Categories

BitTorrent
Conferences
Direct Revenue
Julie Amero
Myspace
Podcasts
Postbag
The Big Ones
The Fourth Wall
Yapbrowser
Zango

Creative Commons License
All articles licensed
under a Creative
Commons License.  








Home | About me | Press | The Fourth Wall | Links

Wednesday, June 22, 2005

Simple facts, told as lies

Simple Lies, Told as Fact.

This is how John C. Dvorak's article begins. It's a lofty piece, full of astounding claims, incredible payoffs and tantalising climaxes.

Unfortunately, it's also complete and utter nonsense. In an amazing piece of trollishness, he attempts on a grand scale to divert attention from what is possibly the MMG installer's lowest depth yet. I will post the second part of this update sometime later today - prepare to be amazed. I'll cut through John's points nice and quick, no hanging him out to dry like Direct Revenue this time.

John: There is no spyware in BitTorrent.

Nobody said there was.

John: There is no way BitTorrent is being tricked into delivering spyware.

Nobody said Bittorrent could be tricked. Last I hard, Bittorrent was an unthinking, unfeeling program. You can't generally "trick" things like that.

John: What specific to BitTorrent is infected? Is it the BitTorrent initiation files?

Is this guy listening? Maybe he should, you know, read the article. You are indeed correct - the client does not contain Adware. But seeing as how nobody said it was in the first place, I don't see the relevance in mentioning it.

John: Or is it the payload? If it's the payload (the media file, for example) then what's it got to to do with BitTorrent per se? Nothing, that's what.

Actually, it's got everything to do with it. Bittorrent didn't have this kind of problem before. The odd rogue Malware bundles, sure, but not a clear and concise marketing campaign. And as someone will point out sometime later today, these installers have actually been tracked since May - and my God if he hasn't found something potentially ready to blow the lid off the Adware industry forever.

Let's jump back to John for a second...

John: So again I ask what's this got to do with BitTorrent per se? If BitTorrent didn't exist this file could still be traded in any number of ways. Nothing would change. BitTorrent in this instance is merely the download mechanism. You'd STILL get the spyware if you used something other than BitTorrent. Spotlighting BitTorrent is a cowardly way to discredit the product.

What a strange comment. In case you hadn't noticed, Bittorrent was the primary method of distribution for these installers. You wouldn't get these MMG Adware (because it's Adware, John, not Spyware) bundles from anywhere else on a grand scale, because it didn't exist anywhere else save for a handful of EDonkey distros. If the distribution method for the MMG bundle had been Email, Browser holes or FTP then the "source of these Aurora installs" would have been detailed as those particular programs instead. What's it got to do with Bittorrent, I hear you ask repeatedly? Oh, I dont know, maybe the fact that THIS IS WHERE MMG WERE DISTRIBUTING THE BUNDLES WE'RE DISCUSSING.

Back to John...

John: Whatever the case, someone managed to get his discovery of spyware (spyware is news?) into CNet News, eWeek, and IDG News service, as well as hundreds of blogs talking about how BitTorrent was an "adware distribution vehicle." Hey, BitTorrent will distribute whatever you choose to distribute.

Yeah, Spyware and Adware is most definitely not news. Thats why it's always in the news, thats why Spitzner just dragged one of the biggest spyware cases ever through the legal system and that's why every second person you talk to would love to know "how to get x,y or z" off their system. If you have no interest in Spyware issues then fair enough, but please don't make such an ill informed and ill-judge statement such as that - you're basically saying Antispyware websites shouldn't write about spyware? Uh, that's not going to produce much content, is it?

John: Where Is the News Reporting? What bothered me the most about this episode was that there was no reporting whatsoever regarding the BitTorrent as spyware claims (Whoops, wrong again, no one said Bittorrent was Spyware!) or even the credibility of the renowned MVP Chris Boyd.

Use BitTorrent and you'll get spyware. BitTorrent sucks, and oh, Microsoft has something better, although it's never been shipped—but it's better!

Well done - completely wrong on all counts. Nobody said Bittorrent "sucks", and the accusations that any of these articles imply Microsoft's "Avalanche" P2P system is "better" than Bittorrent is also stupid. Microsoft's Avalanche has never been mentioned on this site, once. Furthermore, all of the Bittorrent articles here are clearly aimed at both MMG and the Adware companies involved. The only affiliation I have with Microsoft is that they awarded me an MVP on the basis of this work - funnily enough, a mass Apache server hack. Note that says Apache, and not Windows Server. If Microsoft do something stupid, I quite happily say so. If they do something good, I quite happily say so. But I have absolutely no interest in their "Avalanche" system whatsoever. I'm surprised Redmond's legal team haven't already kicked your door down and dragged you out for "questioning". Especially when the earliest story I could find on it was from the 16th June, - funny, considering I've been chasing these previously-elusive Aurora Bittorrent bundles since May the 11th.

I would also mention the fact that your article keeps repeating that "the client is infected? bittorrent is infected? bittorrent was tricked?" again and again. Why is this?

Ah - perhaps because your article is structured in such a way that on page one, you are clearly insinuating that I say that the BT client is "infected" until about halfway down the page, then drop it - by which point, anyone stupid enough to get bored of reading (yet understand your subtext) then goes and rants about me saying the Bittorrent client was "infected". I did wonder why so many people started questioning my ability to examine Bittorrent source code in the comments. Was it a slow news day or something?

Has anyone from any of the companies involved turned around and said, hey man, there were only like, five installer bundles out there, maxiumum? Has MMG come out fighting and refuted any of the claims? Or did they get their site hacked, not come back online (as you would reasonably expect them to actually remember to bring their site back up) and absolutely disappear from public view? Did anyone from the Antispyware industry such as Wayne Porter, Alex Eckelberry, Suzi Turner , Wayne Cunningham or anyone working on the numerous security forums out there come out and refute any of this? Or did they all agree with me instead, as they have all done their own research into this as well, leading to numerous posts like this.

It also makes me laugh that the Admins of the sites I helped out personally were incredibly pleased that someone was finally highlighting these installers that, frankly, nobody wanted. I'm guessing admins of other legit sites would no doubt feel the same way. If they're happy with the end result, then I could care less for your blatant attempt to stir up some controversy. The constant refusal of people to look at this issue from a Tracker / Torrent Admin's perspective (or even an end-user who is at risk from falling for something like this) is incredible. It almost makes me think you have a hidden agenda of your own.

Later on today (at some point), I will be posting something that will put your "piece" into sharp focus, and provide a cutting and exact reason as to why this particular type of bundle deserves to have made front page news - regardless of the distribution method.

But thanks for the extra traffic, it's appreciated.

Labels: ,

posted by paperghost at 9:15 PM | Digg it!

All Content © Vitalsecurity.org 2006. The content of this site is entirely the opinion of Paperghost, and is in no way endorsed by FaceTime Communications. In other words - have a problem, come see me.