Stealth programs...

Message boards : Cafe SETI : Stealth programs...
Message board moderation

To post messages, you must log in.

AuthorMessage
Profile Fuzzy Hollynoodles
Volunteer tester
Avatar

Send message
Joined: 3 Apr 99
Posts: 9659
Credit: 251,998
RAC: 0
Message 202586 - Posted: 4 Dec 2005, 9:44:19 UTC
Last modified: 4 Dec 2005, 9:54:44 UTC

I was fiddling about with my computer and my network, (I actually saw a neighbour's wireless connection, I could log myself on, but I have my own secure and encrypted, thankyouverymuch! (Thanks Pete(CW), for helping me doing that!)), and then I stumbled over a program, I don't remember I've installed, and which I had no idea of what's doing!

It was this program: C:\\Programmer\\Bonjour\\mDNSResponder.exe

I googled it and found this thread in a board discussing this: Gizmo Project and Bonjour, and it's very nice information that comes up there! NOT!

I love iTunes myself, and I use it as my favorite musicplayer, and I have QuickTime as my favorite movieplayer, but it's pretty lame of Apple to put programs like that Bonjour in my computer without letting me know, and letting it run as a stealth program! It doesn't even show in my programlist to remove!

I wonder how many other of these crummy programs I have installed?!


EDIT: More links about Bonjour:

ProcessLibrary.com Forum - hijack list.. had some worms think i got rid of them...

And from Apple's own board:

Apple - Support - Discussions - Bonjour for Windows


"I'm trying to maintain a shred of dignity in this world." - Me

ID: 202586 · Report as offensive
Profile David@home
Volunteer tester
Avatar

Send message
Joined: 16 Jan 03
Posts: 755
Credit: 5,040,916
RAC: 28
United Kingdom
Message 202622 - Posted: 4 Dec 2005, 12:27:01 UTC
Last modified: 4 Dec 2005, 12:27:13 UTC

Digital Rights Management (DRM) is a big area of discussion and contention at the moment. It was recently discovered that Sony were using some questionable techniques on some of their CDs that essentailly installed a rootkit on your PC to hide the DRM software. Unfortunately malware authors can use this same rootkit to hide their software too.

If you have copied any Sony BMG CDS to your PC best check out this story

http://news.bbc.co.uk/2/hi/technology/4441928.stm.

Latest news on the web is that the recall has not yet happened and the CDs are still in circulation.


ID: 202622 · Report as offensive
Profile Fuzzy Hollynoodles
Volunteer tester
Avatar

Send message
Joined: 3 Apr 99
Posts: 9659
Credit: 251,998
RAC: 0
Message 202633 - Posted: 4 Dec 2005, 13:06:49 UTC - in response to Message 202622.  

Yes, but this can be prevented by yourself with a small piece of Scotch tape. I have copied some cd's lately, so I most probably have this installed also, I haven't checked yet. But from what I read, it's pretty difficult to remove! But I'll look into the links on the bbc site! Thanks!





"I'm trying to maintain a shred of dignity in this world." - Me

ID: 202633 · Report as offensive
Profile Fuzzy Hollynoodles
Volunteer tester
Avatar

Send message
Joined: 3 Apr 99
Posts: 9659
Credit: 251,998
RAC: 0
Message 202684 - Posted: 4 Dec 2005, 14:18:33 UTC - in response to Message 202622.  

I found this link from Sony about their BMG protected cd's.

SOFTWARE UPDATES/ PLUG-INS

It also said in the BBC article that Sony's controversial anti-piracy CD software has been labelled as spyware by Microsoft.


"I'm trying to maintain a shred of dignity in this world." - Me

ID: 202684 · Report as offensive
Profile kinhull
Volunteer tester
Avatar

Send message
Joined: 3 Oct 03
Posts: 1029
Credit: 636,475
RAC: 0
United Kingdom
Message 202690 - Posted: 4 Dec 2005, 14:23:21 UTC - in response to Message 202633.  

Yes, but this can be prevented by yourself with a small piece of Scotch tape.


How do people know or discover to do these things? :)

I would have thought adding tape would potentially damage the cd player.

You learn something new every day :)
Join TeamACC

Sometimes I think we are alone in the universe, and sometimes I think we are not. In either case the idea is quite staggering.
ID: 202690 · Report as offensive
AC
Avatar

Send message
Joined: 22 Jan 05
Posts: 3413
Credit: 119,579
RAC: 0
United States
Message 202745 - Posted: 4 Dec 2005, 15:41:51 UTC
Last modified: 4 Dec 2005, 15:43:37 UTC

It probly has to do with itunes installation. Here's more info from Apple about this.

You should check out a util called Security Task Manager. It monitors program activity on your system.
ID: 202745 · Report as offensive
Profile Daniel Michel
Volunteer tester
Avatar

Send message
Joined: 2 Feb 04
Posts: 14925
Credit: 1,378,607
RAC: 6
United States
Message 202752 - Posted: 4 Dec 2005, 15:48:26 UTC - in response to Message 202745.  

It probly has to do with itunes installation. Here's more info from Apple about this.

You should check out a util called Security Task Manager. It monitors program activity on your system.


i know i had a previous version of itunes that included bonjour...it was screaming at my firewall to get on the internet because i blocked it...later versions appear to not to have this controversial item...

PROUD TO BE TFFE!
ID: 202752 · Report as offensive
AC
Avatar

Send message
Joined: 22 Jan 05
Posts: 3413
Credit: 119,579
RAC: 0
United States
Message 202761 - Posted: 4 Dec 2005, 15:59:14 UTC - in response to Message 202752.  
Last modified: 4 Dec 2005, 15:59:42 UTC

It probly has to do with itunes installation. Here's more info from Apple about this.

