Anti-Virus Company Says PeerGuardian is Malware
Written by Ben Jones on February 24, 2008Over the past week, some servers used for updating the anti-virus software NOD32 were labeled as anti-p2p by a popular list maker for PeerGuardian. In response, NOD32’s company, ESET, has categorised PG2 as malware in some of its latest updates.
It started off with Bluetack adding some IP addresses to its “Level 1 blocklist” that belonged to ESET (NOD32) update servers. “Level 1” is the term that Bluetack use for their lists containing (according to site admin ‘monk’):
- Companies (Or organizations. I won’t repeat orgs. over and over) who are clearly involved with trying to stop filesharing.
- Companies which anti-p2p activity has been seen from.
- Companies that produce or have a stong financial interest in copyrighted material.
- Government ranges or companies that have a strong financial interest in doing work for governments.
- Legal industry ranges.
- IPs or ranges of ISPs from which anti-p2p activity has been observed.
The IP addresses added were 89.202.149.32 to 89.202.149.63, 89.202.157.88 to 89.202.157.95 and 89.202.157.128 to 89.202.157.159, according to this forum post on the NOD32 support forum. These blocked IP ranges contain many of the servers used to provide anti-virus signatures for NOD32. These were added to the blocklist for alleged anti-p2p activities. However, what kind of anti-p2p activity was taking place is unclear.
Bluetack administrator ‘m00re’ told TorrentFreak that the IPs were added because “someone noticed them on a torrent”. ‘m0nk’, another administrator later told TorrentFreak that he noticed an IP belonging to ESET on a private tracker’s movie torrent that he was on. “It was only 1 IP, but since they’re a commercial software company with a strong financial interest in copyrighted material, they go on level 1 regardless”.
However, ESET didn’t take too kindly to this disruption of its business. A representative from ESET tried to contact Bluetack, to see about the removal from the list. He later posted a screenshot of the discussion to the ESET support forum.
This was the same kind of attitude experienced by Ludvig Strigeus almost exactly two years ago, after utorrent.com was added to the Bluetack lists. Similarly by the Opentracker people, and the German Chaos Computer Club.
Based on the feedback from Bluetack, ESET added PeerGuardian to their anti-virus updates. Two signatures called Win32/PeerGuardian were added in update number 2894 on the 21st of Feb, with another 5 added in update number 2895 the following day. These updates identify the PeerGuardian application as malware, and offer the user the ability to deal with the ‘infection’. Those that do, have been unable to use PeerGuardian afterwards.
Phoenixlabs, which makes PeerGuardian, put out this statement in response. Their representatives would not comment further on the subject, referring only to the statement. Bluetack, on the other hand, have been very vocal about it. ‘m00re’ said “whomever the person/persons are that made the flawed decision to maliciously target a non threatening application like PG2 is clearly a moron.” whilst ‘firstaid’ suggested that “people call them and have them stop having their product remove PG2 from their systems.”
ESET defended the addition, “By blocking update and threatsense servers detection of PeerGuardian as potentially unwanted application is fully justified as it could disrupt normal operation of NOD32 and or ESS.”
However, ESET has now changed it’s mind, saying “We have reconsidered detection of PeerGuardian and it will be removed in the upcoming update. However, we will actively continue protecting our users from blacklists that contain the IP addresses (ranges) of our update servers and thus preventing our paying or trial users receiving updates and keeping their computers protected.”
Previously: Mininova: Serving Billions of Torrents and Buying Bugattis
Next: Oscar Winners 2008 Popular on BitTorrent
215 Responses (Add yours or TrackBack)
Pages: « 1 2 3 4 5 6 [7] 8 9 » Show All
“have noticed that Phoenixlabs have already deleted the statement referenced in the article.”
You are referring to this one?
http://xs124.xs.to/xs124/08091/phoenixlabs761.gif
[quote comment="297981"]“have noticed that Phoenixlabs have already deleted the statement referenced in the article.”
You are referring to this one?
http://xs124.xs.to/xs124/08091/phoenixlabs761.gif/quote
Yes, thank you, I’ll edit add that in at the end of the piece
aarrgghhh
i be a pirate
arrrghhh
Jen Bones say aarrrghhhhh
ipfiltering is baaaaaadddd
ARRGGHHHHHH
trust me i am a pirate
arrrghhh
parrot on my shoulder, do you love me, parrot, parrot, on my shoulder, arrrghhhhh
fuck off you twat ben jones and die soon arrrghhhhhh
disney motha fucker peado
Good. They block serverbeach servers as fake emule servers too for those who turn on block http traffic. It blocks my site, which has nothing to do with anything. How annoying.
