaa brand name apparently came out unscathed by all of this, but just may be damaged by people using Kazaa Lite. Apparently, having a better user experience is going to lessen Kazaa's value in people's minds.

I am sure I am missing something here, but I just don't know what.

Re: Popup ads == Evil

[Jinky]

Mozilla's works good, but Opera's had that for a long time too. Prefer using it most of the time :)

now they know how the media companies feel

[jark]

sure is funny how the p2p application owners are whining about protecting their IP and copyright when their software is used, primarily, for the sharing of the same type of material.

now they know exactly how the MPAA and RIAA feel.

ISP blocked? Use the network!

[MavEtJu]

But as the hacked software movement grows, it is being forced more deeply underground. Already Dr. Damn's ISP has told him it will no longer host his files. He's looking for another provider.

He could put it on the P2P network :-)

But then, who can tell if the source is trusted? If I do a search and would receive a reply with "Hello Friend, Use This To Strip The Adware Of Your Client", I wouldn't download it in a million years.

But then, why keep all these attachment-viri floating around?

Edwin

Re:ISP blocked? Use the network!

md5sum ?
no wait.. under windows ? bwahahaha :DDD

to troll or not to troll

Hello kind sirs, and madams. I am a karma whore. I have karma of 50 and it has been at 50 since they enlisted the karma cap. I have been posting on slashdot for years, most of my comments are moderated up, or left as-is, in fact, I don't think I've ever been moderated down. Here is my question, should I throw this all away and troll on my account?

P.S. Posting about my moderation success, has reminded me of an old slashdot user who always karma whored, and everyoned hated him for it, then he became a troll and went to K5 instead, anyone remember who he was?

Re:to troll or not to troll

As I recall, Signal 11 used to start long tedious flamewars about moderation, in which he would participate, fussing bitterly about the long-suffering Taco's abuse of him. I almost missed the little jerk when he left (but the target practice paid off).

The fun thing about trolling is letting others do the work for you; hundreds of followup, offtopic posts count for little if they are all by the original, trolling, poster.

Re:to troll or not to troll

By the way, we do need some good trolls. Without them, there would be too little expression of the real diversity of opinion here. The idiots wouldn't get an opportunity to expose themselves either, other than by goatse.cx links.

Common trolls, on the other hand, are far too common.

Re:to troll or not to troll

Yes some GOOD trolls would be nice.

GoatSexTrolls should all be shot.
As with alll the "I have no imagenation"-trolls (yes, goatsex trolls get shot twice).

file sharing companies problem solved

[deft]

its not cool or legal, but if these companies somehow got versions of kazaa lite out there with trojans that did minorly scary things like change your background to a skull and crossbones with the moniker "shouldn't download random software from file sharing programs...buahahaha", i think the masses would start seeing the value in corporate distributed setup files, and not think the spyware was so bad.

on another note, i wonder what it will be like when all these services go to crap because noone will let them have a revenue stream.

Viva

Viva La Revolution!
I love this stuff. Screw those companys, they where tring to screw the user in the first place. I look forward to Windows without the spyware, maybe word without the talking safety pin, Mensa without the ego! I say we backwards de-compile everything from cars to movies to the whitehouse.

my file-sharing flamebait for the day...

[tempest303]

NEWS FLASH:

UpEvil.net reporters have just discovered a completely foolproof method for getting around adware and spyware in file/music sharing programs! Even better than the method described in this /. story, the UpEvil crew has unearthed the following three AMAZING new ways of fighting ALL current (ad || spy)ware!

Step 1: Uninstall all current file sharing progams on your PC

Step 2: When finished, simply start accquiring your music/movies through ethical and legal methods, like Emusic.com, or through an secret, ancient technique from the Far East called "Bu Yingt Hecd" (note from UpEvil medical staff: if you experience discomfort at the thought of supporting the corporate system through the given methods, we have found the best way to alleviate this pain is to cease the purchase/accquiring of corporate-produced music altogether)

(optional) Step 3: As an added bonus, install a Free operating system and avoid having to pay for Monopolyware too!

This has been your daily UpEvil "Kazaa-whores-are-a-bunch-of-cheap-whiny-fucks" post of the day. Thank you, and good night.

Re:my file-sharing flamebait for the day...

That doesn't usually uninstall the spyware.

Re:my file-sharing flamebait for the day...

[mlk]

Unless you use VMWare for step #3, it will :)

Re:my file-sharing flamebait for the day...

[Istealmymusic]

Has anyone here actually used eMusic? I hear about it every day, but am hesistant to sign up for the steep price. Any reviews or independent testimonies would be highly appreciated.

Re:my file-sharing flamebait for the day...

your sig is retarded, and if you support taking money from an artists already meager income, then i hope you get thrown in a jail cell with a big, strong, smelly man who thinks you're reeeeeeeeeeeal cute.

Re:my file-sharing flamebait for the day...

only on slashdot would somebody be so fucking cheap that they refer to $9.99/mo for unlimited downloads, and a surprising amount of decent music, as a 'steep price'.

Re:my file-sharing flamebait for the day...

[tempest303]

MOD PARENT UP!

I think I just pooped my pants laughing. I couldn't have said it better myself, man :)

Re:my file-sharing flamebait for the day...

[arkanes]

You ain't gonna like it if you're into mainstream music. But they have alot of obsucre stuff there, and you can get some more mainstream stuff in various compilation albums they have. If nothing else, get the 100 free downloads and check them out.

Re:my file-sharing flamebait for the day...

The problem with your little assumption is that you are assuming that people use P2P software in place of buying music and so forth. While many do, I don't think its the majority. I would not have purchased any music in the last year if it were not for P2P networks. I don't listen to the radio because its just not worth listening to hours of crap to hear one good song. That means my only exposure to new music are suggestions from people. I am not going to buy some music just because someone suggested it (not with CDs costing easily $15 and often more) I want to hear it first. Thus I go download a couple songs from a band, and if I like it I go buy the cd. If I don't I just delete the music. Now the real question is do people like me who buy more music because of P2P networks ofset the people who buy less. I think so.

Re:ummm yeah

Yeah, releasing a version of their software that doesn't crash, doesn't have annoying blinking ads, doesn't modify web pages you visit, doesn't send all your personal information back to them, is damaging their brand name.. I used to use kazaa, then they started adding spyware, I, and almostHotGritsHotGritsHotGrits everyone I know stopped using it at that point, I think the spyware is what is damaging to their brand name. Now that there is kazaa lite, I useHotGritsHotGritsHotGrits kazaa again. I definatly have to agree with you, how does it damage a companies image to have your software made usable, maybe they should pay these people... sheesh!

