Slyck.com
 
Slyck Chatbox - And More

I Don't Trust Edonkey anymore..even older versions

Discussion about the eDonkey program and both the eDonkey2000 network and the Overnet Network.
Forum rules
PLEASE READ BEFORE POSTING: Slyck Forum Rules

I Don't Trust Edonkey anymore..even older versions

Postby loopback » Sat Oct 14, 2006 7:54 pm

Just got a letter from my ISP today.
We know ED2K as an App went down for good on 9/11 (How fitting) and the latest version had back doors in it etc. So I reverted to an older version (Tried Emule and couldn't deal with the speed) and was on my merry way.

Apparently I got scanned on 9/21 and they got a partial from one of my incomplete files. The interesting part is I use PEER GUARDIAN! This is the first time I've gotten any notices in 2 years (My 2nd). All the sudden PG doesn't work? I was using a "Non-secure" (read before the auto-remove back door was in the code) 1.4.3 version of ED2K at that time, so who knows if the latest version I had before I rolled back left some sort of spyware or what...

All I know is before I do anymore P2P I'm wiping that Hard Drive.

Just a heads up if you're using ANY ED2K app and think you're safe! Maybe I'm paranoid, but I'm not using that app anymore. A shame too because I have TONS of incomplete files for that system, and IMO Emule and Shareazza kinda blow.
loopback
 
Posts: 2
Joined: Sat Oct 14, 2006 7:35 pm

Postby zim » Sat Oct 14, 2006 8:44 pm

peer guardian only works so long as the blocklist is 100% accurate and COMPLETE.

and it never was.


With the way the blocklist is managed... Its designed to give you a warm fuzzy feeling of security. Not actual security.


Don't blame edonkey for your misplaced trust in a security solution that can't protect you in the first place.
User avatar
zim
 
Posts: 5776
Joined: Wed Apr 20, 2005 10:01 am

Postby Ratt » Sun Oct 15, 2006 1:52 am

What kind of a file was it they got the partial from? Which ISP are you on? (you may not want to share that info, of course, which is fine, it's just curiosity on my part). It would be a good idea to switch to a different ISP in the future, even if you never use P2P ever again. Also, I take it you are in the United States.

It's never safe. But still, interesting that it happened with the Edonkey client specifically, and during the same week as the big takedown...
User avatar
Ratt
 
Posts: 951
Joined: Sun Mar 28, 2004 1:50 pm

Postby Mel_Smiley_VIP » Sun Oct 15, 2006 2:01 am

Don't trip so far as to zero your hard drive. Its only a letter and no ones going to raid your home. Be careful what you share now. Thats a hard thing to do with edonkey as you share whatever youre downloading. Maybe a change of venue is in order.
You see us as you want to see us...
In the simplest terms, in the most
convenient definitions.
User avatar
Mel_Smiley_VIP
 
Posts: 1141
Joined: Sun Mar 14, 2004 12:36 am
Location: Dream Country

Postby webe3 » Sun Oct 15, 2006 2:15 am

Even IF you don't like emule, you might want to try it and use KAD when the heat has died down....nothing is 100% safe though. If you are REALLY wanting security, go to newsgroups and just leech. But again...NOTHING is 100% safe.


Since you have recived that letter from your ISP, they could monitor you...so being cautious would be in order...but I agree....no one is going to come and take you to jail or anything. Just be more careful.
webe3
 
Posts: 756
Joined: Sat Jul 27, 2002 2:01 pm

Postby loopback » Sun Oct 15, 2006 6:22 pm

zim wrote:peer guardian only works so long as the blocklist is 100% accurate and COMPLETE.

and it never was.


With the way the blocklist is managed... Its designed to give you a warm fuzzy feeling of security. Not actual security.


Don't blame edonkey for your misplaced trust in a security solution that can't protect you in the first place.


Well I have to concede you're right here. However using PG for the past two years I haven't gotten one notice and within 10 days of the takedown of the ED2K app I got scanned. Just a little coincidental for me!

I'm planning to 0 the hard drive not because I'm scared of a raid, but just in case there IS some backdoor app still lingering from when I had the "Secure" version of ED2K on my machine.

Thanks for your thoughts and encouragement.

It was an application file. Not media. So my concern there is more the BSA than MPAA or RIAA. My ISP is my Cable company, I'll leave it at that. They haven't released my information at this point. They're just letting me know they got an email from so and so that found this file being shared that reverse lookuped to my IP.

So being that nothing is 100% safe, any apps simlar to PG recognized as the most effective?
loopback
 
Posts: 2
Joined: Sat Oct 14, 2006 7:35 pm

Postby IceCube » Sun Oct 15, 2006 9:19 pm

The thing with every "ED2K official client older version so no backdoor thing will screw you over" user is that it'll only take some time before the Copyright mafia figures out how to identify packets/patterns of the client. Then going after ED2K offical clients would be pretty easy - especially when they have the source code in their possession.

Granted they are still attacking Kazaa users and faking screenshots of their shared directories as evidence and forcing them to settle because it's hard for an 8 year old to get a job, but that's probably the best protection ED2K official client users have - and it's better then the users who use PG. As proven here, it's not bullet-proof.

In short, no one is updating ED2K anymore and I can see that being a security risk in itself really. The story would be significantly different if MetaMachine was still running and not under the MPAA gun because if there's an exploit discovered, it can be easily coded over.

No offense though...
User avatar
IceCube
 
Posts: 17079
Joined: Tue Jun 14, 2005 5:31 pm
Location: Igloo Country?

Postby indecision04 » Sun Oct 15, 2006 11:14 pm

peer guardian is pointless
indecision04
 
Posts: 103
Joined: Sun Jun 26, 2005 1:49 am

Postby Overnet User » Mon Oct 16, 2006 12:54 am

peer guardian is pointless


I wouldn't go that far. Use it and check your history list on who has tried to
connected to you.
Why Join The Fight?
http://www.eff.org/bloggers/join/
News Without Queues: Follow OvernetUser on Twitter http://twitter.com/OvernetUser
User avatar
Overnet User
 
Posts: 2294
Joined: Thu Jan 27, 2005 6:27 pm
Location: Ed2k/Bittorrent


Return to eDonkey2000 / Overnet

Who is online

Users browsing this forum: No registered users and 2 guests

cron
© 2001-2008 Slyck.com