|
Register | FAQ | The Twelve Commandments | Members List | Calendar | Arcade | Find the Best VPN | Today's Posts | Search |
BearShare Open Discussion Open topic discussion for BearShare users
Preview this popular software (BearShare Beta v5 "Download") |
| LinkBack | Thread Tools | Display Modes |
| |||
*Spy Packets found NOT Onflow or Savenow 2.2.4 Vinnie the God and dictator of Gnutella has decided to heavily censor his board, meaning he can't stand not having control over what is posted about his spyware. He has started deleting any messages that don't support his program, so the forum there is now worthless. This is the only place where this can now be posted, I hope this forum stays open! Here's the thread: Code: "Spy Packets not Onflow message being passed around" Posted by Stacker (Guest) on May-08-01 at 06:16 AM What is with this message about spy packets? Is this true? This is a file being passed around on the network I found Bearshare sends out secret packets and passes them around the Gnutella Network disguised as search replies. Bearshare filters them so you don't see them! You need a special program to see them! They can't be easly tracked back to their source! SHARE THIS INFO FILE BACK TO THE NETWORK! GET THE WORD OUT! SPREAD FAR AND WIDE! The question is why does Bearshare need to do this? Why scramble the packet? Why not make the data human readable? Is this part of the SPYWARE we have been hearing about? Is your MAC address in it? (network interface card ID can identify your computer as unique) Did the RIAA pay Bearshare to put your personal information on the net? Did the MPAA make a legal threat and Bearshare caved in? Is he just insane? Did UFO's make him do this? Who knows!!! I found these messages on a public forum called the "gdf" where developers hang out: From: Nate <web1@p...> Date: Sat Apr 21, 2001 6:00am Subject: Strange Query Hit packets While working on some routines, I found a strange scrambled packet, it's always 175 bytes and very well formatted for Gnutella. Any idea what this is? The IP address is never correct in the packet. Here's a sample I captured: ----------------- Query Hit Data 01 B4 16 16 B4 F2 48 38 00 00 00 01 00 00 00 AF .4..4rH8......./ 00 00 00 A1 B3 D0 A9 E0 99 A0 B1 FF FE D9 EF 93 ...!3P)`. 1.~Yo. EE C5 91 D5 80 85 AA B0 F2 97 E3 F6 CD BD D2 A1 nE.U..*0r.cvM=R! A0 F9 C2 A9 94 8F D0 EE D6 C0 BA EE BE CA B9 DF yB)..PnV@:n>J9_ A2 A9 8B B9 88 AE E9 95 C4 D9 AB 99 F1 E4 B6 B7 ").9..i.DY+.qd67 F8 D0 97 9C 86 C9 D9 F8 8B 87 AA B9 DF C9 A1 B5 xP...IYx..*9_I!5 D3 E4 C8 95 CD BF 98 CB E7 E5 8E 91 E0 C7 B3 C4 SdH.M?.Kge..`G3D AF 87 CE 82 94 C6 BF FF EF 92 A6 D9 A3 E4 B8 90 /.N..F?.o.&Y#d8. AF EF B7 A8 E3 E6 E4 D7 96 DC 85 F9 8E FE 88 93 /o7(cfdW.\.y.~.. CA 83 A5 BC C9 BD 9E DF FC C2 A6 CE C0 00 00 53 J.%<I=._|B&N@.... C4 35 BE 55 AD 07 72 FF F3 F1 B6 67 D4 6D 00 XX D5>U-.r.sq6gTm. ----------------- Bytes = 175 ----------------- Query Hit Data 01 7B B1 B1 7B C6 EC 38 00 00 00 01 00 00 00 AF .{11{Fl8......./ 00 00 00 A1 AA C4 D5 99 CB E8 C2 FF D0 82 F9 F3 ...!*DU.KhB.P.ys E7 91 E4 F3 B2 E5 AC 95 ED 89 D7 A4 D1 DD D9 F7 g.ds2e,.m.W$Q]Yw C5 A1 C0 9C 89 A6 9C B6 D7 89 9D 89 F3 DE FE C7 E!@..&.6W...s^~G A0 DC D2 8F 88 E3 CE BF F7 CF AB AB D8 9D C5 92 \R..cN?wO++X.E. E9 B6 97 C1 B0 E4 99 EB A2 ED E6 DC 9F C5 EB 8B i6.A0d.k"mf\.Ek. EF 8D EC AC 8D A8 B5 80 D7 E1 E4 AB B3 DE 83 C7 o.l,.(5.Wad+3^.G BD C8 81 98 BD C8 8F FA 84 A0 CA D8 B9 AA EC F6 =H..=H.z. JX9*lv 83 EF D3 FB 90 97 A4 FF E0 E7 F4 AB EF A3 D3 C5 .oS{..$.`gt+o#SE EE B1 C5 D1 B2 97 C9 BB B1 AB 8C 9E C0 00 00 53 n1EQ2.I;1+..@.... C4 35 BE 55 AD 07 72 FF F3 F1 B6 67 D4 6D 00 XX D5>U-.r.sq6gTm. ----------------- Bytes = 175 ----------------- Query Hit Data 01 4D 75 75 4D 1E 9D 38 00 00 00 01 00 00 00 AF .MuuM..8......./ 00 00 00 A1 9E DC 96 AF AA 8B AE FF DD FE DB D0 ...!.\./*...]~P 99 C3 83 A5 8A A5 A1 93 FD E4 8F 9C AA DD DA C8 .C.%.%!.}d..*]ZH CD E9 BF C8 D0 D3 D2 A6 D4 A8 D9 92 C5 D0 E0 A7 Mi?HPSR&T(Y.EP`' A0 B3 B0 9D 97 96 D8 82 C4 8B AB C3 E9 9B A8 D1 30...X.D.+Ci.(Q AE EE 97 DA C8 A0 DE 96 87 A2 CA AD 9F DF E7 AA .n.ZH ^.."J-._g* B4 BD 9D DA 8D AE CB 91 C6 9E CD 98 D8 C2 A3 C1 4=.Z..K.F.M.XB#A FE C0 B7 F4 A1 F5 CF FB DB E4 EE E7 D3 86 96 91 ~@7...!uO{dngS... 8B EE 83 99 9D D4 8D 8A DF C2 C6 C0 88 9E 8D F4 .n...T.._BF@.... DC D6 D6 B6 82 CF A5 93 F9 A6 EE FE 80 00 00 53 \VV6.O%.y&n~...S C4 35 BE 55 AD 07 72 FF F3 F1 B6 67 D4 6D 00 XX D5>U-.r.sq6gTm. ----------------- Bytes = 175 ----------------- Query Hit Data 01 5A 87 87 5A 0B EC 21 00 00 00 01 00 00 00 AF .Z..Z.l!......./ 00 00 00 A1 90 98 A3 C6 E7 EF D9 FF C5 83 DE E3 ...!..#FgoY.E.^c B8 CB D5 A3 A1 A9 C9 9E 96 E2 A0 EC AB CF B6 BA 8KU#!)I..b l+O6: FB B4 E6 D1 F1 B0 A6 FB AB 8A 9B BA E8 BE DA 8D {4fQq0&{+..:h>Z. B0 98 E6 D2 98 B1 B4 89 DA 9A D5 FC A5 96 A1 E3 0.fR.14.Z.U|%.!c D8 99 CA E6 B6 D8 A1 A6 8B F9 BD AB D1 D6 E8 BA X.Jf6X!&.y=+QVh: E8 97 EC E1 CD A2 FE A1 DA DD DE B5 AC 88 E2 88 h.laM"~!Z]^5,.b. 96 86 EA EC FD BB BF F8 D7 C8 B6 D7 B7 ED AB 82 ..jl};?xWH6W7m+. 98 80 85 C1 DA C0 93 D7 A1 EC E1 C2 B2 BF FF AE ...AZ@....!laB2?.. F5 E1 E2 E6 85 BD D4 F7 A8 B5 DE E2 C0 00 00 98 uabf.=Tw(5^b@... 66 FE 71 6D 1C 24 FD FF ED D3 8F 40 1A 8A 00 XX f~qm.$}.mS.@... ----------------- Bytes = 175 ----------------- Query Hit Data 01 F7 0E 0E F7 0B B6 21 00 00 00 01 00 00 00 AF .w..w.6!......./ 00 00 00 A1 B8 E9 B9 AE E6 DB A0 FF F7 84 82 CF ...!8i9.f .w..O C5 F7 9C FE B3 C9 C3 82 B0 B8 A0 C1 B5 EF BA FB Ew.~3IC.08 A5o:{ 8C BF F9 FE E3 87 82 A3 A9 CD 92 EC A8 B5 FD C5 .?y~c..#)M.l(5}E B3 88 DB B0 FF DA D0 C4 B3 8C D5 AD C7 A3 F1 E1 3.0.ZPD3.U-G#qa B1 EB CA 82 B9 E0 F8 DC F2 EA 87 8E 91 C2 D0 F7 1kJ.9`x\rj...BPw DC 97 B6 DD 8D BB FD CF CC E3 80 91 C2 C1 D2 8D \.6].;}OLc..BAR. 98 95 C7 EC EB F4 AF FE F7 B3 F3 98 E0 A4 B0 D0 ..Glkt/~w3s.`$0P B4 81 A6 85 B1 EC D6 97 8A E9 9D AB F9 DC F5 A6 4.&.1lV..i.+y\u& F3 A3 96 E4 91 D5 80 CC A1 CF E8 C1 80 00 00 98 s#.d.U.L!OhA.... 66 FE 71 6D 1C 24 FD FF ED D3 8F 40 1A 8A 00 XX f~qm.$}.mS.@... ----------------- Bytes = 175 normal packet for reference: ----------------- Query Hit Data 04 CA 18 41 A2 C8 68 00 03 00 00 9A 00 00 00 60 .J.A"Hh........` E9 18 00 4B 6F 72 6E 20 2D 20 49 73 73 75 65 73 i..Korn - Issues 20 2D 20 31 37 20 2D 20 48 69 64 64 65 6E 20 54 - 17 - Hidden T 72 61 63 6B 2E 6D 70 33 00 00 44 01 00 00 C7 C2 rack.mp3..D...GB 95 00 72 61 67 65 20 61 67 61 69 6E 73 74 20 74 ..rage against t 68 65 20 6D 61 63 68 69 6E 65 20 2D 20 30 31 20 he machine - 01 2D 20 62 6F 6D 62 74 72 61 63 6B 2E 6D 70 33 00 - bombtrack.mp3. 00 9D 02 00 00 00 D0 58 00 44 61 76 65 20 4D 61 ......PX.Dave Ma 74 74 68 65 77 73 20 42 61 6E 64 20 2D 20 42 65 tthews Band - Be 66 6F 72 65 20 54 68 65 73 65 20 43 72 6F 77 64 fore These Crowd 65 64 20 53 74 72 65 65 74 73 20 2D 20 31 30 20 ed Streets - 10 2D 20 54 72 61 63 6B 20 31 30 2E 6D 70 33 00 00 - Track 10.mp3.. 89 00 00 00 AB C5 47 00 4B 6F 72 6E 20 2D 20 46 ....+EG.Korn - F 6F 6C 6C 6F 77 20 54 68 65 20 4C 65 61 64 65 72 ollow The Leader 20 2D 20 32 36 20 2D 20 20 28 48 69 64 64 65 6E - 26 - (Hidden 20 54 72 61 63 6B 29 20 43 68 65 65 63 68 20 26 Track) Cheech & 20 43 68 6F 6E 2E 6D 70 33 00 00 42 45 41 52 01 Chon.mp3..BEAR. 00 18 00 01 02 00 00 00 00 00 AF 8C 30 D4 1E 46 ........../.0T.F CE 59 FF 83 94 41 60 5F 8A 00 XX XX XX XX XX XX NY...A`_.. ----------------- Bytes = 298 From: Vinnie <info@f...