Spyware Makers Resent Cleaned-Up Versions 340
Tri0de points to a ZDnet artcle on a programmer who's taken it upon himself to release spyware- and adware-free versions of popular file-sharing programs. "'He's done Grokster and iMesh. And he's not alone. His work, now available through the Grokster and iMesh networks themselves, joins that of other programmers who have previously "cleaned" programs such as Kazaa and Audiogalaxy in a campaign against "adware" and "spyware."
Is the shoe on the other foot?'"
Of course! It's their $$ (Score:4, Insightful)
Where's the funding going to come from?
Re:Of course! It's their $$ (Score:5, Funny)
2)?
3)Profit!!!
Re:Of course! It's their $$ (Score:5, Insightful)
They're right that "without this spyware advertising revenue, commercial advertisers can't continue giving their commercial software away without charge", but it's quite insulting to see it compared to free software
Re:Of course! It's their $$ (Score:3, Insightful)
Re:Of course! It's their $$ (Score:3, Informative)
In a world where the vast majority of individuals have never heard of GNU, Richard Stallman etc.etc. this product is free.
Yes it's free as in "free beer" and not "free speech" but the reality is that the masses don't give a flying fuck about the "free speech" bit.
For them, the criteria for something being free is:
If both answers are "no" then it's free. Period.
Whereas we like the idea of having the source code, being able to modify it and pass it on, your joe sixpack just wants to know if he's going to get the police come chasing after him if he gives it to a load of mates. He doesn't care about the source code (mainly because he can't read it and wouldn't know what to do with it) and he's certainly not interested in making any modifications and redistributing it.
Under this, the following products (and many more) are considered free:
and so on and so on.
So the point here is that although it's not "truely free" it can and will still be considered "free".
And until the GPL is known to the majority of the people in the world, this is the way "free" is always going to be considered.
Re:Of course! It's their $$ (Score:5, Insightful)
Furthermore, the company that developed the FT tech has, AFAIK, disbanded, and development is over. These guys were pretty bright: in order to avoid a Napster-type fiasco, they decided to just develop the software and make others take the risk of running the servers. Kazaa just licensed the software and is now attempting to milk it for cash.
Frankly, Kazaa is run by a bunch of sleazebags and I wouldn't want to give them money in any case. They've done amazingly unethical things. They're like the anti-Google. There's the obvious: installing of spyware, trying to run a distributed network behind people's backs, and basing their business model on running a piracy network (though this last point is not considered unethical by some).
But the worst is what happened to Morpheus. You may have heard of it: it was a FT client identical to Kazaa in every way (being the same licensed software). Although they tried to keep this under wraps, here is what seems to have happened: Kazaa, wanting to grab ad revenues from Morpheus, released an "upgrade" to Morpheus which had the effect of destroying it. Their trick worked, too.
This is $$$MAKE MONEY FAST$$$ level sleaziness here :). I hope Kazaa dies, and good riddance.
Re:Of course! It's their $$ (Score:4, Insightful)
I'd gladly pay $1 - $3 to download a utility like Bearshare or Kazaa that is completely spyware free.
How much can the spyware people be paying per download?
I prefer to use Bearshare simply because they give the me the option to opt out of installing the adware... they make you feel guilty about it, but they give you the option.
Re: tech people work for free (Score:3, Informative)
Re: tech people work for free (Score:2)
Be VERY wary (Score:4, Insightful)
Whilst it's likely the author had your best interests at heart there's some chance he didn't.
It wouldn't be too hard to build a trojan into one of these, and if it were done well you could have your trojan version of kazaa send requests onto the network that immediately identify to anyone watching that it's an infected copy.
That'd would mean that the trojan wouldn't have to either 'phone home' or be detcted by randomly portscanning subnets.
however this still might be the lesser of two evils.
Personally.. (Score:5, Funny)
Yeah.. I'd rather have a message come up on my screen once a month saying "You have been Own3D!!" then have any god damn popup ads over and over and....
=-Jippy
Re:Personally.. (Score:2, Insightful)
egads the humanity!!
