p2pnet - rss feed: The eXeem thread
p2pnet.net News Feature:- eXeem’s pairing up with Cydoor has sparked a storm.
The former is the successor to Suprnova, one of the BitTorrent sites targetted and ultimately closed down by the movie industry in its all-out war against p2p and p2p file sharing.
"eXeem v0.20 Public Beta has been released to the public," it says on its web site. "Everybody is now able to download it and give it a try before the final version comes out. There are still some bugs that we have not been able to find yet which is why the program is still in Beta Testing. eXeem Public Beta includes its own network that is based on the BitTorrent idea (uses libtorrent as download component), has searching abilities and other funtions that a Peer-To-Peer program should have."
Cydoor, meanwhile, gathers information and sells it via a remora-like application which it installs on the systems of people who download programs with which it’s associated. The parasite app then sends information back to Cydoor, using the resources of the system on which it’s installed to do so.
“Our components run on your computer only to bring you new banners and to send our servers information regarding only to [sic] the banners you saw or clicked on,” says Cydoor.
"Suprnova was great, but I don’t trust eXeem with Cydoor spyware at all," says a p2pnet reader. "eXlite can then be viewed as the manifestation of the intolerance of people to deal with spyware."
Methlabs’ Joseph Farthing has more on the subject.
Read on >>>>>>>>>>>>>>>>>>>>>>>>
eXeem attitudes and the argument for an open source decentralised Bittorrent
By Joseph Farthing - Methlabs
As I said earlier, the reactions of the Suprnova/eXeem administrators has been interesting. Not just to me, but to anyone who has tried to criticise their use of spyware in eXeem. Since the majority of the peer-to-peer community dislikes spyware, and distrust the people who distribute it, the Suprnova staff should not be surprised when their users turn against them.
In a thread at a smallish p2p forum, a few people reported the first news that eXeem would use Cydoor. The result was instantaneous – a tide of criticism from the Suprnova staff. A message posted from a Slovenian IP addres attacked those who were against the Cydoor application, claiming that it “respects all user privacy rules”, and calling the critics “scum”. Andrej Preston, the creator of SuprNova is Slovenian, and it’s known that his ISP is Siol, the origin of this message. Coincidence?
Of course the eXeem people are, as we have already seen, really only interested in getting money. As such, the replies are rather an attempt to stop these messages being posted. I feel that eXeem supporters will attempt everything from personal attacks to character assassination of those who criticise them.
However, just as I predicted some staff from Suprnova have spoken out about the spyware in eXeem. Anonymous contacts at the Suprnova forums’ private eXeem section have provided with me with access to the discussions about Cydoor.
A lot of the discussion about me is negative, verging on insulting, but not everyone is critical of us.
“Methlabs stepped up and brought us some nice bits of software and in a lot of corners, They carry some weight…” says one. Most interestingly is a tester in the heart of the private eXeem forums who claims he “ain’t gonna” install Cydoor himself, while another talks of a “split in the community.”
In the eXeem heartland there are many dissatisfied voices, entire threads have been locked because of “spammers” who disagree with Cydoor. Most humorously of all is the revelation that Andrej Preston does not use Cydoor or eXeem himself. He is a Linux user, and as such is little more than the promoter (and profiteer) of eXeem.
How bad can Cydoor be if even the eXeem beta testers and Suprnova staff refuse to install it?
I’ve already explained why we shouldn’t use eXeem, but it looks like this weeks hot topic is going to remain eXeem, or at least decentralised Bittorrent. Slightly annoying, but after it’s hype finally dries up we’re left with a difficult situation. Decentralised Bittorrent is rather cool.
Cool enough to put ourselves at risk with a spyware-ridden profiteering scam? No. Cool enough to write a better one? Yes.
Although eXeem is spyware ridden, poorly implemented and somewhat suspicious in it’s design, it’s developers have addressed a certain need within the Bittorrent community – the removal of the centralised tracker. Or have they? By their own admission, eXeem staff say that the client must connect to eXeem’s central servers to initially connect. This is not unlike KaZaA and other decentralised systems, but it does do one thing – it locks the user into a singular network, controlled by a single group. Exactly the thing that Bittorrent was meant to stop.
Why not create a better decentralised Bittorrent, a system where anyone can make a central hub and start a network? This could work more like DC++ or eDonkey, where many servers are available. This is could be almost transparent to the user, but removes another level of centralisation that makes Bittorrent so risky.
BayTSP would have far more targets to tap into in order to find file-sharers, and as such the risk would be lowered.
Also, eXeem makes no attempt to encrypt, cloak or hide the identity of the nodes in its network. Even KaZaA used rudimentary encryption to obfuscate the origin of traffic, and systems such as WASTE have shown us just how good encryption and cloaking can get. What’s more: WASTE is open source, licensed under the GNU General Public Licence. This is key.
An open source network is infinitely freer than any closed source peer-to-peer network. Bittorrent was originally freely licensed, and has become one of the most successful networks, even though most people don’t use the original Bittorrent application. No, they use Azureus, BitTornado or ABC.