Obligatory Opera v. Mozilla comment

[Dave_bsr]

Mozilla is _free_. Opera is free with ads. hmmm. ads? what?

Re:Obligatory Opera v. Mozilla comment

Mozilla is only free if you've got enough RAM and processor to run the bloody thing at a usable speed.

Re:Obligatory Opera v. Mozilla comment

233MHz, 144 MB is enough for me to run mozilla, emacs and a couple of inferior processes (usually R and latex).

Re:Obligatory Opera v. Mozilla comment

Opera is poo.

Re:Obligatory Opera v. Mozilla comment

[Moonshadow]

Get the Proxomitron (search for it) and you can filter popups, flash, and just dern near anything you want on any browser.

Re:Obligatory Opera v. Mozilla comment

233MHz, 144 MB is enough for me to run mozilla, emacs and a couple of inferior processes

Yeah, but 100MHz with 64M isn't!

Re:Obligatory Opera v. Mozilla comment

[HD+Webdev]

Free Ads =)

Actually, I like Opera so much that I bought 2 licenses for the same box (win32 and linux partitions) even though think it's really silly for me to have to pay $15 extra bucks for the extra license.

OTOH, Opera saved more $$$ in time not wasted that it had paid for itself several times over in the first week. Paying for software that makes my life much easier and frees up time for me to make even more cash isn't Evil at all ;)

Re:Obligatory Opera v. Mozilla comment

[Hoonis]

better use this and browse the "cached" site instead as it seems to be ./ed:
google on "site:www.flaaten.dk proxomitron"

Re:Obligatory Opera v. Mozilla comment

If you can't afford RAM or a better processor, how can you afford to buy anything that's being advertised to you by opera?

Re:Obligatory Opera v. Mozilla comment

Or Privoxy. It's the new name for Junkbuster - or the version that was developed on sourceforge, at least.

KaZaA

[Doug+Neal]

Maybe a little off topic but I thought it worth mentioning.

When I set Kazaa up I shared several directories in "my documents", but not the "my documents" directory itself as there is personal stuff in there. I was very careful about this. So then I queue up a load of files and leave it to do its thing. When I check back on it a few hours later I notice that two people had downloaded my CV, or resume for you Americans ;) -- which was in "my documents" - an unshared directory! This pissed me right off as the document had both my postal address and mobile phone number in it.

I no longer trust the Kazaa client further than I could spit it, so I created another user account with heavy restrictions and carefully set file permissions on the directories i wanted to share and those I wanted to hide. I run the Kazaa client under this user account all the time now and have no longer had any problems. But I think this is worth doing these days with all the spyware that's floating around. Just make sure it can't access any more data than it needs to. I'm thinking of extending the Kazaa account to be a general "untrusted software" account. Like the security zones in IE. Hey, now there's an idea for the next version of windows... Bill, you listening? ;)

Re:KaZaA

[NoMoreNicksLeft]

I don't think that you should forever distrust those that insist on reinventing the wheel, after all, everyone does this to learn, at one time or another.

That said, why in the hell would anyone ever share files this way? Unix and its relatives have devised any number of ways to share files, complete with a multi-user/security foundation that despite its few flaws, is unparalleled.

Sure, they have a cool way to index files, but why not implement this as a seperate service? Oh, I forgot. Windows.

Nevermind.

Re:KaZaA

[Istealmymusic]

A few months ago I downloaded someone's resume and homework off FT (I don't remember the name but I'm sure it wasn't yours). There's a lot of interesting documents (as opposed to media) on kazaa, instantly available to anyone. FastTrack could become the next cheatmonkey/schoolsucks/allclasses if people would "accidently" do this more often.

By the way, try searching FT for "Tracy Mandeville" for documents. Apparently, she unintentionally shared her whole my documents collection. There's tons of homework questions, essays, and general school stuff there.

Re:KaZaA

[spood]

I got a sorority's internal address and phone book in this fashion (off the Gnutella network). Too bad I don't live in Tennessee...

i dunno man....

Kiss the frying pan! no it's hot. Kiss! the frying pan!....too late Frying pan kisses you!

Come to the troll side

To answer question 1: Yes you should throw it all away and troll. But do not post crap and get modded down to -2 before you know it. I suggest a long steady karma burning of not posting crap, but of pissing people off, trolling, and posting flamebait all ontopic. Along with karma whoring to keep your +2 bonus. There are too many good people in the world today and us trolls would be glad if you joined us.

To answer question 2: That troll was Signal 11. Right?

Re: tech people work for free

[trotzki]

sssht!
shut the fuck up! i am trying to score some chicks here. :-)

Signal 11!

damn, good memory, yes that is who I was talking about.

Brand names

[FattMattP]

This line was classic!

"They're essentially hackers and rippers," Hemming said. "Basically our brand name is being damaged quite significantly by these activities."

LOL! Your brand has already been shot to hell by your deceptive spyware bundling. Someone give this clueless "CEO" a cookie.

Re:Brand names

[Swix]

"Someone give this clueless "CEO" a cookie"

Well her friends at brillant gave us enough cookies I think Its only fair!

Here have one of my own home made, genuine arsinick.....errr......choclate chip cookie!

Its drop dead dilecous!

Re:Brand names

[sparkane]

Um.. he don't want one? um.. like he been handing them out to all his customers n shit? um.. u know?

Re: Popup ads == Evil

[willie_bobo]

I just tried stumbleupon as well. I tried it first in windows and did have a few popups, but not nearly as many as you mention. I signed up for mostly computer categories mind you, and for advertising/business pages I imagine the likelihood of having a popup on it would be greater.

Now I've switched to using Stumbleupon for mozilla and its much, much better. I've found lots of cool sites but haven't had a single popup... I suggest you switch as well.

Maybe I've just missed the url 5 times...

Where can I get these programs, maybe I just missed the comment listing the address because it got filtered out, but the news story and this story don't list how to get the programs them selves, or the webpage of the programs so we can read it.

Re:ummm yeah

[Breakfast+Pants]

You are missing something. "Apparently, having a better user experience is going to lessen Kazaa's value in people's minds." thats completely true. Kazaa's customers are NOT the users of its software, their customers are the people who pay them to include spyware in the product. If people are removing the spyware than Kazaa's image IS hurt, at least the image that the spyware people are seeing.

brand enhancement

[tonicBastard]

"They're essentially hackers and rippers," Hemming said. "Basically our brand name is being damaged quite significantly by these activities."

if anything, their brand is being enhanced. i for one would never use a piece of software i knew to be spyware...

