Morpheus Hijacks Browsers For Affiliate Links 504
An anonymous reader submits: "According to this news.com article, morpheus (aka streamcast) has begun silently installing a browser plugin on its users' machines that basically hijacks the web browser even when not running Morpheus. An afflicted browser will sense if a user is going to visit a shopping site like Yahoo! or Amazon, and secretly send them to a different site instead and then redirect them from this site to the user's intended destination. The user will not be aware that this is happening... however the site doing the redirecting will benefit because they are set up as an affiliate partner and will get a commission on the backs of the user. On a horrible scale of 1 - 10 for sleazy business practices, I rate this a 9.
Comments?"
Scary (Score:3, Interesting)
Trillian password files perhaps? [neworder.box.sk]
Re:Scary (Score:3, Insightful)
That's scary.
Re:Scary (Score:3, Informative)
The nasty is made by a sleazy firm called Wurld Media, Inc. (They spelled it "Wurld" not "World")
Here's a snippet of the bastard.
rdxr020305.dat (which appears on my desktop)
bpboh.dll (the offending file)
bpboh2.dll (not on my system but in the hex dump)
www.rdxrp.com
www.maplehollow.com
www.rd
www.inmotiongolf.com
/rdxr020304.dat
/b
about:blank werule
\winbpupd.exe
www.sephora.com
http://www.sephora.com
(Who wants to boycott Sephora's "we'll make you look like a prostitute" makeup selection? I don't wear it, but who would?)
http://www.sephora.com/help/about_sephora.jhtml?l
www.shop.barnesandnoble.com
www.barnesandnoble
http://www.barnesandnoble.com
(Who wants to boycott Barnes&Nobles now for foisting crappy spyware on us? I sure do! By the way, MAKE CERTAIN you let them KNOW what we feel about spyware please.)
http://www.barnesandnoble.com/help/customer_servi
Go to this nasty crapware website and share how you feel about their little spyware games please.
http://www.wurldmedia.com/ [wurldmedia.com]
Their email address for contacting them is
corpcom@wurldmedia.com [mailto]
Or use their snail mail address:
WURLD Media, Inc.
63 Putnam Street
Saratoga, Springs, NY 12866
Telephone: 1-518-691-1100
Fax: 1-518-691-1180
(Oh... let me think for a moment about what kinds of FAX pranks exist...)
Re:Scary (Score:4, Funny)
Re:Scary (Score:4, Funny)
The last time I ran a peer-to-peer client, the darn thing went and stole all my music! =)
Excuse me... (Score:5, Insightful)
The article said that StreamCast will:
1. Redirect users to another site to collect usage statistics before sending them to the site they wanted to go to. This might be seen as invading people's privacy, but no personal data will be collected, merely usage statistics.
2. Put up a shopping section in Morpheus. That sounds perfectly legitimate to me.
3. Put referrals to online stores inside the browser window in some unspecified manner.
Please note that 1) and 3) are two separate points. They won't redirect you to another site when you're trying to go to Amazon.com, and then claim the referral bonus. The redirection is only for collecting usage statistics.
And the referrals inside the browser window have nothing to do with the redirection.
There's nothing in the article saying that StreamCast will hijack other people's referrals.
There's nothing in the article saying that StreamCast will pretend to refer people to sites (like Amazon.com) when they go there themselves.
Re:Excuse me... (Score:5, Insightful)
1) The editors are complete and total idiots.
2) The editors are actually brilliant businessmen who know how to tool their audience into a frenzy, keeping them addicted to the forum, where they return to the page every x minutes/hours to continue their bitching/arguments/debates/conversations/firstpos
I'll let you be the judge.
Re:Excuse me... (Score:5, Insightful)
3) The editors started this thing on a whim and lucked out when it became popular enough that they could make a living doing it. But they're not professional editors, publishers, or fact checkers, and they're not particularly interested in those things. And with a few thousand people critiquing every story, no amount of sloppiness goes unnoticed.
Just throwing it out there.
