Skip to comments.KaZaA users brace for hijack (more than a million PCs could be hijacked)
Posted on 04/30/2002 12:15:09 PM PDT by dead
Secreted in KaZaA software is Altnet and its about to be activated, warns Nathan Cochrane.
The 20 million users of KaZaA Media Desktop, the world's most popular file-swapping software, have little more than a month to decide if they want their computers hijacked.
That's the time-frame laid down last Wednesday by Sharman Networks chief executive Nikki Hemming for the activation of Altnet, an alternative network to the Internet used to create a giant virtual supercomputer.
KaZaA Media Desktop is software bought by Sharman in January that lets computer owners swap music and other digital content. Technology boffins call it filesharing or peer-to-peer (P2P) because users communicate directly with each other.
Hidden inside KaZaA, however, is Altnet - Trojan software that aims to harness the spare processing, storage and communications power of the millions of computers connected to KaZaA's FastTrack network, a concept known as "distributed computing".
The Altnet software was created by Brilliant Digital Entertainment (BDE), a California-based multimedia company founded by former Australian entertainment software entrepreneur Kevin Bermeister.
Since March at least, Altnet has been downloaded, often without users' knowledge, secreted in the KaZaA software.
It is scheduled to be activated by a signal Sharman will send to users' PCs, in the next four to five weeks.
"The world is full of unused computing power," BDE said in a disclosure to the US Securities and Exchange Commission at the beginning of the month.
"You pay for this capacity whether you use it or not. Businesses, meanwhile, buy expensive facilities at massive . . . supercomputer centres.
"Altnet seeks to bring these two groups together."
Distributed computing has searched for extraterrestrial intelligence (SETI@Home) and an understanding of living cells (Folding@Home), although with the user's explicit consent and not clandestinely downloaded through a third-party software program.
But the prospect that more than a million PCs could be hijacked en masse chills information security specialists.
"Any attacker who can control 100,000 machines is a major force on the Internet, while someone with a million or more is currently unstoppable," Berkeley University computer science academic Nicholas Weaver wrote this month.
"As for Brilliant Digital, their horribly flawed business plan shows a grave misunderstanding of security. Since their proposed business can't possibly work, they should both protect themselves from legal liability . . . by producing a program on their update server which removes all traces of their trojan."
Australian distributed-computing researcher Rajkumar Buyya is optimistic that a successful deployment of Altnet will spur further development.
"It is wonderful to know that the industry is moving towards invisible distributed computing," Buyya says.
"(But) I have concern about their security protocols for activating the client and running programs that utilise idle resources . . . If someone finds out that, anybody can request your machine to do what they want, which is scary."
KaZaA, like the infamous file-swapping software before it, Napster, has been vilified by the recording industry for allegedly aiding and abetting theft.
Last September the chief of the Recording Industry Association of America (RIAA), Hilary Rosen, called for crisis talks with the heads of a dozen media groups to head off the "overwhelming volume" of piracy on the P2P networks.
Sharman's Nikki Hemming says she will schedule talks with Rosen soon. In the meantime, Hemming is eroding Rosen's support base by talking directly to artists' groups instead of publishers.
KaZaA, more wily than its file-swapping brethren, hired a Washington lobbyist, lawyer Phil Corwin, who previously represented the American Bankers' Association.
He is hawking the Intellectual Property Use Fee, an Internet tax, to be levied by ISPs on their customers.
"A similar levy . . . applied to a much broader base of parties, could provide a significant new revenue stream to copyright owners to compensate them for the inevitable 'leakage' (theft) resulting from Internet distribution," Corwin said in an April 8 submission to a US House judiciary committee on digital copyright.
That revenue would amount to $US2 billion a year in the US if a $US1 tax was charged on top of access fees, Corwin said.
"Every party from hardware manufacturers to ISPs to publishers of ripping software would pay a royalty . . . and provide a royalty stream to compensate (music artists)," Hemming said last week.
"At the end of the day we totally believe that artists, creators and those who represent them should be rightfully rewarded for creation of content."