Re:Of course! It's their $$

[peddrenth]

It's quite unfortunate that they use this as an example of "without the advertising revenue [from spyware], people can't create free software any more"

They're right that "without this spyware advertising revenue, commercial advertisers can't continue giving their commercial software away without charge", but it's quite insulting to see it compared to free software

Re:ummm yeah

[Zeinfeld]

They're essentially hackers and rippers," Hemming said. "Basically our brand name is being damaged quite significantly by these activities

Quite, but what is Kazza if it is not a network for rippers who want to get toons for free. The whole Kazaa business model is to help people take the property of the music industry for free. So just why do these guys get suprised when their not-so-honest customers decide to deprive them of their revenue stream as well? Like just why did they ever think there was a business to be had out of infringement-ware?

The legalistic approach is somewhat humorous, while they might have a case it would be interesting to see how they would intend to bring it. The problem is that it is rather difficult to bring a suit in a jurisdiction while you are simultaneously evading a suit in the same jurisdiction.

Another problem they may have is that there is a longstanding principle that the courts do not arbitrate disputes between criminals, nor do they get involved collecting gambling debts or resolving a host of other issues. The defense might well be able to argue that the courts should not intervene in this type of dispute as a matter of public policy. Kazaa is arguably a program to facilitate contributory infringement for which there are no (or marginal) legitimate purposes. So it is iniquitous for the US taxpayer to arbitrate a dispute in which Kazza is attempting to protect its illegitimate revenue stream.

If the RIAA had a clue they would be in there handing the court an amicus brief.

Re:How about a version that uploads unreliable dat

[Boronx]

Reposting parent which is modded -1:

What would happen if someone were to release a version that created bogus and unreliable information making their data collection unreliable and worthless?

The data would have to be indestiguashable from real data or at lease hard to distiguish and yet provide enough noise to make the current collection of data unreliable

Page jumping post!!

click here to jump!!!

Re:Be VERY wary (how to roll your own kazaalite)

[orkysoft]

Actually, this doesn't nullify the original poster's concern. Deleting files won't introduce a trojan, but what about this new, patched cd_clink.dll file?

Is it a patched version of the original?
Is it a new program that got compiled by the author? (If so, he should open the sourcecode so those concerned could compile their own.)
Or does it, as the original poster feared, contain other malicious code?

Just wait for the spyware companies to go under

[Ryu2]

Can't be all that difficult in this economic climate. As I understand it, they are parasites who use the distribution method of paying the file-swapping networks $ to carry their programs... well, where are the spyware companies getting the $ from -- is their ad revenue really enough to sustain them?!

I'm hoping not, and that therefore, they will soon wither and die, just another dot-com casulaty.

The delicious, unadulterated Irony of it all...

[NoMoreNicksLeft]

P2P companies complaining about their intellectual properties being infringed?!?!?

HAHAHAHAHA... LOL.

I'm still an atheist, but if God keeps things up like this, how will I have any choice but to believe?

Re:The delicious, unadulterated Irony of it all...

[10am-bedtime]

dude, it's easy to believe in the stupiditiy of people. takes no faith at all.

thi

Re:The delicious, unadulterated Irony of it all...

[acceleriter]

Yep. Has all the irony of shareware console emulators that whine about cracked versions propagating (e.g. iNES, Liberty) and CD copy programs whose authors trojan horse that dare infringe their "intellectual property" (e.g. CDRWin).

One would think that if one were intelligent enough to write a useful program, that one would understand that ROM downloaders and CD rippers probably aren't the best paying audience :).

Re:The delicious, unadulterated Irony of it all...

[NoMoreNicksLeft]

I agree with you absolutely. However, something this grand... it's like it was planned somehow, to make a point. I couldn't make up a funnier story, if I were some kind of comedic legend, and slaved over the taale for 20 years... it's literally a miracle of Irony. That capital "I" wasn't a typo, I meant that.

Re:Be VERY wary (how to roll your own kazaalite)

[LiENUS]

download the .zip
see cd_clint.c? compile that in borland as a dll, rather hard for malicious code to exist in a what 3kb .c file.

Re:Be VERY wary (how to roll your own kazaalite)

[shird]

I think the cd_clint.dll file may actually be in the \Progra~1\Kazaa\ directory, if it is, replace it as stated above. There are also a couple registry hacks to allow you to search for audio files with quality above 128kb, as well as allowing you to raise the limit for search results up to 400, above the usual limit of 100.

HKEY_CURRENT_USER\software\kazza
change the "LimitBitrate" to 0.

HKEY_CURRENT_USER\software\kazza\advanced
chang e "MaxSearchResult" to 190h

Re:ummm yeah

[MisterBlister]

"A better user experience" doesn't pay Kazaa's operational costs, does it?

In any case, I'd have to say I'm pretty much against people modifying Kazaa's program and redistributing it, legally this is no better than a GPL violation, even if it might be a bit cleaner ethically.

The solution to the spyware problem isn't to strip out the spyware, its to avoid these programs in the first place. Use a free alternative...If there isn't a free alternative, use a paid alternative, if there isn't a paid alternative, go without or live with the spyware.

You know

[jgerman]

... regardless of whether or not file sharing is WRONG. It's certainly illegal. Always has been regardless of whether the file is stored on a hard drive or tranferred to a cassette tape or cd. I'm not going to get into a huge debate about the subject, mainly because my opinion on the matter changes from day to day ;)

But I think that, for the most part, that no one will disagree that there are people using p2p networks for the wrong reasons. The spyware makers have absolutely NO RIGHT to complain. Here's a simple analogy: Guy meets girl with boyfriend, guy steals girl, girl cheats on him, he gets upset. I've got one thing to say to the people who write the spyware for kazaa, you want to swin with the sharks prepare to get bitten.

Re:You know

[poot_rootbeer]

... regardless of whether or not file sharing is WRONG. It's certainly illegal.

SURVEY SAYS..... BZZZZT!

Thanks for playing, have some rice.

The act of duplicating a file from one computer to another computer is not illegal, nor will it ever be.

Re:You know

[Planesdragon]

The act of duplicating a file from one computer to another computer is not illegal, nor will it ever be.

Allow me to qualify.

"The act of duplicating a copyrighted file without permission from one computer to another computer is illegal, and always has been, save only for fair use."

Fair use claims also have to be made in court, btw. :) Good luck.

(see http://www.copyright.gov/title17/ for more information. IANALBIPON/.)

