Author Topic: Are you concerned about making a winmx patch open source? (Read 3202 times)

app · « **on:** September 03, 2007, 04:03:22 pm »

I wanted to post this as a reply to a certain topic but found that it had been locked.

To all those that think that making a patch open source will allow script kiddies to hijack applications or the network or people's pc's, I would like to point out this google search on dll injection.

Any script kiddie can do this search and read any instructions on how to accomplish this and plenty of sample code provided. KM probably did it himself while making his very first patch.

The methods of dll injection can be used for good or evil...as with any code, including code to create a simple text file to save program settings for your application.

It is basic programming skills to create a text file, with a particular name, in a particular folder on a hard drive. The HOSTS file is nothing more than a text file. If you can write code to make a file for saving your program's settings you can make a HOSTS file too. If you can write code to edit your program's settings file, you can edit a HOSTS file too.

Everything that would go into making a patch has already been done before in some form, and sample code for every aspect of it is already readily available. You could create a patch almost entirely by copying and pasting existing code that is already available to the public.

KM didn't invent the wheel when he made his patch. Nor was his the first to 'hijack' winmx to add features or functionality. Nor was WinMX the first application to ever be 'hijacked' with a dll.

This method of adding new features and functionality has been around for ages...it is even taught in schools. It is an important skill that most professional programmers need to know. In a corporate environment one often has to add specialized functionality to applications that are specific to that company's needs and are unavailable any other way.

There are plenty of plugins available for other applications without a built in plugin architecture that uses dll injection. How did they do it? Same way KM made his patch...same way the next patch will be made.

I do not see a reason for not making a patch open source... unless you are going to hide something nasty in it that you don't want your users to know about, because you intend on using their connection or pc for other evil purposes, and by making it open source they would easily find out about it and you would be exposed for the rat you truly are.

The only other reason to not make a patch open source is control. He who has the patch has the power to control those that want it if his is the only patch in town. Even if it is a crappy patch, he will have the power.

But once the code is released, he has no power. Anyone can then that that patch and improve it and make it better, solving any new problems that pop up on the network, and keep this network going forever.

Open source takes the power away from the coder who wants to be a god and gives it to the users, where in this case it rightfully belongs. Instead of one coder who thinks he is a god and can act like he owns winmx, you give that power to the users.

This network doesn't belong to one single entity any more. It stopped being one entity's 'property' when frontcode walked away. It is us, the users of winmx, every single one of us, that owns this network now. Anyone that tries to take control of the network by releasing a closed source patch is trying to take the network away from you.

Don't allow that to happen again. We have been there before, more than once. Do not be at the mercy of another Frontcode, KM, Sabre, or anyone else. Demand what rightfully belongs to you and hold on to it for dear life. Don't let anybody have the ability to shut down the network and leave you high & dry again.

Anybody that doesn't want an open source patch wants the network to die, wants the RIAA to win, and wants to take the network away from you because a closed source patch makes it much easier to accomplish that.

Someone from TSC was working on a patch to replace KM's and was threatened and told by Sabre that he better not make his patch open source or even release his patch to be used by others....that he better keep the patch for his own personal use and not to be used by the rest of the winmx community. Another member was threatened by Sabre too...he is working on a peer cache.

I wonder why he said that? Why is he threatening us and trying to stop us? Could it be that he thinks without a replacement to KM's patch that it makes him the god and new owner of winmx? That now the network belongs to him and only him?

Is this what you want? Do you want him to be your god? Do you want to be at his mercy? Do you want him to have power like that? Do you want him to have the ability to decide if winmx will continue or not? Do you want any single person or small group of people to have that kind of power?

I don't know about you, but this is not what I want and the sooner we have an open source patch and peer cache and eventually a replacement client with an improved protocol, the better better off we, the winmx community, will be.

Let's make the next patch OUR patch...OUR code...for OUR winmx and stop the madness that has plagued this network for the last 2 years and usher in the beginning of a new winmx era that will be free of the patch wars, accusations, and other crap of the past. A new winmx that works together as a team for the good of all of us...undivided...with a single purpose...to keep what is ours and make it grow.

That is why we are all still here right? Because winmx belongs to us? (I know it isn't the files...you can get the same files anywhere on any p2p.)

..Ñøßß¥.. · « **Reply #1 on:** September 03, 2007, 04:18:20 pm »

I couldnt agree more April.

I would also add, Sabre has applied pressure to serveral ppl i am aware of and some here will know who i mean, the reason for this is the same reason KM is now back making as much mess as he can possibly blame on others, POWER, Sabre craves it, KM gave it away and now realizes his error, he wants it back, they may hate each other, but they have at least something in comon.

Quote:

"I do not see a reason for not making a patch open source... unless you are going to hide something nasty in it that you don't want your users to know about, because you intend on using their connection or pc for other evil purposes, and by making it open source they would easily find out about it and you would be exposed for the rat you truly are."

Nobby rolls eyes

dazco · « **Reply #2 on:** September 03, 2007, 06:22:45 pm »

I was apposed to an open source patch but now after reading this post by app i now feel if its going to bring all of winmx together, stop the fighting and take winmx forward for ever then iam now for an open source patch. It has been difficult to really understand the fors and against open source but now iam for it thankyou for making it clear

my only concern is several people releasing different pacthes and all claiming theirs is best time will tell i guess

chuck · « **Reply #3 on:** September 03, 2007, 09:38:45 pm »

April I agree 100%

Scyre · « **Reply #4 on:** September 05, 2007, 05:28:31 pm »

I disagree.
dll injection is a common enough tequnique, but you have to know what the program does in order to use it.

We are not discussing whether or not to teach people dll injection. We are talking about releasing the source of the patch which will have the information of how winmx itself works! In order for someone to use dll substitution for winmx, they have to know all the internals of what winmx is doing and what functions are being called to the regular dll libraries in windows. Then they can be 'overloaded' with custom functions. If we were to publish all these internal routines of winmx, then many would jump on the chance to wreck it.

No one is worried about the patch code itself. It is the exposure of any inherent flaws in winmx that is the concern. So even though your post was well intended and had some good facts in it, it isn't really what applies to this situation.

The reason the protocols for winmx have been such a closely guarded secret for so long is to prevent not only the cartel from exploiting it, but also the tons of trouble makers in the mx community that unfortunately go along with the territory of any community. I wish that every user was trustable, but we all know about 100 users that would take the first opportunity to disrupt the network or to cause havok for various reasons, whether it be just for kicks, or because they are mad at the world and have no sense of self control.

And it is easy to say that it would bring the community together, but that is only from the perspective of those of us who want the community to thrive and grow. There are many who would not. That is the problem.

Hope this helps!

Best Regards, and Be Good!
Scyre

White Stripes · « **Reply #5 on:** November 22, 2007, 12:51:50 am »

open source -is- a good thing but i would feel better with an entirely open source client (so that bugs can be fixed and new exploits plugged) rather than an open source patch to a close source copywritten -beta- program.... make sense?

GhostShip · « **Reply #6 on:** November 22, 2007, 01:56:07 am »

Indeed it does Stripes, 100% my own thoughts on the matter, I started looking at client projects some months ago when it became clear the entire network could be disrupted by the disgruntled, something we are still seeing today and no amount of patching will fix the base problem.

Tiny set up a site to gather interested folks together to get some ideas rolling, it seems to have been not very productive yet, but its a start, heres the link.

http://winmx-remastered.ath.cx/index.php

All visitors are more than welcome, as are their ideas and coding skills if they have any.