p2pnet.net News Feature:- p2pnet warned yesterday that some versions of PeerGuardian have been polluted with spyware.

"So far over 80 thousand people have downloaded the fake bad PeerGuardian build from download.com (many millions have downloaded the correct version from the Methlabs webpages)," says PG here, going on:

"All Methlabs software is free, and PeerGuardian is open source which means that it can be freely distributed and modified as much as you want. However, some groups are now including spyware with our applications."

A prime suspect is Openwares.org (down at the time of writing) .

"We’ve made noise about Openwares because they’ve not only ripped us off, they’ve also abused a handful of other open-source projects," PG author Tim Leonard told p2pnet.

"This highlights some problems with the less protective open-source licenses out there. It’s just a shame that we need to consider any restrictions just to stop the malware merchants."

Leonard also says there’s another reason to distrust Openwares.

"An IE patch they released that was found to be exploitable (overflow enabled running of arbitrary code on machines) and then a second release which fixed this problem but reportedly sent the URLs visited on the ‘patched’ machine straight back to Openwares!! – In other words, their patch was effectively spyware."

Go here to find out if your Methlabs apps are bent

Download a guaranteed clean PeerGuardian from Methlabs here, or if that’s busy, p2pnet also has a dl here.

In the meanwhile, Joseph Farthing did a post on the hi-jack.

Now read on >>>>>>>>>>>>>>>>

How can community software developers stop their software being scammed?
By Joseph Farthing – Methlabs

While the existence of spyware is now something many Internet users have grown to expect, it is hard to imagine the shock when you realise that a community-built program that you are a part of has been hijacked.

Somehow we want to believe that all software made for the Internet is pure, that every on-line application is equivalent to upstanding efforts such as Mozilla or Linux. These groups create and publish their software with a very singular aim: make good software.

However, there is a darker side to the Internet, that of spyware. While we are used to the trials of useless applications designed to entice new users and then lock them into the hateful world of on screen advertising and agreements that tell you ‘your Internet browsing activity may be monitored’. Most users with a few months experience can learn to avoid these pitfalls – and many realise that the ‘features’ provided by the application are often spurious or non-existant.

Nevertheless, we may often become apathetic to the software we install – we may choose to retrieve it from websites we trust, or try applications we know to be open source or well-received.

Now, what happens when a program you trust can be modified to become untrustworthy?

This is precisely what happened to Methlabs, the community of developers, users and beta testers behind the acclaimed PeerGuardian application.

PeerGuardian is an open source application designed to deny connections from Internet (IP) addresses owned by groups, such as the RIAA, utilising a database updated regularly in collaboration with other websites. The Kazaa Lite application also used to use this database, and is also included in the SafePeer plug-in for the Azerus peer-to-peer (p2p) network.

The program was originally developed by Tim Leonard, a 25-year-old English developer who created the program as ‘revenge’ after Audiogalaxy was shut down. In late 2003 he released the program under the open source GNU General Public Licence, which allows free distribution and modification of the source code (the ‘blueprint’ that describes how software works).

For many people PeerGuardian is a simple tool to help protect their on-line anonymity, but a small group called ‘Openwares’ have begun to publish versions of the PeerGuardian application, as well other programs by Methlabs. This version contains subtly modified versions of the program, and is packaged with software that observes the users browsing activities and displays adverts – exactly the things that PeerGuardian is meant to help protect against!

‘Openwares are a perversion of the meaning of open source,’ says Ken McClelland, the Chief Technical Officer of the Methlabs community.

He is now leading the fight against the spyware distributor, using public awareness campaigns and verification technology to warn users of the threat.

‘The actual process of signing our products is very easy,’ explained a Methlabs staff member.

‘Since most p2p programs today generate a checksum based link, we may publish the links of our releases so you can actually use your p2p application of choice to verify your version of a Methlabs program like PeerGuardian or DeepDelete.’ It would also be possible for users to download stand-alone programs to check the applications.

This method of ‘digitally signing’ files is generally very hard to spoof, and would be a foolproof method to identify both real and versions of the software which contain spyware. The true difficulty is to convince users to run these tests.

Following this lead, a large-scale public awareness campaign has been started by the group, hoping to draw more than one hundred thousand people who have downloaded the spyware version of PeerGuardian. They intend to apply warning messages to automatic updates, banners on both their own and friendly sites – indeed anything to stop people from using an application that provides a more than false sense of security.

‘Boycott Openwares’ messages are now available, and other forums are beginning to carry the message, as well as information about Openwares’ activities.

The process may be difficult, however, since Methlabs is a non-profit organisation who would find achieving the same level of publicity as Openwares incredibly difficult. While Methlabs must desperately attempt to meet their own hosting costs, Openwares can afford to market their distribution on websites such as download.com which charge fees for a products entry.

Certainly Openwares are making a significant profit from the Methlabs applications.

It is not just Methlabs who are affected, however (although PeerGuardian is among their most downloaded applications), since many other popular programs are released on Openwares’ website and then onto Cnet and Zdnet, as well as other sites in multiple countries. Programs affected by Openwares include TorrentSearch, eMule++, Protowall and many other free and open source applications.

Even recent Microsoft security patches are not immune from coverage at Openwares! That is, of course, if the ‘patch’ advertised on their site is a real patch and not simply a spyware installer.

Popular websites such as Suprnova.org are now targeted by organisations hoping to make money from the service. Recently the popular peer-to-peer application Shareaza has been promoted in spyware form.

The question that must now be asked is ‘Is any community, developer or website safe from the exploitation of free things from spyware developers?’

This entry was posted on Thursday, August 19th, 2004 at 6:45 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 7113 times