PDA

View Full Version : [IMPORTANT: STEALING YOUR VISITORS] Is KazAa spyware? I know BearShare is...


OC
08-09-2001, 10:13 AM
Some one posted in here that BearShare was spyware. Is Kazaa spyware? I recently found http://www.KazAa.com which allows you to search their network without their software (the search hasn't worked for weeks now). I was tempted enough to download their software, but my anti-virus software showed the attempts to change registries on my computer.

They seem to have a lot of users (I believe it is #4 or #6 on C|Net's Download.com). I was even able to find an MP3 of a rare song that was only released on tape millions of years ago (Perry Como's "I love you and don't you forget it", in case you're curious).

Is it SpyWare? What lists exist to check if it is? Pretty great Napster alternative (for downloading legal MP3 files), but I won't install it until a fellow geek gives me the go-ahead.

gethosted
08-09-2001, 03:19 PM
When I tried to install it, it would show at least 5 virus warnings that didn't even identify which virus scan they were from. The same happened every time I opened up the folder or tried to run the program.

mjames
08-09-2001, 09:18 PM
Another one that is most definitely a spyware program is AudioGalaxy. I tried it out and it was terrible.

I use MusicCity's Morpheus religiously. Anyone who hasn't should check it out!

Gumyeelo1
08-09-2001, 10:55 PM
LOL Morpheus is a bootleg of kazaa, they use kazaa server so doesn't matter if you use kazaa or morpheus you still download from the same server.. if you use morpheus and download a file that is unfinish. that file will have the "kazaa" and a bunch of numbers in it.

I haven't gotten any virus from the kazaa downloads.. but i gotton over 10 trogan. if you guys don't knwo what they are. they are prog that open a big back door for hacks.. so if you anti virus detect use this program "the cleaner" to get rid of the trogan cause anti virus won't do a thing to it.

LastActionHero
08-10-2001, 06:24 AM
I have never had problems using Morpheus. You can just about find anything you want. Never got a Trojan maybe because I have a firewall installed. No viruses.

Morpheus has licensed the technology from Kazaa and use it to provide their own services. Since there is no central server system somewhat like Gnutella protocol technically speaking everything doesn't go through a central server except if you use their website.

The next version of Kazaa will have copyright protection built in but Morpheus will continue to be in it's current avatar. So i will stick with Morpheus ;)

OC
08-10-2001, 12:12 PM
Morpheus is magnificient.

The only problem I have is that I actually have to disable my firewall software (Norton Internet Security / Antivirus) in order for it to be able to connect or download a thing.

The help section wasn't helpful. What rules do I have to set on my firewall so I can still keep myself protected while using Morpheus?

LastActionHero
08-10-2001, 12:35 PM
I use zonealarm no idea about Norton. It's simple with zonealarm the first time the program trys to connect to the internet zonealarm asks you whether the program should be allowed to connect or not. You can set the ports allowed also but that is only in the pro version.

mjames
08-10-2001, 01:18 PM
I want some more info regarding these trojans you can get. I know what they are, but can you get them for just downloading MP3 files from Morpheus? I have Norton Antivirus 2001 running that is updated, but I'm not able to run ZoneAlarm anymore since it crashed my system on SP1. Some sort of compatability issue. But I am on a dial-up, so I don't need it as much. Thanks. :)

Uneek
08-10-2001, 04:24 PM
Your talking about "MusicCity Morpheus" right? I did a search to download it myself and came up with that. :angel:

OC
08-10-2001, 04:40 PM
Yes, Musiccity Morpheus.


LastActionHero, Norton used to do that for software before I downloaded update files for it. Now that feature has dissapeared for many of my programs (including RealPlayer). I'm assuming many of the programs are all ready falling under another rule... if I could just figure out which rule that would be.

sdarken
08-10-2001, 04:51 PM
If the reports are correct, I would strongly recommend that webmasters here do not support KaZaa. This program installs a secondary piece of software ( TopText ) that adds it's own hyperlinks to sites that you visit using your browser. It's like a PPC search engine which hyperlinks from other people's sites - including yours. You lose traffic and the distributors of this software make money.

This is the same concept that Microsoft was trying to implement with their smart tags feature in IE6 but withdrew after public outrage.

You can read about this nasty piece of software that comes with KaZaa here on Slashdot (http://slashdot.org/features/01/07/31/2015216.shtml)

Uneek
08-10-2001, 04:56 PM
That's why i'll stick with WinMX instead. ;) :p :angel:

Steve_S
08-10-2001, 06:15 PM
I'm surprised no one picked up on the great point made by Senior Geek and defender of the truth "sdarken" :) Thank you!

This is a serious issue. The highest bidder inserts links on YOUR SITE without your prior consent using "TopText links" 6 million little geeks surfing around and they leave your site via a link you did not insert. If this continues, it represents a very serious threat.