> Date: Sat Apr 21, 2001 2:43pm Subject: Re: Strange Query Hit packets > While working on some routines, I found a strange scrambled packet, it's > always 175 > bytes and very well formatted for Gnutella. Any idea what this is? The > IP address is never correct in the packet. Here's a sample I captured: Queries, or Query Hits message which have only high ascii characters (values with the high bit set) where strings are expected are proprietary messages sent between BearShare servents. Queries should be handled as usual (routed or dropped if duplicate/expired) however there is no need to scan the local index of files for a match if the high bit is set in every character. Query Hits messages which have only high ascii characters should be handled as usual (routed or dropped if expired or there is no route). If you have passive monitoring implemented, do not scan these high ascii file names as they do not correspond to file data. MORE LINKS more information ---> www.spychecker.com (search for bearshare) more information ---> www.bearshare.com (in the forums, adware section) more information ---> www.grc.com (read OptOut section) get anti-spyware-software ---> www.lavasoft.de (download the Ad-Aware program) http://forums.gnutelliums.com/ http://dss.clip2.com/ http://www.zeropaid.com/ "RE: Spy Packets not Onflow message being passed around" Posted by ****ed on May-08-01 at 07:28 AM Haa. Just as I suspected, good thing I use ad-Aware Thanks for the tip on spyware.com Good to see the V.O.C.M. Voice Of The Common Man. Fighting the "Dark Force" (parasitic greedhead scam, that leaves dark holes in the spirit world. Bruce Cockburn(really tired at this point...need sleep )) LONG LIVE P2P "Bull$hit" Posted by Vinnie on May-08-01 at 08:20 AM Its not spy packets. BearShare sends encrypted messages that contain the version number, and high precision representations of the shared file count and bytes. These messages are sent as both queries, and query replies. The main purpose of the message is to support the "upgrade notice" when a newer version of BearShare is detected on the network. The message is protected to prevent unauthorized users from claiming to be a higher version number. Duh!!! This is old news! "RE: Bull$hit" Posted by ****ed (Guest) on May-08-01 at 10:50 PM >>Its not spy packets.<< Actually what there called is >>>backdoor TCP/IP Trojans<<< what do they do... oh not much. These are programs that if you read the "end-user aggreement", have basically gotten permission from the user, did you say yes! they use the tcp/ip backdoor "security hole" to STEAL the users bandwidth. THESE TCP/IP BACKDOOR TROJANS ARE THE NUMBER ONE REASON FOR STRANGE COMPUTER CRASHES AND PERFOMANCE ISSUES !!! SOme computers can in fected with so many of these programs like a small rodent infected with parasites !!! So BUll****... I say BULL**** !!! Your right about one thing... it is old news BearShare sends encrypted messages that contain the version number, and high precision representations of the shared file count and bytes. These messages are sent as both queries, and query replies. The main purpose of the message is to support the "upgrade notice" when a newer version of BearShare is detected on the network. The message is protected to prevent unauthorized users from claiming to be a higher version number. Duh!!! This is old news! "RE: Bull$hit" Posted by BullNOT (Guest) on May-09-01 at 03:51 AM >Its not spy packets. > >BearShare sends encrypted messages WHY? Why not in the clear? Why not just have a pop up that asks the user if he would like to connect to your site and see if there is a new version? Why FORCE this down people's throats? Why waste EVERYONE'S bandwidth on this? Not all programs that are passing these are Bearshare! Why shouldn't those other programs block your not within protocol spec packets? Why not make a server like gnutellums.com 6346 and have Bearshare clients check in there and at that point do your check? You would have all the info you wanted and you would know how many are running so you can count your money ahead of time. Why not just have a simple button people can press to check? Why do you assume all users are too lame to look for a new version every once and a while? Why not run a few copies of your program on your computer and have it return search packets saying that there is a new version available when it detects one that is older? Why do you bother people if they don't give a crap about upgrades every week? Why do you bother people who know better than trust a new version that just came out? Why do you think everyone is your personal testing ground? Why do you think you can get away with lying about the purpose of this packet? >contain version number, and high >precision representations of the shared >file count and bytes. Yes, you need a high precision floating point number to represent a INTEGER from 1 to 9999. You are right a 32 bit INTEGER couldn't handle how many bytes (in 1K blocks) that someone has shared. Like when I look to see how many GB's I have on my hard drive, I want to know down to the last byte, give me high precision! BULL SH*T!! >These messages are sent as both >queries, and query replies. What a nice waste of my bandwidth. >The main purpose of the message >is to support the "upgrade >notice" Like anyone cares. It's for you to see if you will be rich or not. Why not just figure you will always be broke and go get a job? >The message is protected to prevent >unauthorized users from claiming to >be a higher version number. BULL S*IT! It's more than you are saying and you have no reason to put this packet on the net, period. Your lies suck and you know it. "RE: Bull$hit" Posted by Sephiroth on May-09-01 at 02:47 PM This is needed to get users to update the program. Gnutella is not like napster or any other crappy centralized or semi-decentralized program. The latest programs HAVE to be used or else the network will continue to be slow and ****ty for all. That is why its needed and because gnutella is not centralized you cant really have a central place to check for updates and get to everyone. Waste of bandwith... a less than a fraction of a second to transmit.. Oh yeah thats a real waste.. It doesnt FORCE you it gives you the chance to say yes update or no dont... The most important thing is >The message is protected to prevent >unauthorized users from claiming to >be a higher version number. If that wasnt in there i could take a nasty virus.exe set it to Bearshare 9.9.9 and watch as everyone upgrades to it and gets there computer infected with the nasty surprize of my choosing.. The current upgrade method prevents that for ever happening and what you two are complaining about is that you want to take that feature away and open a paradoras box that will have the potential to literally cripple gnutella network out of existance.. So ****ed i think that would be a little worse than the trojan rant you went on about. But trojans open a security hole on your computer and leaves them there and the upgrade notice doesnt since you believe one is there i hope you go out and find this trojan and see how you can use it to gain access to other users machine. Since you said that it is a trojan you must already know alot on it so you'd be the best one to track it down. Ill be waiting for your results and good luck testing that out. "RE: Bull$hit" Posted by Great Maker (Guest) on May-09-01 at 09:25 PM >This is needed to get users >to update the program. >because gnutella >is not centralized you cant >really have a central place >to check for updates WHAT? Are you on drugs? What is this Bearshare site? A non central place to get a upgrade? WHAT IS YOUR PROBLEM? You are the new guy working for Vinnie, arn't you? Now we see your motivation. How could he find someone else who is willing to cover up this abuse? Two peas in a pod. >If that wasnt in there i >could take a nasty virus.exe >set it to Bearshare >9.9.9 and watch as everyone >upgrades to it Yea and stick it on the Bearshare site. Yea right. If it always points them to the Bearshare site, whats the problem? Don't try to dazzle me with your brilliance, it just makes you a bigger liar. This is BULL**** people, plain and simple. Not buying this crap! There is no reason for this, there are much simpler methods to do what they want, other programs use them, and therefore this packet