dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
11560
share rss forum feed


Ryan Farmery

@chuyodenki.co.jp

TDS backdoor?

There is a rather interesting but somewhat alarming discussion going on over at GRC concerning the ethics of TDS and the ethics of taking email addresses without a users knowledge or permission.

This surely appears to be an invasion of privacy, possible theft of data and a deliberate backdoor in the program, which in some respected peoples opinions, makes it probably unsafe to run their code. In light of other rumors that the program uses code written by hackers from tlsecurity I feel that this is an important issue to discuss. There is also another issue of the legality of taking peoples email addresses and sending unsolicited email to these people.

This leaves one to assume that if TDS is taking email addresses without a users knowledge then it is in fact a trojan itself.

The thread starts at »grc.com/x/news.exe?utag=&group=g···ier+Item s and continues for many pages.

It would also be interesting to hear comment from wilders.org and whether they were aware of this or not.

I don't have the technical knowledge about these programs that some of you guys do and would appreciate any feedback and your opinions about relevance of the GRC posts.

Thanks



ITGeekMonkey
Orbis Hirsutis
Premium
join:2001-11-06
Wylie, TX

Edit: Never Mind--
Computer Cops | Proxomitron Web Filter | Dallas Forum

[text was edited by author 2002-03-18 13:20:03]


New Years$

join:2001-12-20
reply to Ryan Farmery

"This leaves one to assume that if TDS is taking email addresses without a users knowledge then it is in fact a trojan itself."

Not this "one" but nice try>



jfgnet
12 Step Program
Premium,MVM
join:2001-02-14
Limbo
reply to ITGeekMonkey

jabbawest,
Call up your link, change http: to https: and it will work !!
--
Always found in the land of Limbo



Lurkers inc
Don't Call Me Doink

join:2001-10-13
Seattle, WA

reply to Ryan Farmery

For further reading of the issues also see the "survey" threads at the Wilders forum as well.

»www.security-pro.co.uk/yabb/YaBB.pl and
»www.morelerbe.com/cgi-bin/ubb-cg···t=001217

A few comments... is I do not like software sending out personal information like an e-mail address without me knowing about it before hand. From what I understand the only way that would happen is if a specific illegal keygen were used. As far as I know their have not been any complaints from legitimate customers that I can confirm. The letter sent, reaked of extortion and I beleive it was rewritten.

I think the issue is bigger than one company and important that the collective voice is heard on how far software companies can go to protect their software from piracy.

Also a Story from the Washington post might be on topic.

From the Shareware Industry, Lessons on Keeping Downloaders Honest By Rob Pegoraro.

Paul,
[text was edited by author 2002-03-18 14:31:13]


pchelp7

join:2001-03-05
Manson, WA
reply to Ryan Farmery

said by Ryan Farmery:
... taking email addresses without a users knowledge or permission.

This surely appears to be an invasion of privacy, possible theft of data and a deliberate backdoor in the program, which in some respected peoples opinions, makes it probably unsafe to run their code.
This is an inflammatory and grossly inaccurate rendition of the facts.

The suggestions that the code is unsafe or that the behavior in question constitutes a "backdoor" are in my opinion nothing less than false and intentional effort to foster mistrust and concern on the part of people who lack factual information about the issue.

It's especially disingenuous to raise this issue many days after its thorough discussion and while the GRC website and news server, where the facts reside, are inaccessible due to an ongoing DoS attack.

The fact is, that TDS responds to known pirated registration codes by phoning-home with the user's email address. The user is then sent an email that is in effect, a cease-and-desist message.

What it actually is, is an effort on the part of the author to control piracy of his intellectual property. He has enegaged in open dialogue about it.

It may be a very bad idea. It may be intrusive. It may be poorly justified. Much depends on your viewpoint. But it is not a "backdoor" and it does not render the product "unsafe" in any other respect. It is a very specific response to known pirated keyfiles.

There is or was a survey on the TDS site, the results of which will undoubtedly influence the author's future choices.

This is one of the author's statements from the GRC thread, which sums it up well:

... unless you go out of your way to obtain an illegal keyfile, you won't experience any issues at all. If you choose not to buy, TDS will simply expire - it just won't let you run it for more than 30 days, this is standard in a lot of programs. If you do choose to buy, you'll receive a legal key which will allow you to use TDS fully-registered with no restrictions. Either way, you've got nothing to worry about unless you go out of your way to obtain an illegal keyfile.
pchelp


catseyenu
Ack Pfft
Premium
join:2001-11-17
Fix East
reply to Ryan Farmery

It was interesting that the concerted attack of TDS seemed to come (for the most part) from unknown posters (such as here)& unregistered users, except for the one that was identified as having the handle of one of the sub-seven group. Of course when this was pointed out he conveniently disappeared.