Ben i made the pool of piss you asked for
please send me 8 euro to oldlady@paypal.com so i can piss you some more
thank you for making pirate yellow
Peer Guardian is one of the most worthless programs and its great news that it’s finally being labeled as malware. It is HORRIBLE for all p2p users, including of course bittorrent users.
wondering why you can’t connect to peers or getting shitty speeds even with ports forwarded? try turning off your snake oil program called peer guardian and you might have MUCH better results. its simply illogical to use a program that is LIMITING in every way and the whole argument that it somehow protects you is bs and everyone is now realizing it.
if the guys at PG really wanted to help protect people then they should focus on very specific ips and not discriminate against groups such as (for example) college students and educators. but they are lazy as hell and are already popular enough to their own satisfaction so they dont care if their users suffer from their laziness since most of the users are too stupid to realize how to use the program properly and/or they have “faith” in the program that it will protect them from everyone “bad” yet still allow them to connect to others who pose no threat (neutral ones), the faith observed here is very similar to the type seen in religions faithful believers.
bottom line- PeerGuardian IS MALWARE and its good news its labeled as such and even the clueless people who just look at headlines and get scared of everything will hopefully stop using the program.
and this is coming from a NON PG user and a NON anti-virus program user and never had virus problems so for me both are worthless types of programs but I’d say anti-virus programs are probably more potentially harmful than PG, and since i hate both sides i think i can be more objective ;)
[quote comment="298024"]Peer Guardian is one of the most worthless programs[/quote]By all means, stop using it. Don’t complain to us though, when police come knocking at your door, that we didn’t warn you.
You might want to inform yourself about the dangers of openly up- or downloading stuff you’re not allowed to up- or download or own or have on your harddisk, before firing off your worthless advices about PeerGuardian.
It’s quite clear you haven’t even used the software once to check out what it CAN do for you.
[quote comment="297969"]“No they will not, and no, phoenix labs will not deny using them.”
Just have a little patience…[/quote]
OK, let’s bet some money on it. You put a date on the ultimatum of your prediction. It will not happen.
If only for the fact that others (like you) are far too lazy to maintain decent blocklists. Read the PhoenixLabs forums.
[quote comment="297052"]Peerguardian is just a falls sense of security. no point having it installed. ESET should just leave them blocked.[/quote]
You are a total idiot who doesn’t know sh1t from shinola. Now hush up. The grownups are having a conversation.
[quote comment="297052"]Peerguardian is just a falls sense of security.[/quote]
False. F-A-L-S-E. False.
Class dismissed. Noob.
PeerGuardian was OK until the childish ego trippers at Bluecrap destroyed its usefulness.
Oh yeah, I also fully believe that the RIAA and their goons are too stupid to get a DSL line with a dynamic IP address for their collection of evidence.
Because otherwise PG2 would be useless, amirite?
monk is a punk and moore is a whore.
That’s all there is to it.
(Don’t forget to donate money so those two clowns can continue to trash your P2P experience.)
[quote comment="297060"]Peerguardian is my favorite example of “snakeoil”.
How much do they block currently? 50% of the internet?
So stupid to block universities and such stuff, because they have good connections.[/quote]
Another ignorant party heard from. Yes, if you use all of the 20+ blocklists available, you will be blocking a sizable chunk of the internet. Does it matter? Of course not. The problem arises when noobs don’t take the time to absorb the learning curve of PG and learn how to configure and use it properly. A site you know is okay for you and you need access to regularly is blocked? You simply have to right-click on that IP and either perm-allow or temporarily allow it. Once you have those set, you barely need to ever bother with it again.
Why block universities and stuff? You don’t have to, just don’t use the EDU blocklist. But I do and for a very good reason. There have been numerous documented cases of, shall we say, students who having landed in legal entanglements with RIAA being “turned” and co-operating with anti-piracy groups in the hope of lessening their situation by helping to rat out others. When a student IP becomes a direct pipeline to RIAA, then I don’t think it matters how fast their connection is.
The tards complaining about an over zealous staff at Bluetack need to rethink their position. Or to put it more bluntly, pull their heads out of their a$$. I may lose a few good connections but it doesn’t really hamper my downloading just because I can’t d/l from anyone using a school or business IP. Stop complaing and stop using the school or office computer to fileshare. If you’re being blocked you have no one to blame but yourself. Buy a private ISP account like the rest of us. You’ll have the added benefit of not having to worry about your school or company’s IT department discovering your activities.
