Anti-Virus Company Says PeerGuardian is Malware
Written by Ben Jones on February 24, 2008Over the past week, some servers used for updating the anti-virus software NOD32 were labeled as anti-p2p by a popular list maker for PeerGuardian. In response, NOD32’s company, ESET, has categorised PG2 as malware in some of its latest updates.
It started off with Bluetack adding some IP addresses to its “Level 1 blocklist” that belonged to ESET (NOD32) update servers. “Level 1” is the term that Bluetack use for their lists containing (according to site admin ‘monk’):
- Companies (Or organizations. I won’t repeat orgs. over and over) who are clearly involved with trying to stop filesharing.
- Companies which anti-p2p activity has been seen from.
- Companies that produce or have a stong financial interest in copyrighted material.
- Government ranges or companies that have a strong financial interest in doing work for governments.
- Legal industry ranges.
- IPs or ranges of ISPs from which anti-p2p activity has been observed.
The IP addresses added were 89.202.149.32 to 89.202.149.63, 89.202.157.88 to 89.202.157.95 and 89.202.157.128 to 89.202.157.159, according to this forum post on the NOD32 support forum. These blocked IP ranges contain many of the servers used to provide anti-virus signatures for NOD32. These were added to the blocklist for alleged anti-p2p activities. However, what kind of anti-p2p activity was taking place is unclear.
Bluetack administrator ‘m00re’ told TorrentFreak that the IPs were added because “someone noticed them on a torrent”. ‘m0nk’, another administrator later told TorrentFreak that he noticed an IP belonging to ESET on a private tracker’s movie torrent that he was on. “It was only 1 IP, but since they’re a commercial software company with a strong financial interest in copyrighted material, they go on level 1 regardless”.
However, ESET didn’t take too kindly to this disruption of its business. A representative from ESET tried to contact Bluetack, to see about the removal from the list. He later posted a screenshot of the discussion to the ESET support forum.
This was the same kind of attitude experienced by Ludvig Strigeus almost exactly two years ago, after utorrent.com was added to the Bluetack lists. Similarly by the Opentracker people, and the German Chaos Computer Club.
Based on the feedback from Bluetack, ESET added PeerGuardian to their anti-virus updates. Two signatures called Win32/PeerGuardian were added in update number 2894 on the 21st of Feb, with another 5 added in update number 2895 the following day. These updates identify the PeerGuardian application as malware, and offer the user the ability to deal with the ‘infection’. Those that do, have been unable to use PeerGuardian afterwards.
Phoenixlabs, which makes PeerGuardian, put out this statement in response. Their representatives would not comment further on the subject, referring only to the statement. Bluetack, on the other hand, have been very vocal about it. ‘m00re’ said “whomever the person/persons are that made the flawed decision to maliciously target a non threatening application like PG2 is clearly a moron.” whilst ‘firstaid’ suggested that “people call them and have them stop having their product remove PG2 from their systems.”
ESET defended the addition, “By blocking update and threatsense servers detection of PeerGuardian as potentially unwanted application is fully justified as it could disrupt normal operation of NOD32 and or ESS.”
However, ESET has now changed it’s mind, saying “We have reconsidered detection of PeerGuardian and it will be removed in the upcoming update. However, we will actively continue protecting our users from blacklists that contain the IP addresses (ranges) of our update servers and thus preventing our paying or trial users receiving updates and keeping their computers protected.”
Previously: Mininova: Serving Billions of Torrents and Buying Bugattis
Next: Oscar Winners 2008 Popular on BitTorrent
215 Responses (Add yours or TrackBack)
Pages: « 1 2 3 4 5 6 7 8 [9] Show All
torrentfreak fox news of the file-sharing community who to believe hmm ?
peerguardian is next to useless and bluetack are just a bunch of assholes who have little clue as to what they’re actually doing.
[quote comment="298036"][quote comment="298024"]Peer Guardian is one of the most worthless programs[/quote]By all means, stop using it. Don’t complain to us though, when police come knocking at your door, that we didn’t warn you.