has another purpose. Virus my ***! If it's that lame then I will decrypt the packet and do just that, point it to a better program that overwrites Bearshare! It's going to happen anyway, why not start now? YOU WOULD BE STUPID TO DO IT THIS WAY! because you know sooner or later it would be cracked and then a virus would be put out for sure. So don't tell me you are lame *** stupid enough to put this upgrade thing in there this way! If you are, no one should use your program ever cause it's too big a security risk! Stop lying to cover all this up! Just take this crap out and do it right! "still sucking it seph?" Posted by sephiroth suckup bitch (Guest) on May-09-01 at 10:16 PM Nevermind sephiroth. He/she is a dam suckup bitch. Or a d!ck rider as some would say. Always trying to assimilate people towards his defeatist ideologies, insulting each user that disagree with him/her, comparing bearshare to napster including their users, protecting vinnie, etc... Just forget about him/her. Eventually he/she will die by choking on come and the world will become a better place. "RE: still sucking it seph?" Posted by x (Guest) on May-14-01 at 09:19 PM Well said!!! couldn't agree more. >Nevermind sephiroth. He/she is a dam >suckup bitch. Or a d!ck >rider as some would say. >Always trying to assimilate people >towards his defeatist ideologies, insulting >each user that disagree with >him/her, comparing bearshare to napster >including their users, protecting vinnie, >etc... >Just forget about him/her. Eventually he/she >will die by choking on >come and the world will >become a better place. "RE: Bull$hit" Posted by ****ed (Guest) on May-10-01 at 02:29 AM What is Spyware? Spyware is ANY SOFTWARE which employs a user's Internet connection in the background (the so-called "backchannel") without their knowledge or explicit permission. Silent background use of an Internet "backchannel" connection MUST BE PRECEDED by a complete and truthful disclosure of proposed backchannel usage, followed by the receipt of explicit, informed, consent for such use. ANY SOFTWARE communicating across the Internet absent these elements is guilty of information theft and is properly and rightfully termed: Spyware. ******************************* Silent background use of an Internet "backchannel" connection MUST BE PRECEDED by a complete and truthful disclosure of proposed backchannel usage, followed by the receipt of explicit, informed, consent for such use. ANY SOFTWARE communicating across the Internet absent these elements is guilty of information theft and is properly and rightfully termed: Spyware. **************************** END-USER LICENSE AGREEMENT (example) By becoming an End-User, you hereby agree that TransCom may share with other parties both aggregate information and limited individual information gathered during your use of TransCom's BeeLine and/or the Internet. "Aggregate Information" is information that describes the habits, usage patterns and/or demographics of its End-Users as a group but does not indicate the identity of the particular End-User. "Individual Information" is information about an End-User presented in a form distinguishable from information relating to other End-Users but not in a form that enables the recipient to personally identify any End-User. You also agree that locator information about you may be gathered, processed or used as provided in the following paragraph. "Locator Information" consists of an End-Users name, e-mail address, physical address and/or other data that enables the recipient to personally identify the End-User. You agree that Locator Information on you may be gathered, processed or used in the following instances: first, TransCom's BeeLine may provide Locator Information on you to TransCom so that TransCom may notify you directly of special offers and communications regarding TransCom's products. In addition, although Locator Information will not be disclosed directly to a third party except as described above, TransCom's BeeLine may use Locator Information to forward special offers or communications from selected companies to TransCom via TransCom's BeeLine. Locator Information and Individual Information will be processed and stored by TransCom in the United States and, if you do not live in the United States, possibly in your country of residence. You may contact TransCom to determine whether such information has been accurately recorded and, if not, to request correction of any inaccuracies in the information recorded by TransCom. ****************************** Spyware Detection Almost without exception, spyware deliberately hides inside the computer and works at avoiding detection. For example, the Aureate spyware system inhibits its Internet backchannel use in the absence of keyboard or mouse activity so that the user won't see modem lights flashing and wonder what the heck is going on. Since spyware is deliberately trying to go undetected, special tools are required to sense the presence of these sneaky spys. Of course, Ad-Aware instantly and efficiently detects the presence of, and optionally removes, any spyware it knows about. ******************************** The days of Spyware playing fast and loose with users' Internet connections are over. Informed users will now dictate the terms of continued access to their systems. ******************************* "RE: Bull$hit" Posted by titan63 on May-10-01 at 06:04 AM >This is needed to get users >to update the program. > >Gnutella is not like napster or >any other crappy centralized or >semi-decentralized program. The latest programs >HAVE to be used or >else the network will continue >to be slow and ****ty >for all. That is why >its needed and because gnutella >is not centralized you cant >really have a central place >to check for updates and >get to everyone. > >Waste of bandwith... a less than >a fraction of a second >to transmit.. Oh yeah thats >a real waste.. Take care of the cents and the dollars will look after themselves. The longest journey begins with one step. I guess you are too dumb to figure it out for yourself: Millions of little messages = MASSIVE bandwidth load. >It doesnt FORCE you it gives >you the chance to say >yes update or no dont... > > >The most important thing is > >>The message is protected to prevent >>unauthorized users from claiming to >>be a higher version number. Yeah, no #####, gits like me spend days trying to figure it out. >If that wasnt in there i >could take a nasty virus.exe >set it to Bearshare >9.9.9 and watch as everyone >upgrades to it and gets >there computer infected with the >nasty surprize of my choosing.. Get your head out of your ***. Ok "I am mr anonymous dude. I am so powerful, I can hack whatever I choose." F-u-c-k off. >The current upgrade method prevents that >for ever happening and what >you two are complaining about >is that you want to >take that feature away and >open a paradoras box that >will have the potential to >literally cripple gnutella network out >of existance.. You are so anal I could puke. >So ****ed i think that would >be a little worse than >the trojan rant you went >on about. But trojans open >a security hole on your >computer and leaves them there >and the upgrade notice doesnt >since you believe one is >there i hope you go >out and find this trojan >and see how you can >use it to gain access >to other users machine. Since >you said that it is >a trojan you must already >know alot on it so >you'd be the best one >to track it down. Ill >be waiting for your results >and good luck testing that >out. Good luck, sub seven sucks ***, netbus even worse, and as for back orifice aka "I am so anal I want to take the **** out of microsoft back office and call it back orrifice, and I am so clever for doing that, please give me reconition, my name is the (cult of the dead cow), please recognise