|
| T O P I C | |
|
Trojans V Spartans, Part DCLXVI
April 28th 2002, 18:06 CEST by m0nty Most Web users would be familiar with the old browser wars, which were at their most virulent when Microsoft Internet Explorer and Netscape Communicator would continuously fight over your registry entry as to which was the default browser. The "adware" industry now has its own bloody battlefield, with AdAware and the Slashdot-inspired forces of good against the adware and spyware programs like Gator, CyDoor, Alexa and Comet Cursor, usually installed as "trojan horses" with free software sharing apps. The match-up was never going to be fought using Marquis of Queensberry rules, but the latest tactics have become downright dirty - striking at the installation of the programs themselves. LavaSoft's AdAware app has built a reputation for being a reliable anti-adware program, but it has suffered its own attack from a Slovenian-made applet called RadLight, an otherwise unremarkable DivX multimedia player which in its 3.03 version uninstalls AdAware, and includes a full disclosure of this within its 1100-word EULA. When installing RadLight, a document is displayed explaining that the program comes bundled with two "small optional programs from other companies." The programs include WhenU.com's SaveNow browser shopping "companion" and New.net's Web navigation plug-in. According to the document, "You are not allowed to use any third party program (e.g., Ad-aware) to uninstall application bundled with RadLight. Such programs will be removed." The anti-adware movement is responding with its own uninstall tactic, with a US college student calling himself Dr Damn releasing versions of the file sharing programs which usually carry the adware programs free of third-party software. Although he is apparently not the first to do this, the news of his work did get slashdotted, with some users even expressing distrust at Dr Damn's motivations. I'd be very suspicious of 'cleaned' applications floating about on p2p networks. Whilst it's likely the author had your best interests at heart there's some chance he didn't. It wouldn't be too hard to build a trojan into one of these, and if it were done well you could have your trojan version of kazaa send requests onto the network that immediately identify to anyone watching that it's an infected copy. Personally, this is yet another good reason for me not to use P2P networks. What about you, especially all you donkey riders? Are you prepared to have adware drones and anti-adware hacktivists fight over your registry? Are you going to read EULAs of freeware progs more closely in future? Is there anything more than comedic value in these shenanigans, or is there some important ideal actually being contested? |
| C O M M E N T S |
|
Home »
Topic: Trojans V Spartans, Part DCLXVI
|«« - Previous Page - Next Page - »»| |
|
#2 by HoseWater w00T! Chalk one up to living the shut-in life. Guess you haven't seen any alligators then, have you? :P ... These aren't the craps you're looking for ...
|
|
If you agree to something, then you agree to something. End of story. You cant tell a judge, "Well, the agreement was really long, so I decided not to read it before I agreed." That reminds me of some Wav. music app. called the "little drummer boy". Before being able to run that app, you needed to find & install some useless software. Then, during the installation process of this thing, whatever it did, you had to go through a 50 questions quiz about the licence agreement. You're right about reading it! But I'm not sure that you would want to sit for half an hour answering questions about the licence agreement off some app, especially if you fished it out of some warez site... |
|
I use adaware about once a week, and would consider its removal by another app to be an assault on my computer. Would that I had the knowledge and the time to fire back. I think people will start actually reading the EULA's. Or at least search them for spyware inclusions. Particularly for small downloaded apps. I have been doing it lately, and I do not see myself as overly paranoid. The thing that really bothers me is: Now that sombody has decided to use the ability to uninstall other applications during an install routine, who is next?. Will you install the newest version of the RealPlayer virus and find that Media Player does not work anymore? IE breaks Netscape? (oh wait, that already happened, they just did not tell they were doing it at the time.) re: This article So Altnet, as conceived now, is primarily a way to distribute secure content. One hundred percent secure. Users cannot propagate their own content through Altnet Quite honestly, this is bull. The only thing this makes me 100% sure of is that there is group of clowns out there right now ripping through the code for this thing, trying to find a way to appropriate the p2p clients without Altnet's knowledge. And I am almost as positive that they will find a way to do it. |
|
Quote: [You cant tell a judge, "Well, the agreement was really long, so I decided not to read it before I agreed."] If you have enough CAPITAL, you can. What's interesting about the judicial system here in NY (or the entire North American sector) is that without proper representation, the court systems can render your request/ pleas virtually useless! No capital, and you may have to rely on legal-aid appointed liars---er, I mean, lawyers! Who are people who _really_ don't_ give_ a _damn_about_your_case. You need capital to refute such a case. the male battle-D |
|
Durzel: How can I find out if BDE is installed on my system? I installed Kazaa a while back and would like to make sure it's not on my system. I'm assuming it's not something that makes itself obvious on my system...? Dear Briefcase, how are you? I hope you are good. Has anyone captured you yet? Please write back! XOXO
|
|
No its not obvious. I installed Adaware today and watched about 41 files get removed half of which was Bde. On 2002-04-18 04:47:00 Some Sick fool said this.
