[RC5] Service Pause Option

Bruce Wilson bwilson at distributed.net
Wed Mar 20 07:34:52 EST 2002

Hash: SHA1

| I would place cold hard cash on a bet that a very LARGE 
| percentage of dnet's
| results are obtained from un-authorized machines.  The fact the
| proxy applications are provided from the dnet web site, and that 
| the ability to
| hide, rename and mask it's installations are built into the 
| client only
| encourages people to install it on un-authorized systems.  
| It's a do what I
| say, not what I do mentality.  If dnet was really that 
| concerned about it's
| own liability it would force you to run the cliet windowed or 
| in the task
| bar like many other peer clients do.

I take exception with your claims.

We strongly oppose unauthorized installs.  The personal proxy
application is provided to make use of the client more feasible for
those with expensive or intermittent connections.  It does not hide
the identity of the participant any more than does NAT or an internet
proxy.  We have assisted a number of network administrators with
identifying and removing installations, even those "hidden" behind a
perproxy.  Besides providing the client and personal proxy for
download, we also provide instructions and removal tools for those
who are victims of unauthorized installs.

The client application has the capability to run as a service on
NT/2000/XP because (a) on these platforms, the service runs even when
nobody is logged in, improving overall production, and (b) we
recognize that a great many of our larger participants are network
administrators who have the legitimate authority to install the
service hidden.  Though the dnetc and perproxy executable files can
be renamed, the service name appearing in a task list cannot.

We also came under heavy criticism recently for not contributing to
the defense of one of our participants who apparently installed the
client without permission of the owners of those machines.  (see
http://www.freemccowan.org, if I have the URL right).  Whatever your
opinion of the scale of the charges against him, our handling of this
situation was fully consistent with our stated policy.

We will not assist participants in unauthorized installs.  We will
assist those who believe they have an unauthorized install in
removing the installation.  We will not give credit to work from
unauthorized installs.  Within those constraints, we will do whatever
we can to make authorized installs as easy, as flexible, and as
maintainable as possible.

Recent abuses have prompted us to explore options which will make
unauthorized installs more difficult, less profitable, and easier to
trace.  User interaction upon install is one option we are exploring.
 A registration/activation process is another.

Bruce Wilson <bwilson at distributed.net>
PGP KeyID: 5430B995, http://www.toomuchblue.com/ 

Build a man a fire and he'll be warm for a day.
Set a man on fire, he'll be warm for the rest of his life.

Version: PGP 7.0.4


To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest

More information about the rc5 mailing list