You might want to inform yourself about the dangers of openly up- or downloading stuff you’re not allowed to up- or download or own or have on your harddisk, before firing off your worthless advices about PeerGuardian.
It’s quite clear you haven’t even used the software once to check out what it CAN do for you.[/quote]
Thanks for your scary warning, and other worthless advice but I have already stopped using PG a long time ago and i have a feeling you will be dead by the time police come knocking on my door. you know why? because they have no reason so and your stupid assumptions just show your ignorance and irrelevance in this discussion.
you probably live in america so fear-mongering is natural for you and contradictory laws are also fine for you so keep scaring yourself for whatever illegal shit you’re apparently doing is and forget about reality, it doesn’t matter after all, right?
anyways thanks for the completely worthless response and for helping me make my point: its only idiots like you who use peerguardian (which are many). you’ve made numerous ridiculous assumptions which shows you have an inability to think clearly due to your irrational fears.
i also want to thank you for enjoying reading my “worthless” opinion.
and to all morons who think SHARING is a bad thing and/or should be illegal: please wake up to the reality we are living in. that’s all i can say to you, please accept reality. police knocking on door for you NOT using peerguardian is a complete joke! and its just as funny even if you happen to live in a country with outdated laws such as the decaying usa!
oh and i also forgot to thank you for proving how effective fear-mongering is. your response was actually very revealing.
[quote comment="301405"]
Basically, no actual research, just hearsay, and so-and-so maybe hired a server there, or has a company there that did a non-p2p-related deal there a few years back.[/quote]
Ben Jones anti-ipfiltering
anyone know how to get peer guardian to do the updates? =)
What has yet to come to light - & sadly probably _never_ will: what the hell was ESET
doing connectiong to a pvt tracker? Am I the only one still keen to glean that datum?
And now for that time once again:
DADA-DA-DADA-DA-DAAAAA!!!
It’s: “My tuppence worth:”
PG _is_ a great app & BISS _are_ b0rking it. They need to audit that enormous list AT LEAST once a month - once a week would be better (when was the last time a full-scale IP-Addr. check was performed on it, if ever?). After all, thay’re always banging on about what a great community they have; then put the peons to work - anyone below the set poast-count, perhaps?
P.S. It’s obvious from even a short visit to BISS’ fora that the tweenies have taken over. The unneccesarily abusive power-tripping really IS something to behold.
P.P.S. I trust Ben Jones (who “used to work in copyright enforcement”) about as far as I could throw his fat, pimply ass.
Some hacker had attached NetTool.Portscan.c to my peerguardian lists, So peerguardian is obviously under attack, I really believe that there are certain people i dont know exactly who they are but, they seem to attack the computers that have peergaurdian installed on them. Softwares like peergaurdian, Norton antivirus etc, will always get criticized because they protect you from alot of the bad guys.
@17 DEMONOID IS BAC! ^__^
As has been pointed out.. What was ESET doing connecting to a private tracker? I really doubt it was some employee looking for britney’s latest flop..
As for the whole “Americans = fear mongering” crap that some idiot posted somewhere in the sea of responses; get a clue. The police won’t knock on your door because they don’t have probable cause? And how do you think they OBTAIN the probable cause to come knock on your door and take your PC away?
Oh yeah.. They go onto a tracker and get your IP, then subpoena your ISP for your name, address & other personal info. Get a warrant and come to your house. Knock on your door, PUSH you aside and take your PC then arrest your ass if your crime was serious enough in scope.
PG2 will not prevent that 100% of the time for 100% of users, but it can help lower the risk by blocking some random task force’s rookie attempt at nailing people.
That being said there is a very key difference in position here.. PG2 is a freely available program. It allows you to manually add or remove IP’s from your block list, and any standard user of PG2 should already know this, and know how to deal with ESET being blocked by themself; assuming they have a brain.
ESET on the other hand is not just some free IP blocking product provider. They provide a computer security product for a nominal fee, designed to detect and alert the user to SERIOUS threats from malicious program code and viruses. ESET is in a position of authority far exceeding PG2 and the users trusts this company to keep their PC safe from REAL dangerous programs.