me" oh... Im sure we (undisclosed government agency) have recognised you. "RE: Bull$hit" Posted by x (Guest) on May-14-01 at 09:41 PM >Its not spy packets. You sure?, have you decrypted the stuff yourself? Even if you say you have, do you think anyone here would trust you with thier pc?? ..doubt it. >BearShare sends encrypted messages that contain >the version number, and high >precision representations of the shared >file count and bytes. Yeah, sounds like really important top secret version #'s 'n stuff, the kind that you encrypt because you wouldn't want the user to know about it. >The main purpose of the message >is to support the "upgrade >notice" when a newer version >of BearShare is detected on >the network. Uh huh, sure, if you say so. >The message is protected to prevent >unauthorized users from claiming to >be a higher version number. Geez, I shoulda thought of that! Always wanted to claim that I had a ner version of Bear Share!!, heck if I could do that I'd be top dog on the block! >Duh!!! This is old news! But not as 'old' as your lame *** response! "RE: Bull$hit" Posted by Ted (Guest) on May-19-01 at 08:34 PM I'm not as concerned with the spyware thing I can deal with that it is easy to kill it. My concern is all the crap running in the backround sucking up resources! When I run a program that should be the only one running (BIG PERIOD) "RE: Spy Packets not Onflow message being passed around" Posted by Wildhorse (Guest) on May-09-01 at 06:42 PM Anyone using Bearshare, and even worse the latest version of Bearshare and thinking they are preserving their privacy should really think twice about it. The Savenow crap that Bearshare install is just one more exemple on how agressive the creators of this program and the director of this company is about ads and spyware technologies. I got only one tip, just delete the crap and move to any other Napstep clone out there that does the exact same job but you risk not having crappy ##### spyware being installed on your system without (and in this case) without your consent. You might also wonder about a company that creates an entire new TCP/IP stacks, this, not knowing at all if firewalls will really react to this new stack which replaces previous stacks. Not only for the fact that this stack cannot always be removed with success. My experience which napster like clones is that bearshare as never been worth the danger and the risks when they are so many other software out there that does the same and usually, better. And believe me, I'm not naming any here, I just used/installed bearshare and speak of experience. "RE: Spy Packets not Onflow message being passed around" Posted by Sephiroth on May-09-01 at 07:25 PM And >believe me, I'm not naming >any here, I just used/installed >bearshare and speak of experience. > You know nothing about the Gnutella protocol or the tcp/ip stack as you called it. Bearshare isnt any crappy Napster clone its decentralized. And all firewalls work on Gnutella since you speak of experiance i guess you allready know that. I and many others have used a wide range of firewalls and they have all worked on gnutella. You see Gnutella uses port 6346 on tcp/ip which tcp/ip is what most internet programs use in some way,shape or form. A new one isnt created at all. Well see how much you love your napster clones when your paying 20 bucks a month and up for them.. At least Bearshare will always stay free and unless you want to be forced into paying the RIAA then you better be supporting the programs that will remain free because next month alot wont be.. Have fun just so you know youll probably be handing over your name, adress, record of downloads(so they know how to bill ya), credit card number, e-mail adress, and phone number to the centralized places or the riaa companies themselves by paying. And i guess thats not considered a privacy violation.. "RE: Spy Packets not Onflow message being passed around" Posted by titan63 on May-10-01 at 05:52 AM Ah, so thats why I couldn't hack that "you must now update" crap, Vinnie pulled a fast one and encrypted it. Good one Vinnie. It would be mildly ammusing although fairly pathetic. "Hack a pack" Posted by Stacker (Guest) on May-12-01 at 12:48 PM Well then, it looks like time for those who know how to hack the packet and let us know what's in it since there is a cover up going on here. Anyone got any talent out there? I would think the encryption sucks and is something made up at home. "RE: Hack a pack" Posted by Grant (Guest) on May-13-01 at 04:39 PM So is there a security hole? Is that what you are saying? If someone wants to send a packet saying they have a upgraded version my client will accept it and then download and install the new version. Or make it look valid so I install it? Sounds like a big security hole to me! Has this encryption been tested by the big encryption programmers? If not, you are doomed! I cant wait to see the first formatted hard drive and law suit cause this was done incorrectly. "RE: wHack a clown" Posted by Sephiroth on May-13-01 at 05:12 PM Because of the way it is now what i said in my last post cant ever happen. And even if it did then you have to be directed to a web page which contains the file. Plus theres others way to prevent it from happening that are in place. So your all full of it. So many clowns and theres not even a circus.. "RE: wHack a clown" Posted by Zippit (Guest) on May-13-01 at 06:59 PM Quote Sephiroth "I always have a good laugh at when people have to resort personal attacks just proves they have no other way to defend there arguement.." Having trouble defending your argument are you sephiroth? 10 points for effort 0 for consistency "RE: wHack a clown" Posted by Sephiroth on May-13-01 at 07:38 PM First i didnt attack them personally just generally. I didnt say anything about that and there are always the occasional exception to any rule. Anyways your a troll you dont have the right to give me a morals lesson. You can just make a different name to insult people. Anyways i just read the end part of the first topic before i stopped where it said "Did aliens make him do it?" This thread is outright funny because all that info is the same thing. in the reply by vinnie it explains what that packet and why its like that in the first topic. To optimize the searches Bearshare doesnt show the ascii characters. Meaning that stuff has the same information except one of them has it in ascii or the text and the other in just the code By having just the code it shortens the message length therefore making it go faster. too funny.. "RE: wHack a clown" Posted by Zero (Guest) on May-13-01 at 07:58 PM Hi Sephiroth In an ealier post you said: <<And all firewalls work on Gnutella since you speak of experiance i guess you allready know that. I and many others have used a wide range of firewalls and they have all worked on gnutella. You see Gnutella uses port 6346 on tcp/ip which tcp/ip is what most internet programs use in some way,shape or form. A new one isnt created at all.