Slashdot Mirror
More on Kazaa and Brilliant Digital Spyware
Vertigo01 writes: "There is an interesting article from CNN.com on the current state of the Kazaa controversy, and Brilliant Digital's plans for the future. Interesting quotes from the article include a statement saying that 'Altnet's seeded software [will be] awakened some time in May' and that 'Brilliant is negotiating with music labels and movie studios to market their material as well. The files will be copy-protected in some way, using Microsoft's digital rights management encryption technology.'"
Just get Kazaa Lite and stop worrying about all this.
Where to get Kazaa Lite? Well, on Kazaa, of course.. or you could be a weenie and go to their web page.
Am I reading that all wrong, or do they seriously want to piggyback a legal filesharing scheme on the back of Kazaa? I can almost see the argument of saying "Don't trust that file you've just found? Why not fork out for the real version?", but on the other hand, are the RIAA going to come within a nautical mile of something that also does illegal filesharing.
"I Know You Are But What Am I?"
Well, there's nothing to worry about then, is there? Given Microsoft's track record with "copy protection" and "product activation" technologies the patch will be widely available before the official launch date anyway. ;)
UNIX? They're not even circumcised! Savages!
So maybe they did listen to everyone after all? I await to see what "warnings" are given and how easy the opt out is...
Thinking of this - I have a question
How does altnet know what is "unused" in bandwidth terms?
as far as I was aware there was no prioritising in the windows tcp/ip stack where by one application does not get any bandwidth while others wish to use it
That would imply to me that they will just use ANY bandwidth they can - not just "un-used bandwidth"...
... just go ahead, get kazaalite (http://www.kazaalite.com/) and start sharing.
I don't care in which way they will copyright their material.
Let's just enjoy it as long as it lasts, we can move over to gnutella anytime we want. Since kazaa, etc are aware of this fact they will go on like they do now (not suing kazaalite) as long as possible...
To cut a long story short: Don't freak out when someone points out a problem we already have the solution for.
I found this interesting, although not surprising... If companies such as Brilliant and Sharman Networks were to release 'clean' versions of their products, and they were totally upfront in an easy to read EULA (who reads those anyway right?), would you use it? Would you swap bandwidth and disk for the privilege?
Furthermore, would the 'average' person? Spyware, what's that? etc...
Which part stuns you? They have found a potential source of income. People don't care. They'll install anything on their machine. In their privacy statement they clearly state that they collect any information they can, and use much of that information any way they want. In their resource usage page they say that they also can steal 10% of your CPU power.
They have said it all loud and clear, and if you install the software, you practically give them the right to use your computer and information gathered for anything they want. No-one has to install this piece of software, it's your own choice.
Sometime someone said, "think before you type"... you should also "think before you download".
They won't realise that their bandwidth and disk space is eaten away slightly, they wont care when they do cos they're still getting free music. It is far too hard for the average user to install a new sharing program let alone find the name and site of one. "It's all too hard and this program works and im confortable with it."
Anyway if they are using Microsoft's digital rights management encryption technology then I look forward to having a look at what they send.
'Altnet's seeded software [will be] awakened some time in May'
:)
Skynet 5 years late?
Once we have networks acting independently of the owners of the machines, what's to stop someone putting in a bit of self-preservation and random activity into the distributed processes...???
deus does not exist but if he does
It looks like all the rats are getting together... Only senator Hollings is missing.
When his defense asked, "Which computer has Jon Johansen trespassed upon?" the answer was: "His own."
considering the fact that most people use kazaa to illegally download music, which does (!) harm musicians, using your spare CPU-cycles and bandwidth to pay these guys isn't even that ridiculous.
Thinking that ANY of the money raised through these trojans will go into the hands of musicians is ridiculous thinking on your part. It will either go to bolster "Brilliant's" income or go into the RIAA anti-piracy coffers. The day people turn over and decide that letting someone install a trojan onto their system in return for using a supposedly legitimate piece of software is the day we should just pull the plug. The Internet is broken. Kick the commercial noobs off.
From what I understand, the altnet stuff comes (will come?) piggybacked on the "b3d projector" advert program that the KaZaA installer automatically installs for you (without prompting if this is ok). You can see it briefly at the end of the installer when it pops up its own installation window in the top left of the screen for about half a second.
KaZaA lite doesn't install this (but it'll still be there if you haven't fully purged an old version of KaZaA from your system. Get adaware for that)
Help me! I'm turning into a grapefruit!