PG2 is not malicious code. It does not infect your PC to make it destroy data or do other things you don’t intend to happen. Adding PG2 to the definitions list, even as a “potentially unwanted program” was an extremelu childish, unprofessional, unwarranted and IRRESPONSIBLE thing for a security company to do. They abused their position of TRUST & AUTHORITY on their users’ personal computers, to achieve a means to an end in a childish rivalry situation.
If this were any other software, not PG2 adding ESET to the list for being seen on a torrent tracker, ESET would have at LEAST released a new item for their customers, making a big precautionary deal out of it, saying that PG2 may prevent ESET products from updating, and that they should either disable PG2 when attempting to update, or “Take the following steps” to add ESET update servers to PG2’s white list features.
THAT would have been the mature, responsible, and appropriate thing to do. If this were a government agency, or Norton or some other hated entity doing something like this, it would be front page news bashing them for abusing their trust and power over their users’ systems in such a way.. Just like Sony with the root kit scandal.
But this is all about an anti-peer-2-peer agenda, and the bias is so thick all over that you need a MACHETE to cut through it
“What was ESET doing connecting to a private tracker? I really doubt it was some employee looking for britney’s latest flop..”
As was written above, it wasn’t a ‘britney flop’, it was a movie. LAst time I checked, ESET didn’t own the copyrights on any movies, thus it was an act of infringement.
Contrary to what many (well Ok, Bluetack) would have you believe, you can’t infringe copyright to ‘protect’ someone elses, even if you make a financial gain from copyrighted material. If that were the case, us at TorrentFreak could download all we wanted, and if we were caught, point to the copyrights here, from which a small amount of money is made (a financial gain) and claim we were ‘protecting it’. It sounds absurd, yet that is the picture you, and bluetack, attempt to portray this in.
“dding PG2 to the definitions list, even as a “potentially unwanted program” was an extremelu childish, unprofessional, unwarranted and IRRESPONSIBLE thing for a security company to do.”
ACtually, I think you’ll find its a pretty much standard thing for any antivirus company to do, to a program that then prevents, or severely restricts, the software from updating. I mean, we have a program that protects tens of thousands of people every day, and then there’s peerguardian, with no actual effective use ever proven. Or, put another way - Has nod32 ever removed a virus, YES. Has nod32 prevented a virus from getting on people’s systems, YES. Has PG2 ever prevented antip2p from connecting to people’s systems, maybe but no way to tell. Has PG2 ever actually had a solid verifyable case of actually doing what is claimed? Has anyone actually said “we tried to connect to them, but they were running a blocklist so we couldn’t” NO.
By the way, when it came to nod32 blocking PG2, I’ll leave you with the standard reply for when PG2 blocks things “just put it in your exception list” - or it it not a valid solution when it hits you?
I still have tremendous dificulty believing there are people out there that have such a poor grasp of the very basics of logic, have no ability to process common sense, and no aspect of free thought, that they can’t take independant facts, or even the facts given by groups like bluetack, and see the errors. Worse, I can’t believe they’ve never actually thought of how difficult these lists are to circumvent. Again,
1) there’s no law saying they have to use a corporate network to log you.
2) There’s no way to tell if a client is logging you.
3) they don’t have to act in any way different to a normal client, and that includes uploading - they after all, are authorised to distribute (ie, upload), you are not.
If your looking for even more information on PC security then I would head over here as they have plenty of stuff on identity theft, antivirus software etc.
If your looking for even more information on PC security then I would head over here as they have plenty of stuff on identity theft, antivirus software etc.
I personally will never use ESET! It has a bad habit of opening ports about every 15 minutes or so. And how do I know this, Simply because I use PG2 and PROTOWALL.
Bluetack has ALWAYS been straight with everyone. Just the CORPs dont like it when they are caught with pants down.
ASK ESET for the Source and see what reply you get :) ROFL..
Sounds like a pissing match to me.
1 references to this post
Pages: « 1 2 3 4 5 6 7 8 [9] Show All
Add your response