Things that make you go Hmmm.



Wildcatboy
Invisible
Premium,Mod
join:2000-10-30
Toronto, ON
kudos:3
reply to Ryan Farmery

There has been several threads going on about this at GRC and other forums and I was wondering why people in this forum weren't talking about it.

Of course posting as anonymous doesn't help the issue but I think the subject is one that is worthy of a civilized discussion. It is an important move by DCS and one that may soon become a trend so it's important that we talk about the pros and cons of the issue and it's important that we keep it civilized and free of personal attacks.

I'm so looking forward to this discussion.
--
You can catch the Devil, but you can't hold him long.


GaryK
Premium
join:2000-08-29
Miami, FL

It's an ugly practice. But if people won't abide by the law then unusual solutions might be required. Does DCS clearly, and I do mean clearly, disclose that entering a pirated registration code will result in your computer being scanned for personal information that will be used to try and force you to stop using their product? Would such a warning be self-defeating?
--
Do you run IIS and need an updated browscap.ini file?
Come visit my website and grab a copy for free!



catseyenu
Ack Pfft
Premium
join:2001-11-17
Fix East
reply to Wildcatboy

"I'm so looking forward to this discussion."

Best get out your flame proof fecal retardant umbrella, it looks like rain.



TunerCivic

join:2002-02-14
reply to Ryan Farmery

i registered my copy of TDS yesterday so i guess i dont have anything to worry about.. i was worried when i first started reading this thread with all that talk of a backdoor in the program.



tke711
Premium
join:2001-03-31
Everywhere
reply to Ryan Farmery

I'm not sure about this one???

While I certainly understand TDS wanting to protect their product, this may be going a little too far. I don't like the idea of a Trojan scanner, becoming what itself seeks to destroy. I know, I know...it only sends back the individuals email address IF you use a known illegal pass key. But, that is still a trojan. It may be a well-intentioned trojan, but a trojan none the less.

That being said, I really do understand what they are trying to do and I'm not too sure as to an alternative for them. The only thing I can think of is that when the 30 day trial is over, the program STOPS working all together. If you then want to purchase a licensed copy, you must download an entirely new .exe file only AFTER TDS receives your payment.

Sure, this may not stop the file from being shared on P2P programs, but it would stop people from downloading the 30 day trial program and simply applying a crack.
--
You Cannot Discover New Oceans Unless You Are Willing To Lose Sight Of The Shore


pchelp7

join:2001-03-05
Manson, WA
reply to GaryK

said by Trail Blazer:
Does DCS clearly, and I do mean clearly, disclose that entering a pirated registration code will result in your computer being scanned for personal information that will be used to try and force you to stop using their product?
Apparently not, at least not initially. The tactic was implemented very recently, and almost immediately resulted in complaints. There seems to have been no prior notice.

I don't know what information is transmitted other than the email address, BTW.

quote:
Would such a warning be self-defeating?
Perhaps, but in my own opinion it's something users simply must be told. I feel sure that's where DCS will go with it.

I suspect legitimate users may be willing to buy software that does such things when pirated, but it seems clear that users of all persuasions will always react badly to learning that they were intentionally not told about it. IOW, it's more self-defeating to do it without notice.

pchelp


Wildcatboy
Invisible
Premium,Mod
join:2000-10-30
Toronto, ON
kudos:3
reply to Ryan Farmery


Here's a copy of the email sent to people by DCS. This was posted on one of the boards.

quote:

To whom it may concern,

TDS-3 has detected that you are using it illegally - breaking International laws - from address (and/or behind that address), and has reported your actions to our investigations team. The keyname you're using as you know is and we've never had any legal registrations from that name and/or geographical location. As you are probably aware, software piracy is a very serious crime that costs the industry hundreds of millions of dollars each year in lost revenue, so we are co-operating with US, UK and International law enforcement agencies to help stamp out this crime.

However, IT'S NOT TOO LATE FOR YOU. We're offering an amnesty to you and we're prepared to forget about your illegal use of our software if you legally register TDS-3 now, and all investigations and legal proceedings against you will be dropped immediately. We don't ask for any extra money and we're not even asking for an apology - all we ask is that you pay us for the software we created that you use, like any honest citizen with morals would. You'll then be welcomed aboard as a LEGALLY licensed TDS-3 operator, and you will then receive ALL the benefits, including free database updates, a free upgrade to TDS-4 Professional when it is released this year, free access to our private members forum, and much more.