I strongly suggest that you immediately email all your domain names which you want blocked to: support@ezula.com

I have not done this yet but I plan to very shortly.

HTH

Steve_S
08-10-2001, 06:26 PM
OK I see. I'm moving this to Making Money. That explains why we didn't have at least 75 posts. :)

OC
08-10-2001, 07:45 PM
I saw the Top Text option during installation. It is optional, but the box to uncheck is easily over-looked by the fast installer. It is only in the Kazaa software itself (which appears to have 3 other peices of "partner software" along with it).

I was able to get Morpheus to work (I had to delete a rule I had made too strictly), and I must sincerely thank the 3 or 4 GeekTalkers who persuaded me to try it out. I'm astounded I can find songs that were only released once in 1963.

How do you know you've received over 10 trojans through the Kazaa/MusicCity network? Anything I should be doing to prevent this? Perhaps I should scan my Shared Files folder.

hammer
08-10-2001, 07:53 PM
Several warnings have been issued from many sources concerning Napster Clones.

An issue that bothers me is the built in POP-UP banner ads which will slowly appear on your desktop, online and offline.

Attempts to remove any of these spy programs (a normal uninstall) will not eliminate the POP-UP banners.

They remain as these programs also change registry settings etc.

OC
08-10-2001, 08:05 PM
Bottom-line so far: Stay away from BearShare & KazAa.

With Morpheus, I did notice a pop up. I wasn't sure if it was from the software or MSIE. If I notice one more, I'll block the domain that servers them. So far, Morpheus has proven to be rather clean.

OC
08-10-2001, 08:27 PM
New: I'm pretty sure I just had another pop-up window for About/BargainDog come from Morpheus. They're served by popup.zmedia.com .

LastActionHero
08-11-2001, 01:54 AM
Strange, The last time I checked the ads were being served by doubleclick. The ads don't show up though because of some bug in the software. Usually the ads are shown in the bottom left corner 468*60.

About TopText I think this was discussed about a week back in this same forum and shot out a mail to support@ezula.com, but what's the gurantee that the domain will actually be blocked? Ezula does want to make money doesn't it? and more blocked domains more money they lose.

LastActionHero
08-11-2001, 03:08 AM
here you go

spyware
A technology that assists in gathering information about a person or organization without their knowledge. On the Internet, "spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties." As such, spyware is cause for public concern about privacy on the Internet.

Rhea
08-11-2001, 08:13 AM
(echo)I was just about to say almost the identical thing Aztec Summer did. Thanks for 'splaining this.(/echo)

Does anyone have a list of these spyware programs? I'm getting the creeps just thinking about this technology.

I know this is wandering a bit from the original intent of the thread, but what do you all think the webmaster's responsibility is in terms of protecting one's visitors from this breed of app? And how does one protect one's visitors?

LastActionHero
08-11-2001, 08:28 AM
This is the first result I got when I searched on google Very Comprehensive.

http://www.infoforce.qc.ca/spyware/enknownlistfrm.html

How do you protect your site's visitors. You can't, other than requesting people to download adaware.com and delete any spyware from their systems. That is why there was a huge outcry over MicroSoft's Smart tags because the webmaster didn't have any control over what could pop-up.

Edit: This the list of common programs/services software use to collect user data and send it to their servers

BrOdcast (dssagent)
Conducent DLL
Conducent
Comet Cursor*
Cydoor*
DoubleClick*
FlyCast
Gator*
Netsetter server
Onflow
Radiate
SpeedBit*
Web3000
WebHancer*

* indicates wide spread usage.

Steve_S
08-11-2001, 11:06 AM
An outstanding source for learning about Download Spyware:

http://grc.com/downloaders.htm


AND many other serious security issues!

cagey
08-11-2001, 08:27 PM
Let me get this straight - here we have a company that allows anybody to download copyrighted music without paying for it, and they are money making enterprise?

The record company lawyers are going to love this - a target with cash flow. I can hear them sharpening their butcher knives now...

LastActionHero
08-12-2001, 03:03 AM
Well not exactly. The company just provides the software and the lawyers can only stop the company from distributing the software. Since the technology is true peer-to-peer that is it not based on a central server, the company is not to blame. Anyone can licence the Kazaa protocol, what they do with it is upto them, they can use it for their intranet or setup a file swapping service. So tecnically speaking only the software can be stopped from being distributed on the internet. Someone else will come up with a software similar to morhpheus based on the same protocol and file swapping will move on.

OC
08-12-2001, 05:36 PM
In plainer English: In order to completely stop file-sharing of copyrighted songs on that network, the lawyers would have to go after each and every individual who downloaded the software (millions of people?) and legally force them all to stop file-sharing as well as distributing the sharing software privately.