Hemming said she was pursuing the authors, users and sponsors of KaZaA Lite, software that removes Altnet and other hidden software in the branded KaZaA software.
"There's a lot of concern in the market around these scam sites because they release ripped-off unstable code and it puts users at risk," she said.
I found another one called "Bear Share" that is easier to use and appears more user friendly than Morpheus/Kazaa.
I think I'll look at Grokster too.. I've heard from others that use that one.
This will remove all the trojan/spyware.
Sorry, but you're wrong... A trojan works like the "Trojan Horse." Once it's inside your NAT router, it connects to the outside from within your network. The only way to block it is by knowing what port the trojan will use, and then blocking that port at the router. Most people who will buy a HW firewall (i.e. not businesses) will use the plug and play features, never really configuring the device.
Also, who wants to talk about this new "tax" they talk about? This is brought to you by our friends at the RIAA, those evil bastard... more backdoor legislation, just like the inflated price of blank video/audio cassettes due to the hidden tax that goes to combat the MPAA/RIAA 'a "losses" from piracy.
Speaking of all this horsecrap, check out this LONG but WORTHWHILE read, FRANK'S NIGHTMARE, which is transcript of the infamous U.S. Senate, Committee on Commerce, Science and Transportation hearing from THURSDAY, SEPTEMBER 19, 1985. Yes, the same hearing brought forward by our friends Al and Tipper Gore!
this makes me so mad I can hardly type.
TAR AND FEATHER ALL CONGRESSIONAL LOBBYISTS NOW!!!
Good bye Morpheus.
Here are the instructions from C/Net for removing them: Link: How to uninstall Brilliant Digital's software
Staff Writer, CNET News.com
April 3, 2002, 4:10 PM PT
Brilliant Digital Entertainment quietly installs its own software with every copy of the Kazaa file-swapping software. The Brilliant Digital software, which is being progressively distributed over the next few weeks, can later be remotely "turned on" to become part of a new network.
Executives from Brilliant Digital and Kazaa's parent company say people can uninstall the Brilliant Digital or Altnet software from their computers without interfering with the Kazaa program itself. This is true, but it's not an easy process.
These three steps will remove most traces of the Brilliant Digital software from most machines. CNET News.com did it using a computer running Windows 2000, but the same process should work for other Windows operating systems. Please be aware, however, that these instructions represent just one uninstall method and may not be suitable for all machines and software configurations.
CNET Networks assumes no liability in publishing these instructions, which people may choose to follow at their own risk. As always, it's a good idea to make a backup of any critical files before proceeding.
1. In the Windows Control Panel, select an option called "Add/Remove Programs." One of the options will be "b3d Projector." Highlight this and click the "Change/Remove" button.
You may get a message that the uninstall has been successful. Search your computer for a "BDE" folder, which most likely will be found in the "WinNT" or "Windows" directory. In this folder will be a file called "bdeclean.exe". Run this to finish the first part of the process. Delete the BDE folder.
Caution: An unrelated piece of software called Borland Database Engine also creates a BDE directory. If you think you may have this software installed, or if there is any confusion whatsoever, do not delete this directory.
2. In the "Temp" directory (this will normally be found inside the "Windows" or "WinNT" directory) is a folder called "Brilliant." This contains many files. Delete the entire folder.
3. After performing steps 1 and 2, you will need to locate and remove some additional Brilliant Digital files that have been placed in critical system-level computer directories. CAUTION: Deleting the wrong files could interfere with the normal functioning of your computer. These files will most likely be in the "WindowsSystem" or "WinNTSystem32" folder:
Delete these files.
I just installed and ran that program, thinking there wouldn't be anything.... guess what? There were 35 gator files sitting on my computer. I have NO idea how they get there as I NEVER download shareware or click pop up ads or anything. This program is getting run twice a week from now on!
Are you using Windows2000? There's an undocumented registry setting known as "super hidden," which will hide files from Explorer, even if you tell the system to show them. The only way to see them is by opening a command prompt and using DIR FILENAME /S /A /P . This was an exploit used by a number of the Nimda variants to really screw with me!
Here are a few links:
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.