Re:You know

[gnovos]

... regardless of whether or not file sharing is WRONG. It's certainly illegal.

So it's illegal to share the artwork I make with my friends?

Re:You know

Here's a simple analogy: Guy meets girl

ho,ho slow down egghead, can`t you use an analogy involving the tcp three-way-handshake or something this is /. ,remember ;-)

Re:You know

Guy meets girl with boyfriend, guy steals girl, girl cheats on him,

crap...

Re:You know

[jgerman]

Don't give me that bullshit, you knew I meant copyrighted file even if I did accidentally leave it out, so of course copying files you own the copyright to is not illegal.

Re:You know

[jgerman]

The act of duplicating a file from one computer to another computer is not illegal, nor will it ever be

Survey says back .... BZZZT!

Thanks for playing. It allready is when it's a copyrighted file, which even though I left out, you knew I meant, unless of course that you're collosally stupid. But I'm willing to give you the benefit of the doubt. Even if your attempt at proving me wrong failed miserably with you inability to construct a proper argument.

Re:You know

[cat_jesus]

... regardless of whether or not file sharing is WRONG. It's certainly illegal. Always has been regardless of whether the file is stored on a hard drive or tranferred to a cassette tape or cd.

You are wrong. It is perfectly legal for me to share all of my shakespeare, my copies of the federalist papers, MP3 files of music I create, Linux source code, Linux distro ISOs, etc..

Cat

Re:You know

You're an idiot. Don't blame someone else for your glaring error.

Re:You know

[bigmouth_strikes]

This may be the case in the US for copyright protected material, but certainly not everywhere else.

In Sweden for instance it been upheld in court that copying copyrighted material using P2P clients is legal, for personal use and in small amounts. Sharing, otoh, is illegal but not copying what someone else is sharing.

That's not a bad idea!

[Erris]

The original programs WERE trojans. Who knows what the hacked versions have. It's so much better to use software you can trust and we all know that the only sofware you can really trust is free software. People who are out to make a buck with restrictive licenses like:

Kazaa's agreement, for example, states: "Except as expressly permitted in this License, you agree not to reverse engineer, de-compile, disassemble, alter, duplicate, modify, rent, lease, loan, sublicense, make copies, create derivative works from, distribute or provide others with the KaZaA Media Desktop Software in whole or part or transmit the application over a network."

are NOT your friends.

Re:ummm yeah

[Nogami_Saeko]

By brand name, they mean "the name by which we are trying to find investors".

It's not hurting their "name" any, but it's putting a serious dent in their "profitability".

Good.

Re:Be VERY wary (how to roll your own kazaalite)

[SimplexO]

Actually, there's more. You should run Ad Aware after all of that to make sure you finished everything. WebHancer 3000 is one of those offending programs, I believe.

Grab both ad-aware and it's reference file updater to stay better protected. 'Better', because it always seems like something gets through, no matter how well you maintain your system.

You forgot the most useful steps of all.

[Erris]

1. get Debian CD. 2. boot result of step 1 3. follow directions and liberate XP, w2k, w9x encumbered machine. 4. enjoy a virus free, ad free computing environment.

Re:You forgot the most useful steps of all.

[WWWWolf]

Ahem, you forgot the most important part - the replacement for Kazaa. =)

(Also some additional assembly may also be required.)

Dr. Damn interview on Zeropaid

[Istealmymusic]

For those interested, there's an interview conducted by Zeropaid of Dr. Damn. In related news, Zeropaid recently added several interviews, including: Pablo from Blubster, John Marshall creator of Gnucleus (victim of Morpheus PE rip off), the Limewire Team, Team XoloX, and Travis Hill of MediaEnforcer. Interesting read, a while back Zeropaid also reported on Sharman Network's attitude towards Kazaa Lite, the spyware-free Kazaa by Yuri.

Nice! :-)

[orkysoft]

Well, if they provide source, and it compiles into a 3K binary, and the source isn't unnecessarily obfuscated, it's very unlikely there's a trojan inside! :-)

Re:Be VERY wary (how to roll your own kazaalite)

[1155]

gnucleus.org, why go through all that trouble when there is this free, open source client that Music City INC. STOLE SOURCE FROM FOR A MONTH WITHOUT SOURCING OUT THE SOURCE LIKE THEY WERE LEGALLY BINDED TO DO SO. This is what morpheus preview edition is based on, oh, and guess what, no ads.

It does work on gnutella and not fast trak like morpheus used to and kazaa still does, but hey, for not having to worry about ads and not having to configure the program other than installing, and supporting open source, this works out pretty well.

NEWS BREAK: SLASHDOT SUCKS ASS

[cheese_wallet]

Podunk, Idaho (Reuters) Slashdot readers around the world have taken notice to the tragic decline of the once entertaining and enlightening website, SLASHDOT.ORG.

"The fact of the matter is that I just don't feel up to the job anymore," CmdrTaco said, on condition of anonymity.

"I used to wake up in the morning and be realy excited about the days work. I'd hop out of bed and put on my leather bondage get-up, and prepare to render the day's submissions into submission. But I lost the leather mask, and the rest of the outfit just doesn't work without it.

"I have this old bull whip, and after every anti-microsoft submission that was accepted, I would yell 'Who's Yo Daddy!' while cracking the whip. Sometimes during these celebratory episodes I'd even run around with a broom between my legs, pretending it was a horse.

"But without the outfit and mask, the whip isn't as exciting, the broom is just a broom, and I just can't do it anymore. Now I just accept the first submission on the list now, and don't bother reading it."

Re:Be VERY wary - Who do you trust more?

[Cryogenes]

Actually this is easy to answer. Crackers are less likely to include malware in their products than commercial vendors.

Cracker groups release thousand of key generators and patches every month. MS wants you to believe that these are full of trojans and whatnot, but afaik there has never been a single reported case of a scene group deliberately releasing an infected crack.

All the shit that people are getting is coming from legal software, either as spyware or through outlook.

Kazaa-Lite Still Has BDE?

[JLester]

I noticed that after running the newest ref file from Ad-Aware that Kazaa Lite stopped working. It gives the message: "You have uninstalled a part of Kazaa that is required to run". I thought my system was clean until the latest update where it found more BDE stuff. I assume that's what made Kazaa Lite stop working. So, it appears that the Lite version isn't as ad/spy-ware free as I thought.

Jason

Re:Kazaa-Lite Still Has BDE?

[SlimySlimy]

Ooops.

Ad-aware removes some files that are part of KaZaA Lite that are meant to fool the modified KaZaA into thinking that the spyware is still there. You probably removed the "dummy files" that need to be in place to fool the KaZaA in KaZaA Lite.

