I hope this is the right place to post this <snip>

(I ought to point out at this juncture that I'm not a developer).

But I am darned good at stating the blindingly obvious.

Well, giving myself a good poke &HFFD7,0 in the eye...

I think you posted in the wrong forum since you're talking about LimeWire. Anyway, this statement of yours enlights me quite a bit:

"keeps LW malware-free, like what it says on the tin"

Now, I realize that a lot people might completely misunderstand the reference to malware. This has really nothing to do with the network. Apparently on Windows somewhen in the late 1990s it became state of the art to bundle "freeware" and "shareware" with some other software to make some money. The authors of the bundled software would pay you for the inclusion and the software itself would, for example, show ads. However, soon such contracts were abused and many of the bundled software turned out to be *malware*, for example, "spyware". That is software which would collect private information about the user, for example, which websites he visits etc. or modify further software to show ads. Several years ago LimeWire removed any bundled software after being critized for it. Apparently they were surprised by the abusive action of the software. Though, even nowadays some people still hold a grudge against LimeWire and falsely claim that it contains spyware or other malware. That's really wrong. There may and probably are of course hacked version available from the web. So if you don't get it from limewire.com, you can only blame yourself.

In other words, nobody ever claimed or intented to say that content download from Gnutella is safe. It's definitely not but it's definitely not much safer to download software from a random web or FTP server either. And no, scanning for viruses, does not prevent any *********s it just makes them less likely. Viruses, trojans and worms are not unique to file-sharing at all even though people with an anti-file-sharing attitude love to blame it all on it. Keep in mind, the most effective worms were distributed by email and required manual cooperation by the user! If there's anything to blame, blame it on the stupidity of mankind.

Maybe LimeWire should remove this phrase from their advertising material as it's obviously misleading and outdated as it didn't contain any malware for several years now.

Regarding your filter idea, it might somewhen become useful as a last resort but the problem is not really these results. The problem are the infected machines which emit them. There are several thousand on Gnutella. Further, the obviously generated spam has become less common. Instead a lot of worm spam uses very convincing filename - exactly the correct ones - and just appends .zip or .exe to them. I don't know whether LimeWire or any other Gnutella client hides file extensions. If so, a warm ****-you to whoever coded that. I could rave all day about Microsoft causing world-wide havoc by such a simple stupid default such as hiding filename extensions which is a crucial part of their filesystem concept. That is so stupid and disgusting, it's making me mad and sick. The said thing is, that many people even disagree with me on this point. Trust me, being 1-2 IQ points smarter than average can be a major pain in your brain. Ignorance is a bliss.

LimeWire should include professionally maintained internal IP address and SHA-1 lists. For some reason they don't do this and I suspect it's about political and juristic issues i.e., such filters could possibly make them responsible for what happens on Gnutella from a lowyer's (sic!) point of view. These lists would probably have to be maintained by a independent third-party.

Yes, point taken, a closer look at the forum clarifies that it's for issues pertaining to Phex. I'd just picked up on the "development and coding" bit without looking at the umbrella forum, having read about a LW developers' forum. Posting in a hurry as a newbie, that's all...

As it goes I did get my instance of LW from the LW site - thanks for the tip though as if I hadn't I'd want to know that.

The other threads here which include stringliterals like {startad} were quite educational.

Though I note that tr@ding gets *******-ed out when entered without hack arounds.

Ah well, maybe I shall have shed my junior scales by Hallowe'en.