If you do not register the copy of TDS-3 that you've been using illegally we will have no other option but to turn the matter over to the law enforcement agencies to investigate further, which is a path I don't think anybody wants to take.
I also need to mention that TDS will automatically run an update upon installation and check the information against their database. It remains to be seen whether the personal information is transferred after it's determined the software is illegal or it's done in order to determine that.

The information seems to include the email address, username, "Geographical information"? which could be anything from the IP address to the personal registration information on your OS.

It is also important to note that once it's determined the software is pirated, a program runs automatically and deletes TDS files from your computer. This brings the question that if the software is deleted, why the email tries to force people to pay for it. There hasn't been any illegal use and the program no longer resides on the computer so no copy right laws have been broken. So why is there the threat and the scare tactic to get money?

I think the issue here is not necessarily whether piracy is good or bad. The answer to that is a big yes by majority of our members including me. The question is how far a company should be allowed to go in order to protect their interests.
--
You can catch the Devil, but you can't hold him long.

Pro_zaC

join:2001-08-08

I have also been reading about this on GRC.com! From what I understand the quote that Wildcatboy posted is on a web page that pops up when an illegal keyfile is detected not in an email (at least that’s the impression I got on grc).

I don't blame him for trying to protect his program but I don’t agree with the way in which he has gone about it.

Should he have just let the crackers get on with it? No, everyone knows its wrong.

Should he of included the uninstall routine? Yes, I don’t see a problem with this. If it was being used illegally then tough luck on the pirate.

Should he have collected default emails? No, I believe not. I don’t see what purpose this serves. As the web page what pops up contains the message then why does he need the email?

I am no lawyer but I don’t think collecting emails is legal or if it is legal then it defiantly is not moral. I know that the using a cracked copy is also wrong but hey, two wrongs don’t make a right.

I get the impression from the quote and what has been said on grc.com that this warning is a kind of pay up or else you will be sent to court or whatever, I don't think Wayne meant it like this as he seems pretty level headed bloke. I also fail to see how every single user from the 12yr old who uses his dads PC that got an illegal keyfile to the 45yr old pro pirate that has been selling copies with cracked keys will be sent to court if they don’t pay up.

Anyway, what I am trying to say is I totally agree with removing the program from the users system or disabling it or whatever but not (illegally?) collecting emails which are not in any way part of TDS and therefore not his property.
[text was edited by author 2002-03-18 16:42:25]



jfcjrus
Premium
join:2001-12-09
New England
reply to pchelp7

I am a licensed user of DCS's TDS-3. (two machines)
I've spent the last hour reading thru lots of posts on three sites about this issue.

(If I read it right - after filtering thru pages of emotion)
DCS, for what they thought was a good reason, hijacked info from someones pc. Specifically, they got the default email address & sent them a strongly worded email to stop using this illegal copy of TDS-3 (with a pirated key?).

In myopinion;
DCS did exactly what I bought TDS-3 to stop!
Now, I'm not so ignorant that I don't realize that many (if not all) of my security applications could steal my private info if they wanted (after all, I've given them quite a bit of control?), but for DCS to actually do it is awful!
That they did it at all is more important, to me, than why they did it. Customer trust (especially in their field!) is pretty important.
I like TDS-3, thought I was buying one of the best.

I didn't like what I read about what they did.
But, I may be wrong. The various threads were somewhat disjointed.
I'm looking forward to further reports & comments.


mytoy

join:2002-03-18
600084
reply to Ryan Farmery

This topic has upset me real bad to post a reply. I don't do this!
why can some people here saying that it is ok for TDS to take my email address? a question...
When i bought TDS they take my email from my browser? If so I AM REAL MAD! to email address that i put in my browser is mine to me. I have split personality. At nite is turn into a sex godess i not want anyone knowing who i is. i dont care a security firm!
From the last message i read like they are doing it for MONEY ONLY! I going delete TDS my computer and start using aothor program!!!
If I was a cracker i still not want anyone get my email address!!! This is bad to me!!! I never trust TDS programs again!!!


New Years$

join:2001-12-20
reply to jfcjrus

Enron or end run..that is my question????

Kind of reminds me of the strategy every company does when they are thinking about getting out of the business and selling off the product, the assest and the goodwill.

The first thing you do for a new potential buyer is clean up the mess and make the purchase more attractive in one neat package.(or the best you can)

That letter is then something I would do.

Hey guy I am not starting a rumor here..just looking at the big picture..what is now happening in the Security field, the partnerships forming with others all over the world..and then who is going to be left behind.

