Re: EartStation 5 P2P application contains malicious code

[random nut <randnut () yahoo com>]

--- Cael Abal <lists () onryou com> wrote:
> Excellent job finding and documenting this feature.  As for the 
> developers' motivations, though, I don't think it's necessary to point 
> at colusion with the RIAA/MPAA.
>
> In all honesty, I'm surprised we haven't seen *more* backdoors of this 
> type in various popular closed-source, network-aware apps.  I don't 
> condone it, but I understand the mentality:  "Our network, our rules." 
> Really, all it takes is one rogue developer, coupled with insufficient 
> code review.
>
> What does surprise me is that you report only delete functionality and 
> not read/write.  If I was going to the trouble to implement naughty 
> features into an app like ES5, that'd be my priority.
>
> All this does is reinforce the value of independent code auditing 
> (insert various pro-open-source comments here).

FYI, they have now uploaded a new ES5 installer. I haven't installed it but
you can be pretty sure that they have removed their malicious code and will
soon claim I lied all along. See my original post for the MD5 sums of the
tested programs (builds 1266 and build 2180).

__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html