As a generic moderator-on-crack appears to believe wholeheartedly that the juxtaposition of this news article and a previous one is 'Offtopic', I feel it best to explain a potential 'Nightmare Scenario' on the horizon...
.exe itself hasn't changed, just a shared library that the exe uses.
Assumption One: Cancerware authors are amoral miscreants. Given the track record of the likes of Brilliant Digital, we can safely say that this is a given.
Assumption Two: One of the biggest advantages of a modularised Windows OS appears to be the ability to switch out the insecure MSHTML renderer as used in Internet Explorer to replace with Gecko and their ilk. Forcing Microsoft to publish the full API would enable a seamless changeover between rendering engines.
Let's follow this closely. The rendering engine runs as locally executed code, which brings with it additional security issues. I imagine, when push comes to shove, there will be plenty of Microsoft oriented warning messages along the lines of "It may be dangerous to change your rendering engine!" should a user want to make the switch.
However, fully expect the AOL / Netscape hegemony to complain loudly to the courts that this is FUD, and that it is PERFECTLY safe to switch to Gecko without notifying the user short of a generic EULA type click-through. Microsoft, having received a battering from all corners, will be forced to comply and take the warning out.
Which brings us back to Assumption One - Cancerware. Cancerware authors are forever looking for increasingly sneaky and devious ways to install their filthy code onto previously stable computers.
So, take one 'killer app', currently a P2P client, but who knows what the next one will be. Add a clause during installation that some vague 'browser enhancement' software will be installed as a requirement of the killer app. Many people will click through without reading, or just think "Enhancement - Cool!" and let it install.
What does this browser enhancement do? It acts as a fully functional replacement for the MSHTML module. Thanks to the efforts of Microsoft's competitors, it will install seamlessly, running code with local privledges.
What can it do? Anything that cancerware does already. Spying, gathering important data like CC numbers, taking control of your machine, uber DDoS, etc. etc. The possibilities rest purely with the devious malevolence of the author. It will, of course, be auto-updating, so even if it's caught out initially as being just another Purple Ape, it can download enhancements to itself to get past most security problems.
Remember that NO-ONE in the hacking community knew about Brilliant Digital's plans until they made their press releases. Sleeper cancerware, ready to awaken when the stars are right. As MSHTML is part of the Operating System now, for good or ill, it will be loaded on startup, even if the user doesn't open a browser.
But won't this be noticed by firewall software? Well, assuming consumer-grade firewalls work like Zonealarm, then no. Zonealarm checks for EXE files attempting to access parts of the net that they shouldn't be. But of course, Internet Explorer, being the most common Internet application, will be allowed through. The
And of course, the only way to uninstall this version of MSHTML would be to delete it, thus breaking anything that wants to use it. Like, err, everything!
Regardless of any non-Microsoft eliteness, the fact remains that Windows is the most popular PC Operating System for now, and shall be for a long time. This scenario outlined above is one of many potential fallabilities. I can assure you that minds far more devious than my own are concocting their own plans.
Cancerware is nothing more than barely-legitimized cracking. It seems that replacing "3133t hax0r sp33k" with the terse pseudo-legalese wording of EULAs makes this all acceptable. It isn't. And the sooner more people realise this, the better.
Of course, any company releasing something like this shall eventually become a target for the authorities. But the arrest of the author of the Melissa Virus didn't magically undo all the damage it caused, right?
"Why did they cancel my favorite Sci-Fi show? I downloaded ALL the episodes!"
You need to download refupdate which will download the latest adaware datafiles for you. It's good practice to run this at least once a week to keep the datafiles up to date (and run adaware straight after, of course)
Help me! I'm turning into a grapefruit!
If you haven't already checked out giFT check it out. It is an open source fast track network implmentation. It is no longer able to connect to the Kazaa network because they changed their protocol to come encrypted stuff, but it still rocks.
Yes it is still under heavy development, and last I checked you still had to grab the code out of CVS.
Their network needs a lot of users to test the software etc... go head and grab that source!
Using The Fish I was able to find two separate translations:
one: "All your base are belong to us!"
two: "Resistance is futile!"
This means something, I just know it.
The only thing, and by only, I don't mean it is not a biggie. In fact it is huge! But the only thing they did wrong in my opinion is not be up front with people. Spy-ware, ad-ware, and whatever you want to call this (bandwith-ware?) are all resonable ways for free software to make money IFF they are completely and clearly up front about how, what, why, and when they are doing. Not just at the beginning, but for as long as they are doing it. I have no problem with that.
