JAFO opened this issue on Jul 28, 2000 ยท 62 posts
JAFO posted Fri, 28 July 2000 at 12:38 PM
Y'all have a great day.
CharlieBrown posted Fri, 28 July 2000 at 12:49 PM
Hmm, you know, this may be a "true" Trojan Horse (virus), and not a monitoring trick... Has anyone e-mailed Curious Labs as to if they know about this, why they did it (or how to stop it)?
Marque posted Fri, 28 July 2000 at 12:49 PM
Just block it, I don't think they installed a trojan on your system. I block it and still use poser to my heart's content. You need to kick a note to tech support at curious lab and ask them about it. I agree that they should have mentioned it in the agreement, but then, most people don't read those anyway. Marque
CharlieBrown posted Fri, 28 July 2000 at 12:54 PM
BTW, Trojans are not, in and of themselves, illegal in the US (unless a law was passed that I'm not aware of), but Trojans carrying malicious content are (hard drive formatters, "chain letter" generators, etc.). I believe information gathering Trojans are illegal in the European Economic Community and some other countries, though.
casamerica posted Fri, 28 July 2000 at 1:02 PM
If they have, in fact, installed facilities for calling out without your expressed approval and understanding then they have installed a trojan. Now, in their minds it may not be malicious, but it is still a trojan. It is doing the same thing many other trojans do -- sending information or giving access to your computer to someone without your expressed approval. And, based on precedence, if it is not stated clearly in their EULA that they are doing that, then they have set themselves up for some very big legal problems. Just ask Blizzard, AOL and Real Audio. All are or have been involved in litigation because of this very thing. This is very, very disappointing. Very. As I stated before, I would recommend to all my friends that they NOT install the 4.03 patch until this is cleared up. And, again, I think someone from Curious Labs needs to step forward and explain this real fast.
DarkEden posted Fri, 28 July 2000 at 1:03 PM
Here in Sweden Trojans are Illegal. But as i have understand it Companies that does include Tojans in there Software and doesen't inform ppl that they can se what they are using or not that i think is illegal. Isn't it??? Oh well. Some program like WinAmp uses a sort of Trojan that doesn't take controll over the your computer it only checks for newer versions and ask if you wanna download it. Maby this is somesort of Upgrading system they are using... In that case it's not illegal... I think? L I think alot huh? DE
JAFO posted Fri, 28 July 2000 at 1:15 PM
I dont care WHAT the purpose of this TROJAN is... i should have: 1. been informed servers were being installed. 2. given a complete explaination as to the reason this is necessary and why it is of benefit to ME 3. been given the option to abort the instalation
Y'all have a great day.
CharlieBrown posted Fri, 28 July 2000 at 1:30 PM
You're overlooking something - it's POSSIBLE (I don't know how LIKELY) that the Trojan is a Virus that Curious Labs picked up and unwittingly forwarded. We should investigate before ordering a witch burning... ;-)
Marque posted Fri, 28 July 2000 at 1:37 PM
I emailed them and told them I need an explanation as to what is going on, so we will see what they say. Marque
Anthony Appleyard posted Fri, 28 July 2000 at 1:37 PM
Apart from this spy package, what improvements to Poser is this new patch supposed to bring?
Schlabber posted Fri, 28 July 2000 at 1:38 PM
Uh-ho, very very bad news ... I'm lucky - I haven't installed the latest patch yet
JAFO posted Fri, 28 July 2000 at 1:40 PM
yes Charlie you are right ... lets wait for an explaination
Y'all have a great day.
JeffH posted Fri, 28 July 2000 at 1:46 PM
Okay, so what kind of software do I need to monitor this kind of activity in the future? I'm not worried about Curious Labs, but they're probably not the only company doing this. -JH.