I think it is a great time to sell..if you have anything of real value..and the subscription thing looks good on paper to any accountant..on the guy with the bucks.



vampirefo1
Trojanhunter Rules

join:2002-01-16
Huntington, WV
reply to Ryan Farmery

Re: TDS backdoor?

I have had my say on the subject in several forums, I have been told to leave called a thief, called a Moron, cause I misspelled vendor. And the sad thing is I was invited to help or provided suggestions, on how companies can fight piracy. I strongly disagree with TDS-3, method, he has designed a Trojan, that does nothing less then steal, TDS-3 is doing exactly what they want others not to do.

What else has or can TDS-3 do no ones knows, We only know what the author wants us to know, On the forum I was attacked on, we all were on the same side, trying to fight piracy, but anyone that disagreed, with the method TDS-3 using is called a thief, and you better speak proper English, and use correct grammar, or you are a Moron, simply cause you wont let TDS-3 have their way with your pc.

His supporters, attacking me and others, don't help TDS-3 at all, it only shows, poor judgement, and will cause TDS-3 losses, if one can not have a difference of opinion, and one vendors way in the only way, then not only is privacy lost but so is freedom, I fully support TrojanHunter, and I am posting his statement on the subject below.

Over the last few days I've received a relatively large amount of e-mail where people have asked if TrojanHunter transmits any personal data. I can understand the concern some people may have, especially with respect to recent developments, and have therefore decided to post the below text publically to perhaps cut down on the number of people who have concerns about this.

No part of TrojanHunter collects or transmits any personal data whatsoever from the user's machine. In fact, TrojanHunter does not collect any data at all from machines it is installed on. The program was designed to search for and remove trojans, and that is what it does. It is not spyware, and this for several reasons:

(1) As an anti-trojan application, TrojanHunter should most certainly do its best to not behave like a trojan in any way, be it intentionally or unintentionally. It's just plain common sense.

(2) In my opinion, respecting the privacy of users always comes before any other agenda points, including fighting piracy. This means that TrojanHunter sacrifices any anti-piracy measures in favor of respecting the privacy of users.

I hope that this statement has clarified any questions concerning this matter in an unambiguous way. If you have any questions whatsoever, please don't hesitate to ask.

Regards,

Magnus
--
NTFS is not Needed!!!!!!!!



Muddly
It's a grey area.

join:2001-07-16
Canada
reply to Ryan Farmery

It's amazing how anybody could compare the actions of DCS to a trojan horse program. Trojans, by definition, masquerade as something they are not. The stated purpose of the program and the offered terms of use are a lie. DCS, on the other hand, is doing nothing more than enforcing the terms of use already agreed to by the user. No small distinction.

DCS doesn't offer the program for illegal use. They actively discourage illegal use. People are complaining that TDS isn't functioning the way they expect it to while they're using it illegally with a bogus key. That's a joke, not a privacy issue.



tke711
Premium
join:2001-03-31
Everywhere

Muddly, but if TDS is transmitting the users information back to themselves WITHOUT the users knowledge and/or consent, that is the basic definition of a trojan, or at the very least, Spyware.

Doesn't it seem ironic and wrong that a program designed to stop this very behavior is conducting the very SAME behavior???

I'm not advocating piracy, but I think that TDS has crossed the line on this one.
--
You Cannot Discover New Oceans Unless You Are Willing To Lose Sight Of The Shore


Pro_zaC

join:2001-08-08

said by tke711:

Doesn't it seem ironic and wrong that a program designed to stop this very behavior is conducting the very SAME behavior???

I wouldn't go quite as far as to call it a trojan. I believe DCS has just gone a bit far with the email address collecting. Everything else is fine as far as I can see.


vampirefo1
Trojanhunter Rules

join:2002-01-16
Huntington, WV
reply to Ryan Farmery

We all look at things differently, I look at it like this, TDS-3 had a golden egg, hand delivered, and dropped it, breaking it in to millions of useless pieces. Wayne talked to the author who made the keygen, and that person told Wayne, how it worked. The keygen was designed off of how TDS-3 read the key files, meaning it didn't actually make a legal key, So Wayne having this information, could have simply re coded, he product, and the keygen would have been useless.

You might ask how would this have helped Wayne, fight piracy, simple, everyone that download and used the keygen, would have found out it didn't work, and they would have assumed the cracker was no good, and just went on,. but in all honesty all Wayne did was promote this cracker, by saying this keygen did in fact work and worked so well, I am going after people using it.