Re: Popup ads == Evil (Score:3, Informative)
Obligatory Opera v. Mozilla comment (Score:3, Insightful)
Re:Obligatory Opera v. Mozilla comment (Score:2, Redundant)
Re: Popup ads == Evil (Score:2, Funny)
Re:Be VERY wary (Score:2)
Re:Be VERY wary (Score:2, Offtopic)
I got tired of CuteFTP's crud, and moved on to a free Windows FTP client that is a little better than CuteFTP. It's called SmartFTP, at http://www.smartftp.com/
Check it out, well worth the look, and completely free.
Re:Be VERY wary (Score:2)
Re:Be VERY wary (Score:2)
Re:Be VERY wary (Score:2, Insightful)
I'm really sorry if this comes across as rude, I certainly don't mean for it to be, especially because I consider you to be extremely correct.
How is this Insightful?! If people don't know not to run untrusted binaries from untrusted sources, we need a serious wake-up call!
Come on people! This should be as obvious as "never pick up random hitchhikers stumbling in an alley in the middle of downtown Shanghai - especialy if they're impeccably dressed!".
Re:Be VERY wary (Score:4, Insightful)
Come on people! This should be as obvious as...
Well just because its obvious to you does not mean its obvious to everyone. There are lots of people who are just learning to use P2P networks and sites like Slashdot. How are they supposed to learn the "obvious" things if we're not allowed to tell them?
Kazaa et al. are new services themselves. They've only been around for a couple of years, and they've been in the "mainstream" for considerably less time than that. Plenty of people don't work on Internet time, they don't rush out and adopt every new technology within a few days of its launch. And yes, a lot of these people (I'd guess) read Slashdot. Don't forget that the vast majority of Slashdot readers don't post; therefore posters like you and me are highly unrepresentative of readers.
I don't think we're anywhere near the point, even in the Geek community, where we can stop giving out these warnings because they are "obvious". So yes, I think this was an insightful post.
Self-interest (Score:5, Interesting)
Some chance, but in my opinion very very little. Even virus writers and whatnot love P2P networks. Users are what allow these networks to exist, ergo, it doesn't make sense to attack them. I doubt someone would be willing to sacrifice access to music and warez just to see some trojan or virus succeed. And I don't think this is naive; after all, the networks haven't self-destructed thus far.
Re:Be VERY wary - Who do you trust more? (Score:5, Interesting)
In the case of Kazaa Lite, I trust the rogue coder but I won't have that attitude on patched software for long. I think I would rather wait for my Slashdot peers to "beta test" these patched versions and find out if their computers die, before I even consider downloading patched up pirate software
Re:Be VERY wary - Who do you trust more? (Score:3, Interesting)
Cracker groups release thousand of key generators and patches every month. MS wants you to believe that these are full of trojans and whatnot, but afaik there has never been a single reported case of a scene group deliberately releasing an infected crack.
All the shit that people are getting is coming from legal software, either as spyware or through outlook.
Re:Be VERY wary - Who do you trust more? (Score:2, Interesting)
Re:Be VERY wary - Who do you trust more? (Score:2)
I was referring to embedding extra features (aka spyware) into their product without making it clear that they are doing so (except in a EULA less clear than a tax form). I consider a rip off is when you don't get what you bargained for and that is how I view Kazaa today
Re:Be VERY wary (how to roll your own kazaalite) (Score:5, Informative)
/* Install KaZaa 1.6 */
1) Install the new KaZaa, then close the application when all finished.
/* Begin Brilliant Digital Uninstall */
2) In Control Panel, click Add/Remove Programs and find "b3d Projector".
Uninstall this application (make sure all browsers are closed or it won't
work)
3) Find a folder called "b3duninstall" located usually directly in your
Windows folder. Delete this folder.
4) Locate the following files:
> bdedownloader.dll
> bdedata2.dll
> bdefdi.dll
> bdeinsta2.dll
> bdeinstall.exe
> bdesecureinstall.cab
> bdesecureinstall.exe
> bdeverify.exe
> bdeverify.dll
They are usually located in your Windows/System, Windows/System32 folder.
Rename each file adding a ".bak" to the end. (or Delete them if you don't
care about backing them up)
-->Note to Borland users: Borland software creates files that start with
"BDE" as well, so be careful.