Marque posted Fri, 28 July 2000 at 1:47 PM
This is the readme that you get right before you install. Tells you what the changes are, and I can see improvements already. I am keeping the update, and I have instructed my zonelab firewall to not allow the access. I haven't had any problems with the program by not allowing it to access their server. I think DarkEden is probably right. But they should give you the option before you install. I'm sure they will deal with this, I'm not too worried about it myself, I look at it as more of a help to keep me updated than some evil trojan. =) Marque Curious Labs Poser(r) 4.0.3 --------------------------------------------------------- Hello Poser 4.0 users. This updater incorporates a number of fixes to problems found in version 4.0 of Poser. In the Updates section of this readme are some of the fixes and improvements you'll find in this update: ---------------------------- CONTENTS ---------------------------- - Important Information - Poser(r) 4, RayDream Studio(tm) 5 - Common Problems and Solutions - Updates - Technical Support ------------------------------------------ IMPORTANT INFORMATION ------------------------------------------ Poser(r) 4 is a 3D-character animation tool for the creation of images, movies and models that can be incorporated into web, graphics, video and 3D projects. For a full description of new features in Poser(r) 4 check out the printed User Manual or the PDF version on the CD. Understanding these basic caveats with Poser(r) 4 will enhance your overall experience and productivity- 1. Click on an Edit Tool to select it, then click and drag a BODY PART to manipulate that part only. 2. Click and Drag on an Edit Tool icon to manipulate the ENTIRE FIGURE. 3. Use all tools in SMALL MOTIONS rather than large motions and results will be much more predictable. 4. The parameter dials will control the figure's limbs in more controllable increments. The default figure when you create a new file is a Poser(r) 2 figure. Replacing this figure with one the "People" figures in the Figures Library will enable all the new model functionality of Poser(r) 4 including facial expressions. Instructions for changing figures are in the Quick Reference Card and the Poser 4 Manual. Be sure to visit the Curious Labs web site, www.curiouslabs.com for more information and tips about working with Poser(r) 4. You can also go directly to this site from within Poser via the help menu's Web Links. The Quick Reference Card is a very important resource to use in conjunction with Poser(r) 4. It lists numerous shortcuts and keystrokes to save time and enhance functionality. In the interface Camera Controls, the small previews which by default display the Face Camera, Right Hand camera and Left Hand camera, can be used to store your current camera choice by ALT Clicking on the small preview. This allows you to quickly click to get to 3 of your favorite cameras. It is recommended that you download and install Apple's latest QuickTime to load Mac Pict image files into Poser 4 and to view .mov movie files. ---------------------------- POSER(r) 4, RAYDREAM STUDIO(tm) 5 ---------------------------- Poser(r) 4 is not supported by the RayDream Studio(tm) 5/Poser plug-in. OBJ import/export between the two applications is still functioning and has actually been improved in RayDream Studio(tm) 5.5 ---------------------------- ---------------------------- COMMON PROBLEMS & SOLUTIONS ---------------------------- - When creating an animation using one of the Male or Female Characters, be sure to make your figure choice before creating keyframes. If you've created keyframe for facial expressions, these will be replaced when switching figures. Saving your keyframes in the Pose library will allow you store this information and apply it to a different figure. - If you are going to create a new figure from spawned props, do not delete the original prop before the figure creation process has been completed. - Saving sets into various the Libraries when your screen resolution is set below 32bit/millions of colors will create a square background behind the saved library set's preview. - Alpha channels are best created by rendering over a black background. Imported images do not provide a good backdrop if you need a rendered image with an alpha channel. The Sketch Designer does not render a useable alpha channel. - If you run Poser 4 in 640x480 screen resolutions, set your Windows Taskbar to "Autohide" in the Taskbar's properties controls. - Poseable hands and facial controls are only on the Poser "People" figures. Once one of these figures has been loaded into your studio, selecting the figure's Head will reveal the facial control dials. Selecting the Hand will reveal several global controls for all the fingers and thumb allowing grasping and stretching. The Poser 2 default figure in your new document window does not have facial controls and poseable hands. - The Figure Height settings and body part scales may produce erratic results when applied to the new "People" and "Animal" models. Scaling the whole figure may produce better results. - If you switch between various animals, it's advisable to use 'Edit Menu: Restore: Figure' to get the animal model into it's default state - When you first open the Walk Designer, a delay will occur as the walk animations are being loaded. Each time after the first, opening the Walk Designer is much quicker. - 999 Frames is the maximum limit of frames displayed in the Animation Controls, although animations of any frame length can be created. - There are fundamental limitations with Poser's z-buffer shadow map shadows that forces the user to take some control over shadow parameters to get better results. Shadow maps generate a square image to be used as information for the shadow generation. The larger this image, the better the shadow will look -- but at a large cost in memory. The user can control this by selecting each light and increasing the map size dial. Default is 256 which is pretty small. Values of 512 or even 1024 or more may be needed for closeup renderings. Again, this will use a lot of memory when rendering. Also, turning antialiasing on will make the shadows look smoother as well. Some situations are unavoidable with shadow maps. When the light strikes from the side so the area seen in the depth map view (from the light) is tiny but results in a large area from the main camera view, you will get very low resolution and quality on the shadows in that area. This is true of all renderers using shadow maps. Shadows can be lowered in intensity and/or turned off completely for individual lights. This can also help improve quality when there are problems. ---------------------------- UPDATES Changes Found in the 4.03 Updater * FEATURE CHANGE-- Limits are now applied when IK is on. This was not being applied in the original Poser 4.0 This may change your current poses until you turn Use Limits off. * FEATURE CHANGE-- Compound figures (parented or conformed) will now save into Figure libraries as compound figures. * Full Left to Right or