Let’s imagine that we’re using this imaginary new decentralised Bittorrent, which I will call DeBit (It’s an awful name, I know, but bear with me). In this system, anyone can make a hub, just like anyone can set up a tracker site. The difference is that these hubs are decentralised, as with eXeem, and so the person running the hub cannot be sued. One point to DeBit. Also, because there are many hubs, if the eXeem servers ever vanish then the network won’t work but this way you just switch to another hub. Two points. Since the system is less centralised from the point of view of the hubs, it’s no harder for RIAA to catch anyone, since there are many hubs, just as there are many torrent websites. Three points.
The system is open source, and as such users from any OS can use a ported version to connect. This means more users, and therefore, more downloads. Four points. Also the openness means that many different clients are available. Let’s say that RIAA manage to shut down the makers of a client, or a client is abandoned, you can just switch to another client. Five points. Since it’s open source there is no spyware. Six points.
Should I continue? We need open source decentralised Bittorrent now, at least if to shut up the spyware pedlars that are eXeem.
Something you think we should know about? tips[at]p2pnet.net
===================
See:-
remora-like - Meet eXeem. And Cydoor, p2pnet, January 22, 2005
eXlite - eXeem or eXeem Lite?, p2pnet, January 21, 2005
subject - The eXeem sell-out, p2pnet, January 23, 2005
January 24th, 2005 at 5:51 pm
There is already tools to create a distributed bittorent network that are open source so why cant we as a community use these and maybe create a simmilar GUI of the Exceem client for the newbs.
Kenois (http://kenosis.sourceforge.net/) is a project based on Kademlia and already has a modified bittorent client running on it so kenosis maybe used for the engine for this kind of project .This would make the client cross paltform and open source and probably gain the respect of the file sharing community if done in the correct manner and could be a good launching point for a up and coming developer.
Bram Cohen works for Valve where he works on Steam that goes unpubliced and it is said Bittorent was his resume’ .Bram also makes indusrtry appaerances as a guest speaker on a regualr basis .
Heres a interseting post from /. regarding reverse engineering the current exceem protocol done with a bit of packet sniffing and hex editing .
“A look at eXeem.exe and client.dll show that eXeem uses the C++ Boost library, as well as the Crypto++ library. It also includes cydoor, and references CyberGold.
As far as the eXeem protocol, when eXeem first tries to connect to the network (by doing a search, refreshing for new files or whatnot), it bootstraps. It does a lookup on 4 DNS names, all of which point to the same IP address. The eXeem client program (TCP) connects to port 1026 of this host and sends an eXeem protocol packet.
The eXeem protocol packet from client to server or SuperNode is of the following format - a 0, followed by a one byte function code, followed by an optional payload, filed by 8 seemingly random generated bytes which are suspected to be a Blowfish key (thus the Crypto++ calls in eXeem). In the case of the bootstrap, there is no optional payload and the function code is 6. Thus the packet sent is 0-6-X-X-X-X-X-X-X-X, with the 8 bytes being what is guessed to be a randomly generated Blowfish key. The bootstrap server responds with a number of Superpeers. It is thought that the response is encrypted with the possible Blowfish key sent by the client.
Another eXeem packet is new files refresh. When one does this, eXeem connects to the roughly 20 SuperPeers it knows (which should be in your registry), usually on port 4000 (although 4001 has been seen). The function code is 8. As I said, the last 8 bytes of the packet vary, so only the first two bytes will always match in this example of a search packet (in hex): 00 08 f8 a6 16 39 4a 0a 96 eb.
Search packets have a function code of 22 (in hex, 16). They always carry at least 16 bytes of the optional payload. The first 8 bytes of the optional payload are thought to be search parameters (language, categories, file size etc.) The end of the optional payload is thought to be the actual word(s) being searched. For names 8 bytes and under, the end of the optional payload is 8 bytes, for names 9-16 bytes the optional payload is 16 bytes, and so forth, in increments of 8 bytes. The search is thought to not be encrypted by the possible 8 byte key at the end of the packet. Thus a search may look like this (in hex): 00-16-8e-94-58-40-af-c2-08-39-2a-55-16-53-c4-0a-75 -4b.
There are other parts of the protocol as well which won’t be gone into here…request for file comments which is function code 25 (19 in hex) from client to superpeer, and the function code response code varying on what the answer is and so forth.
With Crypto++ in use, which possibly calls Blowfish, the protocol seems to be encrypted (why else would they include Crypto++?), and whether it is easy or difficult to figure out is unknown. It depends on whether people who know crypto, specifically Crypto++ and possibly Blowfish, and/or who are good at loading these programs into hex editors or assemblers or whatever and figuring them out. Winedbg doesn’t seem to be cutting it.
By the way, eXeem lite’s web page lists it’s IRC channel. As usual, most of the people on it are clueless people trying to get eXeem lite working, but people who have been examining eXeem and understand it someone pop in from time to time. “
January 25th, 2005 at 1:39 pm
Is dijjer.org an decentralised Bittorrent ?
March 3rd, 2005 at 6:11 am
After reading this piece I am about to delete Exeem…thanks
April 17th, 2006 at 1:59 am