/* Brilliant Digital Uninstall done, proceed to Cydoor crippling */
5) Download the dummy cd_clint.dll package at
http://www.cexx.org/cd_clint.zip
6) Go to your Windows/System32 folder. Find "CD_Clint.dll" and rename it to
"CD_Clint.dll.bak"
7) Extract the "CD_Clint.dll" file from the package you got in step 5 into
the Windows/System32 folder (thus replacing the old CD_Clint you backed up
in step 6).
/* Cydoor crippled. */
You forgot the most useful steps of all. (Score:3, Funny)
Re:Be VERY wary (how to roll your own kazaalite) (Score:3, Informative)
Re:Be VERY wary (how to roll your own kazaalite) (Score:2)
Tim
That's not a bad idea! (Score:2)
Kazaa's agreement, for example, states: "Except as expressly permitted in this License, you agree not to reverse engineer, de-compile, disassemble, alter, duplicate, modify, rent, lease, loan, sublicense, make copies, create derivative works from, distribute or provide others with the KaZaA Media Desktop Software in whole or part or transmit the application over a network."
are NOT your friends.
Re:Be VERY wary (Score:2)
Getting back to the original article for a minute, one of the legal tacks being considered by Kazaa is that they claim you can't (among other things) pass along derivative works. Has anyone considered distributing spyware-free file-sharing clients as patches to the "official" releases? You're not distributing a derivative work. LAME began life as a patch to the ISO (?) reference MP3 encoder, and that worked well enough until they could write a new encoder from scratch.
Re:Be VERY wary (Score:2)
This is where an application like Virtual PC [connectix.com] comes into its own. I have a clean virtual machine, with W2K installed (and kept up to date with patches etc.), a few file sharing clients and nothing else whatsoever. This machine is never used. Instead, I make a copy of it and run that. Then, every couple of weeks or so after the adware has become unendurable, just delete the copy in use and replace it with a new copy from master.
Works perfectly. Spyware can try spying all it likes - I'm not using the machine for anything except use of their own networks, so there's nothing there for them to look at. Also, even if I am '0wn3d' through some obscure hack, it's only an isolated virtual machine and it'll only exist for a maximum of a week or two.
Cheers,
Ian
Re:Be VERY wary (Score:2)
Well whoopdie do (Score:2, Insightful)
In my own opinion, spyware makers have no right to complain. Is there something I'm missing?
Re:Well whoopdie do (Score:4, Insightful)
They have every right to complain.
We have every right to ignore them.
Re:Well whoopdie do (Score:4, Insightful)
Who pays (Score:2, Insightful)
Re:Who pays (Score:5, Insightful)
This software is blatently not free. If they changed the flashing stars on their sites to say "This software will be paid for by an agreement where we watch your surfing habits, consume your processing resources and bombard you with adverts" the i'd be a lot happier.
Also they dilute the value of real free software. We dont want the general public tainting linux with the Kazaa brush.
Re:Who pays (Score:2)
Actually it is. Read here [slashdot.org] to find out why people consider it to be free.
The point is, until the GPL is known to the majority of the people in the world, this is the way "free" is always going to be considered.
Re:Who pays (Score:4, Interesting)
I would normally agree. However, even though I've never downloaded a Kaaza or Napster program, the end result effects me. The ads are one thing. But I think the company that installed additional software without acknowledging it went far over the line, particularly if it could be 'turned' on to use the persons computer through another peer-to-peer network for another's benefit. While I'm not sure I agree with hacking the original software, and certainly IANAL applies, but IMHO, I wouldn't at all be opposed to some bright young prosecutor taking an in depth look at federal hacking laws or theft of service laws and see just how some of those might apply. (I seem to recall Georgia has some pretty strict statutes.!) If it's installed without the persons knowledge, I don't see how the distributer would not be liable. Then again, just an IMHO and IANAL, so who knows.
Re:Who pays (Score:2, Interesting)
The worst part is these are the users we talk about who don't read the EULAs etc. Heck, these people have trojans all over their system (which put themselves up on the LAN network shares) because they run
Re:Who pays (Score:2)
As the name suggests, it's the peers that make peer-to-peer networks worthwhile. The people who are looking to make money aren't the ones doing the most work.