You probably didn't have spyware afterall, but ended up crippling KaZaA Lite with Ad-Aware :-)

Anyway, why are you using that proprietary, closed source P2P tool anyway? Check out Gnucleus for Windows, a GPLed Gnutella client with swarming and SuperNode support, and tons of users without spyware, limits, or the RIAA on its tail: (http://www.gnucleus.net)

Re:Kazaa-Lite Still Has BDE?

You need to add a file called cd_clint.dll from Kazaa lite's install directory to Ad-Aware's list of files to ignore. This file is a dummy version of Cydoor IIRC. Kazaa'll work happily as long as the file is intact.

Insightful?

Never mind the irony of posting during the blackout -- how did this get modded insightful? Everyone who uses P2P networks is a pirate? I don't think these people should bitch about people removing spyware either, but not because I think everyone who uses them is a pirate.

Re:Be VERY wary (how to roll your own kazaalite)

[Bitsy+Boffin]

I'm pretty sure that very shortly after Music City released the "preview edition" of the new Morpheus after being reamed by Kazaa they made the source code available for it (as I remember, a face lifted gnucleus). So how did they steal source for a month ? You don't have to release source until you release the binary. And if you don't release the binary you never have to release the source.

Just buy LimeWire - or use IRC

[Sean+Clifford]

Not to be a troll, but just pop $8.50 for LimeWire Pro (warning: annoying pop-ups on site). No damned pop-ups or stealthware (that I'm aware of anyway) and they have it for every platform we're likely to use: Linux, OS X, MacOS, and Microsoft Windows(TM).

Or you could just go with IRC (obligatory link for newbies) and screw all that schmansy luser "p2p" crap. :)

Re: tech people work for free

[ShawnDoc]

And how would one meet these nice ladies in the publishing industry? ::WINK:: ::WINK::

What do most of them do in the industry?

Re:Something for nothing!

ya fucking idiot... what a lousy troll. can't even call it a troll, really.

should be Score: -1, Lame!

feh.

bloatzilla

damn straight, mozilla is bloated and butt-ugly shitware...

What would be nice...

[Hyperfrog]

... is a good P2P like Kazaa (I love the fasttrack network) that doesn't require the central servers. A good P2P that, basically, if you removed the central servers would still work.. probably forever.

Edonkey, anyone? I'm open to any comments anyone would has towards this end.

Paranoia on replacement CL_CLINT.DLL

[MrByte420]

For everybody who jumped on the bandwagon about the evil in the replacement dll for cydoor I went and did a little research..the code is distributed with the binary and all it is is the Cydoor SDK implemented except all the functions just do nothing or return 1. (www.cydoor.com/sdk helped them out on this one)... If your really that worried about this then just recompile the DLL on your own. The source is in www.cexx.com 's ZIP file of cl_clint.dll... The only thing I've found is that the version of KaZaa I have crashes if I try to use the DLL althought I haven't tried compilig it myself yet... They refer to this as the "AdWare Condom"

GET THEM ALL HERE

AquaLime, free and cleaned... and, LimeWire sucks anyway. so does AquaLime, but at least it is cleaned... cleaned clients, get them all here!

Re:Be VERY wary (how to roll your own kazaalite)

[TheOnlyCoolTim]

It includes the source, and you don't have to be an elite C++ programmer to realize that functions which are either empty or only have "return 1;" in them aren't going to |-|@xx0r j00.

Tim

If you accept the license.

[phriedom]

Sadly courts do usually uphold click-through licenses.

That sounds rather ominous, but what are the penalties if I violate the license agreement? Do they revoke my license? Okay. But what if I don't accept the license terms? What legal recourse do they have if I didn't click accept, (maybe my wife or neighbor or 2 year old daughter clicked) and I reverse engineer their product? (Granted, distributing a derivative work would be violating copyright, and they could make me stop that.)

Re:If you accept the license.

[GutBomb]

most eula's state that even if you did not accept yourself, but using the product you automatically accept.

Re:If you accept the license.

[Bilestoad]

Not being even vaguely involved with the legal system I couldn't say for sure. But if they showed that you did the mod and claimed it "cost" them n dollars in lost revenues I guess that's what they would ask. And you can bet n in this case would not be the worst case estimate :-(

Re:If you accept the license.

[arkanes]

Tough diggity, my EULA states that people owe me money for reading posts. But I can't enforce that anymore than they can. I can (and occasionaly do) dissasemble or edit installers to remove or alter the EULA. Therefore, since I don't agree to the EULA, and in fact was never presented with the EULA, I'm not bound by it, only by normal copyright law. Fair use entitles me to make copies of the software for my own use, including copies in RAM.

Re:Be VERY wary (how to roll your own kazaalite)

[ksb]

Do you have a 'POKE' for the Amstrad CPC to allow this too ? ;)

Kazaa Lite works under Wine

The beauty of Kazaa Lite is that is works (more or less) under Wine: chroot jail + Kazaa Lite is pretty sweet for safe file sharing. Now if it just wouldn't constantly chew up 100% CPU...

Proof that Sharman Networks is absolutely insane

Here you go, we finally have proof that the people running Kazaa are absolutely insane. Sharman Networks, Kazaa's company, wants to get software taken down off of web sites. They're "going after their whole distribution chain" according the the article. Now think about that for a minute.. A P2P filesharing company, wants to get their software removed from public web pages.

Didn't they stop for two seconds and think, "Gee, we run a filesharing servide, don't we?" They don't seem to have realized that the easiest way to get 'Kazaa lite' would be THROUGH THEIR OWN SOFTWARE. I wasn't convinced by the Brilliant fiasco, by Cydoor, or by that strange dispute they had with Morpheus.. I still thought they might be sane, until this. But when a filesharing company tries to get software taken off the web, you have to assume that they are totally 100% nuts.

Re: tech people work for free

[Lemmy+Caution]

They are pretty much looking for blue-blooded smart-but-not-bookish ivy-league comes-from-a-good-family globe-trotting outdoors-going art-savvy second-home-in-the-Hamptons liberal-yet-sensible sons-of-the-American-Revolution. Trust me, almost no one posting on this board would qualify. I definitely don't, and I suspect I might be closer to it than most.

Re:Be VERY wary (how to roll your own kazaalite)

[orkysoft]

I'm actually better at reading Perl ;-)

Re:How about a version that uploads unreliable dat

This sounds like a very good solution. I'm suprised that it hasn't been moded up a bit more. It seems that making the data collected useless or at least making it very hard for them to find usefull data would be a real "stick it to the man" kind of way aof saying we don't want this. What kind of data is collected? How could this be done?

