OK Kazaa has revealed its altnet plans. So are the Kazaa lite users safe or are the components the ceo of sharman networks spoke of being added to my computer? I noticed a program called java plugin 1.3.5 running on my machine last week, was this from kazaa? :sw

Highy doubtful, sounds more like the standard java plugin, probably preinstalled.
As for altnet, can't say for certain. KL, so far, has been very good at preventing any hidden kazaa downloads (BDE specifically). But KL is not immune to the upgrade notice, so I'd expect kazaa to release a 1.7 client soon (I'm very suprised they haven't done so already).

The real threat lies in the Kazaa people blocking unlicenced clients from using the FastTrack network. When that happens, it's bye-bye sharing freedom.

But KL is not immune to the upgrade notice, so I'd expect kazaa to release a 1.7 client soon (I'm very suprised they haven't done so already).

K has just released v 1.6.1. They are not going to play games by making releases that are incompatibale with older ones to get back at KL.

The real threat lies in the Kazaa people blocking unlicenced clients from using the FastTrack network

Is it technically possible for KaZaA do design code to block KL ?

As for their unwillingness to "play games", I can only point out that the collapse of Morpheus 1.3.3 was just such an event. Research by harby on the napsterites.net forum seem to indicate that all FT clients have a specific kazaa IP hard coded in that is dedicated to the upgrade message. My personal suspicion is that there are no big differences between the 1.3.3, 1.3.4, 1.4.1, and 1.5.1clients, except an idenfitier tag which allows kazaa to turn off the client based on version. Harby research also seems to indicate that the upgrade message is broadcast soley by a Kazaa server, which would make much more sense then the supernode theory*. This, of course, could hurt them in any RIAA suit tho, so my feeling is that they are unwilling to try this trick again.
As for being able to tell between the Kazaa 1.5.1/1.6.0 clients from the KazaaLite 1.5.1/1.6.0 clients, as far as I know there isn't any way for Kazaa to be able to differentiate between the two. I suppose it could be possible by checking for BDE installation somehow, or by testing cd_clint.dll's spyware functions (if it doesn't work, it must be the dummy version). But such methods have not yet been found in the Kazaa client. But then, we didn't know about BDE either, so you never know.

* - [boring crap nobody cares about] The prevailing theory is that when an old client hits a supernode running the new client, they get infected with the upgrade message and shuts down. But this theory's big hole is how the old client network can sometimes spontaneously return. An isolated group of supernodes, never in contact with the new client supernodes, ever? If the upgrade message acts like a virus, every supernode running the new client should be permenantly infected. And the only difference between a supernode and regular node is the connection bandwith, no server/hub client software differences here (unlike openNap, DC, eDonkey). So regular nodes should be able to infect supernodes running the old client. Even assuming that isn't true, if you had an independent network of old client supernodes, all it would take is one connection to a new client supernode to take down the entire network. So then how does the independant network spontaneously return? The upgrade message must have been turned off somehow, but how? The upgrade message stops broadcasting after a certain time period? After a certain number of connects to an old client? You could spend hours (and sadly, I have) coming up with spohisticated models of how the upgrade message hit the old 1.3.3 iMorpheus network, and they break down every time you account for the fact that people are constantly connecting and disconnecting with the old and new clients. A single source shutdown message does the same thing in a much simpler model. [/boring crap nobody cares about]

Nice post, imoron. I also agree that Harbynger's results make the most sense, although it would be a lot better for FastTrack's legal status if he was wrong.

On another note, assuming that Harbynger is right, I can think of only one way that KaZaA would be able to block access to the network from KaZaA Lite users. Since KaZaA users do not access the advertisements, they might be able to filter out KaZaA Lite users (when the client checks to see if the version has expired) by disabling all the clients whose IP does not also appear connected to the ad servers.

Hasn't the new Bearshare beta found a way to stop people using the dummy file to stop cydoor? Maybe kazaa will start doing this

someone will find a way around it. they alway do.

Originally posted by Foreverboard
someone will find a way around it. they alway do.

yea all they have to do is make sure that the .DLL is the right filesize.