>> ----------- To the best of my knowledge this isn't actually true. Sure any firewall will -work- on Gnutella but that depends what you mean by work. 6346 is a port which is not normally used by standard internet applications other than Gnutella clients. Most firewalls by default require manual opening of ports over 1024. Therefore this does in fact actually create a new open port. Again it depends what you mean by "work". Packet filtering etc is surely going to work but you aren't going to get the protection that a closed or stealthed port offers. You say that most internet programs use TCP/IP but this doesn't actually have any relevance to port 6346. However if you can think of other standard non-gnutella apps that use port 6346 feel free to correct me on this one "RE: fun fun fun" Posted by Sephiroth on May-13-01 at 08:29 PM Why cant someone else be in the "hotseat" playing 20 questions tonight.. I gave a general answer and what i ment was in the general tense. By work i ment does the firewall do what a firewall should do which is to block net attacks. And i didnt mean that all one programs use the same port 6346 thatd be dumb. I meant that all online programs use tcp/ip weather it is to download or use them in. It looked a little confusing but thats what i ment.. "RE: fun fun fun" Posted by Zero (Guest) on May-13-01 at 08:56 PM That's fine - I see what you were saying now Sephiroth Thanks for the clarification "Home run" Posted by Vinnie on May-13-01 at 11:27 PM >So many clowns and theres not >even a circus.. ROFL You mind if I use that one? "Snap into a Slim Jim" Posted by Vinnie on May-13-01 at 11:35 PM >So is there a security hole? >Is that what you are >saying? >If someone wants to send a >packet saying they have a >upgraded version my client will >accept it and then download >and install the new version. No - BearShare does not automatically download and install anything. Even if it did (which it might, eventually) it would use download.bearshare.com, ask the user before the installation proceeds, and be digitally signed by Free Peers, Inc. using the code signing tools developed by Microsoft. Compromising the private key from Verisign would require either #1 breaking the encryption strength, or #2 hacking the machine which stores the certificate and stealing a copy. For #1 the chances of this happening are just as likely as someone cracking the private key for Microsoft's code signing certificate. If I were devoting CPU resources to breaking a cipher, I would certainly go after a more valuable certificate than the one held by Free Peers, Inc. especially since both Internet Explorer and Windows Update can automatically trust certificates from Microsoft. For #2 someone would have to break into the facilities since this machine is neither connected to a local area network nor is it connected to the Internet. If I were dead set on gaining access to the certificate, I would certainly go for method #2 since that one has a higher chance of success. Whoever tries, better make sure that I'm not there or else they will get a major can of whoop-asss opened up on them "RE: Snap into a Slim Jim" Posted by Wonko on May-14-01 at 05:29 AM So, what this means, in essence, is that as long as it doesn't automatically install anything, and if autoinstalls will be done from a central source, there's no security reason for encrypting the update messages. Which brings us back to the original question - why encrypt? If it's not a security issue, who cares about `unauthorized users` (Didn't know this even existed as a concept on gnutellanet...) pretending to have a higher version number? "Then take it out" Posted by Grant (Guest) on May-14-01 at 03:29 PM Yes, we are right back to no reason for it being there. Any other program out there simply waits a week or two and pops up a box asking if you would like to check for a upgrade. They *always* include a check box that says "don't bother me again with this cause I am a adult and can find a upgrade all by myself" or something like that. So stop worrying about your $$$$$ because you want people to upgrade if something like onflow happens again (you get no $$ so upgrade everyone quick!), just keep adding new features and everyone will upgrade cause there is "value added". If you don't do this then we will all know you have other sneaky reasons for this packet and I will personally mount a spamfest to every media outlet till no one downloads it. Warning: if the next version still has it, spamfest enabled - everyone is invited to join the party, come one come all! Spamfest 2001 ! "RE: Gnutella 101" Posted by Sephiroth on May-14-01 at 04:04 PM You dont understand Gnutella and why updated versions are so important. If users were allowed not to upgrade then gnutella would be very very slow and have alot of problems because it would be next to impossible to improve the network. In other words it will cause more problems than good. This isnt napster you cant use a version thats a year because if you do then you will be hurting yourself alot. There are alot of bug fixes and upgrades even though they may be small that makes updating worth it. You want to risk it and use the outdated version then just press no and dont come back here complaining if you have any problems with the old version. "RE: Gnutella 101" Posted by x (Guest) on May-14-01 at 09:30 PM >This isnt napster you cant use >a version thats a year ... And why not, if that's what I want to do? >..because if you do then >you will be hurting yourself >alot. Really?, and who should to decide what's 'good' for me? ..gee, thanks! >There are alot of >bug fixes and upgrades even >though they may be small >that makes updating worth it. Worth it to you or me? >You want to risk it and >use the outdated version then >just press no and dont >come back here complaining if >you have any problems with >the old version. You want risk it just press yes and quit bitchin about those who pick no! #####! ...or maybe that should be, ..dickless! "... but having troubles doing so" Posted by Want To Believe (Guest) on May-15-01 at 00:54 AM >You dont understand Gnutella and why >updated versions are so important. >If users were allowed not >to upgrade then gnutella would >be very very slow and >have alot of problems because >it would be next to >impossible to improve the network. >In other words it will >cause more problems than good. Here's why I don't understand the rationale you give ("So people don't impersonate higher versions.") How exactly are Bearshare users going to do that? I can see some hacker making their own version of a GNET client, based on gnut or something, and then they can put anything they want in the messages. But they're not going to be avoiding upgrades to Bearshare, which they don't have in the first place, right? How are users of Bearshare, that you propose would try to avoid upgrades (!?!), going to change their app to send out modified query and query response packets? And even if they COULD, why WOULD they? Do you see why the reasons given don't ring true? Vinnie has said elsewhere that he plans on putting additional info in these packets soon, such as Processor, RAM, etc. I don't know if he was joking (I think sometimes that he replies on these forums after a couple days of no sleep), but why would he do this? And why encrypt it? I don't get it. I CAN think of a couple reasons for this type of packet that don't NECESSARILY involve RIAA or MPAA, but I don't understand why he wouldn't just SAY so. For example, something to prevent other apps from masquerading as BS (for what reason, I can't imagine.) "I didn't have sex with that woman!" Posted by Monica (Guest) on May-15-01 at 02:24 AM It's all bullshlt, a coverup. A. The RIAA threatened a lawsuit, Vinnie whimped out and is now kissing RIAA Lawyer ***. B. Privacy means nothing to Vinnie. C. Socialists loaned money to Freepeers and now want to pull the strings. D. You are dreaming, WAKE UP! "Eh?" Posted by Vinnie on May-15-01 at 07:58 AM >Here's why I don't understand the >rationale you give ("So people >don't impersonate higher versions.") >How exactly are Bearshare users >going to do that? A malicious hacker could send a message out that claims a higher version - this would wreak havoc on the network, no one would trust the upgrade dialog again. >Vinnie has said elsewhere that he >plans on putting additional info >in these packets soon, such >as Processor, RAM, etc. >I don't know if he >was joking (I think sometimes >that he replies on these >forums after a couple days >of no sleep), but why >would he do this? Certain high end machines will become eligible to run extended peer to peer services. Criteria