"awww yeah, buzz baby, buzzzzz just for me." |
|
Is BDE listed in the Add/Remove Programs form in the Control Panel? I think I'll check out AdAware when I get home from work -- sounds like a useful app. ... These aren't the craps you're looking for ...
|
|
OmegaFoRCe: There was something like b3d projector in Add/Remove Programs on my system. That thing is definitely BDE, but there might be something else apart from b3d. Kittens fucking burn.
|
|
Caryn, jsut uninstall Kazaa and put in KazaaLite. Exact same thing, just no spyware. Bad game designs are the new crates
-Greg |
|
I picked up the b3d projector somewhere else because I've never used kazaa, I wonder which program gave it too me? EvilAsh's pet crocodile
|
|
JJ that story was spot lighted on Ripley's Believe it or Not. The american Croc is tiny in comparison to most gators. On 2002-04-18 04:47:00 Some Sick fool said this.
"awww yeah, buzz baby, buzzzzz just for me." |
|
Uninstalling ad-aware isn't the scary part of Radlight. After this was posted in the IRC channel I ran down the radlight site, and it's forums. The creator was defending his inclusion of adware. Just before the version that uninstalls ad-aware was released he call both ad-aware and ZoneAlarm bullshit software, for the simple fact they can uninstall or block spyware (most firewalls can do that). Kind of makes you wonder if he plans on uninstalling firewall software at some point. Also interesting that with some versions of radlight you can opt-out others you can't (the included spyware also changes every few releases). Not that opting out helps at all since it's programed to only run if the spyware is installed anyway. |
|
I could not be paid to use KaZaA these days. Even since before the Morpheus split, the whole thing was shaky; and now, while I'm terribly fond of what I hear about the Lite version, I just can't see it as being anything I want to get anywhere close to. Is there really a bunch of whoopin' content to be found there that isn't also found on WinMX or the Donkey? FastTrack == "Danger, Will Robinson! Danger!" Also, just the other day, I found a pop-up advert that installed a toolbar in IE. How this happened, I have zero idea; I remember adding something called "Desktop Search" to my pop-kill list, then a few minutes later I opened a new window, and there it is, inviting me to click and get "Desktop Cash." I'd sooner click a button that said "Desktop Herpes." How many firewalls is an appropriate number to run, these days? two? three? ALL? It isn't just the use of p2p networks that makes one susceptible, although that surely helps. It's going to get a whole lot worse before it gets better. Don't forget your jimmy-hats, folks. This is no time for a slow PC!
|
|
If there is an option to remove BDE from Add/Remove programs, you can guarantee it wont remove everything. The latest version of AdAware will remove BDE/b3d entirely from your system. Best bet is to uninstall Kazaa (and BDE if it appears in Add/Remove programs), run AdAware to clean your system of everything Kazaa/BDE wont remove in the uninstall, then install KazaaLite. One point I should add is that KazaaLite installs a dummy DLL that mimics Cydoor (but without the spyware functionality) - without this Kazaa(Lite) doesn't function at all. You should make sure you ignore all AdAware detections of Cydoor related DLLs AFTER you have installed KazaaLite. This is why it is important to run AdAware before installing KazaaLite, to purge your system of everything spyware related. Hope this helps. |
|
Uh... what if there's other, non-Kazaa-Lite related Cydoor .dlls that show up? Drinking is fun! It makes me feel horrible and sexy!