Re:Scary (Score:4, Informative)
I encrypt my Trillian directory and run it as a user that has the ability to read those files. And likewise I run all file sharing programs as a user that has no permissions at all except for their own directories. Windows 2000/XP aren't so bad :-) at least they give you a process model that's similar to *nix.
Re:Scary (Score:3, Interesting)
There are a bunch of overlapping issues here. One is the politician problem. Many people want to vote for politicians who are going to serve their personal self-interest best. This raises the problem that the self-interest of the politician is rarely that of the voters, particularly if they are elected. So politicians who make a bid for public support on the basis of self interest alone are likely to believe what they preach and serve their personal self interest exclusively.
The problem of spyware appears to be almost unique to P2P software. This might be coincidence, P2P just happened to get hot at the same time that the Internet bubble burst and Internet business models turned Hobbsean. On the other hand it appears more likely that people who write software whose primary purpose is to help people steal music have no moral qualms about exploiting their users as well.
A second set of problems comes from the fact that P2P pretty much cuts itself off from most of the traditional Internet business models. Post Napster no P2P company can make money from any business model that requires them to maintain a central server or long term business relationships with other companies.
The thread contains many posts that attempt to dispute the claim that Morpheus is doing anything bad. The debate tactics used suggest that it is FUD from the Morpheus self justification dept. There are plenty of posts saying 'the poster hasn't read the article, Morpheus is not stealing referals', only that is precisely what the article accuses Morpheus of. This is not about collecting information about users.
On the legal side I don't imagine that this is a sustainable business model. There is no way that Amazon and the other companies are going to want to pay people for intercepting referals from other sources. Depending on the circumstances if an affiliate is collecting money by misrepresentation the actions may constitute fraud.
The other main issue is of application security. Here the only significant difference between Linux and Windows is that Windows being more popular makes it a more attractive target for scumware. Linux has to consider the problem since if Microsoft develops a defense the scumware folk will attack Linux next on the 'bear principle' - I don't have to outrun the bear, I just have to outrun you.
There is a hook in IE to disable all third party plug ins. The problem is that this is the big switch approach. What there should be is the ability to select which plug ins are enabled. Windows really should not have so many under the covers switches for installing software. I recently found that one of my machines had been infected by comet cursor, I have no idea when. Checking the Windows registry to find out if you have spyware reminds one of Arthur Dent's difficulty finding out about the plans to build a bypass through his house.
The problem with the big switch is that Adobe Acrobat is pretty useful. Macromedia flash is also useful in limited circumstances. I like the animations on Slate, but the new breed of annoyance ads have led me to disable it. There sholuld be a switch to allow plug ins to be enable on a site by site basis. Unfortch, the security zone mechanism does not do this as yet.
more links (Score:4, Informative)
http://arstechnica.infopop.net/OpenTopic/page?a=t
violate referer terms (Score:3, Insightful)
I think a list should be compiled and reported, I would guess that places like yahoo and amazon could file criminal, if not at least civil, suits against such cheaters. It wouldn't surprise me if they did too, just to make a point, and to try not to jade users to the system....
any thoughts? that's a dumb question this is
Sleezy, but no point in Morpheus anymore anyway. (Score:5, Insightful)
Re:Sleezy, but no point in Morpheus anymore anyway (Score:5, Informative)
Great Comments (Score:2, Redundant)
I've heard of sneakyness not far off this already. It seems some of the other P2P file sharing programs also like to install sneaky plugins which do things from reporting your every url visited up to popping up windows with ads in them on encoutering certain keywords. Very nasty and can also incur a performance hit.
Okay.. (Score:2, Insightful)
Great, I can deal. I switch to Grokster.
Grokster begins to bundle spyware.
Fuck. Switch to Morpheus.
Morpheus bails from FastTrack, and switches to Gnutella.
Fuck again. Switch back to Grokster, use AdAware [lavasoftusa.com].
See that Morpheus, who explicitly claimed that it contained "No Spyware of Any Kind" engage in this type of practice?