Anyone care to comment on this possible real solution to the problem?

An easy way out of ADs...

[codewolf]

Here is a copy of part of my hosts file, taken from a program that blocks ads. It works for most sites, I surf ad free, mostly, that hosts file and a few things to block popups, I see nothing. Some people should use 127.0.0.1 for the 0.0.0.0 that I have there, and some people may experience a slowdown on their surfing if using some windows versions, but I haven't seen that on w2k using this hosts file (the hosts file can be found on windows (2k/NT) systems in your "winnt/system32/drivers/etc/" dir - if I'm wrong someone will correct me) linux users know where it is...

Re:Of course! It's their $$

[jtdennis]

What most of the /. and *nix community in general tend to forget is that for the rest of the world free software is just that, software they don't pay money for. So for example, while AnalogX's programs are 100% free for me to use, they don't fall under a small minority's definition of "free software" just because it's not open source. Everyone needs to realize that software isn't free because it fits under the GNU "perfect world," It really is "free software" because the end user wasn't charged anything for it and that is not degraded in any way. I would say a good definition of free software is any software that's free to use and has no ads.

Re:Of course! It's their $$

[Broccolist]

Funding for what exactly? The FastTrack network (of which Kazaa is a client), being self-organized, costs very little to run. All they need to set up is a few login servers.

Furthermore, the company that developed the FT tech has, AFAIK, disbanded, and development is over. These guys were pretty bright: in order to avoid a Napster-type fiasco, they decided to just develop the software and make others take the risk of running the servers. Kazaa just licensed the software and is now attempting to milk it for cash.

Frankly, Kazaa is run by a bunch of sleazebags and I wouldn't want to give them money in any case. They've done amazingly unethical things. They're like the anti-Google. There's the obvious: installing of spyware, trying to run a distributed network behind people's backs, and basing their business model on running a piracy network (though this last point is not considered unethical by some).

But the worst is what happened to Morpheus. You may have heard of it: it was a FT client identical to Kazaa in every way (being the same licensed software). Although they tried to keep this under wraps, here is what seems to have happened: Kazaa, wanting to grab ad revenues from Morpheus, released an "upgrade" to Morpheus which had the effect of destroying it. Their trick worked, too.

This is $$$MAKE MONEY FAST$$$ level sleaziness here :). I hope Kazaa dies, and good riddance.

I think there was a typo...

Didn't you mean Gentoo CD?

Re:I think there was a typo...

[bzzzt]

No, he prefers being able to use it right away.

Re:Be VERY wary - Who do you trust more?

[akmed]

Yeah, sure, I'm gonna be flamed. But how is it possible for "the original authors" to be "ripping you off"? They wrote the code. Not you. How is it a rip off? Do I have a serious logical gap? It seems to me that the reverse is true. I don't like spyware/adware/whateverotherinsidiousnameyouwantto callitware. So I use linux and avoid such program completely. It seems to me that people using programs like adaway/adaware/whatever are in fact ripping off the original programmers. As are the people who designed said programs. If you don't like what these companies (e.g. the Kazaa people) are doing with their software, don't use it. The chief principle of the GPL is almost entirely that. If you don't want to use it as they say you can, you cannot use it. If someone violates the GPL there's a general uproar. Yet someone violates a different software license and people are complaining about the writers of that license? Stop and think about what I'm saying for a minute before I get mod'd to never-never land. That's all

Re:Of course! It's their $$

Spyware is not the same as simple advertisement...
"Just Ads" are ok with me....

Fundamental difference

[phulshof]

Although I resent the idea of spyware in the software I may use, there is a fundamental difference between the file sharing programs and the spyware free sharing programs.

File sharing programs can be used by users for copyright infringement, but are by themselves not a form of copyright infringement. The spyware free programs however, are by themselves a form of copyright infringement. In order to make it legal, their programmers should consider writing spyware remove installers for the programs they wish to see spyware free. That way there is no case of copyright infringement, and the same end result is being achieved.

Thanks DMCA.

[jbl81]

Good thing our senators and representatives are looking out for us. This is a clear violation of DMCA, and it's a good thing that guy stayed anonymous.

From http://www.chillingeffects.org/reverse/


The DMCA contains a limited exception to the ban on circumvention, which permits reverse engineering of the technology by specific classes of people for limited purposes [17 USC 1201(f)]. The exception allows reverse engineering of computer programs if the reverse engineer lawfully obtains the program, seeks permission from the copyright owner, only uses the results of their efforts to create an interoperable computer program and does not publish the results


Can you say "lobbying"?

how is this novel

[alanak]

all I can say in the words of a 5th grader is: "We'll duh." Can this be any more obvious? Anyone would be pissed if people released modified versions of their software without permission.

free software yes....

[bhsx]

but Free software is specific in its definition. Just like capitalizing Citizen of the United States of America signed our rights away to what was once the greatest country on Earth(TM).

Re:free software yes....

[jtdennis]

I'm sorry, I've never heard the "Citizen" thing you've mentioned before. Could you elaborate?

And I'm talking about the perspective from the general public. To them Free = free.

Re: Popup ads == Evil

[satanami69]

You should try popnot

ok

[abolith]

just for refrence Kazaa lite is NOT lite at all.

Ad aware 5.71 found the following in it:
C:\kazaalite\cd_client.dll listed as cydoor spyware.

so not all authors have the best of intentions.

Re:ok

[ComaVN]

That's probably because all the author did was replace the dll with one that just does nothing.
AD Aware just checks if the dll exists, and voila, you got a hit.

Re:ok

Do peopla on /. ever do any reading around before posting?

If you'd cared to do any background reading then you would have realiased that the Lite version is simply the original binary with a new installer that doesn't install some of the associated crap-ware.

Unfortunately Cydoor's presence is checked for by the client, so the distributor of KL has made a dummy DLL with the same name/exports just with routines that don't do anything!

Hence Ad-aware picks up the DLL in the lit version being 'spyware'.

Re:ok

>Do peopla on /. ever do any reading around before posting?

Do people on /. ever do any reading of their post before posting?

Re: tech people work for free

[Qrlx]

Lemmy...

Nope, I just can't accept that a guy named Lemmy even comes close to that.

Re:Of course! It's their $$

>Although they tried to keep this under wraps,
>here is what seems to have happened: Kazaa,
>wanting to grab ad revenues from Morpheus,
>released an "upgrade" to Morpheus which had the
>effect of destroying it. Their trick worked, too.

