[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] EartStation 5 P2P application contains malicious code
- To: full-disclosure@lists.netsys.com
- Subject: Re: [Full-Disclosure] EartStation 5 P2P application contains malicious code
- From: random nut <randnut@yahoo.com>
- Date: Fri, 3 Oct 2003 09:07:55 -0700 (PDT)
--- Cael Abal <lists@onryou.com> wrote:
> Excellent job finding and documenting this feature. As for the
> developers' motivations, though, I don't think it's necessary to point
> at colusion with the RIAA/MPAA.
>
> In all honesty, I'm surprised we haven't seen *more* backdoors of this
> type in various popular closed-source, network-aware apps. I don't
> condone it, but I understand the mentality: "Our network, our rules."
> Really, all it takes is one rogue developer, coupled with insufficient
> code review.
>
> What does surprise me is that you report only delete functionality and
> not read/write. If I was going to the trouble to implement naughty
> features into an app like ES5, that'd be my priority.
>
> All this does is reinforce the value of independent code auditing
> (insert various pro-open-source comments here).
FYI, they have now uploaded a new ES5 installer. I haven't installed it but
you can be pretty sure that they have removed their malicious code and will
soon claim I lied all along. See my original post for the MD5 sums of the
tested programs (builds 1266 and build 2180).
__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html