|
|
That's why he said to install AdAware and have it remove all spy programs PRIOR to installing Kazaa lite. That way if it detects anything following Kazaa lite's install it is more than likely the cydoor dummy dll. Of course I could be mis-reading your statement -- you may be leaning in the direction of "After I install Kazaa-lite, does that mean my Cydoor Removal functionality of AdAware is effectively neutered?". If that is your question, I'd believe the answer is probably "yes". Only Space Alligators know for sure. ... These aren't the craps you're looking for ...
|
|
From Kazaa's EULA: (b) You hereby grant BDE the right to access and use the unused computing power and storage space on your computer/s and/or internet access or bandwidth for the aggregation of content and use in distributed computing. I find this highly questionable, even if it is in a EULA.Most of the time my computer is sat idle, except for when Im playing games - does this mean BDE has full entitlement to use the 40 odd Gb left on my HD, and 99%+ of my CPU when I'm sat on IRC? Presumably so, since I will have given them the right to. EULAs are all well and good, but is it unreasonable for the general public to assume that completely unrelated and invasive third-party programs that have absolutely no relevance to the product you are installing will be installed? I'm struggling to think of a decent analogy here - but to me it seems roughly akin to buying a rowing machine and finding a paragraph hidden away in the invoice that says by installing the equipment in your home gym you are giving anyone carte blanché to use your entire gym whenever they see fit. Ok, so its a very poor analogy. |
|
Uh... what if there's other, non-Kazaa-Lite related Cydoor .dlls that show up? I have no idea whether or not the real Cydoor will install itself over dummy DLLs (with the same name) that KazaaLite will install, so in that respect I can't say for certain whether or not you are forever protected from the evils of Cydoor. What I meant originally (as OmegaFoRCe reiterated) is that after having uninstalled Kazaa/BDE, run AdAware and purged your system of everything unsavoury you would be in a position to install KazaaLite safe in the knowledge that the Cydoor files AdAware will report after it is installed are fake. Unfortunately AdAware works on the names of files/folders rather than any intelligent heuristics - which is a shame really. |
|
EULAs are all well and good *blinks slowly* Give 'em an inch, they'll take a mile. This is no time for a slow PC!
|
|
(b) You hereby grant BDE the right to access and use the unused computing power and storage space on your computer/s and/or internet access or bandwidth for the aggregation of content and use in distributed computing. Thinking about this in more detail, it seems very sketchy... The term "computer(s)" is particularly interesting. Since I don't know the ins and outs of how BDE works I can only presume that once you've installed it on one machine, it must either propogate itself to other machines on any network it can see (much like a virus) or will just use any and every storage area - including network shares - for its wonderful distributed content providing system. So - if I installed Kazaa at work, surely wouldn't I be granting BDE the rights to use the "unused computing power and storage space" on the entire work network? |
|
I just can't see it as being anything I want to get anywhere close to. Is there really a bunch of whoopin' content to be found there that isn't also found on WinMX or the Donkey? I use it (well, morpheus now) because I have trouble finding anything good on the donkey unless I get a link from sharereactor or another site. The search itself doesn't seem to do much for me. EvilAsh's pet crocodile
|
|
jafd #27 No you misunderstand me - I'm not questioning EULAs persay, I'm simply questioning whether or not most people would expect these sorts of third party programs to be installed with a simple music sharing system. If a EULA for a piece of software stated somewhere in the mire of disclaimers and statutory rights declarations that by installing the software you were giving the publishers the non-exclusive rights to drive your car about any time they liked - would anyone actually expect that as a clause for a piece of software? And more importantly, would it stand up in court? (I'm not making assumptions here, I'm genuinely curious) |
|
FUCK YOU ALL!!!!!!!!!!! YOU WILL ALL DIE!!!!!! ah yes, that was good. My impression of a german is getting better and better. Joker, Ph.D. Procedural Assholian Behaviour, Pedophilosopher
- All your ass are belong to my wang Jafd. Prepare to are penetration. |
|
Thinking... Joker, Ph.D. Procedural Assholian Behaviour, Pedophilosopher
- All your ass are belong to my wang Jafd. Prepare to are penetration. |
|
Thinking... Joker, Ph.D. Procedural Assholian Behaviour, Pedophilosopher
- All your ass are belong to my wang Jafd. Prepare to are penetration. |
|
Wow! Joker has begun the journey into thought! Congrats! ... These aren't the craps you're looking for ...