Re:Who pays (Score:2, Funny)
Re:Who pays (Score:3)
That has long been a thorn in my side, too. I figure that cable or satellite should charge, say, $5 or $10 for the basic satellite/cable service and deliver all channels that have commercials. After all, if they have commercials THAT'S where the revenue should be. Don't try to stick it to me with a subscription and bombard me with ads. That's just bogus.
I don't watch much TV, but that which I do I don't pay for. Charge me or give me commercials, not both.
Re:Who pays (Score:3, Funny)
Tired of paying for cable or satellite service? You too can now get your fix of cathode-ray-emissions for free with an amazing new device called "The Antenna." Yes, named for the sensitive perceptual apparatus of the insect world, "The Antenna" automagically receives and decodes audiovisual signals sent invisibly through the very air, with no unsightly wires running to your home, no bulky dishes to clutter up your family's roof, and best of all, no monthly service fees.
The small print:
Re:Who pays (Score:2, Informative)
Kazaalite download (Score:5, Informative)
http://www.kazaalite.com/lite/
The kazaalite.tk site doesn't seem to be up anymore.
Re:Kazaalite download (Score:2)
Re:Kazaalite download (working site) (Score:2, Informative)
http://www.kazaalite.nl/
The previous link was actually mentioned in the story too, it may just be slashdotted.
The irony is sweet (Score:2, Insightful)
Re:The irony is sweet (Score:4, Funny)
Ummm, how can you reconcile that sig with your post dated 07:22 PM April 25th, 2002? I'm beginning to suspect that none of the MCAA bashers are going to boycott TAOTC either.
Re:The irony is sweet (Score:2, Funny)
Comment removed (Score:4, Insightful)
Re:ummm yeah (Score:5, Insightful)
Apparently the whole Brilliant fiasco didn't damange their brand name. Nor did getting delisted by Download.com. Nor did being accused of being unethical by most of the major tech news sources in the United States.
The Kazaa brand name apparently came out unscathed by all of this, but just may be damaged by people using Kazaa Lite. Apparently, having a better user experience is going to lessen Kazaa's value in people's minds.
I am sure I am missing something here, but I just don't know what.
Re:ummm yeah (Score:2)
Quite, but what is Kazza if it is not a network for rippers who want to get toons for free. The whole Kazaa business model is to help people take the property of the music industry for free. So just why do these guys get suprised when their not-so-honest customers decide to deprive them of their revenue stream as well? Like just why did they ever think there was a business to be had out of infringement-ware?
The legalistic approach is somewhat humorous, while they might have a case it would be interesting to see how they would intend to bring it. The problem is that it is rather difficult to bring a suit in a jurisdiction while you are simultaneously evading a suit in the same jurisdiction.
Another problem they may have is that there is a longstanding principle that the courts do not arbitrate disputes between criminals, nor do they get involved collecting gambling debts or resolving a host of other issues. The defense might well be able to argue that the courts should not intervene in this type of dispute as a matter of public policy. Kazaa is arguably a program to facilitate contributory infringement for which there are no (or marginal) legitimate purposes. So it is iniquitous for the US taxpayer to arbitrate a dispute in which Kazza is attempting to protect its illegitimate revenue stream.
If the RIAA had a clue they would be in there handing the court an amicus brief.
There's a difference (Score:2, Informative)
Fair use? (Score:3, Interesting)
Yet it is wrong to take something you paid for (remember they provide it FREE - they dont provide it in exchange for spying on you and stealing your cpu cycles - they say FREE), rip it into another format (removing some of the superflous data), and trade it on their networks.
Get real, this is going to cause more damage to their legal cases than anything else.
Integrate (Score:2, Interesting)
Re:Integrate (Score:2, Interesting)
Ironically, the RIAA itself leaked an internal memo [dotcomscoop.com] which contains information that could help in cloning FT. Again, the RIAA's internal memo on FastTrack [dotcomscoop.com] is an excellent read. Perhaps, with the help of the RIAA, we can create our open FastTrack client.