for running these extended services include: - someone who leaves their machine on for a long time - dedicated IP address (that doesn't change with DHCP) - ability to accept incoming connections - sufficient RAM - sufficient idle CPU time Part of these features requires "tuning" the network. This tuning process assigns random number probabilities to each eligible machine to determine if they are elected to run extended services - this provides control over density and distribution within the network of machines running extended services. In order for me to tune it, I need to have a rough idea of the distribution of computer resources through the network and this requires gathering statistics. >I CAN think of a couple >reasons for this type of >packet that don't NECESSARILY involve >RIAA or MPAA, but I >don't understand why he wouldn't >just SAY so. For >example, something to prevent other >apps from masquerading as BS >(for what reason, I can't >imagine.) It is impossible to prevent other applications from masquerading as BearShare. It simply cannot be done. However, it is possible to prevent other applications from claiming to be a higher version number of BearShare than is currently shipping, thus the encryption. "Thanks for the explanation" Posted by Einstein (Guest) on May-15-01 at 10:58 AM >A malicious hacker could send a >message out that claims a >higher version - this would >wreak havoc on the network, >no one would trust the >upgrade dialog again. Ah! I think the lightbulb just went on! So, the way this works then, bearshare apps send out messages that tell other peers what version they are running. If my app sees a message from a higher version, it pops up the upgrade dialog. Got it. So, you do this to cut your bandwidth costs at your download servers (seeing how the alternative would be for them to check in there when they are fired up)? So, if this is how these are used, you are effectively spreading your bandwidth costs out to the rest of the network. That sort of makes sense. Now you need to figure out a way to propagate the downloads through the network >Part of these features requires "tuning" >the network. This tuning process >assigns random number probabilities to >each eligible machine to determine >if they are elected to >run extended services - this >provides control over density and >distribution within the network of >machines running extended services. In >order for me to tune >it, I need to have >a rough idea of the >distribution of computer resources through >the network and this requires >gathering statistics. Have you been working at all with other peer developers on this? I would think that messages of this sort would be generally useful for network distribution. You could implement the use of those messages in a superior way, and maintain your competitive advantage, and the network would enhance the value of your software by complying with the messages. That might also ease the fears of some of the more ... er ... cautious on these forums. "RE: Thanks for the explanation" Posted by AlieXai (Guest) on May-15-01 at 03:45 PM Finally, after reading this entire forum, the person who posted the last message is the only one that has a clue (Besides vinnie and seph and maybe 1 more person) Obviously that data posted by the creator of this thread was misunderstood. Ripped directly from one of the discussions by the Defender test team. Actually, I (if I remember correctly) think that was some of the data used to prove that onflow, savenow, new.net aren't 'spyware' in the typical sense. "RE: Thanks for the explanation" Posted by Einstein (Guest) on May-15-01 at 08:35 PM >Finally, after reading this entire forum, >the person who posted the >last message is the only >one that has a clue >(Besides vinnie and seph and >maybe 1 more person) Please don't compare me to "seph" or anybody else for that matter. I find "seph"'s comments to be the worst kind of rah-rah suck-up nonsense. They rarely get to the point, or try to see any other perspective, and instead try to defend BS at all costs. Stupid, pointless, and a waste of time. >Obviously that data posted by the >creator of this thread was >misunderstood. Ripped directly from one >of the discussions by the >Defender test team. Actually, I >(if I remember correctly) think >that was some of the >data used to prove that >onflow, savenow, new.net aren't 'spyware' >in the typical sense. No, ripped directly from the discussions by the GDF, and group of developers of GNET peers. The data had nothing to do with the spyware that is unfortunately bundled with BS, it had to do with one of the other GNET developers seeing odd packets, and asking what they were. The data has been explained by Vinnie (more or less satisfactorily in my opinion), but nonetheless it is still encrypted, when other methods that don't require secrets would accomplish the same thing without feeding fears. This is why I suggest working with the other developers. Please think before you post. Being praised by you and your ilk is worse than being damned. Open your mind and try to understand why people feel threatened by the actions of an application that sends data from their machines that they do not understand, and is not explained. "Going `round in circles." Posted by Wonko on May-16-01 at 04:57 AM Ok, let's try this again: This comes from the parent: A malicious hacker could send a message out that claims a higher version - this would wreak havoc on the network, no one would trust the upgrade dialog again. This comes from another message by Vinnie: No - BearShare does not automatically download and install anything. Even if it did (which it might, eventually) it would use download.bearshare.com, ask the user before the installation proceeds, and be digitally signed by Free Peers, Inc. using the code signing tools developed by Microsoft. So, how can a message claming a higher version client wreak havoc on the network, if all downloads are made from download.bearshare.com anyway? At max, it'll be a minor inconvenience. So, there's really no need for encrypting this unless a distributed update mechanism is going to be in place, and I belive one of those would be inheritantly insecure under any circumstances. As to the additional info added to the packets - again, this is not a security or even a network-health issue, and does NOT require encryption. "Loki" Posted by Vinnie on May-16-01 at 05:04 PM >A malicious hacker could send a >message out that claims a >higher version - this would >wreak havoc on the network, >no one would trust the >upgrade dialog again. >So, how can a message claming >a higher version client wreak >havoc on the network, if >all downloads are made from >download.bearshare.com anyway? No one will upgrade in a timely fashion. One of the biggest fixes I made to BearShare was in the "push" handling. Part of this fix actually rejected connections from older BearShare servents on or after a specific date (a "time bomb"). This timing scheme was necessary to make sure there was a sufficient number of fixed versions out on the network before the connection reject logic took effect. Without the time delay, early adopters of the new version would have a difficult if not impossible time getting hosts. Having a false ugprade dialog would not only be annoying, it would interfere with the upgrade process itself, causing delays in propagation of bug fixes and enhancements. Thats called havoc. "RE: Loki sucks" Posted by Wackooo (Guest) on May-17-01 at 01:26 AM People, we have a control freak here, he wants to have total control and dreams about being the dictator of Gnutella, plain and simple. Vinnie says: >In order for me to tune >it, I need to have a rough idea of the >distribution of computer resources through the network and this requires gathering statistics. Notice the word ** me ** , yes that's