RIght to left symmetry copy operations will now copy any objects whose INTERNAL names follow the naming convention of having the first character 'r', 'R', 'l', or 'L' and the rest of the name matching (for left versus right) * The Vrml/HAnim plugin has been seperated in to two plugins. A Vrml plugin, and an HAnim plugin. You will now see these two choices in the File->Export menu. * Material dialog fix -- was incorrectly updating some materials * Aliases in Libraries work now (Mac only) * Metacharacters now allowed in library names * Fixed intermittent rendering hangups and crashes on some machines due to line elements in data files. * Fixed magnet reordering problems when resaving opened files * Several 3DS, VRML, MetaStream (and other file format) import/export fixes * Fixed some non working grouping operations * Fixed potential crash when drawing origin axes. * RIB file output improvements * IK fixes when switching between IK and non-IK * Ground plane forced to be at 0.0 * Fixed reading of material names with spaces in them * Fixed crash bug when trying to render with Bounding Box only mode set * Fixed Bikini Top * Parameter lists can now have more than 100 dials * Turned hither parms on for perspective cameras. * Background color distortion between limbs has been cleaned up. * Fixed crash bugs related to improper display of drop shadow polygons. * Exported OBJ. figures with props attached import into Bryce. * Imported 3D models retain textures when the file is saved and reopened as a poser file. * Static values (non animating cameras, etc) now written to libraries. * Fixed some precision problems in BVH read. * Fixed problem related to group picking. * Fixed grouping tool display problem. * Stability and functionality improvements to Hierarchy Editor. You can now refresh in the Hierarchy Editor when changing body names. * Made it safe to delete a figure when an IK goal from another figure was attached to it. * Light sets now include all lights properly and will turn off unused lights when reloaded. New lights will be created when a light set with lights is applied.additional. * Remove light from figure when deleting figure. * Added some missing channels when creating a spotlight. * Enable Metastream export of Poser figures. * Custom prop Morph Targets remain during figure change. * Export for Morph Target support. * Morph Target parms weren't writing for attached props. * Inherited bending properties when saved with the Pz3 file. * Removed the neck from the female catsuit figure that had a neck attached. * Interactive Reflections now draw on polygons which have no UV coordinates. * Improvements to Curve channel deformation appearance (tails, snake, etc) * Fixed transform problem when inheriting bending properties. * Depth cue fixes have been incorporated. * Deformtarget wasn't always setting correct actor when reading a file. * Hither parms now write to files. * Character sets are now written out with proper reset values (not current values). * Better scrolling in graph views. * Fixed problems with the genitalia command not affecting all figures properly. * DPI setting is now saved with rendered images. * Some information was not properly interpolated during final rendering which resulted in some badly replaced shadows. * Numerous fixes to subset selection when saving to various libraries. * Fix for improper storage Offset value which could result in saved files reloading with corrupted appearance. * Smart prop saving of props attached to props enabled * Fixed other potential data loss issues when saving files. * File saving now temporarily moves a file being saved over to a temporary name and deletes it when saving is complete. Always keep joint window menu choice active now. * Sketch designer can now export painter scripts in Windows version * In the walk dialog box, the walk style and slider values no longer run out of the fields. * Undo translation of points on a walk path. * Default lights are no longer added when opening files which have less than 3 lights stored. * Updated RIB export to work again. Tested with BMRT as well as PRMan. * Improved the group picking by not picking shadows' polygons * Several group mode display issues have been fixed * Spawned props no longer display axis. * The material values were not being copied to spawned props. This has now been resolved * The unused materials weren't being purged from spawned props. This issue has been resolved * The display update when spawning props has been fixed * For OBJ export: Appending figure # to material name when export multiple figures * For OBJ import: Fix import progress bar error * Removed writing of preset materials from files since they are no longer used * Improved IK solution * The prop library now selects Prop Types first time (instead of Magnets) * For OBJ export: enter two slashes (//) for face with only verticed and normals * Record right foot position too for preblend in WalkDesigner * Reduced unneccessary keyframes when switching from IK to non IK. * Fixed redraw when camera is switched back to animating. * Fixed broken spline interpolation * Fixed resampling animation using "Analyze curvature" * The figure parenting now works in the hierarchy editor ---------------------------- TECHNICAL SUPPORT ---------------------------- For up to date information on our support policies, go to: www.curiouslabs.com You must be registered to receive technical support. Please visit our web site for the latest information on registration and technical support. Telephone support services are available in the U.S. and Canada only. If you live elsewhere, please contact the international distributor nearest you for sales, service, and technical support. Note: Curious Labs reserves the right to change its support policies at any time. ---------------------------- Copyright (c) 2000 Curious Labs, Inc and egi.sys AG. All rights reserved. Curious Labs Poser 4 is a trademark of egi.sys AG. PhotoShop is a trademark of Adobe Systems Incorporated. QuickTime is a trademark of Apple, Inc. Windows 95 is a registered trademark of Microsoft, Inc. All other trademarks or registered trademarks are the property of their respective owners.
cooler posted Fri, 28 July 2000 at 1:54 PM
Whenever I d/l something it's run through my NAV by default & if I have anything the least bit suspicious i'll run AVP just to be certain. The patch came through clean on both counts. However one thought I did have regarding the "send back" is that it maybe an attempt by Curious Labs to curtail some of the myriad warez copies of Poser that are floating around out there. This would be one of the reasons no one was informed since all the "warez kitties" would have to do is not install the patch to avoid detection.
cooler posted Fri, 28 July 2000 at 1:57 PM
Jeff, probably the best freeware firewall app available is ZoneAlarm... (http://www.zonealarm.com)
Schlabber posted Fri, 28 July 2000 at 1:58 PM
maybe this is an explanation for their company-name c u r i o u s ??? Well, I would laugh but as we say in Germany: it stucks in my neck - hope you know what I mean ...