You should check out a util called Security Task Manager. It monitors program activity on your system.


i know i had a previous version of itunes that included bonjour...it was screaming at my firewall to get on the internet because i blocked it...later versions appear to not to have this controversial item...


I think your probly right about that because I installed the new Quick Time w/itunes just yesterday, and after reading Fuzzy's post I checked my system and couldn't find it. Looks like Apple decided to get rid of it.

ID: 202761 · Report as offensive
Profile Celtic Wolf
Volunteer tester
Avatar

Send message
Joined: 3 Apr 99
Posts: 3278
Credit: 595,676
RAC: 0
United States
Message 202875 - Posted: 4 Dec 2005, 18:22:44 UTC - in response to Message 202761.  
Last modified: 4 Dec 2005, 18:24:45 UTC

It probly has to do with itunes installation. Here's more info from Apple about this.

You should check out a util called Security Task Manager. It monitors program activity on your system.


i know i had a previous version of itunes that included bonjour...it was screaming at my firewall to get on the internet because i blocked it...later versions appear to not to have this controversial item...


I think your probly right about that because I installed the new Quick Time w/itunes just yesterday, and after reading Fuzzy's post I checked my system and couldn't find it. Looks like Apple decided to get rid of it.


And SONY has agreed to remove their crap too, but the damage has already been done. You would have thought they would have learned from VHS and Cassette when they tried to prevent them for being copied.

I removed iTunes from my system and refuse to put it back on. I won't buy a Sony BMG CD either..




ID: 202875 · Report as offensive
Profile Misfit
Volunteer tester
Avatar

Send message
Joined: 21 Jun 01
Posts: 21804
Credit: 2,815,091
RAC: 0
United States
Message 202918 - Posted: 4 Dec 2005, 19:13:05 UTC

Apple Itunes puts on a lot of crap. cntrl-alt-delete look in your task manager and you'll find at least 3 processes running for them. Which remindes me.. I need to turn those off at startup.
ID: 202918 · Report as offensive
grumpy

Send message
Joined: 2 Jun 99
Posts: 209
Credit: 152,987
RAC: 0
Canada
Message 202957 - Posted: 4 Dec 2005, 20:09:45 UTC

Hate that kind of crap software !

I found some info on this process and apple is not the only one using it.
(it may be called other names :'Rendezvous', 'Bonjour' 'ZeroConf')
It seems to be logged has a "process" that has to be turns off before
removing it.
You can disable it by making the property "disabled".
Some project like gizmo as an utility to turn it off
http://gizmoproject.com/jasmine/TurnOffBonjour.exe.

Problem with this services is, that it may take a lot cpu cycles
for something you don't care about!

*****************************************************************
ID: 202957 · Report as offensive
Profile Darth Dogbytes™
Volunteer tester

Send message
Joined: 30 Jul 03
Posts: 7512
Credit: 2,021,148
RAC: 0
United States
Message 202966 - Posted: 4 Dec 2005, 20:16:50 UTC
Last modified: 4 Dec 2005, 20:34:16 UTC

I'm a Mac cruncher, but I also run PC's. I had QT on one for my PC machines, and discovered iTunes, iPod, and Bonjour had backdoored. Nothing new, and I didn't think at the time of mentioning it. Oh, well. All those goodies are native to Tiger, where I run QT v7 Pro.
Account frozen...
ID: 202966 · Report as offensive
Profile Misfit
Volunteer tester
Avatar

Send message
Joined: 21 Jun 01
Posts: 21804
Credit: 2,815,091
RAC: 0
United States
Message 202973 - Posted: 4 Dec 2005, 20:20:55 UTC

bonjour and ipodservice you have to also uncheck in your services or they will still spawn a process even if you uncheck them in startup.

run msconfig

but only if you really know what you're doing. otherwise we might not be hearing from you for a while. :/
ID: 202973 · Report as offensive
AC
Avatar

Send message
Joined: 22 Jan 05
Posts: 3413
Credit: 119,579
RAC: 0
United States
Message 203018 - Posted: 4 Dec 2005, 21:04:49 UTC - in response to Message 202875.  

And SONY has agreed to remove their crap too, but the damage has already been done. You would have thought they would have learned from VHS and Cassette when they tried to prevent them for being copied.

I removed iTunes from my system and refuse to put it back on. I won't buy a Sony BMG CD either..


I don't even know why they're selling music anyways. Shouldn't they be making things like TV's and radios, hmm. The only thing I like in my music files is the music... and maye things like album info and lyrics. When there's stuff like DRM in them it's like you're being watched or something. The Sony DRM is even worse because it's like a hacker rootkit.

I removed itunes after I got the last Quick Time player and I did it again today since it came bundled with the newer version of Quick Time I downloaded yesterday. I'm also not buying sony cd's anymore.



ID: 203018 · Report as offensive
grumpy

Send message
Joined: 2 Jun 99
Posts: 209
Credit: 152,987
RAC: 0
Canada
Message 203028 - Posted: 4 Dec 2005, 21:16:35 UTC

check your printers too!

"No Wizardry Necessary
Since Apple introduced Bonjour technology in 2002, every major printer manufacturer has adopted the technology so you can add and remove such machines from networks without configuration. When you add your Mac to a network, Mac OS X will then automatically discover and connect to the available Bonjour-enabled printers and you’re ready to print. Also, innovative cameras may include wireless networking to download pictures, perfect for spycams. To setup these devices, simply navigate to the Bonjour bookmark in Safari."


http://www.apple.com/macosx/features/bonjour/
ID: 203028 · Report as offensive

Message boards : Cafe SETI : Stealth programs...


 
©2024 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.