The creation of peer-to-peer file sharing is not an ethical idea, but you have to give it credit for being brilliant.

:angel: Personally, I only use file-sharing to find songs that I wouldn't be able to get from stores or CDNow.com. I've also downloaded a Simpsons episode from 1994.

Radi
08-13-2001, 01:55 PM
Please ignore this!
Sorry

Timo
08-13-2001, 07:33 PM
I sent an e-mail to ezula.com asking to be blocked (as per the Slashdot story) and here is an abbreviated response....

"As a general matter, eZula does not exclude websites from viewing through the TopText plug-in on a
site-by-site basis. We apologize if misquoted statements in a Slashdot story gave the mistaken impression that we would do
so."

The part that irked me even more was their invitation to become a test advertiser... I sent them an appropriate response. :D


Tim

LastActionHero
08-14-2001, 02:33 AM
Originally posted by Timo


"As a general matter, eZula does not exclude websites from viewing through the TopText plug-in on a
site-by-site basis. We apologize if misquoted statements in a Slashdot story gave the mistaken impression that we would do
so."



So there is no way to get ones domain blocked? :mad: Anybody filing a lawsuit?

WildComputer
08-14-2001, 05:04 AM
I've been thinking about this, and it would seem to me there are a number of possible lines for counter attack

(None of this is a legal opinion, I am not an attorney, consult one)

Legal

1. It's not clear to me that pier-2-pier music tool is not contributing to copyright infringement.

If I were to stand at the road side giving giving away "free burglar kits and instructions", a sign post to various rich houses to rob, a list of people who will team up with your to help your act as a burglar, and make money by including an advertising flyer with each kit --- even though I'm not stealing stuff myself --- I am certainly contributing to somebody else's theft

Perhaps an attorney can look into this angle.

or better yet, maybe we inform the record companies.


2. The copyright on our sites is being violated by creating derivative works.

Somebody could register US copyright, prove visits to their site by people using this program, and then sue for $150,000 or more - at least as a test case.

There is a site to register copyright here: http://www.clickandcopyright.com/

Also, I think About, FindWhat and others would be extremely interested in how their PAYING ADVERTISERS are being essentially defrauded, and how in some cases the own advertising links are being redirected. In one case at least, the link goes to the same advertiser -- except the host site is not getting credit!



Consumer Pressure

1. An obvious thing would be to contact every advertiser using the TopText company and initiate a boycott

2. The primary source of distribution of this program would seem to be CNet, and they don't wish to remove this program

It seems like that some sites advertising on CNet are also victims - I wonder if they know.

There is a long thread about this at GetHighForums http://gethighforums.com/Forum10/HTML/001386.html
with some contact details of advertisers, CNet, etc.



Technical

1. I don't know if there's a way to block visitors with this plug-in. Maybe somebody can research it.

2. A surprisingly large number of shareware/freeware companies generate revenue from advertising etc., It would be great if they could be encouraged to include software in their programs or install package that detect or disables TopText

3. It is arguable the TopText part of this package is a trojan. At least it as some trojan like aspects. Users get it without realising, sort of by mistake, and find it hard to remove and unpleasant. If we could get Symantec to add it to their trojan list then it would be history. Would they? I don't know, but they might, particular in view of the fact it turns the Norton AntiVirus web site into a giant billboard for arch rivals McAfee.

OC
08-14-2001, 11:16 AM
Originally posted by WildComputer
1. It's not clear to me that pier-2-pier music tool is not contributing to copyright infringement.

If I were to stand at the road side giving giving away "free burglar kits and instructions", a sign post to various rich houses to rob, a list of people who will team up with your to help your act as a burglar, and make money by including an advertising flyer with each kit --- even though I'm not stealing stuff myself --- I am certainly contributing to somebody else's theft.Excactly why I said peer-to-peer file sharing really isn't ethical since the public is generalized as irresponsible.

Still, even if that does make sense and the RIAA won, there'd be know way to shut it down (without sending court orders to the millions of essentially anonymous users) and end distribution of the software. I suppose "impossible" shouldn't be said here. Maybe the RIAA would go crazy and hire a large task force and sue ISPs to block communications of certain software (Kazaa, BearShare, Morpheus).

WildComputer
08-14-2001, 11:22 AM
Well yes there'd be no way to stop the users swapping files

But potentially

- the company developing the piracy-facilitation-software (sorry this is what is, in more ways the one) would be shut down and/or banrkupted

- CNet (which is the main source of distribution of this program) and other programs would cease distributing this program

OC
08-14-2001, 11:39 AM
Originally posted by WildComputer
Well yes there'd be no way to stop the users swapping files

But potentially

- the company developing the piracy-facilitation-software (sorry this is what is, in more ways the one) would be shut down and/or banrkupted

- CNet (which is the main source of distribution of this program) and other programs would cease distributing this program Not just swapping files. You're forgetting that when there's a will among highschool and college students to find the software, there'll be a way. However, you are correct that distribution would probably be 1/4 of what it is now and would only continue to dwindle.... unless it becomes an open source phenom.

