Page 1 of 1

I Don't Trust Edonkey anymore..even older versions

PostPosted: Sat Oct 14, 2006 7:54 pm
by loopback
Just got a letter from my ISP today.
We know ED2K as an App went down for good on 9/11 (How fitting) and the latest version had back doors in it etc. So I reverted to an older version (Tried Emule and couldn't deal with the speed) and was on my merry way.

Apparently I got scanned on 9/21 and they got a partial from one of my incomplete files. The interesting part is I use PEER GUARDIAN! This is the first time I've gotten any notices in 2 years (My 2nd). All the sudden PG doesn't work? I was using a "Non-secure" (read before the auto-remove back door was in the code) 1.4.3 version of ED2K at that time, so who knows if the latest version I had before I rolled back left some sort of spyware or what...

All I know is before I do anymore P2P I'm wiping that Hard Drive.

Just a heads up if you're using ANY ED2K app and think you're safe! Maybe I'm paranoid, but I'm not using that app anymore. A shame too because I have TONS of incomplete files for that system, and IMO Emule and Shareazza kinda blow.

PostPosted: Sat Oct 14, 2006 8:44 pm
by zim
peer guardian only works so long as the blocklist is 100% accurate and COMPLETE.

and it never was.


With the way the blocklist is managed... Its designed to give you a warm fuzzy feeling of security. Not actual security.


Don't blame edonkey for your misplaced trust in a security solution that can't protect you in the first place.

PostPosted: Sun Oct 15, 2006 1:52 am
by Ratt
What kind of a file was it they got the partial from? Which ISP are you on? (you may not want to share that info, of course, which is fine, it's just curiosity on my part). It would be a good idea to switch to a different ISP in the future, even if you never use P2P ever again. Also, I take it you are in the United States.

It's never safe. But still, interesting that it happened with the Edonkey client specifically, and during the same week as the big takedown...

PostPosted: Sun Oct 15, 2006 2:01 am
by Mel_Smiley_VIP
Don't trip so far as to zero your hard drive. Its only a letter and no ones going to raid your home. Be careful what you share now. Thats a hard thing to do with edonkey as you share whatever youre downloading. Maybe a change of venue is in order.

PostPosted: Sun Oct 15, 2006 2:15 am
by webe3
Even IF you don't like emule, you might want to try it and use KAD when the heat has died down....nothing is 100% safe though. If you are REALLY wanting security, go to newsgroups and just leech. But again...NOTHING is 100% safe.


Since you have recived that letter from your ISP, they could monitor you...so being cautious would be in order...but I agree....no one is going to come and take you to jail or anything. Just be more careful.

PostPosted: Sun Oct 15, 2006 6:22 pm
by loopback
zim wrote:peer guardian only works so long as the blocklist is 100% accurate and COMPLETE.

and it never was.


With the way the blocklist is managed... Its designed to give you a warm fuzzy feeling of security. Not actual security.


Don't blame edonkey for your misplaced trust in a security solution that can't protect you in the first place.


Well I have to concede you're right here. However using PG for the past two years I haven't gotten one notice and within 10 days of the takedown of the ED2K app I got scanned. Just a little coincidental for me!

I'm planning to 0 the hard drive not because I'm scared of a raid, but just in case there IS some backdoor app still lingering from when I had the "Secure" version of ED2K on my machine.

Thanks for your thoughts and encouragement.

It was an application file. Not media. So my concern there is more the BSA than MPAA or RIAA. My ISP is my Cable company, I'll leave it at that. They haven't released my information at this point. They're just letting me know they got an email from so and so that found this file being shared that reverse lookuped to my IP.

So being that nothing is 100% safe, any apps simlar to PG recognized as the most effective?

PostPosted: Sun Oct 15, 2006 9:19 pm
by IceCube
The thing with every "ED2K official client older version so no backdoor thing will screw you over" user is that it'll only take some time before the Copyright mafia figures out how to identify packets/patterns of the client. Then going after ED2K offical clients would be pretty easy - especially when they have the source code in their possession.

Granted they are still attacking Kazaa users and faking screenshots of their shared directories as evidence and forcing them to settle because it's hard for an 8 year old to get a job, but that's probably the best protection ED2K official client users have - and it's better then the users who use PG. As proven here, it's not bullet-proof.

In short, no one is updating ED2K anymore and I can see that being a security risk in itself really. The story would be significantly different if MetaMachine was still running and not under the MPAA gun because if there's an exploit discovered, it can be easily coded over.

No offense though...

PostPosted: Sun Oct 15, 2006 11:14 pm
by indecision04
peer guardian is pointless

PostPosted: Mon Oct 16, 2006 12:54 am
by Overnet User
peer guardian is pointless


I wouldn't go that far. Use it and check your history list on who has tried to
connected to you.