CharlieBrown posted Fri, 28 July 2000 at 2:04 PM
Cooler could be right about "warez hunting." JeffH - almost everything out there tracks you in some way. How much you want to bet that EdgeNet has a huge file for each of us somewhere?
JAFO posted Fri, 28 July 2000 at 2:07 PM
what is EdgeNet charlie?
Y'all have a great day.
dunga posted Fri, 28 July 2000 at 2:08 PM
I tell yah,this is what you get for being here a "legacy supporters" and "adoring" and "being smoochy-smoochy" with software developers.--- "because...they are so nice... they give us poser,bryce,etc...they work hard....giving us trojans..." it has been found that 99.99 percent of poserforum users are either too afraid to spell it out or are really so naive that believe in all this "being honest" bullshit. therefore, we (and so far it includes me)are not united and did not design our own system of reacting to such things like happened just now. I am completely sure that some of you will try to read between lines of my message trying to find any controversy here, but why noone asked "What is the purpose of this trojan in Poser? an FBI methods of spying?" damn , i rather stop typing.... or i will get too offensive....
CharlieBrown posted Fri, 28 July 2000 at 2:22 PM
EdgeNet are the people who created the software used on this site and who host it.
Marque posted Fri, 28 July 2000 at 2:41 PM
Just freakin use the FREE zonelab or don't install the damn thing! Sheeeesh, why make such a big deal out of it? I have my system set up so that no cookie enters my system without my knowledge, and zonelabs (which I bought because it's that good) keeps people out that don't belong, and keeps my system from going out to other servers. I doubt very much if it is spyware to capture warez people, why not wait until they answer your emails...or...is it possible I am the only one who actually emailed them to ask them why they did this? Let's see, I think I'll just figure everyone who complains about this has a warez copy of Poser, I won't give anyone the benefit of the doubt, I'll just fly off the handle and get everyone all excited about it. Just ask, find out before you start with the accusations. Marque
casamerica posted Fri, 28 July 2000 at 2:53 PM
1.) They definitely should have given notice. It does not appear by what Marquee posted that they did. 2.) Once notification was given, they should have allowed installation abort. By what Marquee posted, they did not. 3.) If, as suggested, Curious Labs is unwittingly a victim of this also and is simply forwarding it then that of itself is cause for concern. Security at this level is expected. 4.) If it is, as was suggested, a way to take care of the warez copies out there, they still should have notified. It is the right thing to do for those customers, loyal customers, who have paid for their copy and have shown their trust by downloading your patches and updates. 5.) At least with me, that trust mentioned above has been destroyed. It is gone. Curious Labs will now have to regain that trust before I ever buy one of their products. 6.) EdgeNet may have a file on me but they have not tried to gain access to my computer without my being notified or without my approval. Big difference. 7.) JAFO, there are those who will pooh-pooh your concerns. You are, however, correct in this matter. Your concerns are legitmate and Curious Labs owes you and the thousands of others who will be downloading that patch an explanation. Too many companies have been caught with their paws in the cybernet cookie jar lately to just pass this off. 8.) Perhaps it is time someone here notified them of the firestorm brewing so they can come forward and explain this. We deserve an explanation. I would hate to think they would wait until it hit the news on CNet or ZDNet before they felt they needed to offer an explanation. 9.) I'm going to bed. Take care everyone... and keep those firewalls up.
CharlieBrown posted Fri, 28 July 2000 at 2:55 PM
One problem here is that, from what I've heard, most of the Curious Labs people are currently at SIGGRAPH in New Orleans, and thus unable to quickly set the record straight on this matter.
casamerica posted Fri, 28 July 2000 at 3:04 PM
Just freakin use the FREE zonelab or don't install the damn thing! Sheeeesh, why make such a big deal out of it? Because from a security standpoint it IS a big deal. >>>I doubt very much if it is spyware to capture warez people, why not wait until they answer your emails... First, that is the problem. No one knows what it is. Curious Labs could have prevented this by SIMPLY INFORMING US UPFRONT WHAT IT WAS. They didn't. Neither did AOL. Neither did Real Audio. Neither did Aureate. >>>or...is it possible I am the only one who actually emailed them to ask them why they did this? Nope. I know that for a fact. >>>Let's see, I think I'll just figure everyone who complains about this has a warez copy of Poser, I won't give anyone the benefit of the doubt, I'll just fly off the handle and get everyone all excited about it. Just ask, find out before you start with the accusations. Marque The previously mentioned companies abused that "...benefit of the doubt..." when they did what they did. And when it comes to security of my computer system, I give no one the benefit of the doubt. That is why I use a firewall. That is why I use anti-virus programs. Isn't that why we all use such procedures? The bottom line is that the presence of the coding and/or procedure allowing the Poser 4.03 patch to "phone home" should have been openly revealed. It was not. That alone was a breach of trust. And that gives each and every Poser here the right to "...fly off the handle and get everyone all excited about it." Even if it is an "innocent" error or an "innocent" feature, Curious Labs bungled it. Now, I hope to be off to bed. Unless someone else wants to browbeat someone for being security conscious.