Swamper
08-14-2001, 01:16 PM
I was reading on slashdot and apparently the tag used to block IE6's SmartTags can be used to block this **** as well.

Just add this meta tag

<meta name="MSSmartTagsPreventParsing" content="TRUE">

No need to email them.

LastActionHero
08-14-2001, 01:27 PM
Hmm AFAIK MS dropped the concept of smart tags in IE 6.0 and they didn't come out with any META tag to prevent smart tag usage. So where did the tag come from?

Swamper
08-14-2001, 01:31 PM
http://www.microsoft.com/windows/ie/preview/smarttags/default.asp

...at bottom

LastActionHero
08-14-2001, 01:46 PM
News.com article (http://news.cnet.com/news/0-1003-200-6399150.html?tag=mn_hd)


Although the Smart Tags feature was included in Internet Explorer 6, the Web browser that is bundled with current beta versions of Windows XP, it will be dropped from the final product.


From Slashdot (http://slashdot.org/articles/01/06/28/0720220.shtml)

Erbo writes: "CNET reports that Microsoft has decided to drop Smart Tags from Internet Explorer 6.0, the version that will be packaged with Windows XP. They may be resurrected later, though, so don't yank those META tags out of your pages yet. Smart Tags are still part of Office XP, too."

No smart tags in IE6.0 final.

JeremyL
08-14-2001, 03:04 PM
Originally posted by Swamper
I was reading on slashdot and apparently the tag used to block IE6's SmartTags can be used to block this **** as well.

Just add this meta tag

<meta name="MSSmartTagsPreventParsing" content="TRUE">

No need to email them.

THIS TAG DOES NOT BLOCK Ezula! Sorry.

On another note.

This is from: http://www.whirlywiryweb.com/q/ezula.asp

Important. The uninstall procedure as outlined by Ezula is inadequate as it leaves EZulaBootExe (and EzulaBoot if you downloaded Ezula from the Web) sitting. These are Ezula's download/installer components. The EzulaBoot component allows to REINSTALL TopText through a Web page even, invisibly, without the user's knowing.

Steve_S
08-14-2001, 05:38 PM
Here is a very good article on the issue of P to P file sharing. Some neat discoveries about "off shore" companies engaged in this business.

http://www.technologyreview.com/magazine/sep01/mann.asp

WildComputer
08-15-2001, 06:56 AM
I think the most immediate action we could take is to look at the distribution which is primarily from CNet.com

According to the thread at GetHighForums.com, CNet are aware of the insidious nature of this program but consider it acceptable (see the email posted there)

But... many CNet advertisers appear to be victims of the program too as it defaces there sites and steals their content

I think therefore a good form of consumer pressure would be to make those CNet's advertisers who victims aware of this issue

If somebody has the program installed, can they find look around www.cnet.com for banners / search integrations / etc. for Cnet advertisers, find which advertisers sites these link to and if they are defaced. (screen shots would be good)

I am sure that these CNet advertisers would be interested in knowing that they are paying to advertise on a site (CNet), and that same site considers it acceptable to deface their site and steal traffic.

Kaiosama
08-16-2001, 03:39 AM
True ptp programs are very slow (up to a couple of days for a match) and aren't too popular. Napster wasn't one and it doesn't looks Kazaa is either. It looks like it connects to server to get a listing of matching files similar to Napster. So just shut them down and Kazaa is essentially dead, it doesn't matter if their software is floating around.

Also once a precedent is set it won't be too hard for the likes of the RIAA to shutdown such services. Costs should decrease dramatically.... But their is an extremely large number of ptp services active right now and taking them on one by one will be very hard. I guess they would have to pass new laws to make it as illegal as distributing drugs. :)

As for the toptext arguments, if the "modification of other's websites" is is illegal (or works in the court) then I guess you can put down those ad blocking programs too.

Steve_S
08-17-2001, 11:44 AM
I like the energy in these threads. Lets all please try and focus our efforts on defeating TopText and other similar ploys and continue to spread the word.

MattC sent me a screen capture of TopText hijacking MY advertisers links in the text advert at the top. The screen is posted in our new SCUM!!! Screen Captures Forum which I just opened and enabled [IMG] tags.

Go to:

http://66.33.83.213/forums/forumdisplay.php?s=&forumid=55

Please read the sticky post titled Forum Rules for guidence.

I am the proud owner of:

stopscum.com
stopscum.net
stopscum.org


Look for an opening in the not to distant future. I may have to split and or combine our threads on these issues to insure we stay focused on a given issue and a thread is easier to read. I hope everyone understands and thank you all for your help and cooperation.

Click Here!