|
|
If a EULA for a piece of software stated somewhere in the mire of disclaimers and statutory rights declarations that by installing the software you were giving the publishers the non-exclusive rights to drive your car about any time they liked - would anyone actually expect that as a clause for a piece of software? And more importantly, would it stand up in court? No, and No. Both for the same reason that clause has nothing to do with using the software. Adware is different tho since those third party apps are there to provide money to the creator (and it's resonable that a creator should be paied for his work). However most of these things end up using a much longer EULA then needed, then hidding what's installed at the very end. Needlessly making the contract longer in a blatent attempt to get people to stop reading before they get to the section they may not agree with. |
|
Does joker ever talk about the topic on hand? Or is that beyond his grasp? On 2002-04-18 04:47:00 Some Sick fool said this.
"awww yeah, buzz baby, buzzzzz just for me." |
|
I could mention something about bringing aligators into debates. But, I won't... professional philosophical level design monkey.
|
|
If you actually knew the whole story you wouldn't be making comments sunshine. And that ends up making your point moot. On 2002-04-18 04:47:00 Some Sick fool said this.
"awww yeah, buzz baby, buzzzzz just for me." |
|
The bottom line, is that if it is in the EULA, it is legit. Basically, you are getting free software, the reason you are able to get free software, is because it is financed on the back end with things like advertising. If you agree to let them install this stuff, then that is that, you agreed. The alternative, and this is just like the warez argument, is that you answer NO to the eula, and the setup program exits, and all is well. I don't fault the creators of this stuff for installing the crap, provided it is in the EULA. Installing a program that is supposed to be paid for by allowing them to do other things with your computer that you agreed to, then breaking it with something like ad-aware, is not cool. I do fault them for being sneaky about it. © 1968-2002 Robert 'HoseWater" Lloyd
|
|
but not half as moot as your original "point" about alligators. It was either so dumb as to be incomprehensible, or so massively intelligent that it's beyond the abilities of us mere mortals to comprehend it. I know where my money's going, "sunshine" Eradicators! - www.eradicators.co.uk
|
|
Damn you for breaking the continuity HoseWater. Damn you to heck! Eradicators! - www.eradicators.co.uk
|
|
Neale ,.. I was involved in the topic of xbox.. before I got dragged out of it because someone can't keep their mouth shut and actually do as they say. But because I respond to him , I get blamed for it. 2 others did notice this. And I will repeat till the oceans dry out.. it takes 2 to tango. On 2002-04-18 04:47:00 Some Sick fool said this.
"awww yeah, buzz baby, buzzzzz just for me." |
|
Leslie Nasser Thank you for putting up that SoF2 server last night, I had a great time. (grumbling) would have had more kills if it wasn't for everyone using FORCE PUSH to knock me off the stupid ledge. /puts on shiny cowboy hat and leaves to go alligator hunting. |
|
Sorry man. It wont be much of a discussion if someone does not pick up the baton for the other side. :) © 1968-2002 Robert 'HoseWater" Lloyd
|
|
But you really need 3 or 4 for a really rousing game of Twister. Will warez for food.
|
|
Then for pity's sake - sit this dance out. Please Eradicators! - www.eradicators.co.uk
|
|
Damn, #43 was me. |
|
GOD DAMN IT! Will you all stop posting before I do?! Gargh! Eradicators! - www.eradicators.co.uk
|
|
EvilAss Neale ,.. I was involved in the topic of xbox.. before I got dragged out of it because someone can't keep their mouth shut and actually do as they say. But because I respond to him , I get blamed for it. 2 others did notice this. And I will repeat till the oceans dry out.. it takes 2 to tango. I posted a link. I said nothing about the topic at hand, or the subthread that was going on and I certainly didn't say anything directly to you. I posted a link that you, for whatever reason, decided was an attack against your person and you started in on me. So in short, bugger off. WoT?
|
|
In response to the original question posed at the end of the topic: I don't care. I run Ad Aware and Norton Firewall so I catch most of the junk. And I uninstalled Radlight and got BSplayer instead when I heard how Radlight worked. EOD. "that fatty crocodile! what a glutton!"
