Full Disclosure mailing list archives
Re: EartStation 5 P2P application contains malicious code
From: random nut <randnut () yahoo com>
Date: Fri, 3 Oct 2003 09:07:55 -0700 (PDT)
--- Cael Abal <lists () onryou com> wrote:
Excellent job finding and documenting this feature. As for the developers' motivations, though, I don't think it's necessary to point at colusion with the RIAA/MPAA. In all honesty, I'm surprised we haven't seen *more* backdoors of this type in various popular closed-source, network-aware apps. I don't condone it, but I understand the mentality: "Our network, our rules." Really, all it takes is one rogue developer, coupled with insufficient code review. What does surprise me is that you report only delete functionality and not read/write. If I was going to the trouble to implement naughty features into an app like ES5, that'd be my priority. All this does is reinforce the value of independent code auditing (insert various pro-open-source comments here).
FYI, they have now uploaded a new ES5 installer. I haven't installed it but you can be pretty sure that they have removed their malicious code and will soon claim I lied all along. See my original post for the MD5 sums of the tested programs (builds 1266 and build 2180). __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- EartStation 5 P2P application contains malicious code random nut (Oct 02)
- Re: EartStation 5 P2P application contains malicious code Cael Abal (Oct 03)
- Re: EartStation 5 P2P application contains malicious code random nut (Oct 03)
- Re: EartStation 5 P2P application contains malicious code Cael Abal (Oct 03)