Is This Really Possible?

Remove all ads!

My dad sent me this link.
http://news.com.com/2100-1023-873181.html
I don't have the Kazaa software, but I do download stuff off the internet. So this does kinda concern me.
Will something like a firewall prevent something like this happening to someone's computer?
My other question is, if you have your computer disconnected from the internet or your computer is turned off, can they still use it or remotely turn your computer on to use it?
They also mention how to remove software that is included with the download of Kazaa. My dad said he went through his files and couldn't find this software. I say its still there somewhere. Who's right?

 

Well at least there's comfort there. Of course, if dad had just listened to me...Why don't parents ever listen to their children?
Also, is this legal?

 

The program itself is, what you can do with it often isn't, or so I'm led to believe

 

After the reading the article I will try to explain what this means, to the masses.

1. This is a secondary application that comes bundled with Kazaa, when you sign the user agreement you are also accepting to have this second piece of software installed. Making the use of this piece of software legal.

2. This piece of software, pigybacks on the PnP connection that Kazaa makes.

3. Kazaa standarly uses port 1214, but since 2.0 can use ports 80(webpage), and pretty much any port over 1214.

3b. Since Kazaa can use pretty much any port, including port 80, it is impossible to stop people from using kazaa with a basic firewall

3c. Since a firwall won't stop kazaa it will not stop this new company connecting to you.

3d. The only way to stop this program is through the use of snort (packet sniffer) and squid (download controller) like programs with extreme settings, that do not allow the download of *.exe, *.zip, *.mp3. For a more indepth article on the use of snort and squid I recommend THIS.

4. This program is a major security risk, since it pigybacks with an download agent, a hacker could possibily activate the agent for unkown purposes.

4b. Since this program is waiting for a call, all a hacker has to do, is activate the program without user agreement. This could be accomplishment most likely with faked packets to the right port. Simple nmap/port scans to machines would allow hackers access to machines.

4c. Now this is the issue, most Virus/Trojans need to be executed by a user for control of the system. Now with the combined power of kazaa and this other program all the hacker does, is either send a automatic launching program, or Smash the Stack(recommended reading on Buffer Overflows) to activate standard Windows exploits to gain control of the machine.

4d. If a way is found to do 4c. Than we have a problem. Possibly every kazaa user (5+ million) could become a part of a DDOS. This would KILL the internet. .

4e. Other things hackers could do with this exploit. install Key loggers(credit card numbers anyone?), gain root/admin access, IRC attacks, gain access to companies/governments (i betcha every building has a person that has kazaa on their work machine), etc.

5. I personally find this ironic, a program that promotes the trade of copyrighted material, having a hidden program that could possibly control and destory every users machine or take down RIAA.

My Tips:
unistall kazaa, and go buy the stuff you where downloading.

Disclammer:
All things in the above post are just theortical. I don't approve or promote illegical hacking.

 

For the reasons you listed above, I don't do my banking on the computer. Very impressive response by the way. I hope you don't mind, I passed the info on to my parental unit. Hopefully it will be helpful.

 

I'm not certain if this works, but I think you can remove the hidden components that come with Kazaa with a program like Ad-Aware.
You can get it here:
http://www.majorgeeks.com/article.php?sid=506&cat=31

I don't know if that program removes the stuff that Tal is refering to...

 

Elendil, that's all fine and dandy, but you have to pretty much have it running continuously. I found out a nasty little trick that Kazaa and other similar software uses.
I went to a computer fair up in LA on this past weekend. There is this guy, Jeff Levy, he hosts a radio show on the weekends on computers were people can call in and ask questions. He's very good.
Anyways, he was broadcasting from the fair and people were able to go up and ask him questions. So I brought up the topic of this thread. He told me that you can use the spyware removal software to get rid of most stuff. The problem with it is this. Most of the programs that come with spyware, like Kazaa, has a little trick. You can remove the spyware, but the next time you load up the p2p software, it searches your harddrive for the spyware, if it doesn't see it, it reinstalls it.
I had my dad test this. He downloaded the spyware removal software, removed the stuff from his computer, then ran Kazaa. Sure enough, when he went to run the removal software, there was the spyware programs. Only some of them though, it doesn't reinstall everything, just some of them.
Needless to say, he's reformating his hard drive and reinstalling windows this weekend.

 

"4d. If a way is found to do 4c. Than we have a problem. Possibly every kazaa user (5+ million) could become a part of a DDOS. This would KILL the internet..."

5 million? Try 60 million. With a single point of failure. Absolutely ludicious...

My recommendation: Use Kazaa Lite (www.kazaalite.com) or Diet Kazaa (www.dietk.com).
They're the same program with altnet and all the other spyware removed.

 

Get kazaa lite, supposedly it has no spyware.

 

That's hidden somewhere in the middle of the legal mumbo-jumbo.. I've never bothered with reading those agreements before, but I think now would be a good time to start.

 

Well, firstly supposedly kazaalite does not contain "spyware". Secondly, if you use win32 (which I assume most of you do, and which I do not) you can just download LimeWire. A really popular gnutella (p2p network) client for win32/linux/mac etc., and use it. If you're paranoid and don't trust kazaalite, then use LimeWire. Note however, that gnutella gets quite a few less users than kazaa/kazaalite/morpheus so your searches might be somewhat limited and they might be slower, but this is the tradeoff, usability/convenience vs. security/stability.

 

Just to comfirm something - kazaalite doesn't have any of the brilliant (b3d files) stuff. It does have adware in it. I'm not sure about the spyware, it says it doesn't but it may have.

 

I wasn't saying it was clean, i know it isn't. I was just saying that anyone using kazaalite doesn't need to worry about the brilliant stuff because none of the files are there (b3d is one of the things removed, on a previous computer i had kazaa which did include b3d). This one has only ever had kl on it and a little search revealed none of the listed b3d files (and no folder of b3d player). Spyware and adware (theres nothing imporatant on my computer) i can live with, some company using my computer to host ads or whatever.

 

Yeah I wasn't implying it was totally clean either, and I'm anything but naive, that's why the word supposedly is in there.

 

Yeah kazaa lite does not come with the pop-ups, garbage,etc. But both programs suffer from serious security isses that where exploited in the Vira virus. What this virus does is it silently piggybacks with all downloads and uploads from an infected machine. What this means is that every download on kazaa could carry this virus, and you would not know unless a virus scan picks it up. Than when you get infected you can start sending the virus out also.

For the public the Vira virus was repacked as the avril lavigne virus (since the source code is free)

Really people it comes down to a famous saying. Nothing is for free.

 

*cough*linux*cough*