I can only laugh at the pitiful wreck that the company/corporation-based P2P programs have become.
Download Limewire! (Score:3, Insightful)
Yeah, it's a shame that P2P only became popular recently, in the age of the MP3. If it had been invented 10-20 years earlier, with RFCs, and had the stature of, say, FTP, people would be thinking of it as a fundamental part of the Internet. Instead we have this horrible situation, where anyone who uses a P2P client is presumed to be a freeloader or a criminal. P2P deserves better than a bunch of spyware-loaded clients that block each other's users from their own networks.
Re:Okay.. (Score:3, Insightful)
The thing is, I'm not expecting the c/cp based P2P software manufacturers to gain revenue.
Typically, when a product or service is available for free, and another one is put on the market at a non-zero cost, unless there's some type of luxury association attached to the product or service that's non-free, people are going to go with the free choice.
Now, we have these 3 companies, all of which make their software available for "free".
Their only source of revenue is the companies who want them to attach their bits of software to the application. How could they ever hope to make money elsewhere? Nobody would buy the product if it's available on the market. Likewise, who would subscribe to it, if a free alternative is available? Really, their only other option is to develop some type of value-added service to make consumers choose their platform over the free ones.
What could they possibly include as a value-added service? I can't think of anything.
And at the same time, the people who get pissed off with these companies go off, and create something like Kazaa Lite [refosearch.tk], and undermines your entire company's lifeline.
That's really clever.. (Score:4, Funny)
Re:That's really clever.. (Score:2)
"customers"? As in, one who buys things from you? I thought the whole idea of Morpheus, et al, was that no one ever paid for anything anymore.
Re:That's really clever.. (Score:5, Insightful)
No...Thats... (Score:4, Funny)
I like it. (Score:4, Insightful)
Re:I like it. (Score:3, Informative)
You could not be more wrong. This is nothing like a virus. A virus is defined as a piece of code that replicates. Since this does not follow the definition, it is NOT a virus.
well in all honesty (Score:2, Interesting)
Man-in-the-middle attack (Score:4, Insightful)
You can call me a paranoid. Each time when I need to buy stuff online using credit card. I will reboot to a cleaner "environment" -- a clean copy of OpenBSD or something similar. God knows who the hell the various windows plugins are doing..
What's to stop them.... (Score:3, Insightful)
Corrections and notes... (Score:5, Insightful)
The final destination is more or less the same. The difference is the intermediary. Morpheus isn't stopping me from going to Amazon by instead redirecting me to Borders.com...They're just stealing referral dollars.
Honestly, though...I wonder how long it'll be before these online vendors lock out Morpheus' referral IDs, or even worse, deny the connections altogether (since the most recent source IP will be Morpheus' proxy, not your own).
And I assume that if there's a pre-existing Referral ID, Morpheus will strip it out and replace it with its own. Doesn't this constitute actual monetary theft?
Re:Corrections and notes... (Score:3, Insightful)
It doesn't sound like it uses any kind of proxy, an IE plugin redirects you to another website which redirects you back to amazon/yahoo/whoever so the morpheus machine isn't the one connecting to the vendors, they're just telling your machine what url to request from the vendor. I would be very surprised if vendors honor the comissions "earned" through this method.
Re:Corrections and notes... (Score:3, Interesting)
I know I'll be checking that any referral programs my Web site participates in aren't on Morpheus's hitlist, and switching to a competitor if they are. I expect others to do the same, thus giving retailers like Amazon a real incentive to make sure that they don't pay anything out to Morpheus.
Re:Corrections and notes... (Score:4, Insightful)
McCoy - "Suppose this device were to be used where life already exists..."
Spock - "It would presumably destroy such life, in favor of its new matrix."
I'd read the article... (Score:4, Funny)
It's scumware... (Score:5, Informative)
On a scale of 1 to fucked... (Score:3, Funny)
Been waiting for this... (Score:4, Interesting)
While I personally see this as a bad thing, since they do it behind the users back, I would probably have no objection to installing something similar for slashdot. I don't exactly feel the need to subscribe, but I would have no objection to them collecting a referrer fee off of my internet purchases.
