MapleLeaf
Premium
join:2001-09-04
Burnaby, BC
| reply to DarkSithPro
Re: Is BuddySpy legit, or is it unethical and Ille
When something attempts to take advantage of a bug, glitch or vulnerability - we can talk about exploit. Not the case here. For example, scanning netblock for open shares or ports is not an exploit. Does one have legitimate reason to run a scanner - that's a different question.
--
Remember, I'm pulling for you - we are all in this together... |
|
JamPony9
Premium
join:2004-12-08
Austin, TX
3 edits | reply to DarkSithPro
You're right, it is a kind of exploit against the server. What I meant was that it's not designed to break in and install anything or root it or such.
Really a borderline case! You're entitled to connect; the question is what the limits are on how you connect. As a reference point for comparison, I consider it OK for nonstandard clients to connect (I do it every day with AIM tho AOL might prefer their client be used).
This goes beyond that tho. It is similar to certain kinds of port scans. Port scans can get you some attention from the net admin if detected, and maybe an abuse report (I've been on the admin side; I scan only my own networks). I'm not sure about the legality.
On the other side of the equation, use of this app is apparently common, and is not aimed at the end user.
A little on the shady side. The MSN people must be aware of it. I predict countermeasures soon. |
|
DarkSithPro
join:2005-02-12
Huntington Beach, CA
3 edits | reply to JamPony9
said by JamPony9  :Seems to me the answer to whether it is ethical depends on how it works. Does it depend on sneaking something on to the other party's computer, or does it just use what it can get from the IM servers? Looks like it is the latter, based on this page. » www.buddy-spy.com/index.php?page=featuresIf that is accurate, it's interacting with the servers in ways that may not have been intended, but doesn't actually run any exploits against the system, or change anything on it. Well I'm no security expert, but do modified packets that retrieve information that isn't supposed to be retrieved considered an exploit? |
|
JamPony9
Premium
join:2004-12-08
Austin, TX
| reply to DarkSithPro
Seems to me the answer to whether it is ethical depends on how it works. Does it depend on sneaking something on to the other party's computer, or does it just use what it can get from the IM servers?
Looks like it is the latter, based on this page.
»www.buddy-spy.com/index.php?page=features
If that is accurate, it's interacting with the servers in ways that may not have been intended, but doesn't actually run any exploits against the system, or change anything on it. |
|
MapleLeaf
Premium
join:2001-09-04
Burnaby, BC | reply to DarkSithPro
Really? If that's the case, it is designed to bybass messenger's privacy features. Not good.
--
Remember, I'm pulling for you - we are all in this together... |
|
DarkSithPro
join:2005-02-12
Huntington Beach, CA
2 edits | reply to MapleLeaf
said by MapleLeaf :Looks like scan is possible only against buddy list, in other words, this can't be used to scan just anyone at random. If that's true, there shouldn't be a reason for privacy concern. Just theorizing, I don't use messengers and related tools. Well you can put any name in it and scan them. The user basically creates a bot account, which is separate from their messenger/email account, that enables the program to act independently from the messenger program. |
|
MapleLeaf
Premium
join:2001-09-04
Burnaby, BC
| reply to DarkSithPro
Looks like scan is possible only against buddy list, in other words, this can't be used to scan just anyone at random. If that's true, there shouldn't be a reason for privacy concern. Just theorizing, I don't use messengers and related tools.
--
Remember, I'm pulling for you - we are all in this together... |
|
DarkSithPro
join:2005-02-12
Huntington Beach, CA
| Is BuddySpy legit, or is it unethical and Illegal?
With all the exploits, worms and trojans out there mixed in with messenger programs, it seems like messenger security has become a big concern. There is a program called Buddy Spy which enables users to secretly scan yahoo messenger users and find out if they're on line, even if the target user chooses to be invisible. To scan if their web cam is activated, and even scan what chartroom they're in. Now the program seems to be socially accepted and is not considered "illegal" or "wrong to use" amongst users. As you can see for yourself: »www.bigblueball.com/forums/t2696···-22.html people love it and think it's totally legit to use.
My question is what separates this program from all the other programs that enable users to bypass and exploit certain things and enable them to do things that would do harm to a persons computer, or interfere with their service? Also from a legal standpoint what do you guys think about programs like this? Is it morally wrong to use a program such as buddy Spy, and can you get into trouble for using such a program?
»www.buddy-spy.com/ |
|