right, I can see him now in his lab in front of a huge control panel saying "I have a plan to take over Gnutella", sort of like you see in cartoons. This is laughable, he's about as bad as Bill Gates. These encrypted packets are not needed, there is no excuse and it's time to take them off the net. YOU HAVE NO REASON! How does anyone know that their e-mail addressbook isn't being shipped to the RIAA to help identify them? >Criteria for running these extended services include: Again, the dictator will say what machines will run what. How nice. Most other programmers would allow people to decide if they are "worthy" to use such a program. How the hell do you know how long I will leave the program up? Does your software read minds too? This is STUPID, LAME and you have no excuse. YOU ARE BUSTED, PLAIN AND CLEAR, ADMIT IT! Another user said: >you are effectively spreading your bandwidth >costs out to the rest of the network. Wow, it would cost a bundle if you returned a simple short packet of say 20 bytes with the latest version number in it from Bearshare central. THIS IS BULL****! More bandwidth is wasted in this forum, and most web server places charge less than $50 for major gigabyte transfers. And another user said: >Obviously that data posted by the creator of this thread was >misunderstood. Ripped directly from one of the discussions by the >Defender test team. Actually, I (if I remember correctly) think >that was some of the data used to prove that >onflow, savenow, new.net aren't 'spyware' in the typical sense. Yes, yes, try to cover it up. Nice try. "Gone in 2.2.4 ?" Posted by Rank (Guest) on May-19-01 at 07:07 AM So are these spy packet things gone now in 2.2.4 ? "You have a choice" Posted by MIGHTY MAN on May-19-01 at 07:47 AM You have a choice if you want to install them or not you can untick the boxes if you dont want them installed. "James Bond" Posted by Vinnie on May-19-01 at 08:00 AM There are no SPY PACKETS That was just some fool talking without knowledge. Yes, 2.2.4 uses the same version notification scheme as all other versions of BearShare. Nice try to cover this up, but how do we know what is in those packets? DON'T USE BEARSHARE TILL HE GETS RID OF THIS CRAP! |
| |||
Re: Spy Packets found NOT Onflow or Savenow 2.2.4 Quote:
Since then I've changed my mind. Something is not right with Bearshare. Vinnie has been too defensive and unwilling to listen to reason when it comes to the Adware/spyware. Now we find out about these encrypted packets and Vinnie has become downright abusive to anyone who questions his business tactics. He is also censoring the forums at BearshareNet. I myself had a post critical of Bearshare removed from the Adware forum. So I uninstalled Bearshare and switched to Gnucleus, which I found to be BETTER than Bearshare, has NO SPYWARE, and IS OPEN SOURCE. Vinnie's attitude has been unconscionable, in my opinion. I no longer trust him, his company, or his software. I'll add this to your assessment of Bearshare: DON'T USE BEARSHARE UNTIL VINNIE GETS RID OF ALL SPYWARE AND PUBLISHES THE SOURCE CODE ! |
| |||
bodhi, I deleted your post because it was abusive. Why don't you stop using Windows until Microsoft releases the source code? Why don't you stop using LimeWire until they release the source code? Why don't you stop using Gnotella until they release the source code? |
| |||
One more thing You are a narrow minded, simple fool. If you paid any kind of attention, you would realize that I have responded to all of the user feedback. Bundled components can be UNCHECKED in the latest install!! DUH!!! What's wrong with you dude! Someone needs to smack you upside the head. |
| |||
Re: One more thing Quote:
|
| |||
Another great post! You bring up a lot of important points. A lot of these issues are simple and fundamentalistic, but Vinnie just can't seem to comprehend them in pursuit of the almighty dollar. He complains about spending money to pay for hosting forums and development costs, but he fails to realize that nobody asked him to develop BearShare, or to continue supporting it! It is his decision and his alone. Unfortunately more and more users are being duped into using his servant, which leads to further frustration. For me, the happy medium would be to turn that connection he uses to host his forums and create his own private, semi de-centralized network, much like Napster! He probably realizes the legal ramifications of this, as Napster has, so he continues to use us as his personal puppets. Personally I can't stand the integrated browser! There is no need for it in a file sharing servant! Bye-bye secretly installed adware, hello replacement! |
| |||
Re: Re: One more thing Quote:
Those programs work completely independently from BearShare and from each other, so they don't invade your privacy while using BearShare. |
| |||
Quote >I posted this message under another >discussion, but I want to >make sure someone sees it. I see it, I'll do the best I can to help you understand what's going on. >I'm confused about spyware and >what it does and how >to get rid of it. "Spyware" is software which is usually sneaked onto your computer by another program. These programs collect information about you and send them to a company. What kind of information? Why is it collected? Usually, these programs collect information that would be useful for advertising. For example, if you had a lot of games on your computer, an advertiser might show you a banner for a gaming related product like a joystick or something like that. If you have programs like Word and Excel, then a game banner would not be appropriate and you might get an advertisement for something business related. This information is valuable, because it helps advertisers waste less money by getting their message to the right people. For example, if you are a woman, you are probably not interested in seeing ads for adult content or Viagra. >When I downloaded and installed, I >chose only to install Bearshare >and none of the others. >This is my work computer, >so I can't put too >much extra stuff on it >without getting noticed. The other products you are talking about are "Onflow", "New.net", and "SaveNow". A description of each: Onflow is designed basically to let advertisers create very attractive banners and interstitials (popups) that have animation. These ads can also be animated. Onflow only DOES something if you visit a site that has Onflow content (for example, http://www.onflow.com in the Gallery). One of the cool features is that the ads are EXTREMELY small to download, since the Onflow player (installed on your computer) has special functions built into it that let it do rich graphics. Some users object to Onflow, because it sends a report of banner activity to their web site periodically. The report includes the number of times you saw an ad, how many times you clicked, and how long you saw the advertisement. This information is extremely useful, and increases the value of the advertisements. New.net is a plug-in that lets you resolve new "top level domains". The existing top level domains (.com, .net, .org, etc...) are all controlled by one organization called ICANN. Recently, they have expanded the number of top level domains to include seven new ones. However, many companies are disappointed with their choices and there were a lot of politics involved. New.net, a product of IdeaLab, offers their own alternate domans like .mp3 and .shop for example. Since their domains are not "officially approved", some extra software is required in order to use their service. Some users object to New.net, because they believe it is spyware, however there is no evidence that New.net sends any information about you. SaveNow is an "offer companion" program which runs in the background and periodically shows you a popup window while you surf the web