Re:Been waiting for this... (Score:2, Interesting)
It is totally different than the sites that provide lists of internet deals. These sites refer customers to a site that the consumer most likely would not have gone to if they had not known it was the lowest price. Sites that list internet deals deserve the referall because that is the reason the refered site sold the product. Morpheus has nothing to do with why that consumer went there and thats why it is nothing at all like the internet deal sites. And furthermore, these deal sites don't covertly install a plugin to get all the referalls, they simply have links on a page and provide a service to consumers.
Wow, I never knew (Score:2, Funny)
Who this really hurts (Score:3, Insightful)
Re:Who this really hurts (Score:4, Insightful)
WRONG!!!!! - What's happening here is when a user types in amazon.com, Morpheus redirects the request through their amazon referrer page. Hence, amazon is now paying out referals that it otherwise would not have. Direct navigation does not incurr referal fees, only refered navigation
Re:Who this really hurts (Score:2, Insightful)
Point this has a large impact on the way advertising is done on the internet. The whole idea that the software was free and no one is hurt by them doing this is without merit. The other that people only use morpheus for piracy also lacks any substance.
excellent! (Score:2, Funny)
At least it's easy to disable (Score:5, Informative)
Re:At least it's easy to disable (Score:2)
Re:At least it's easy to disable (Score:5, Informative)
I think IE is scumware.
Re:At least it's easy to disable (Score:3, Funny)
Dear Watson . . . (Score:2)
I think someone is being a little um. . . friendly to these jerks. Not that the warez leech kiddies don't deserve it.
Bah
Re:Dear Watson . . . (Score:5, Funny)
Re:Dear Watson . . . (Score:2)
Good Lord, man, that sounds like what some people I knew in college might have done, except that they would have used New Kids on the Block and Debbie Gibson CDs.
Oh wait, it's Deborah Gibson now. Sorry Debbie.
Has anyone asked Amazon about what they think? (Score:5, Informative)
From what I can see on their website [amazon.com] ..
If I were Amazon, why would I pay 10-15% margin to someone who has not really promoted the product, but has hijacked the links?
They also probably violate this portion of the operating agreement.
Vendors taking liberties with your configuration (Score:5, Insightful)
These folks really must think that they own the user once the user buys their product, becuase even a "respectable" company like Intuit doesn't seem to have any problem with monkeying around with the private parts of the user's computer for their own purposes. Certainly those icons are paid placements.
Bruce
Re:Vendors taking liberties with your configuratio (Score:4, Insightful)
Well, maybe that's because they effectively do own the user? Operating systems are still designed around the idea that any application has all priviledges the user running it has. This is a good idea if you have small tools -- e.g., cat may read all the files that I have read permission on. When you have larger applications, like a complete office suite, this solution is somewhat less good. Once the user installs software from the internet, this design is a fundamentally flawed one.
Users expect that e.g. on a UNIX system, cat will only read files, and therefore it is a perfect idea to let cat read all files that the user has read permission on. The user's perception will be "I may read this file," when technically it is actually "software I run may read this file."
As soon as the user installs software that does things they don't expect, because the software doesn't advertise all of its functionality, this model breaks. Most users won't even find out, and if they did, they'd probably ask "why is Morpheus allowed to do this?" The user will no longer have the perception that he is doing things, and will have to realize that actually it is the software doing things. The operating system however is still designed around the idea that everything the sofware does was intended by the user. (No, I don't have an idea for a better design.)
It's called FRAUD (Score:2, Insightful)
I knew it! (Score:2)
let's play with this... (Score:3, Informative)
www.ebay.com
links to http://www.qksrv.net/image-280514-220264, which has an instant redirect to pages.ebay.com. I played with this in netscape 6.2 and lynx, and they still directly put me towards www.ebay.com. There is definitely redirection occurring here.
www.amazon.com
links to http://www.amazon.com/exec/obidos/subst/home/home. html/104-9801158-34639, while netscape and lynx go similar (but not the same) page in the same sub-directory tree. I'm not sure if there's a url redirect occurring here.
www.barnesandnoble.com
In IE, goes to http://service.bfast.com/bfast/serve?bfmid=2181&so urceid=21425507&categoryid=rn_home, then redirects towards a barnesandnoble.com redirected address. Netscape and lynx still go straight the low level barnesandnoble.com address. There is also definite, blatant redirection occurring here.
