[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] EartStation 5 P2P application contains malicious code

Conclusion
----------
The people behind ES5 have intentionally added malicious code to ES5. If
you have followed the ES5 discussions on message boards and read what the
ES5 people have said and done (eg. DoS attacking BitTorrent sites), this
comes as no surprise. The question then is "why did they do it?" I'm sure
they won't tell us, but here's a theory: They could be working for the
RIAA, MPAA, or a similar organization. Once they have enough users on their
ES5 network, they would start deleting all copyrighted files they own which
their users are sharing. The users wouldn't know what hit them.

Hi nut,

Excellent job finding and documenting this feature. As for the developers' motivations, though, I don't think it's necessary to point at colusion with the RIAA/MPAA.

In all honesty, I'm surprised we haven't seen *more* backdoors of this type in various popular closed-source, network-aware apps. I don't condone it, but I understand the mentality: "Our network, our rules." Really, all it takes is one rogue developer, coupled with insufficient code review.

What does surprise me is that you report only delete functionality and not read/write. If I was going to the trouble to implement naughty features into an app like ES5, that'd be my priority.

All this does is reinforce the value of independent code auditing (insert various pro-open-source comments here).

take care,

C

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html