With in a matter of days, people would have heard about it and stopped using it, But now any time this cracker comes up with another cracker for TDS-3, Which i have heard is already out, it supposed to be a legit key, and other one is supposed to be a cracked exe, so did Wayne stop piracy? No of course not, he made a crackers day by promoting him.Probably what the cracker could only have hope for, the lime light.
--
NTFS is not Needed!!!!!!!!



Muddly
It's a grey area.

join:2001-07-16
Canada

reply to tke711

said by tke711:
Muddly, but if TDS is transmitting the users information back to themselves WITHOUT the users knowledge and/or consent, that is the basic definition of a trojan, or at the very least, Spyware.
Knowledge and consent? Information is not being transmitted back from USERS, it's being transmitted back from THIEVES. Only.

People are saying, basically, "I'm using TDS illegally with a pirated key. Now it's doing something unexpected. I have a right to steal software without it doing anything unexpected afterwards."

Why does DCS need your consent on what software does or doesn't do when you're using it illegally? You don't have consent to use it in the first place. Sorry if I'm missing something here but to me this is ridiculous.
[text was edited by author 2002-03-18 17:08:54]


tke711
Premium
join:2001-03-31
Everywhere

Because the users email address is not part of the TDS program. TDS is doing no better than the pirate did...They are stealing from the thief. Two wrongs do not make a right and IMHO I find it hypocritical for a security software to behave this way.
--
You Cannot Discover New Oceans Unless You Are Willing To Lose Sight Of The Shore



novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH

said by tke711:
Because the users email address is not part of the TDS program. TDS is doing no better than the pirate did...They are stealing from the thief. Two wrongs do not make a right and IMHO I find it hypocritical for a security software to behave this way.

exactly my thinking as well theres a progy name dont matter to any one whos not in the 3d field that had a what i consider horrid way of protecting it from piracy they used a randomly generated number and to get a key you had to email this guy for him to send you the key to register it no big deal if he got right back to you but if he was on vacation then you was sol till he got back.
Then if you had to reformat for any reason such as crashing your os from running 3damx and true space at the same time and running flat out of resorces heheh.
Then you had to get a new key wich ment another email and more waiting.
So dont think that tds is the only programers out there useing foolish ways of protecting their soft ware.
And dont bring up windows activation heheh
--
Join me and my game development team on irc.enterthegame.com #rebornhttp://beardeddragon-ent.com currently in need of programers and 3d artists.no money avail at this time but at the end of the project profits will be shared


dvd536
as Mr. Pink as they come
Premium
join:2001-04-27
Phoenix, AZ
kudos:4
reply to Ryan Farmery

I downloaded this program about a month ago. never got around to evaluating it since i never installed it. I very much despise anything that calls home whether its to see if i used a crack or to check for updates. Piracy is a fact of life if you're a software author; deal with it!. go too far and you open yourself to legal problems. Sorry TDS-3, You go straight into the recycle bin without even being installed. Anyway use of common sense makes having to have an anti-trojan program unnecessary

-Peace out



SGT6

join:2002-02-27
Aurora, CO

hmmm... I'm not TDS user and that'll probably stay that way after this reading.

I got another question regarding this issue. Assume that someone using TDS has put priorities properly and had a *working* firewall before that. Now, how can TDS call home without being walled? Does TDS have some installation features that allow it to go out with users' blessing (like firewall allow rule)?

In other words, how usefull is that keygen stuff that VampirInfo was speaking about if one can intercept call home!?

Either way, I'd say the only damage done is to DCS.

Cheers,
SGT



woody7
Premium
join:2000-10-13
Torrance, CA
reply to Ryan Farmery

I have been using TDS for about a year now (paid).........A great program and has done as advertised..... If I understand correctly, if you pay..not a problem...if you cheat,steal..a problem.....so what's the beef?I only run mine behind a fire wall and then only 1-2 times a week...manually...I have not seen any strange firewall logs.....not an issue...:)



Muddly
It's a grey area.

join:2001-07-16
Canada
reply to SGT6

said by SGT:
Now, how can TDS call home without being walled? Does TDS have some installation features that allow it to go out with users' blessing (like firewall allow rule)?
Perhaps it communicates while the "users" are busy downloading their latest free radius update from the website

Looks like I'm a cult of one -- or at least not many -- on this issue. I'm not particularly vociferous on the subject of software piracy. The idea of someone using pirated software or cracks or hacks inspires in me a shrug, at best. The idea of that same person whinging and complaining about someone ELSE'S ethics, after they get caught/thwarted, well that inspires in me quite a bit of laughter.