So, there you have it- out of just three simple checks, Morpheus went and screwed with two of them. I'm getting this crap off my machine and installing a better gnutella client.
Another reason... (Score:2)
Sigh... (Score:2)
Unauthorized Access (Score:3, Insightful)
And what about the programmers who wrote this 'feature'? Who are they? I wouldn't be opposed to blacklisting them, or at least smearing their names across the headlines. This is sleazy and unethical and shouldn't be tolerated by the rest of us 'respectible' programmers.
Brian
Like KaZaA? (Score:2, Insightful)
Is Morpheus' latest effort at all related? It seems to be based around thr same idea, however the idea of being redirected sounds worse. For exanple, does it work that if you type say, http://www.google.com, you arrive at AltaVista?
What is it with crappy (ex)FastTrack networks and I-can-believe-it's-not-trojan software?
you reap what you sow (Score:2, Flamebait)
Almost as horrible as stealing Intellectual Property from musicians?
mozilla.org (Score:2)
Sad, but not new (Score:2, Insightful)
What's worse is that it had somehow also managed to make it impossible to change his homepage from within IE (the fields were grayed out.) After a quick registry hack he was porn free
Anyway, as long as there's a way for people to make money off the swiss cheese that passes for software security, they're going to do it. The sad thing is most people don't know how to stop these things. The sadder thing is that most people don't remember a time when the internet wasn't about making money (when people were boycotting web sites with banner ads) and don't think there's much wrong with these tactics.
So don't use IE... (Score:4, Insightful)
Seriously though, the article says it can only affect IE. This makes sense, given that it's easier to do sneaky things in the registy and elsewhere which, while invisible to the user, will cause drastically different behavior in parts of the operating system, like IE.
Aren't you glad you use Netscape? Don't you wish everyone else did?
(apologies to the old Dial ads)
More browser scumware, and how to remove (Score:3, Informative)
Stupidly, I clicked yes, and promptly regretted it. A whole day of browser abuse followed.
* My desktop got taken over by an 'affiliates' homepage
* My desktop got swarmed with icons for adult and gambling sites
* If a site took a long time to load, or got a 404, my browser would end up at the portal http://www.lop.com, part of the 'affiliates' network.
The program didn't leave a listing in the add/remove window. It wasn't in c:\program files.
It had buried itself deep into my windows folder.
Instinctively I searched my disks and registry for lop.com and removed all references. No cure. My browser still kept going to lop.com.
My only cure was radical action. I ran Win2k in a VMware box with disks set to non-persistent. Immediately before saying 'yes' to the installation, I ran the 'InCtrl' install tracker program. Thank God for InCrtrl - after the install was done, I had a list of all files added by this nasty piece of scumware, and had the utmost pleasure in removing it once and for all.
Slashdot should do something similar. (Score:2, Funny)
It's like hijacking hits, but with the slashdot effect.
I just uninstalled Morpheus... (Score:2)
Exceeds authorized access (Score:2)
Bearshare does this too (Score:4, Informative)
Re:Bearshare does this too (Score:3, Informative)
Yeah, but I was able to figure this out! The dialog in question presented during installation has following checkboxes:
- BearShare
- BearShare Desktop Icon
- SaveNow
- New.net Domain Names
- Desktop Shortcuts: Links to Great Products
- n-CASE Ad Delivery System
Simply uncheck everything else but BearShare and there's no spyware. To be honest, if you couldn't figure out which of those you need then I'd suggest you to sell your PC and purchase Xbox or PS2 instead.("Secret spyware" that was mentioned contains New.net and SaveNow)
Delete Morpheus (Score:5, Insightful)
Second, they started banning from their chat room anyone who mentioned this fact and posted the url to Gnucleus.
