Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spyware Analysis of P2P Software

Posted by CmdrTaco on from the dark-side-to-the-dark-side dept.

rhizome writes "Benjamin Edelman, a PhD candidate in Economics and a Law student at Harvard, has analyzed the hidden (or not) additions to a user's machine when they install some of the major Windows P2P clients. He analyzes the length and readabilty of their licenses, what is revealed or hidden in the software's installer and includes screenshots for illustration. Clear, concise and eye-opening."

13 of 200 comments (clear)

  1. I am aware by bogaboga · · Score: 3, Informative

    I am aware that eMule has no spyware/addware since its opensource. In this case, the issues the author raises do not concern me. Since this discussion is primarily based on Windows, Linux is offtopic, but in that area, we have KMLdonkey and Limewire.

  2. Relevant section by Anonymous Coward · · Score: 4, Informative

    The relevant parts, for people who can't or don't want to RTFA:

    My testing uncovered no bundled software installed without at least some disclosure apparent in a careful and complete reading of all applicable installation license agreements. However, it is possible that programs were installed that I failed to detect, especially if bundled program installations were set to be delayed after installation of the requested P2P software.

    Although each P2P installer included at least a vague reference to each program to be installed, certain P2P programs' installation procedures nonetheless present cause for concern. For one, substantive disclosures are generally detailed only in license agreements presented in scroll boxes -- often squeezing thousands of words of text into small windows requiring dozens of page-downs to view in full.

  3. Comment removed by account_deleted · · Score: 4, Informative

    Comment removed based on user account deletion

  4. What programs were included by bedelman · · Score: 5, Informative

    Robogun,

    Preparing these detailed analyses is surprisingly time-consuming -- lots of license text to read, lots of screenshots to make, lots of measurements and other tests (registry, filesystem, etc.). So at least for this initial run, I had to limit myself to a manageable number of P2P programs. In general I tried to focus on the programs believed to have largest market share -- the programs that would infect the most PCs with unwanted software if such programs in fact contain unwanted software.

    WinMX would be a good candidate for inclusion in a follow-up piece. And there are plenty more too.

    Or perhaps someone else will be so kind as to take over where I've left off!

    Ben

  5. FYI: (was:Little-Known Spyware EULA Provisions) by Lead+Butthead · · Score: 5, Informative

    Bubonic plague is a bacterial infection, not a viral infection.

    --
    ELOI, ELOI, LAMA SABACHTHANI!?
  6. Re:Lawyer, economist, and paid shill? by digitalchinky · · Score: 4, Informative

    What exactly was your experience? LimeWire, to me, appears to do exactly as he said. Nothing more, nothing less. I don't think he sold out there.

    Shareaza is missing from the list, but is very similar to LimeWire - might be a good alternative (note: shareaza, not sharaza!)

    http://www.shareaza.com/

  7. Re:Lawyer, economist, and paid shill? by Vengie · · Score: 4, Informative

    I spent about an hour talking to Ben at the Yahoo! party last week. I can assure you that he is by no means shilling for anyone. His feelings on the matter are pretty strong, and he sells himself on the integrity you mention.

    --
    When in doubt, parenthesize. At the very least it will let some poor schmuck bounce on the % key in vi. (Larry Wall)
  8. Re:None of the Open Source ones checked? by mlinksva · · Score: 4, Informative

    LimeWire is open source and is safe. I did a quick check of several other open source P2P apps (BitTorrent, eMule, Phex, and Shareaza). None are bundled with malware and if they have a license agreement it is only the GPL. All of the proprietary apps checked are unsafe, and it is well known that others not checked (e.g., Grokster) are also not safe.

  9. Re:Lawyer, economist, and paid shill? by sameb · · Score: 3, Informative

    You're probably the only one. At least if you downloaded LimeWire any time after last August. LimeWire hasn't had bundled software for close to a year.

  10. Re:just a question by MarkGriz · · Score: 4, Informative

    Not necessarily the "best", but Shareaza is very good, for a number of reasons:

    - Works well (IMHO)
    - Open source and Free (beer)
    - Connects to Gnutella, Gnutella2 and Emule networks
    - Built-in bittorrent support.

    --
    Beauty is in the eye of the beerholder.
  11. Allegation of LimeWire Installing Bundled Software by bedelman · · Score: 3, Informative

    Skyshock21,

    You'll see that my site contains (what I claim to be) screenshots of the LimeWire install. I also have registry and filesystem change-logs, which I can post if needed (i.e. if they're actually helpful or of interest, which seems a bit unlikely).

    Can you say more about the LimeWire installation you tested? Where did you get the installer program? Was this current testing? Are you sure you have the current installer?

    I don't mean to suggest that current behavior excuses past bad decisions -- quite the contrary. But things change over time, and if we're to understand the way software actually is getting onto users' PCs, we have to be clear about what specific software is being tested. My article, at least, tried to be quite explicit as to where and when I got the programs at issue (even showing screenshots of the download pages).

    Ben

  12. P2P is better on Macs? by 5n3ak3rp1mp · · Score: 3, Informative

    Funny, you'd think "stealing" would be easier/better on PC's... On this OS X machine we have the following tools:

    1) Acquisition. All the search hits with none of the spyware, plus a snazzy interface.
    2) Azureus. Everyman's BitTorrent client (only gripe is the high CPU usage)
    3) eetee. Interesting p2p app. No spyware.
    4) HandBrake. Easiest-to-use DVD ripper in existence, on any platform.
    5) Many other p2p clients in various levels of development... all with no spyware

    Still snickering at the Windows holdouts...

  13. Was this even necessary? by pg110404 · · Score: 3, Informative

    There are two types of p2p networks.

    1) The likes of bittorrent. You download from an authoritative server a 'control' file that has an MD5 checksum of a file you want. Very difficult or impossible to spoof the saved file.

    2) The likes of kazaa. You query other machines on the network for files and pray it's not riddled with spyware, etc. It's probably far too easy to create a virus, giving it an enticing name like 'xpcrack.exe' and plop it in your shared folder and wait for someone to pick it up.

    Why would the makers of kazaa bundle spyware/trojans etc directly into their application when it's easier to allow the user to search for something they want and have a hit not on what they really wanted but spyware masquerading as what they wanted?

    I've loaded kazaa on a sandbox computer and downloaded executable files pertaining to cracks of various kinds, and virtually all of them were not cracks at all but were trojans/viruses, etc.

    Bundling trojans/spyware into an application is slow, restrictive and pointless when there are so many more effective ways to do so, including activex, email worms, seeded trojans in the p2p network, etc.

    Kazaa itself and the multitude of files associated with its install for example is reported as spyware, but probably in the most generic term of the fact that whatever files are set up as shared are accessible and thus the program is considered "spyware" for giving that information up. If you go into its options and set up the shared directory, or what you want to share or not, it's not likely to divulge or give up any serious information or data.

    But I don't really care, because I don't really trust apps these days that don't have source code with it.