Spyware Makers Resent Cleaned-Up Versions
Tri0de points to a ZDnet artcle on a programmer who's taken it upon himself to release spyware- and adware-free versions of popular file-sharing programs. "'He's done Grokster and iMesh. And he's not alone. His work, now available through the Grokster and iMesh networks themselves, joins that of other programmers who have previously "cleaned" programs such as Kazaa and Audiogalaxy in a campaign against "adware" and "spyware."
Is the shoe on the other foot?'"
Why doesn't someone come up with a hack that fills the Spyware home Database with useless information? I mean the data fields that phone home should be easy to fill with meaningless information but seamingly valid data?
This would render any information gained worthless until scrubbed of the offending dirty data. And the scrubbing of dirty data would leave dirt, and/or scrub valid data.
Another option would be to Flood the home servers with pure junk traffic. Or maybe even both?
How about sending home a destructive payload? It should be easy to hack the data fields of the database so that it ends up running the DB server into the ground.
Any other ideas?
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Whilst it's likely the author had your best interests at heart there's some chance he didn't.
Some chance, but in my opinion very very little. Even virus writers and whatnot love P2P networks. Users are what allow these networks to exist, ergo, it doesn't make sense to attack them. I doubt someone would be willing to sacrifice access to music and warez just to see some trojan or virus succeed. And I don't think this is naive; after all, the networks haven't self-destructed thus far.
The coolest voice ever.
That's hitting the nail on the head. Who do you trust more? Do you trust the original authors who hid the spyware in your program but are possibly giving some legal notice in the EULA (bleh), so they aren't completely rogue, but are ripping you off? Or do you trust the rogue programmer who claims to have fixed the spyware but maybe has slipped his own trojan in instead?
In the case of Kazaa Lite, I trust the rogue coder but I won't have that attitude on patched software for long. I think I would rather wait for my Slashdot peers to "beta test" these patched versions and find out if their computers die, before I even consider downloading patched up pirate software
If all this should have a reason, we would be the last to know.