Now, they're installing scumware in order to control your browser for their own profit even while you're not using Morpheus.
Anyone left who still wants to argue with me about whether or not Music City is a company of degenerate sleazebags? Anyone who still disagrees with me that the proper course of action is to delete Morpheus and install Gnucleus immediately? (at least until something better comes along).
BHO Files (Score:2)
... although I have installed this "Preview Edition" I ran a piece of software and could find no BHO files other than Norton's and Adobe's.
So... my question is where is the spyware?
Probably not acceptable to Yahoo, eBay, etc. (Score:3, Insightful)
This is like spammers embedding banner images in their spam and getting paid every time someone opens the email just because the banner was loaded. It's just running the meter and the entity being screwed is the website that is paying them a referral fee.
The article, in one part, reads: "Griffin said the technology is simply taking the old affiliate referral program to a new level. Most of the referrals will happen inside the Morpheus application itself after the new version is launched with a commerce section, he said."
Yeah, right. Most of the referrals will clearly be a result of their sneaky browser add-ons, not because anyone really pays attention to the commerce section of a P2P client. Heck, P2P users generally get as much as they can for FREE--not exactly the target market of much of anyone.
other software installed (Score:2, Informative)
"HKEY_LOCAL_MACINE\SOFTWARE\Microsoft\Windows\Cur
This key loads the program at startup. The program appears to be some sort of video codec/player.
How to disable Morpheus redirects (Score:5, Informative)
Well, I disabled the
So - download and run BHO Cop now! who knows what else you might find (Acrobat seems to have dumped something as well)
Re:How to disable Morpheus redirects (Score:2)
Re:How to disable Morpheus redirects (Score:2)
My removal was successfull, just make sure to completely reboot (instead of relogging on)
Lavasoft's AD-AWARE will Remove this thing for ya! (Score:5, Informative)
Method to remove Morpheus spyware (Score:2, Informative)
The Morpheus spyware is just a
So this bho spyware can be removed by using bhocaptor [webattack.com] . Bhocaptor displays all bho that are registered within windows registry. So, what you need to do is to select Morpheus bho(a
As bho is an Internet explorer technology, those who are using netscape or mozilla should be immune to this spyware.
Grab a pal, it's /. analogy hell! (Score:2, Insightful)
This like you asking a guy for directions to the "Stop and Rob", but he gives you directions to his brothers store, "Grab and Run". His brother lets him live in the basement of his house, because he sends lots of business to the "Grab and Run".
You wanted to get some YooHoo but the "Grab and Run" doesn't have any, and you were going to shoplift it anyhow.
Doubly pissed, you report the "Grab and Run" to the authorities (you saw a rack of VCRs in the back room, making copies of Asian snuff films.) The cops come and arrest the owner and throw his ass in jail.
After looking up the address of the "Stop and Rob", you head over there. The brother of the now jailed owner sees you, beats you to the ground, and takes your wallet. In your wallet is an I.O.U. from your boss to an employee that works in the same row of cubes as you. Your wallet is gone, and so is your mugger, so you get up and run over to the "Stop and Rob".
You ask to use the phone, and while the clerk is hitting on some drunk chick with a feather boa, you steal your bottle of YooHoo.
Oh dear...I really should have renewed my domains. (Score:2)
And to think I actually -owned- streamcast.org for a while. Yeesh.
From the Download Page (Score:2, Informative)
"This ad-supported software includes technology that will serve banner advertisments through the program interface. Morpheus also includes BuyersPort, a shopping portal that may log your IP address, track surfing habits online, and share aggregate user information to third parties. For more information, please refer to BuyersPort's privacy policy."
spyware, how to tell? (Score:2, Interesting)
Mail Sent to EFF, CAFE (Score:5, Interesting)
Dear Ms. Gross
I am writing to express my concern that my attempts to financially support EFF have been stolen by Morpheus and similar companies. I have long been careful to use the Amazon Affiliate Button on your front page for all of my book purchases. I have felt that doing this combined to support what I believe in simply and effectively. Since my purchases have been well over $1000 per year for at least the last two years, I know that it has to have been worth at least some money to EFF.