Mason posted Fri, 28 July 2000 at 3:15 PM
As a software developer there are other, legitimate reasons for doing things like this. They maybe trying to setup an autoupdate feature that goes out to their site to check for updates. 3d studio Max 2.5 had some sort of connect to the net thing as well that tried to verify if the version you had was legit. Maybe they are trying to set up some sort of version verification system and their new Poser 5 might need a dongle and ID. Maybe another is plugin updates. They are going to support Flash and VRML and the latest plugins might be needed. Then again, it could very well be a virus. It would be intersting to put a sniffer on the package and see what its actually sending. On big problem they maybe having is Metacreations might not have sold them their user base list. If that's the case and Curious wants to offer Poser 5 as an upgrade to Poser 4 it maybe ahrd for them to do. They could do like Adobe does with photoshop and just look on the disc for a Poser 4 setup and upgrade if that is available.
JAFO posted Fri, 28 July 2000 at 3:18 PM
... Maybe I misunderstand the purpose of this forum correct me if IM wrong... I thought this was an open forum for the purpose of discussing issues related to poser... IM not here to point fingers or make accusations... I just thought I may prevent someone else from finding out 'after the fact" as I did, that a server was being planted ... and admittedly I vented some steam on this matter ... sorry if I have caused anyone any stress, that was not my intention...
Y'all have a great day.
JeffH posted Fri, 28 July 2000 at 3:29 PM
Just a note... ZoneAlarm will not detect the winsock2 activity of Poser4.03. -JH.
MadRed posted Fri, 28 July 2000 at 3:48 PM
Just a few things: 1. Use a good firewall (I use ZoneAlarm.) 2. Use a good antivirus prg. 3. Trust nobody. Cookies are ... poisonous. Maybe a hacker should lock up their system with a big display that says "Clean up your act, and stay out of my system." Hoist by their own petard, as it were. 'Trust' and 'reputation' are priceless, and cannot be repaired. Curious had better respond post haste with a VERY good explanation. If they passed along a virus, I will never get anything from them ever again, and will bad-mouth them to no end. I might expect sloppy work from an individual, but for a company, it is inexcusable. If they just want to 'collect data' without my permission, ditto. And they may not be around much longer if we have to get legal with them. Bad, very bad. Possibly illegal, certainly unethical, 100% sleazy. I like Poser and Bryce, but if this is the direction they are taking, I'll save for another program. Yes, a sniffer may help find out what's up, but don't count on it. Vote with your wallet. And if the next version uses a dongle, forget it. Go Maya. PS Anybody notice that the price of Poser went up 50 bucks?
Marque posted Fri, 28 July 2000 at 4:10 PM
Jeff, Zonealarm, at least the registered version does detect it, that's how I first noticed it. Here's what I got back from the tech guy at www.curioslabs.com I'm not experiencing this on my system, please send me more details on your Platform and OS. I'm forwarding this to the QA team to see what they know about this. Tech
Anthony Appleyard posted Fri, 28 July 2000 at 4:27 PM
What and how much information does this spy-trojan send out, and to where? Is it supposed to track down any cases of the same Poser CD-ROM being installed on more than one computer? What does it do on a computer which is at home on a dialup line which is only on the web for short periods because phone bill costs? If it wants to report its findings and the user isn't logged in, does it forget about it? Or does ot save up all its reports until the user logs in? Or does it even specially try to phone the dialup line and log the user in so it can report its findings?
JohnW posted Fri, 28 July 2000 at 5:45 PM
Looks to me like what happens when you click on Help/links. A UDP datagram is sent out for a DNS lookup of the site listed, which just asks "what is the IP address of site x?" and when it gets the number back it can use it to launch your Web Browser. I'm surprised that the firewall software does not tell you what IP address or name (and port) the data was being sent TO, only the one it comes FROM, as that information is useless.
Marque posted Fri, 28 July 2000 at 6:18 PM
It happens to me as soon as I start poser, not when I go help or links. And I have had lots of hits from other people that you can't trace. Like I said before I'm not too worried about it, and I have emails in to curious labs asking why they did this.