Bzzt.
Morpheus didn`t pay the bills to kazaa, so kazaa cut them off.

Underhand way of cutting them off, maybe - but valid all the same

redikim

Re:Be VERY wary - Who do you trust more?

but afaik there has never been a single reported case of a scene group deliberately releasing an infected crack.Neither do I but since they did already code the crack/keygen, why would they want to infect it with something that would be picked up by a comercial virus scanner. They could add all kinds of functionaltiy that you may or may not consider wanted. But hey, all these diffrend groups of experienced anonymous coders who crack comercial software using debugers in minutes, why would there be one cracker among them who would add those few lines of asm to their code just to make your pc download and run a fresh exe from geocities every day?

Re:Be VERY wary (how to roll your own kazaalite)

I was going to port my zx81 `poke` across to cpc, but the ram pack wobbled and I lost my data. Always remember to backup kidz!!!

Kazaa Lite is Clean!

If you run the normal version of Kazaa and use adaware to remove cydoor it will refuse to boot up anymore. The included file is nothing more then a dummy file. If you read the installation instructions of Kazaa Lite it says that when Ad Aware finds this file to ignore it because it is nothing more then a dummy file which i have personally verified.

Re:Be VERY wary - Who do you trust more?

[Glorat]

How is it a rip off?

I was referring to embedding extra features (aka spyware) into their product without making it clear that they are doing so (except in a EULA less clear than a tax form). I consider a rip off is when you don't get what you bargained for and that is how I view Kazaa today

Re:Of course! It's their $$

[Mr_Silver]

but it's quite insulting to see it compared to free software

In a world where the vast majority of individuals have never heard of GNU, Richard Stallman etc.etc. this product is free.

Yes it's free as in "free beer" and not "free speech" but the reality is that the masses don't give a flying fuck about the "free speech" bit.

For them, the criteria for something being free is:

1. Do I have to pay for it?
2. Am I prevented from making copies of this and giving it to my mates?

If both answers are "no" then it's free. Period.

Whereas we like the idea of having the source code, being able to modify it and pass it on, your joe sixpack just wants to know if he's going to get the police come chasing after him if he gives it to a load of mates. He doesn't care about the source code (mainly because he can't read it and wouldn't know what to do with it) and he's certainly not interested in making any modifications and redistributing it.

Under this, the following products (and many more) are considered free:

• Internet Explorer
• Kazaa
• Winamp

and so on and so on.

So the point here is that although it's not "truely free" it can and will still be considered "free".

And until the GPL is known to the majority of the people in the world, this is the way "free" is always going to be considered.

Biological Response to Unwanted Intruder

[eer]

This is a great example of the 'net acting like a biological organism...routing around censorship, and developing its own defensive mechanisms against unwanted intruders. The image of the Internet community as a giant "blob", slowly flowing over, bypassing, and eventually making irrelevant the obstacles created by others reminds me, too, of a volcano - locally powerful, representative of tremendous potential.

Re:Of course! It's their $$

[jtdennis]

Your post echoed my sentiments almost exactly. Free means just that to the general public.

have you ever heard of opensource?

[zottel]

yeah, sure you could buy limewirepro (and i know they've opensourced at least some of their stuff, only joe average user doesn't want to hack away all the ads which are there in their opensource version, too)
but then again there's gnucleus (GPL), which i have found to be the best windows gnutella client, which doesn't have any corporate shit in it, and there's other opensource gnutella clients for windows and some for linux, and possibly other OSs, too.
i mean there really is enough free-as-in-speech filesharing software out there, quite a buch of the programs are easy to use, gnutella with supernodes rocks, there's the openFT effort (though not finished yet), there's freenet...
what i just hate are users bitching about companies which they really don't need to have any business with, there are enough alternatives, if nobody uses ad- and spyware-enabled apps these companies just die, exactly what they deserve. you can make the difference, and it won't even hurt (quite the opposite in fact)

Ad-Aware is fighting back.

[Decimal]

Here's a response I was given to an email I wrote the Ad-Aware team about the issue:

"We have taken steps for this, Please update your reference file for AdAware.
Current Version
AdAware 5.0 release 5.71 build 2899
Current reference file 108-23-04-02 This update targets Radlight"

gnucleus

[Sean+Clifford]

Excellent point. I haven't explored gnucleus yet, but I'll give it a shot.

Re: Popup ads == Evil

Did someone just mod your sig +1 funny? That thing must be a karma GOLDMINE!

Re: Popup ads == Evil

I was at 15 before I added it 5 weeks ago. I just capped with this +1 funny. Somewhat ironic.

Music sharing need not be illegal

[NibbleAbit]

First, IANAL. But I do recall reading that (at least for Canada), copying music is not illegal. That's why they have the extra media charges on blank tapes and CD's. If you copy the music and transfer it to someone else, then you break the law. If you copy the music yourself, for your own use, and put the music on media for wich the tax has been levied (like a blank CD), then it is not illegal. Even if you do not own the original. It sounds to me that with P2P, I am the one initiating the copy, therefore I am not breaking any laws. The person making the music available is the same as loaning it to a friend. So go ahead and share, just put it on a CD. For more info see Copyright Board of Canada

Re:Be VERY wary (how to roll your own kazaalite)

[arkanes]

Be aware that Ad-aware will hit on the new cydoor stub - don't let ad-aware remove it or your new, fixed, kazaa won't work.

Who would do such a thing?

[dcavanaugh]

Build a "phone-home" trojan into a modified p2p program and distribute it? To me, that sounds like a job for the Copyright Police.

In the version 1.0, they get rid of the spyware and open the door to later infection and shutdown when the evildoers decide to walk into their underground command center (directly under RIAA headquarters), and push the "shutdown" button.

If my business model was threatened by technology and I wasn't smart enough to adapt and sell what the customer wants, I might be motivated to attempt this "replace spyware with virusware" as a desperation tactic. It might keep my investors happy for 3 to 6 months.

Just install StartupMonitor

[cardshark2001]

StartupMonitor prompts you to confirm ANY program that tries to load itself to run on startup (including Windows Service Packs).

I don't know of any spyware that can get around it.

Startup control panel will allow you to get rid of anything already set to run on startup. Get them here

If you don't have a firewall, get ZoneAlarm while you're at it, and you will receive a prompt any tima a program tries to use the internet. I've killed spyware without any complicated install/uninstall procedures, just by using these programs.

Re:Of course! It's their $$

[Oliver+Wendell+Jones]

How about charging some nominal yet affordable fee?