It has recently become apparent that Morpheus et al. have been placing software such as TopText and other scumware on users machines. These programs have the sole purpose of rewriting affiliate links. This effectively redirects the financial benefits of these links to the scumware operators. To put it bluntly, this is theft, no different than if they had taken the affiliate checks and written their own names as payee.
I have supported the EFF for years. I supported Morpheus partly because of EFF's support of them. But I am frankly disgusted by this turn of events. As the Director of the Campaign for Audiovisual Free Expression, and a staff attorney for EFF for Fair Use and Intellectual Property, I believe that you may well be the single best person to let them know they have gone too far. To take a principled stand on Fair Use is one thing. To pump ads to users while using the software is also perfectly legit. To actively steal revenue from other people, companies and organizations, even after the user has supposedly removed the software, without notice is simply beyond comprehension.
Sincerely
Walter Williams
What Happened to "No Spyware"? (Score:3, Informative)
That sure didn't last long.
You are missing who this really hurts. (Score:3, Interesting)
This affects website owners. Many small websites make ends meet by their affiliate links. This will steal that money away. This is one of the few way small webmasters can make money - short of begging.
And aren't we all sick of the virtual begging cup by now? Don't let the last legit way for sites to make money be destroyed. Sites that don't have traffic for banner ads sales, need these sales. They need this income. If this takes off, it will wipe out small sites everywhere.
As an example, look at http://www.gonegold.com
Informative helpful website. IGN pays them squat. But they do make money on their affiliate gaming links. Take them away and who will pay the site's bandwidth? That is the real issue, that is the real fight. And for some smaller sites, this really is a fight for their survival.
By the way- what is the implications that the only thing you have to agree with when installing morpheus is the gnu license. their is no mention of this spyware(even though it is installed).
Chet
This is the same issue... (Score:4, Insightful)
So, if you don't want all the crap, don't use software you can't trust. How do you know if you can trust it? Well, you could audit the source code and compile it yourself. You could write the software yourself. Or you could get the software maker to sign into a legally binding contract which says that their software will not do anything but its primary intended use (for Morpheus, this would be stealing music), and that they must disclose everything that it's going to do to your computer. Fat chance of that.
What do I do? I run Linux. I only login as a unpriviledged user (I have access to my home directory, that's all.) All the software I install I only install into my home directory (again, as the unpriviledge user.) I'm the sole user of my machine - I don't need to be putting it in
The security then isn't perfect, but strangely enough, most open source projects don't include spyware/scumware of any sort. So I don't worry about it.
Running any priviledged executable is the ultimate shrinkwrap EULA, saying, "I give you permission to do what ever you want to my computer." We'd all be a little better off if people were more paranoid about their computer - but if they don't mind untrusted software messing around, who am I to stop them? Maybe we'll get lucky, and the next version of Morpheus or Kazaa will automagically lock out any user that downloads it. That would provide a nice lesson. Would it be a virus? Well, you chose to download it and run it yourself. So, I say no.
What do you think?
You need to see this spyware crap at it's worst. (Score:5, Interesting)
Most of the spyware on the computers was not intentionally installed which is what made it worse. The last straw for us was when we discoverd a Win98, 1ghz Pentium with 256mb RAM and a fast hard drive taking 15 minutes to start as it was loaded with so much spyware/plugins/rubbish and they all wanted to start simultaneously, running a packet sniffer on that particular machine showed that spyware was using over half the bandwidth available. We locked down the network after that barring access to anything known to inolve file sharing, plugins, spyware etc. However there is an interesting side note, we had a retained lawyer with IT specialisms, aparently the UK Computer Misuse Act makes it illegal to alter the contents of a computer without getting the users authority, which was interesting.