[news for me, stuff that doesn't matter]
I don't understand this at all. When a university student launches a program out into the net, and that program sneaks onto your machine and mucks with your registry and steals your CPU cycles, it's a "virus." The kid is labeled a hacker and is arrested. And now, thanks to 9/11, the kid has the additional dubious classification of a "terrorist."
However, if this EXACT SAME THING is done by a corporation, in the name of profit, it is viewed completely differently! Why? What's the difference? It's a VIRUS! Software forces itself onto your machine and changes things without your permission. That's a virus. That's illegal. Why are we tolerating it???
Like woodworking? Build your own picture frames.
My spare cpu cycles and bandwidth are being used to cure cancer, which I think is a slightly better use of it than for some dipshit's piggyback trojan.
do not read this line twice.
The RIAAs claim that people are stealing music...
OR
Another company making a profit off of this supposed theft?
Thanks to file sharing, I purchase more CDs
Thanks to the RIAA, I buy them used...
Most worrisome part of the article: Nikki Hemming, chief executive of Sharman Networks, advocates a copyright tax on all ISPs. So all ISP users will be forced to pay the RIAA!
And on the copying and fair use front, Hemming is lobbying Congress for an Intellectual Property Use Fee to settle the quandary of responsibility for distributing copyrighted material. The proposal calls for charging ISPs a fee to compensate copyright holders.
The IPUF would be a "universal levy that would be applied to everyone in the value chain that benefited from the content available" on the KaZaA network, Hemming says.
In an open letter to Congress, Sharman Networks writes:
"We suggest that it is time for Congress to step in and halt the 'whack-a-mole' litigation excesses of the music and movie industries through new legislative initiatives that compel content availability, while establishing a compensation scheme that requires a contribution from all the many industry sectors beyond P2P [peer-to-peer] software that benefit from content availability."
At first, Altnet will market video and audio clips. Brilliant is negotiating with music labels and movie studios to market their material as well. The files will be copy-protected in some way, using Microsoft's digital rights management encryption technology. Restrictions could vary with the type of file or its source; a record label may let you copy a file once (onto a portable player, for example), or play it only a certain number of times.
It's good to see that record labels have finally come to their senses and are starting to use the Internet as a marketting tool. An example of this is how silverchair released their single 'The Greatest View' as a digital download to great success. However it is a pity that such downloads usually have some form of DRM like they stop playing after a certain date, but I guess some record labels aren't prepared to hand out freebies even if it means potentially increasing sales through exposure. On the otherhand other labels, usually the smaller/independent labels are quite happy to hand out free tracks with no constraints at sites like Epitonic
Speaking of Microsoft's digital rights management encryption technology, I wonder if Microsoft have released a patch for it since it was cracked last October
aus.music.scrapbook
This wouldn't happen to be the DRM that has already been broken?
It's 10 PM. Do you know if you're un-American?
What is to stop Kazaa and Brilliant Digital from using their software to scan the music & movie files on your hard drive, develop a signature and transfer that back to the RIAA and MPAA? Could Kazaa be a trojan horse company set up by music companies to spy on the p2p habits of music lovers? If they now claim that using the bathroom during a commercial break is a technical violation of the copyright laws, this doesn't seem to far fetched.
Strange women lying in ponds distributing swords is no basis for a system of government.
Matt Oppenheim, RIAA senior vice president of business and legal affairs.
"If I rob a bank, the fact that I haven't been arrested yet doesn't mean I haven't done something wrong," Oppenheim says. "Sharman Networks should take no comfort in the fact they haven't been sued yet."
Perhaps a better analogy would be...
Person A works in a bank. Person B is a friend of person A and says "Can you give me some of the money from your bank". Person A says "sure, come on over". So person B drives to the bank and person A gives him some cash from the vault.
The FBI decides that a theft has taken place and imprisons the Ford motor company for making the vehicle used by person B to drive to the bank.
You can't win Darth. If you mod me down, I shall become more powerful than you could possibly imagine
Pointing people there could save hours of explanation...
Anyway, I've drifted way offtopic here with my personal biases. The long story short part is that you shouldn't assume any more pure motive on the part of the people sucking your spare bandwidth "to cure cancer" than the people parasitically draining Kazaa users' bandwidth "to make money." The latter may just be more honest.
Eloi are stupid, throw morlocks at them!
If you find this on a corporate system, sue Brilliant Digital under the Computer Fraud and Abuse Act, for "exceeding authorized access". If they claim their access is "authorized", demand to see a document signed by an officer of the company. Some random employee clicking on a dialog box isn't enough. Only someone with authority to bind the company can authorize access. It's a straight "hacking" case.