that is relevant to the site you are visiting. For example, if you visit Amazon.com you might see a popup with a coupon for 30% off your next purchase at Half.com (a site that offers quality used CDs for less). SaveNow must periodically contact its server in order to download an updated list of new offers. Some users object to SaveNow because they believe that it "spies" on you by sending information during this communication. However, there has been extensive analysis of SaveNow communication and it has been proven it does no such thing. In fact, the company which produces the product, WhenU.com, has taken steps to make sure that the communication is done in plain clear text. The SaveNow program "targets" the popup windows by analyzing the web site you visit (based on the URL), without sending or storing any of this information. >When I >found out that Bearshare has >spyware attached, I tried to >read up on it, but >I don't know that much >when it comes to technical >computer jargon. This is completely understandable. A lot of people have critized BearShare, and used this forum to spread lies and misinformation. BearShare does not have "spyware attached". It comes with three additional products from different companies which offer an optional installation. These products were selected because they protect your privacy and offer useful functions (like saving you money when you shop). If you want to do some reading, try looking up "Gator", "Webhancer", "Flyswat", and "Comet cursor". These are TRUE SPYWARE programs. In their privacy statement, they basically tell you that they are going to collect as much information as possible, and then sell it to third parties. BearShare is free - it is supported through advertising and our relationships with third party companies. Free Peers, Inc. has been very selective with the companies it chooses to do business with, and any sane rational person who takes the time to truly research these products, as well as the other true spyware products I mentioned, would see a huge difference. >I got confused >when reading all the info >about what it does. I >did decide that I would >download Ad-Aware so that none >of my information would be >shared with anyone- once again >it's a WORK computer and >I don't need to be >transmitting WORK info out there. This is a misconception - the "information" which is valuable to advertisers has nothing to do with your "work information". Work information is things like reports, charts, spreadsheets, etc... I do not know of any programs that collect that type of information, it is simply not valuable and could also be considered illegal. The "information" which is of value is things related to your surfing habits, your personal preferences, and your demographic information. For example, a teenager would probably not be interested in anti-wrinkle cream. >When I ran it, sure >enough, there are 3 spyware >cookies that come up for >me to delete. I opted >out of the bundled software, >but I still get them. >If we have a choice, >then why do I have >spyware on my computer? First of all, cookies are technically not 'spyware'. Second, these cookies were not introduced by BearShare, or any of the bundled products. You got these cookies when you surfed the Internet and saw ad banners. >What really bothers me, though, is >that I have to delete >the files all the time. >They keep reappearing. What is >going on?? Why can't I >just get rid of them? In order to eliminate cookies, you have to turn cookies off in the browser. Surfing the Internet without cookies is NOT fun! You will have to re-enter your passwords and information on any sites that you visit with a login, like Yahoo!, or Amazon.com. Once again let me point out that neither BearShare nor any of the other bundled products included with BearShare use cookies. >If anyone has some info about >what kind of info I >am transmitting out of here >(in plain English!), I'd really >like to know more about >this program. >For instance, I've >read some posts about how >all this illegle porn is >available for download on Bearshare. >If someone is getting all >the info on our computers, >can't they tell who is >downloading that stuff? This is a misconception. There is no existing program that "gets all the info on our computers". Its not like someone presses a button and POW your entire computer is transmitted over the Internet! Another misconception, is that you need to install spyware to see who is downloading pornography. This is not true. If someone wanted to, they could set up a server that offered files with pornographic names, and keep a log of who came to download them. In fact, this is exactly what Zeropaid.com did with their "wall of shame", in an attempt to expose the extent to which child pornography has invaded the Internet. Unless you are very technical and use anonymous proxies, along with special software, there is no way to prevent a web site from knowing your IP ADDRESS when you visit. This is how the Internet works (more specifically, this is how TCP/IP, the fundamental communication protocol, works). >Seems like >a good way to catch >child porn people to me. >I've read the "busted" comments >too- how are people getting >tracked down for downloading or >sharing copywrited files? How does >that work? It works like this: a company passively listens in on the Gnutella network and makes a note of files they believe are copyrighted, along with the IP ADDRESS of the user sharing the file. Then, they attempt to download the file and see if it contains infringing content. If it does, they make a note of the time and day that IP ADDRESS was connected to the Internet. Using public resources and websites, they find out the Internet Service Provider (ISP) which owns the IP ADDRESS, and submit a request with the address and the time and date. The ISP usually keeps a log of who was connected at what time, and what IP ADDRESS they had. This way, they can correlate an IP ADDRESS with an actual user's billing information and therefore identity. >I'd basically like to know what >Spyware is capable of, and >what it is used for >on Bearshare. BearShare is not spyware, does not use spyware, and does not transmit nor collect personal information about you. By the way, thanks for coming out and asking the tough questions, but in a nice way. You are a good example of how users should behave in the forum when they have questions, comments, or desire more information. You are always welcome here. |
| |||
Who is this? Quote:
By the way, thanks for coming out and asking the tough questions, but in a nice way. You are a good example of how users should behave in the forum when they have questions, comments, or desire more information. You are always welcome here. [/QUOTE] Who is this? What happend to the finger flipping, threatening person who has slammed everyone who doesn't do what he wants? Please seek professional help! I am serious! You have something wrong. BTW: You don't run this forum, so don't act like you could make someone not welcome here. We all know we are not welcome at your forum, unless we brownnose that is. Please, get some help with your control freak attitude, it will make Gnutella a better network, I promise. |
| |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
What happens to unrecognised packets? | mckerrell | General Gnutella Development Discussion | 4 | January 13th, 2002 09:32 PM |
Bearshare hides criticism of new.net and Savenow | God | BearShare Open Discussion | 15 | December 25th, 2001 06:56 PM |
Network bad packets | LordChaos | General Gnutella Development Discussion | 0 | November 3rd, 2001 09:19 PM |
Bearshgre and SaveNow | Chrisp | BearShare Open Discussion | 7 | October 14th, 2001 05:44 AM |
*BEWARE of the Bear (Onflow Warning) | Rat Rage Kid | BearShare Open Discussion | 7 | May 23rd, 2001 06:15 PM |