- Kayin |
|
Warren it was an attack on me don't fucking lie. You used that same link before while we were arguing in another topic. And if that was aimed at someone else. Just say who it was about instead of fucking be so ambigous about it. On 2002-04-18 04:47:00 Some Sick fool said this.
"awww yeah, buzz baby, buzzzzz just for me." |
|
Ash, does your lower jaw detach? just like your avatars does in the movie? Actually, I don't have a grudge against you.. I just felt like saying something mean ;| sorry you were the target. "If it was so, it might be; and if it were so, it would be; but as it isn't, it ain't. That's logic." -- Lewis Carroll
|
|
#49 by Warren Marshall I posted a link that you, for whatever reason, decided was an attack against your person and you started in on me. It could be because A) you posted that link in another thread, more or less pointing to EvilAsh while doing so and B) posted it again after BobJustBob said that "Reading EvilAsh's post is like reading Emily Dickinson... it makes no sense and random words are capitalized.", wording your quote "I'm telling you ... Says it all." I'm in no way saying that Evil is innocent and IMNSHO he drew first blood, but also IMNSHO you are fueling the flames. Feel free to do so but don't go telling him to bugger of afterwards. "that fatty crocodile! what a glutton!"
- Kayin |
|
Ash, does your lower jaw detach? just like your avatars does in the movie? Actually, I don't have a grudge against you.. I just felt like saying something mean ;| sorry you were the target. Me speakee good engrish. "If it was so, it might be; and if it were so, it would be; but as it isn't, it ain't. That's logic." -- Lewis Carroll
|
|
Wording your post, not quote. "that fatty crocodile! what a glutton!"
- Kayin |
|
I picked up the b3d projector somewhere else because I've never used kazaa, I wonder which program gave it too me? For those of you who are not webmasters i will tell you now what b3d projector is. Basically its a plugin used on a webpage to display movie-like animations. In the case of Kazaa its installed because Kazaa's website uses b3d advertisements and you need the projector to view them. There are sites out there that make cartoon episodes using the b3d plugin on their site for peoples enjoyment. As for the distributed computing component that was recently added to the projector you can read from brilliant's website that the Altnet computing features are purely optional which means they dont run automatically. You can read brilliant's privacy policy which may sound suspicious is not very different from most privacy policies around the globe. I am sure this will not convince most people but not everything you see is suspect. b3d projector is not spyware. It's just not easily removed like many types of software.. windows ;) |
|
Martin ,I tried really. You know its funny. I went back through the archives and began reading From when Pc first came back with morn. And Looked at Warren's first posts. And I realized that he is not just an asshole to me. He has been pretty much an ass to everyone at some point in time. I also noticed that for about 9 months.. I had no problems with him. I noticed his flame wars with Jafd. And suprisingly no one else jumped in and went after jafd. I read other threads where he argued with other people and it was just him and that person. But after Andy disappeared and I was away for about 3-4 months when I returned and made that first post. That he took personally for some reason.. I still haven't found that specific post I made. I read about 2000 friggin posts over various threads and I still haven't found it. I wish Pc had a search feature. It would make it alot easier. Cause I would like to end this once and for all. On 2002-04-18 04:47:00 Some Sick fool said this.
"awww yeah, buzz baby, buzzzzz just for me." |
|
What if Ad-Aware itself came packaged with spyware? Think of the killing Lavasoft could be making. |
| C O M M E N T S |
|
Home »
Topic: Trojans V Spartans, Part DCLXVI
|«« - Previous Page - Next Page - »»| |
| P O S T A C O M M E N T |
|
|
| C R A P T A G S | ||||||||
|
|
| There are currently 0 people browsing this site. [Details] |
Powered by blah 0.9.1-dev •
PlanetCrap is © 1997-2035 Hendrik "Morn" Mans
|