csommer posted Fri, 28 July 2000 at 9:03 PM
Here is an "explanation" I got back from Curious Labs: I can't tell you which is the culpret Norton or Poser let me forward this to QA. I have Norton 2000 on a windows machine running 95-98 this doesn't occur with me and may be a false message from Norton. If you installed with Norton running you'll have errors, virus utilitys and disk utilitys cause coruption with installs. WIN:Use control/alt/delete and the task manager that appears to close (end task) some of these tasks, leave if possible only the explorer and the systray running, reinstall. This assures that your install is clean, if your are installing Poser to a different directory then you must assign it a folder example d:/Poser 4, the installer will ask "this folder does not exist, shall I create it?" This assures you that it is a correct install. MAC:In extension manager make an extension set copy of OS base, rename to Installer. Turn off all of the extensions but Apple CD-ROM and QuickTime and QuickTime power plug, reinstall. Something in you system has conflicted with the proper install of the program. This set can also be used to check on further conflicts. Tech
shadownet posted Fri, 28 July 2000 at 9:33 PM
Shadownet offers up his two cents. First, like Charles Brown mentioned, lets investigate and find out what is happening before gathering the kindling. Second, spyware (called by various names) is the newest rage in alledge demographics gathering and its misuse is cause for concern. Third, as Jafo and several others stated, this kind of thing should not be installed by a software manufacturer or website without your knowledge and consent. Fourth, always read the fine print closely before installing new software. Fifth, (and I'll shut up) NOTHING and I mean NOTHING connected by telephone lines, wireless media, or just sitting there all by its self eminating radiation from the monitor and keyboard (even if it is TEMPEST rated) is totally secure. The best you can hope to do is make it as secure as you can to protect yourself as best you can - and not get overly paranoid. However you have to stay informed, that is why ALERTS like this one are important. Thanks Jafo! Shadownet shuts up now and moves back into the shadows.
LordPapaya posted Fri, 28 July 2000 at 10:35 PM
Um.........isn't this just like what Windows 98 Update does? It looks at your system just as a proggie and grabs what you need depending on that info without sending any of the info to Microsoft. Just wondering......
Anthony Appleyard posted Sat, 29 July 2000 at 11:54 AM
When my PC boots, it sometimes asks me if I want to register my Poser over the internet right then. That is no expletive deleted use at all, as I am not Rothschild to pay the phone bill to be online all the time, and so I login when I want to and not automatically on startup.
casamerica posted Sat, 29 July 2000 at 3:45 PM
Csommer - Tell the gentleman, politely, BULLPATS! Not if the install is designed properly. Keoto - No. Since it appears that no one has received a response to any of the email queries to Curious Labs that has offered a definitive answer, we still have not gotten to the bottom of this. Anthony Appleyard - Is it actually dialing out at this point? If it is, there is a way to disable that feature, if a disable feature is not offered by the program. It requires digging into your registry and manually rewriting a part of it. When I installed MS Visual Studio I had the same hassle and my only out was to go into the registry and change it manually. Again, this is something that you should not have to do. A responsible vendor would make sure you could easily disable this. And if this is one of those "new features" Curious Labs has given us for Poser then I will stick with 4.02 and bid adios to any future products from Curious Labs. I am going to load Poser and the 4.03 patch on a computer system of a friend of mine. He's was in the security business before I was and has stayed long after I left. I will let him tear the thing apart and see what he comes up with. Its just too bad that it has come to this. Like I said, CL has lost my trust and it will take a heck of a lot to get it back. I hope they enjoy themselves in the Big Easy because they have a mess to clean up when they get back. Everyone take care and I want to repeat that I do not think it would be prudent to install the patch until CL comes forward with an explanation.
dmartin posted Sat, 29 July 2000 at 8:06 PM
Now you know why they call it Curious Labs,they are curios about whats on your system.
JeffH posted Sun, 30 July 2000 at 1:49 AM
Here's the word from Curious Labs: --------------------------------------- It is only doing an internal network serial number check similar to that done by photoshop. This ensures that only one copy of Poser is running at any given time with the same serial number. Nothing is sent out over the internet. No data back to us. --------------------------------------- -Jeff H.
Kevin posted Sun, 30 July 2000 at 11:49 AM
This makes sense, as the 255 address is a broadcast address that will not be routed over the internet. It will only hit machines that are on the same network segment. (OK, technically same broadcast domain, if you have a switch somewhere.)
arcady posted Sun, 30 July 2000 at 12:13 PM
Internal network Serial check? Don't think so. I'm using ZoneAlarm not Norton. I have seperate setups for my Lan and my Internet firewalls. This is being triggered by my net firewall NOT my Lan Firewall. This thing is trying to reach the internet. I also have photoshop on my machines. It does NOT activate this trigger. I've posted a note on this subjet in the complaints forum since it will get buried here in the Poser forum.
Truth has no value without backing by unfounded belief.
Renderosity
Gallery
arcady posted Sun, 30 July 2000 at 1:10 PM
For the curious: 
At the moment of this test All I had going was my Lan's Proxy server, ZoneAlarm, and my DLS connection. And of course your trusty speaker icon. :) This is what we're seeing for those that haven't encountered it.
Truth has no value without backing by unfounded belief.