Why didn't RIAA think of that? (Score:4, Informative)
Re:Why didn't RIAA think of that? (Score:4, Funny)
No Yuri!=RIAA... Come on guy, you answered you own question right there when you put "RIAA" and "had any brains at all" in the same sentence.
Re Hacked Spyware (Score:4, Interesting)
This would render any information gained worthless until scrubbed of the offending dirty data. And the scrubbing of dirty data would leave dirt, and/or scrub valid data.
Another option would be to Flood the home servers with pure junk traffic. Or maybe even both?
How about sending home a destructive payload? It should be easy to hack the data fields of the database so that it ends up running the DB server into the ground.
Any other ideas?
Brand-name damaged (Score:5, Insightful)
Yeah I can understand that. After all, consumers have associated the Kazaa brand with intrusive spy software. Removing the spyware does great harm the Kazaa brand, which everyone knows and expects to be full of it.
Re:Brand-name damaged (Score:5, Insightful)
You seem to think that the customers are the users. Wrong. It's the same funding model as broadcast TV: the customers are the advertisers. The users are the product.
Having a significant proportion of Kazaa users avoiding the ads damages its reputation with their customers, who can no longer trust their traffic reports as being surrogates for eyeball counts.
now they know how the media companies feel (Score:2, Insightful)
now they know exactly how the MPAA and RIAA feel.
ISP blocked? Use the network! (Score:2)
He could put it on the P2P network
But then, who can tell if the source is trusted? If I do a search and would receive a reply with "Hello Friend, Use This To Strip The Adware Of Your Client", I wouldn't download it in a million years.
But then, why keep all these attachment-viri floating around?
Edwin
my file-sharing flamebait for the day... (Score:5, Funny)
UpEvil.net reporters have just discovered a completely foolproof method for getting around adware and spyware in file/music sharing programs! Even better than the method described in this
Step 1: Uninstall all current file sharing progams on your PC
Step 2: When finished, simply start accquiring your music/movies through ethical and legal methods, like Emusic.com [emusic.com], or through an secret, ancient technique from the Far East called "Bu Yingt Hecd" (note from UpEvil medical staff: if you experience discomfort at the thought of supporting the corporate system through the given methods, we have found the best way to alleviate this pain is to cease the purchase/accquiring of corporate-produced music altogether)
(optional) Step 3: As an added bonus, install [redhat.com] a [suse.com] Free [debian.org] operating [freebsd.org] system [linux-mandrake.com] and avoid having to pay for Monopolyware [microsoft.com] too!
This has been your daily UpEvil "Kazaa-whores-are-a-bunch-of-cheap-whiny-fucks" post of the day. Thank you, and good night.
Re:my file-sharing flamebait for the day... (Score:2)
I think I just pooped my pants laughing. I couldn't have said it better myself, man
Brand names (Score:3, Insightful)
brand enhancement (Score:2, Insightful)
if anything, their brand is being enhanced. i for one would never use a piece of software i knew to be spyware...
Wild theory... (Score:3, Interesting)
1. RIAA hates P2P networks/P2P users snub nose at RIAA.
2. Kazaa releases P2P app with spyware.
3. P2P Users complain about spyware.
4. RIAA hacks (excuse me, anonymously funds a hack of) Kazaa so Kazaa makes no money through advertising/spying on users (KazRIAA).
5. P2P users switch from Kazaa to KazRIAA.
6. Kazaa closes down their network.
7. RIAA claims victory against the infidels.
DMCA (Score:2)
Just wait for the spyware companies to go under (Score:2)
I'm hoping not, and that therefore, they will soon wither and die, just another dot-com casulaty.
The delicious, unadulterated Irony of it all... (Score:5, Funny)
HAHAHAHAHA... LOL.
I'm still an atheist, but if God keeps things up like this, how will I have any choice but to believe?
Re:The delicious, unadulterated Irony of it all... (Score:2)
One would think that if one were intelligent enough to write a useful program, that one would understand that ROM downloaders and CD rippers probably aren't the best paying audience :).
