New subject: [C-REPS] Re: Spyware Floods In Through BitTorrent

20 Jun 2005


      Just to clarify the article, the title is a bit misleading, and really should 
read "Spyware Floods In Through 
Any-Program-You-Use-To-Connect-To-The-Internet-With."  It really underscores 
that you shouldn't be downloading or executing anything off the Internet 
unless you know where it came from (or are prepared to deal with the 
consequences).
BitTorrent works by creating a torrent file that describes how a file(s) is 
constructed.  Users can download the torrent file, and when run with a torrent 
program, it will contact other torrent programs on the Internet, looking for 
the pieces.  The torrent program will also share existing pieces that you've 
collected, but only for the particular torrent file (it does NOT share out 
your hard drive).  Torrents work well in distributing information quickly as 
multiple sources can give you several pieces simultaneously.  You don't need 
to obtain the file from a single source one piece at a time if you were 
downloading it via HTTP or FTP.
In this case Direct Revenue is creating torrents of files that users want that 
include their spyware program IN ADDITION TO the original file.  They are not 
co-opting the original file or infecting torrents that are not their own.  In 
fact there is some legality on their repackaging and distributing these torrents.
If you download a torrent distribution file for a Linux boot disk from 
Knoppix.org then there is no way for Direct Revenue to add their spyware into 
that torrent.  If you download a torrent distribution file for the same Linux 
boot disk from Direct Revenue then there is NO guarantee that you won't have 
an unwelcome hitch-hiker added to your download.  Even then, once their 
spyware is downloaded to your machine you will need to execute it for the 
spyware to sink its hooks into your system.
Frankly, anyone who obtains (for example) boot disk.ISO and an executable file 
they don't why it's there, and decides to run the executable, deserves to be 
thoroughly chastised with the same tone of voice reserved for people who cross 
the street without looking both ways.
Slashdot has a good discussion about this here:
http://yro.slashdot.org/article.pl?sid=05/06/16/1558229&tid=158&tid=...
-- 
Will_Christie@UManitoba.CA          "You probably think Canada's leader
Instructional Software Coordinator   is called the, uh... Grand Poobah!"
Academic Computing & Networking           "No, it's the Governor-General."
University of Manitoba              "WRONG! It's the Prime Minister."
622 Engineering                                  "Technically Hank, it is
Ph: 204-474-9475  Fx: 204-474-7920                the Governor-General."
                                     --Corner Gas

Re: Spyware Floods In Through BitTorrent

Will Christie

Lonnie Smetana

tags (0)

participants (2)