Renderosity
Gallery
casamerica posted Sun, 30 July 2000 at 1:11 PM
If that is Curious Labs' answer then we have a problem. If there is nothing sent over the Internet, then why is it trying to dial out over the Internet? And it IS trying to do that. Zone Alarm, Conseal, At-Guard and Norton have all confirmed this. It has now gone from bad to worse because now I am getting the distinct impression that CL is trying to, as we say in these parts,"...piss down my back and tell me its raining." An "...internal network serial number check..." would NOT, I repeat, would NOT attempt connection to the Internet! And that is what it is trying to do. Well, CL had their chance. And their answer(s) appears to be less than forthright. It is time to start looking for a different application. Sad. I really love this little program. I think it is also time I had a chat with the folks at Gibson Research and ZDNet. Because before CL starts flooding the market with this or a 5.0, the word needs to be out about this trojan. And that, my friends, is exactly what it is. Dang, I can't even begin to tell you how disappointing this is. Dang it! After reading the explanation that Jeff H. received from CL, I can only advise that you DO NOT, I repeat DO NOT, load this patch. Their response is not consistent with the evidence we have had reported here. It is also not consistent with what they say it is allegedly checking. "Internal network serial checks" do not attempt to call out on the Internet. Ask any IT or security consultant. Dang it!
arcady posted Sun, 30 July 2000 at 1:22 PM
My ZoneAlarm Log file: ZoneAlarm Basic Logging Client v2.1.10 Windows 98-4.10.1998- -SP type,date,time,source,destination,transport PE,2000/07/30,11:18:09 -8:00 GMT,Poser executable file,10.255.255.255:11423,N/A PE,2000/07/30,11:21:24 -8:00 GMT,Poser executable file,10.255.255.255:11423,N/A This may/maynot be a poorly designed method of going out to a lan by assuming a lan is all on that IP. I'll have to check this out. But I'm wary.
Truth has no value without backing by unfounded belief.
Renderosity
Gallery
edarsenal posted Sun, 30 July 2000 at 4:20 PM
I have a question regarding all of this discussion, is it possible that this "new" hidden feature is an e-mail stripper? Where it could take youf Internet account information, and contact addresses, and build up a subscriber list for them to use in the future? The reason why I ask this, is because Jack and I have our own concerns regarding this and with the fact that a few weeks ago, Jack was contacted by Curious Labs and was asked if he would sell Renderosity's e-mail subscriber list. We said we wouldn't and now this happens... it has Jack and I wondering... ed
edarsenal posted Sun, 30 July 2000 at 4:25 PM
the reason i ask this is simply that from what news i have researched, is that Curious claims this is simply checking serial numbers... and yet, that is NOT how it is being used on the systems that it has been installed in, but instead opening a portal into your system, aka a back door. Which is not cool whatsoever.
casamerica posted Sun, 30 July 2000 at 5:03 PM
Edarsenal, good question. And that is the problem. No one knows yet. I have a friend I hope to get tearing into it tomorrow. And I have sent a message to Gibson Research asking if they would be interested in looking at it. In the meantime, we have received at least two different "explanations" from CL. That has not helped either especially since both explanations were full of horse fecal matter and not at all consistent with the evidence being brought forward here. With your statement, it has my "distrust meter" moving even further to the right. If this is discovered to be spyware, and if it is it will be discovered (just ask Aureate/Radiate, NetZip, RealMedia, AOL and the others), CL has really opened a can of worms unnecessarily. As it is, it is already turning into a PR disaster for them and they have no one to blame but themselves. BTW, thanks and a commendation to you and Jack for not selling your subscriber list to CL. Believe me when I say that it restores a bit of faith in this old soul.
Lemurtek posted Sun, 30 July 2000 at 5:09 PM
I fear we may be seeing our first intimations of what kind of company egi.sys is. As least I hope this wasn't thought up by Larry or Steve. I would hope that this email stripper thing is not true, but the problem is, once you open a port to the internet, for whatever reason, ANYTHING could be sent through. Real Networks, for example, has been shown to have sent customers name, address and credit card info, unencrypted, without permission via their download accelerator. Curious Labs needs to rethink this policy, whether or not it's doing what they say, it's still a bad road to start down. Regards- Lemurtek
Terry Mitchell posted Sun, 30 July 2000 at 6:22 PM
I'll say this is a very sad note, unless they come forward with a more plausable response. I use to use RealMedia products, GetRight, and several other popular (and very usefull) programs that also turned out to have this kind of devious problem. Despite these company's denials and eventual retreats regarding their origiinal positions on the matter, I'll never turst them again, and I have deleted all references to their programs on my system. Please, Poser/Curious Labs, don't go that route.
Intel Core I7 3090K 4.5 GhZ (overclocked) 12-meg cache CPU, 32 Gig DDR3 memory, GeoForce GTX680 2gig 256 Bit PCI Express 3.0 graphic card, 3 Western Difgital 7200 rpm 1 Tb SATA Hard Drives
Anthony Appleyard posted Mon, 31 July 2000 at 1:49 AM
I feel that Larry Weinberg (who writes Poser) should protest to Curious Labs's management about this matter.
edarsenal posted Mon, 31 July 2000 at 1:57 AM
but anthony, Larry IS management, along with Steve. Weinburger is the CEO at Curious Lab.
