VSantivirus no. 1280 Year 8, Thursday 8 of January of 2004
The applications P2P that you would not have to use
http://www.vsantivirus.com/lista-p2p.htm
By Jose Luis Lopez
videosoft@videosoft.net.uy
In 2003 July, we published the updated list of utilities P2P (Peer-To-Peer) more used, and catalogued by SpywareInfo.com, according to its danger at the time of putting in risk the integrity of our equipment.
How this list has varied through the time, and in regard to the numerous questions of our readers, we have decided to update it to January of 2004, and now in maintaining it synchronous with the original article more, published in http://www.spywareinfo.com/articles/p2p/.
On programs P2P
Basically, this type of programs, uses a common network (generally different for each product), to communicate between if the computers of their users, those that share certain directories, where are the archives to interchange.
Beyond the legal problems by author rights, a serious danger for the integrated computers exists that way. The simple fact to allow the access to any strange person already to a personal computer, of in case, he is something that implies great risks, although the programs of that type have implemented the necessary protections.
One of the most important risks, is the interchange of archives that are not what that claims to be, or directly virus, camouflaged worms or troyanos are. Tens of examples exist, and is one of the most important sources of propagation and infection nowadays.
But perhaps more serious, it is the installation of other programs nonwished (Spywares or Adwares), that these applications hide.
The spy programs or "Spyware", are used by the patrocinadores of products P2P, to successfully obtain information on that sites visit the user, which are their preferences, or that archives it prefers to unload.
In many occasions, this includes information more it jeopardize, with more personal data, always with the idea to send more publicity to him sweepings.
Also it allows to specify that banners advertising to show to him (this is what "Adware" is denominated, that is the programs that settles to unload and to show publicity). And it would not have to be strange to him if also it begins to receive more Spam through the electronic mail.
The list of SpywareInfo, will serve us to know at least, that programs of type P2P we do not have to install in our computers.
INFECTED Applications
The following applications would not have never to be installed, since they have programs or they install spy programs:
KaZaa (the gratuitous version)
Limewire
Audiogalaxy (obsolete)
Bearshare (the gratuitous version)
Imesh
Morpheus
Grokster
Xolox
Blubster 2.x (or Piolet)
OneMX
FreeWire
BitTorrent (single the version of Average Unify)
2,0 Blubster and superior and Piolet, are supported by publicity (adware), and in addition install others adwares.
In the following page http://mywebpages.comcast.net/robotarmy/, is detailed that things install each one of those applications.
CLEAN Applications
The following programs of interchange of archives do not have spyware or adware:
WinMX (Recommended by SpywareInfo)
Shareaza
Emulate
Gnucleus
Blubster 1,2,3 (the newest versions include Adware)
Soulseek
BitTorrent (to see warning)
Direct Connect
Mute
EarthStation5 (clean, but not recommended)
With respect to EarthStation5
Earth Station 5 had at some moment, code that allowed an attacker, to erase any file in the hard disk of the computer of the user of the program ( http://www.spywareinfo.net/oct7,2003#es5 ). If that code were put there of intentional form, or it were a random error, it is not still very clear. For that reason, its use advises against.
With respect to BitTorrent
BitTorrent is a program of distributed open code under a license that allows to recompilar it and to distribute it. Unfortunately, a called company Unify Average Ltd ( http://www.unifymedia.com/), has decided to distribute a version infected by the C2Media/Lop parasite ( http://www.doxdesk.com/parasite/lop.html ). The recommendation is to unload BitTorrent of the official site solely ( http://bitconjurer.org/BitTorrent/).
Cracks
Two programs, Kazaalite and Groksterlite exist more, that perhaps you have felt to mention.
Both are free programs of spywares, and some people have even gotten to think that she is alternative versions made by such creative of the KaZaa and the Grokster.
Nevertheless, neither they are distributed officially by the authors of original software. They are crackeados programs (modified illegally), violating the licenses of end user, to remove spyware contracted in the original ones.
Perhaps you think that using these products, she would be taking revenge herself of the creators of the plagued original software of spy programs. In the report of SpywareInfo one affirms categorically that either they would not have to be used.
To use these products, single makes more popular to this software, and demonstrates that you will arrive at any end to use it. This serves to them to the creators as the original ones, to continue receiving the companies that pay to include their spy software, because it shows a network of a million and average one of users (the used network is the same one for the original one like for the Lite versions). That way, using as much KaZaa or Kazaalite, as Grokster or Groksterlite, you would be also contributing with the problem of the publicity and the programs spy.
The recommendation is not to use no version of these products. The companies that use spyware pay very good money, so that the only way to discourage to the developers to include it is to show that the users reject it anywhere. Without users, there are no patrocinadores, which means not more money for others to coast our. As simple as that, it affirms SpywareInfo.
KaZaA manipulates archives of the system
In the article that you can find in this connection ( http://www.spywareinfo.com/articles/kazaa/), Mike Healan de SpywareInfo, comments the actions that the KaZaA makes with a file of the system, according to him, crossing the line that turns it a malicious program.
File HOSTS is the first place in which Windows looks for direction IP of a remote servant when trying to connect itself to this last one. If it does not find this relation in this file (in form IP - > servant name), then it sends the request to the servant of names (DNS) of the supplier of Internet to obtain this direction IP.
A trick very common to block the access to an external servant, is to point the name of this servant at IP 127,0,0,1, the internal direction of the own computer. How in this direction the requested servant does not exist, the asked for site is not opened.
At least in the last version of the KaZaA (2.5), if certain entrances are present in file HOSTS, the program refuses to load itself, and an emergent window with a text unfolds that it notices that the program has detected a defective installation because of a version nonregistered letter, and asks the user to repair it, when pressing a called button [ Fix and Continue ].
Also it shows a button for more information where one inquires that some of the changes done by the version certified could not have affected file HOSTS to prevent that access to KaZaA.com, or some of the "important necessary dominions for the correct operation of the program" is had. The options are to leave the program fixes the problem, or to let use it.
If you decide to puncture in [ Fix and Continue ], KaZaA will modify file HOSTS to deshabilitar any entrance related to Sharman Networks, or its patrocinadores.
Although Mike explains a form to avoid that KaZaa accedes to HOSTS (single in systems with file systems NTFS like Windows 2000, XP, etc.), also notices that the license of the program does not make mention to that it will alter to file HOSTS or any other of Windows or the configuration of networks. Therefore, KaZaa is practically becoming a malicious program, when making modifications nonauthorized to the system.
Of course, the recommendation is not to use the KaZaA none, by the amount of adware and spyware that adds to the system.
Original article on KaZaA:
KaZaA Tampers With System Cases out
http://www.spywareinfo.com/articles/kazaa/
© Video Soft - http://www.videosoft.net.uy
© VSAntivirus - http://www.vsantivirus.com