You know (Score:3, Insightful)
But I think that, for the most part, that no one will disagree that there are people using p2p networks for the wrong reasons. The spyware makers have absolutely NO RIGHT to complain. Here's a simple analogy: Guy meets girl with boyfriend, guy steals girl, girl cheats on him, he gets upset. I've got one thing to say to the people who write the spyware for kazaa, you want to swin with the sharks prepare to get bitten.
Re:You know (Score:2, Insightful)
SURVEY SAYS..... BZZZZT!
Thanks for playing, have some rice.
The act of duplicating a file from one computer to another computer is not illegal, nor will it ever be.
Re:You know (Score:3, Informative)
Allow me to qualify.
"The act of duplicating a copyrighted file without permission from one computer to another computer is illegal, and always has been, save only for fair use."
Fair use claims also have to be made in court, btw.
(see http://www.copyright.gov/title17/ for more information. IANALBIPON/.)
Re:You know (Score:2)
So it's illegal to share the artwork I make with my friends?
Re:You know (Score:2)
Re:You know (Score:2, Funny)
Here's a simple analogy: Guy meets girl
ho,ho slow down egghead, can`t you use an analogy involving the tcp three-way-handshake or something this is
Dr. Damn interview on Zeropaid (Score:2, Informative)
Kazaa-Lite Still Has BDE? (Score:3, Interesting)
Jason
Re:Kazaa-Lite Still Has BDE? (Score:3, Informative)
Ooops.
Ad-aware removes some files that are part of KaZaA Lite that are meant to fool the modified KaZaA into thinking that the spyware is still there. You probably removed the "dummy files" that need to be in place to fool the KaZaA in KaZaA Lite.
You probably didn't have spyware afterall, but ended up crippling KaZaA Lite with Ad-Aware :-)
Anyway, why are you using that proprietary, closed source P2P tool anyway? Check out Gnucleus for Windows, a GPLed Gnutella client with swarming and SuperNode support, and tons of users without spyware, limits, or the RIAA on its tail: (http://www.gnucleus.net [gnucleus.net])
Just buy LimeWire - or use IRC (Score:3, Informative)
Or you could just go with IRC [irchelp.org] (obligatory link for newbies) and screw all that schmansy luser "p2p" crap. :)
Paranoia on replacement CL_CLINT.DLL (Score:2, Informative)
Biological Response to Unwanted Intruder (Score:3, Interesting)
Re:Spyware outside the states, legal? (Score:2)
Re:trading spyware free p2p programs . (Score:2, Informative)
I think he was saying that as long as programs include spyware, someone else will be there to release a castrated version.
Re:An embarrassment to open source / free software (Score:5, Interesting)
Re:An embarrassment to open source / free software (Score:2)
Re:An embarrassment to open source / free software (Score:2)
You have to make the source available from wherever the binaries are available from. So, if you provide the binaries from your box, and you provide the source from your box, then you would be OK, provided that the package containing the binaries mentioned that the source was available from there, and that it was easily possible to find the source. Does Kazaa have "addresses" like URLs? If not, how will the downloader find the source code?
Re:An embarrassment to open source / free software (Score:2)
Re:Ar the "Lite" programs actually ad-free? (Score:2, Insightful)
So it's not 100% ad-free, but all of the really egregious spyware stuff appears to be gone.
Re:How about a version that uploads unreliable dat (Score:2, Interesting)
What would happen if someone were to release a version that created bogus and unreliable information making their data collection unreliable and worthless?
The data would have to be indestiguashable from real data or at lease hard to distiguish and yet provide enough noise to make the current collection of data unreliable
Re:KaZaA (Score:2)
That said, why in the hell would anyone ever share files this way? Unix and its relatives have devised any number of ways to share files, complete with a multi-user/security foundation that despite its few flaws, is unparalleled.
Sure, they have a cool way to index files, but why not implement this as a seperate service? Oh, I forgot. Windows.
Nevermind.
Re:KaZaA (Score:3, Interesting)
By the way, try searching FT for "Tracy Mandeville" for documents. Apparently, she unintentionally shared her whole my documents collection. There's tons of homework questions, essays, and general school stuff there.
Re:ok (Score:3, Informative)
AD Aware just checks if the dll exists, and voila, you got a hit.