Lemurtek posted Mon, 31 July 2000 at 2:06 AM
Then he should protest to himself, dammit! :) I wonder how much of this is a corporate culture infusion from egi.sys? If they're providing the capitalization for Curious Labs, they may be dictating "strategy." I hope we'll get a more comprehensive answer on this tomorrow (or soon at least). Regards- Lemurtek
edarsenal posted Mon, 31 July 2000 at 2:55 AM
LOL quite true. Though as everyone knows, they are in New Orleans at the Siggraph and upon return, hopefully we will all get the REAL deal regarding this. Thing is, financial backing DOES NOT necessarily dictate strategy or influence regarding direction. A financial backer puts forth a cash sum and "invests". In most instances, and i'm sure it is the case with Steve and Larry, (considering past experiences with Metacreation) they retained Artistic Control. A viable and very agreeable option that many backers agree to when the company they invest to has proven themselves to be capable and competent. And Artistic Control negates dictation of policy or strategy. The Backer may only suggest with the understanding that it could be ignored completely. ed
Anthony Appleyard posted Mon, 31 July 2000 at 2:59 AM
In another thread a message just appeared which was a message from Curious Labs forwarded, which says that this feature or whatever is entirely and only to stop people from buying a copy of Poser licenced for ordinary single use and then installing it on a LAN (= Local Area Network) so several people use it at once.
Lemurtek posted Mon, 31 July 2000 at 3:13 AM
Another thought which may be in accord with the LAN serial checkng thing. If larry and co intend to put forth Poser as a more professional application, then this may be an opening shot to test the waters and see what kind of protection their professional Poser should have. Most professional 3D graphics programs tend to have rather intrusive protection schemes, dongles, primarily, but many 3D apps ship with a temporary sierial, and require the user to register either online or via phone before they get a 'real' serial. Just speculating here. Regards- Lemurtek
casamerica posted Mon, 31 July 2000 at 5:10 AM
And that option of when to dialup should be the USER's. As it is, the 4.03 patch wants to dialup on its own. In my book, that is a definite no-no. And in my book that shoots the LAN serial check down also. Why would a LAN serial check call out via the Internet? And that is exactly what ZoneAlarm, Conseal, At-Guard and Norton is telling us 4.03 is trying to do. With 4.03 wanting to dial out on its own, it makes me wonder what else it wants to do on its own. Nope, CL appears to have stepped in the cow pudding on this one. And, at least for this Poser customer, its going to take quite an explanation to clean up the mess. I do not like it when a company starts thinking it can just take control of my system without letting me know BEFORE I install their product and without seeking approval BEFORE I install their product. Nope, I don't like it one bit.
Artist3D posted Mon, 31 July 2000 at 6:38 AM
Easy solution.If all this is true,we don't Buy ANYTHING ELSE from CURIOUS LABS.No buyers,no money!Then they can say OUT OF BUSINESS.Like I said Only if this is TRUE!
Lemurtek posted Mon, 31 July 2000 at 7:26 AM
Well, I don't know if Curious Labs is being straight up or not, but it could be true, dial up networking is a part of Windows Networking, and it's possible that Poser is checking for network ports, and just runs down through any you have installed. Lightwave 6 (when used with it's Hub system) requires TCP/IP to funtion, and also triggers an internet connection alert. I don't know what Curious Labs put in their 4.0.3 patch (apparently not anything of any value to those who've already installed 4.0.2) and I was hoping for a more forth right reponse (and I could have lived without the "if you weren't such a**holes, we wouldn't have to do this" inference) but, I think it's a little early for a lynch mob. On the other hand, this really should have been brought into the open before hand, so people would know what was going on. On the gripping hand, I'm tired, and fiddle de dee, I'll think about it tomorrow. Regards- Lemurtek
arcady posted Mon, 31 July 2000 at 1:07 PM
I've done some searches for this IP address on google.com of all places and it's listed as a router broadcast IP. You use it to try and broadcast something to the entire network. Key usage is in things like denial of service attacks I would imagine. Though anything that has to be sent out to the entire network is a valid useage. So this may very well be what they claim it is. So that just leaves us at the question of why was it written so sloppily? I get no such attampts from other apps like Photoshop which do have Lan protection. And why not notify us about it ahead of time? My guess there is they hid it so that they could get us all on 4.0.3. Since that update offers no other features they had nothing to use to 'sell' it on us. Only a detraction. So they just went about it quietly. Note however that a real live Trojan virus would show up with the exact same warning and IP#. As would a corporate privacy invasion. So we have to trust them that it's just checking serial numbers.
Truth has no value without backing by unfounded belief.
Renderosity
Gallery
ThralLord posted Mon, 31 July 2000 at 1:48 PM
I have been battling "Spyware" since I first learned about it a few months back. Curious Labs has clearly placed spyware in the new patch, but are lying about it by saying it doesn't access the Internet, when all evidence says it does. I have firewall software installed, and so I will install the patch for all the stuff it fixes, while keeping Poser from accessing the Internet. But I resent the fact that Curious would sneak trojan spyware into Poser. I can't express how mad this makes me, and how little I will ever trust Curious Labs from here forward! As far as I'm concerned, this action by Curious is totally unethical, and if not technically illegal, should be.
edarsenal posted Mon, 31 July 2000 at 2:53 PM
Jack and I have just finished speaking with Steve Cooper from CL who was kind enough to call and fill us in regarding their end and what is going on. So, please everyone, stay tuned.... ed