Malware, no.
Snake oil? Yes.
[quote comment="298036"][quote comment="298024"]Peer Guardian is one of the most worthless programs[/quote]By all means, stop using it. Don’t complain to us though, when police come knocking at your door, that we didn’t warn you.
You might want to inform yourself about the dangers of openly up- or downloading stuff you’re not allowed to up- or download or own or have on your harddisk, before firing off your worthless advices about PeerGuardian.
It’s quite clear you haven’t even used the software once to check out what it CAN do for you.[/quote]
Exactly, well said. I’m tired of responding to the ignorance of people who are either too stupid to know how to properly use such a useful tool or just talk out their a$$ without ever really investigating for themselves what this program can do for them. So all of you PG haters can please just go on not using it. But don’t come sniffling and crying here for donations to your legal defense when you get that knock on the door or your ISP disconnects you.
[quote comment="298086"]Oh yeah, I also fully believe that the RIAA and their goons are too stupid to get a DSL line with a dynamic IP address for their collection of evidence.
Because otherwise PG2 would be useless, amirite?[/quote]No, and no. Read earlier listings against such idiotic arguments. Also, bluetack *already* blocks a couple of ISP’s address ranges because of that, but what do you know? You haven’t even taken the effort of informing yourself before making embarrassingly dumb statements trying to look cool.
New, unused IPv4 address space is expensive and hard to obtain. Contrary to your fairytale mindset, it is not at all easy to change public IP-addresses. Dynamic address space is just one block, most of the time, easy to block, hard to get unblocked. There are even financial and commercial risks involved for the ISP allowing anti-p2p using their (expensive) address space. Permission isn’t granted for that out of the blue.
Also, Peerguardian isn’t bluetack. And, as mentioned earlier too; There hasn’t been 1 known case of a seized user’s machine that had PG2 running on it. None of the caught victims used it. Check phoenixlabs forums on this, it’s widely known.
Stop being such puppets on strings, use your brain, think.
[quote comment="298094"]Snake oil? Yes.[/quote]No.
Stupid user thinking that: Yes.
[quote comment="298009"]Good. They block serverbeach servers as fake emule servers too for those who turn on block http traffic. It blocks my site, which has nothing to do with anything. How annoying.[/quote]
There are so many stooooopid people.
Hey Ben Jones….
Still waiting on your unbiased report about why your friends at ESET
are spying on movie torrents.
[quote comment="296961"]Norman also detects Peer Guardian as malware.[/quote]
Norman has their shit together. They didn’t start detecting Peer Guardian as malware until the BISS/Bluetack asswipes came along and fucked the program up with paranoid overkill.
ESET were behind the times. They didn’t start detecting Peer Guardian as an undesirable program until the BISS/Bluetack asswipes came along and fucked THEM up with paranoid overkill.
Phoenix Labs should kick monk in the balls for all the shit and derision his childish ego brought down on them.
[quote comment="298151"]Hey Ben Jones….
Still waiting on your unbiased report about why your friends at ESET
are spying on movie torrents.[/quote]
I wait for unbias report why monk motherfucker bastard block Czech Republic Eset sites, when they have not any p2p? For a reason? Or just for a spite revenge? Fucken schoolboy!
We are very excited to announce that the Global job search engine has been released!
perfectsea.comis the first website that includes all jobs related to a lot of countries that speak English.
There are over 8 countries and/or areas jobs on PerfectSea.com. It searches over thousands job sites and provide millions jobs to our customers.
We use total automatic Robot technology to collect tons information from website, do analysis. So perfectsea.com provides the unique job search environment to our customers, let
them have a place to search all jobs in the world. This is one site solution.
Let people just come to one website and search the job, whatever where the job is, what kind of job the user wants.
Job seeker can get great benefits from it. People don’t need to go to different website for looking for job. This is one stop solution.
Perfectsea.com will change the way people looking for the job
Hey “Choking On The Ignorance Of My Peers”, you sound very much like the knowall turtlehead turd who used to crap on about BISS using the nick “Nigel Niggapiss” in alt.comp.hackers.malicious and got his arse kicked out of the newsgroup.
If you’re not, you’re a smegging fucktard anyway.
1 references to this post
Pages: « 1 2 3 4 5 6 [7] 8 9 » Show All
Add your response