I'd gladly pay $1 - $3 to download a utility like Bearshare or Kazaa that is completely spyware free.

How much can the spyware people be paying per download?

I prefer to use Bearshare simply because they give the me the option to opt out of installing the adware... they make you feel guilty about it, but they give you the option.

Re:Be VERY wary - Who do you trust more?

[Wolfier]

Yeah.

I used to use patches from various 'rogue programmers', or 'rogue groups', until I learned how to do it myself.

Equip yourself with a decompiler, a hex editor, and knowledge from the various FRAVIA'S REVERSE ENGINEERING LAB mirrors.

Go fishing and stop asking for fish anymore.

"Citizen" vs. "citizen"

[Jon+Howard]

I believe the "Citizen" thing the poster was referring to was the establishing of United States Citizenship via the 14th amendment (as opposed to citizenship of individual states).

As I understand it, the major reason this was done was because many states refused to grant citizenship to freed slaves and other non-whites. There were no laws that said that the states had to, since at the time we had a very different political configuration (the Federal Government was _MUCH_ smaller, and less intrusive), so the Federal government saw an opportunity for a power-grab and created a second-class "Citizen" (National citizen) which technically is not afforded the specific protections of the Constitution that would be afforded to the state citizens - inalienable rights aside, of course.

From that point on, all people who have not specificaly petitioned for, and been granted state citizenship after denouncing their federal citizenship are under the 14th amendment's Citizenship from birth, or the age of 18, I don't recall which.

Anyway, my memory isn't the best, don't take my word for it - go read the 14th amendment.

Re:"Citizen" vs. "citizen"

[jtdennis]

That does make some sense. From Amendment 14 section 1, first sentence:
"All persons born or naturalized in the United States, and subject to the jurisdiction thereof, are citizens of the United States and of the State wherein they reside."

Still, I don't see what that has to do with "Just like capitalizing Citizen of the United States of America signed our rights away to what was once the greatest country on Earth(TM)"

I didn't see a capital C in the amendment.

Re:"Citizen" vs. "citizen"

[Jon+Howard]

Thanks, glad to help inform folks of the nasty scams being run against them. I believe that a Federal amendment doesn't necessarily grant state citizenship, so the second clause may be moot. I could easily be wrong, but I seem to recall some reason which left that entirely up to the states themselves. Could be that whole sovereignity thing that spawned the civil war, I don't know if it still holds-true.

As far as the "Citizen" vs. "citizen" thing goes, I don't remember where that came from, it could be entirely fabricated. I know that the story is that the capitalized version refers to Federal citizenship; the lowercase refers to state. I'm sure googling on "14th amendment second-class citizenship" or something similar would provide great insight, and much misinformation.

Re:Of course! It's their $$

[peddrenth]

Okay, I wasn't fussing about the definition of free software, my point was them saying "without commercial advertising, nobody will write free software"

Well I write free software. And it doesn't advertise. And I don't get paid for it. So do thousands of other people, and it belittles all of their work to compare them to advertising supported loss-leaders

Re:Be VERY wary - Who do you trust more?

[akmed]

That's the key point I was trying to make though. Yeah, they make their EULA's as unclear as they possibly can. If it's too unclear though, then there's a chance that it's not legally valid. In contractual issues, a judge generally favors the lessee over the lessor if the terms are unclear. Up to a point anyway. But if you don't like/can't understand what their license is saying then don't use it. Accepting these wretched licenses only emboldens them to continue to create them. And just because a license is disagreeable to and/or unreadable by you, it is not legally invalid if you accept it. Anyway, that's the only real point I was trying to make. Go with the old U.S. anti-drug slogan and just say no.

unless it's the RIAA

How long before the RIAA releases a client that send info about what you download to some huge database and then sweeps in and arrests you.

Whatever you do, don't use your real name. I always use something like meisner, ro hrosen

*ahem* forgetting something?

[oomcow]

you realize that by disassembling the program to skip the license agreement you just broke the law right? reverse engineering software is not quite legal. ;)

Damaged Reputations

[Suburban+nmate]

If they put Scumware onto my system, then they lose any and all potential respect. I'm using Audiogalaxy as my example here, which is a shame because its actually a damn good program. I specifically went carefully through each and every page of the installation procedure to avoid spyware. I then had to manually remove a very stubborn app called "whagent", a.k.a WebHancer Customer Companion. I thought I was clean until the above story appeared on /., although it's not a new subject.

As it is, I'd be happy to pay a reasonable fee for AG without spyware, since it is a very useful and easy program. I don't mind supplying a little non-personal info such as basic system specs, rough location (UK), maybe some simple program logs for development purposes and the like. I'm happy to reveal info to assist the development of better products that people are happy to pay for, but what sorta whacked-out crackhead-run company makes money like that? ;-)

Ali

Re: tech people work for free

[Lemmy+Caution]

And a guy name Qrlx does?

Re:Of course! It's their $$

Furthermore, the company that developed the FT tech has, AFAIK, disbanded, and development is over. These guys were pretty bright: in order to avoid a Napster-type fiasco, they decided to just develop the software and make others take the risk of running the servers. Kazaa just licensed the software and is now attempting to milk it for cash

Uh, the FT people didn't invent distributed distributed filesharing. I believe they just flat-out copied Gnutella by Justin Frankel, the winamp God. Please don't call them "pretty bright" for copying someone's idea for personal profit.

Damnit..

[JippyNickers]

Now why'd you have to go and do that... Being all nice and courteous in your response there.. Damnit.

Heh.. Ok.. Yeah. I agree. They have a right to make money for providing a service.. Absolutely.. I guess I'm just living in a dream of the 1998 Internet.. Bah...

Cheers,

=-Jippy

Re:Of course! It's their $$

No i wouldnt... and you would find so many other people wouldnt either.

I'm forgetting nothing.

[mindstrm]

Where did you get the idea that reverse engineering software is illegal? (I assume that is what you mean by 'not quite legal')

It's completely legal to reverse engineer anything, unless you have some contractual agreement to the contrary.

You may be thinking of the clean-room techniques used to reverse engineer, then re-engineer software to build a competing product... but that's another story altogether. Those results are simply to show that none of the original work was copied. You have one team rip something down into a spec, then a totally different team build a product from that spec. And that's legal.
Patents can get in the way of course....

Penalties

[phriedom]

I mean legal penalties. Just because they wrote something down and I didn't obey it, doesn't mean they can make me pay them whatever they want. What legal basis do they have to enforce any license? If I have bought the software product, what need do I have of a license?