It's bad enought these spyware app's stealing money from deserving small websites and let's face it users as well. You just need to see the damage they can do to networks and computers as well, I can see a lot of sysadmins becomming very angry if these sort of applications get more sneaky and nasty in the way the operate.
Show me a clean P2P program. (Score:3, Insightful)
Limewire has spyware/adware hardwired into the program, at least in the Windows version. Re-apearing Reqistry keys shows this.
Seems to be possible to run BearShare without all the snooping. But 3rd party crap is included and you must be careful not to get it installed..
A bit offtopic but still on the subject of spy/adware.
Now even my Logitech comes with a lot of crap that when you try to install their drivers, you have to read carefully right to the end what the diaglog boxes says and even after avoiding all their "helpful" programs there seems to be one or two programs running in the background that you can remove without it having any impact on the functions of the mouse like the webwheel etc. witch by the way will have a date with my packet sniffer one day, I'd be surpriced if they didn't do some monitoring.
That Logitech was really too much, they REALLY tried to shove a lot of junk down your throat. Which made med loose the last ounce of respect for the company. I am a user who knows what to look out for, but I'll bet that 99% of the mouse buyers just answers yes to it all.
How to write your very own scumware (Score:3, Interesting)
S
Re:What else do people expect? (Score:2, Insightful)
1) they dont make software, the license it (or now, in the case of gnucleus, steal it).
2) they install bullsh!t spyware everywhere they can
3) they have sleazy management and software developers who know how to use MFC app wizard and modify icons
4) they violate every good business practice known to man
In my book, that does not constitute a software development company.
So your saying the only way to make (Score:2)
Somebody needs to inform Redhat.. apparently nobody told them.
Or better yet: Company X is dishonest. Company X makes product Y. Therefore all companies that make product Y are dishonest.
You, sir, are a moron.
Re:What else do people expect? (Score:2)
Any... other... way... possible.
Re:What else do people expect? (Score:2)
Yeah, I mean it's not like they aren't providing a service. I mean they're helping people get their music for free, 'cause, you know, music is just digital but programs are, well, they have themes and skins and stuff.
Oh, the irony. Someday I suppose Morpheous will join the BSA and enforce their rights to takeover your browser. That'd be cool.
Are you insane? (Score:5, Insightful)
This sort of activity is atrocious, and I don't see how these people aren't facing the same punishment as the Kevin Mitnicks and Melissa virus writers are. Without any doubt there is a serious need for either a technical solution (one could say that it exists by way of Java : Sandbox every application to ensure it has no rights outside of its little world. The
Re:What else do people expect? (Score:2)
Aaaugh! That'd be the end of the world! Oh no, wait, I have the source code to my fave linux distro, I'll just take those ads right back out.
Ah. Problem solved. You were talking about...stupid?
Sheesh.
Re:What's a 10? (Score:2, Funny)
Microsoft.
Re:after reading that article... (Score:2, Informative)
>Thus, when a file swapper visits a site such as
>Radioshack.com, eBay.com or a handful of others,
>their computer visits a separate site behind the
>scenes before loading the final destination site.
>Those separate servers, run by marketing
>companies including Be Free, count how many times
>Morpheus users stop by.
This isn't exactly what the headline lead you to believe...
Re:What is the plus side to using Morpheus? (Score:2, Informative)
Re:Wow. I can't believe it. (Score:2)
Qwest sells calling records to telemarketers. This one really peeves me. I had to argue with my parents for a long time to convince them to call that stupid 800 number and opt-out. Doesn't the law say you're supposed to do it the other way around (opt-in)?
Tivo tracks viewing habits. This one I have no problem with. So what if they track how many people watch what shows? As long as the information is anonymous, I don't see the big deal.
Re:anyone use the BHO cop? (Score:2)
checkout my post on it: 1 post before you [slashdot.org]
It worked well, and even told me the name of the dll so I could go delete it myself
Re:you get what you pay for. (Score:3, Insightful)
There is nothing illegal or wrong about p2p software, it's just another way of transferring information.
graspee