Why to kick or ban 66x clients: A compilation of several DC++ develope

[Ruri_Ruri]

ok, i came across this... anybody know more of what its about?

If you received a warning from SNAIL, please know that in all likelyhood, "I" did not warn you.
It is more likely that my client warned you. My client is what is called an OPs Client, and it has automatic security features.
"I am sorry about all the added effort, but it comes much in part to the fact that

DC Dev has gone off the fucking deep-end.

They are now releasing hacked clients and dangerous ones as well.
In most likelyhood, you have been warned about a recent hacked client. If so, read below.
It is unclear why, but the fact is, those who work to maintain a safe DC world,

will not tolerate these "official" hacks.

Because many of these hacks are cloaking as regular DC++ clients,
and because many users are unwittingly being pawns in this fiascal,
new coding has been made to sniff out, and handle the problem.

This doesn't come without cost, as it means a rough update,
and many users will get punished just for trying to keep up to date.

Affected clients include all 4021-4026, 4031-4035 and especially 666.

Most hubs are recommending users go to sourceforge and get a 401, 402 or 403 version (known to be safe).

http://prdownloads.sourceforge.net/dcplusplus/DCPlusPlus-0.401.zip?download
http://prdownloads.sourceforge.net/dcplusplus/DCPlusPlus-0.402.zip?download
http://prdownloads.sourceforge.net/dcplusplus/DCPlusPlus-0.403.zip?download
Note that 304 was the last very stable Win9x build.
You can find it here: http://prdownloads.sourceforge.net/dcplusplus/DCPlusPlus-0.304.zip?download"




UPDATE

DC++ 667 is out now.
While this release has removed the RPC attack exploit thus making it no longer a high risk client,
it is still a problematic hacked OPs client that contains issues with list blocking and
bandwidth throttling.
These poorly hacked clients are released as unstable and should be treated as such.
Further, they still reflect bad on DC Dev who are supposed to set the bar.


Why not 668?
Okay, let me explain this.
Recently 668 was released and called "stable".

I am still not allowing this client.
I want to explain this position.
I am not the only one who is taking this stand against DC Dev.

As only one among many DC++ client developers,
I stand with those as well as the security persons,
who feel that the public should not be allowed to use the 66x clients.

DC Dev, for reasons they refuse to explain, took the czDC++ core, modified it, added all sorts of bugs
and released it as an unstable test only build.
(One can only assume this was done as czDC is a more stable build then their own core.)

This version and those to follow, should have never been allowed into public hands.
Further, those people who build their clients using the DC Dev core, should have never used an unstable build.

The 668 builds still suffer from burried code and OP only features of the czDC++ OPs only client.
People would do better to use the actual czDC++ 403 (at the time of this writing).

Finally, while DC Dev claims 668 to be a stable release, they have not maintained continuity.
If 668 is to represent the next in stable releases,
it should be 404 or 405 (depending on how one views middle builds).
To close on this matter, I stand with those who feel the same.
The 66x clients are not to used by the general public.
I apologies to those afflicted by this decision and suggest you complain to DC Dev.



Highest Priority Warning!

The DC++ client ReverseConnect 0.668a comes bundled with spyware!!!
Ever since DC++ went to the 66x builds, they have released all sorts of RPC
and bugged software, suggesting the high probability of goverment intrusion
into the project.
(*More below.)



Upon installation and first run, rcDC 0.668a attempts to connect to these tracking services:

"Global Crossing, bossofthesauce.com[CWS], spider, " ( 146.82.218.137 ) [protocol: TCP - src: 1502 / dst: 80]

(Attempts to locate user via port open on most systems and firewalls.)

"Manitoba Telephone System, LAZURAS AKCOOP SERVER, " ( 142.161.49.96 ) [protocol: TCP - src: 1064 / dst: 411]

(Attempts to silently connect to a HUBbot data collection service.)

"M-WEB, proxy, BSA.co.za AP2P" ( 196.2.147.80 ) [protocol: TCP - src: 3076 / dst: 25]

(Attempts to silently email personal information to the BSA Anti Peer to Peer agency, a division of the DCMA and associate to the RIAA.)

BAN THIS CLIENT EVERYWHERE!!!

Addendum-

I have tried the rcDC++ 403d (which is actually 4032, a bad core known already) and it too is infected!
"Responsys, Inc. Tory Blue, Exodus IDC - SV/SC8 IP " ( 66.35.250.210 ) [protocol: TCP - src: 2511 / dst: 80]

Going back to rcDC++ 402 (prior to DC Dev pulling all this recent shit), and it is clean.


Jan 1, 2005
Updates...

Report on the DC++ client, fulDC-6.58
External build reports as 0.667
Internal build reports as 0.668
Infected with spyware code to "Global Crossing Spider Data Collection Agency" dst: 80
*Exploited with Sourceforge version tracker.


*Note:
that an in depth tracking report has revealed a severe security risk to ALL DC++ users.
Many of the DC++ version and hublist databases have been taken over by government/media-Nazi groups.
Any DC++ client that automatically checks for updates or public hub lists is at risk of exploiting the user.
Further, newer clients are being built without options to disable these features.


any thoughts or points.

p.s if this is in the wrong place, plz move it to the right place :P

[Sedulus]

http://board.univ-angers.fr/thread.php?threadid=3510&boardid=17