ES5 has malicious code
http://www.zeropaid.com/news/article.../10022003i.php
Electronic Frontier Foundation - www.eff.org/
Freedom to Tinker - www.freedom-to-tinker.com/
ES5 has malicious code
http://www.zeropaid.com/news/article.../10022003i.php
Electronic Frontier Foundation - www.eff.org/
Freedom to Tinker - www.freedom-to-tinker.com/
"Malev" <malev@selamer.com> wrote in message
news:lqcrnv0qv93bqh09fmg9grst5kk3ha7hlm@4ax.com...
: On Fri, 3 Oct 2003 17:50:40 +0100, "Use.Netuser.de"
: <NoMilkTodayImOnHoliday@hotmail.com> wrote:
:
: >ES5 has malicious code
: >http://www.zeropaid.com/news/article.../10022003i.php
:
: The slanging match between zeropaid / ES5 has been going for months, each
: accusing the other of all the calamities on earth.
What possible benefit would zero paid get from *slagging* off any p2p app.
They advertise every other app so they have nothing to gain. The exploit is
fully documented as would any other nefarious happening on any other p2p app.
: In the above article, the zeropaid hysterical troll accuses ES5 of being
RIAA
: agents. Hey, a good part of the stuff on ES5 is in *russian*, movies dubbed
in
: russian. The RIAA might be stupid but not to the point of baiting the
Russians!
It was defined as a theory not an accusation. I agree there have been many
unsubstantiated rumours about ES5 but that is normally the case with any new
*free* p2p app that is not open source. You always ask "What is their angle"
No free lunches these days.
: What next?
: The zeropaid trolls claiming that ES5 is run by the FBI to find Russian
agents
: in the US, by tracing who downloads Russian copies of Jet Li movies?
Not outwith the realms of possibly. The USA is a rather crazy country.
"Use.Netuser.de" <NoMilkTodayImOnHoliday@hotmail.com> wrote in message
news:blkijb$chcqu$1@ID-151068.news.uni-berlin.de...
| "Malev" <malev@selamer.com> wrote in message
| news:lqcrnv0qv93bqh09fmg9grst5kk3ha7hlm@4ax.com...
| : On Fri, 3 Oct 2003 17:50:40 +0100, "Use.Netuser.de"
| : <NoMilkTodayImOnHoliday@hotmail.com> wrote:
| :
| : >ES5 has malicious code
| : >http://www.zeropaid.com/news/article.../10022003i.php
| :
| : The slanging match between zeropaid / ES5 has been going for months, each
| : accusing the other of all the calamities on earth.
|
| What possible benefit would zero paid get from *slagging* off any p2p app.
| They advertise every other app so they have nothing to gain. The exploit is
| fully documented as would any other nefarious happening on any other p2p app.
|
| : In the above article, the zeropaid hysterical troll accuses ES5 of being
| RIAA
| : agents. Hey, a good part of the stuff on ES5 is in *russian*, movies dubbed
| in
| : russian. The RIAA might be stupid but not to the point of baiting the
| Russians!
|
| It was defined as a theory not an accusation. I agree there have been many
| unsubstantiated rumours about ES5 but that is normally the case with any new
| *free* p2p app that is not open source. You always ask "What is their angle"
| No free lunches these days.
|
| : What next?
| : The zeropaid trolls claiming that ES5 is run by the FBI to find Russian
| agents
| : in the US, by tracing who downloads Russian copies of Jet Li movies?
|
| Not outwith the realms of possibly. The USA is a rather crazy country.
|
Yes these bloody Yanks are Krazy...trump up fake allegations against another
government(even when known to be false), so who is to say that a distribution arrangement
for the "Russian" files is not legit, but bait to lure more victims in to share their
goodies and such, and the RIAA/MPAA have publicly stated they would like to trash peeps
bots with copyrighted files on them, regardless of the consequences, so..Yes(IMHO) ES5 is
a "Roach Motel" for P2P'ers..
--
Come To Florida, We Need Voter's that
actually KNOW how to cast a Ballot....
-=ô;ö=-
P.S.
I wonder if the malicious code was added after the "Excalibur" trojan was revealed as
present in their software...
The other said of the debate ES5 speaks out.
http://www.p2pnet.net/article/8295
"-=ô;ö=-" <Not.Telling@nowhere.com> wrote in message
news:vKufb.10450$3b7.2046@nwrddc02.gnilink.net...
: P.S.
:
:
: I wonder if the malicious code was added after the "Excalibur" trojan was
revealed as
: present in their software...
:
:
In article <bln86q$dsh8v$1@ID-151068.news.uni-berlin.de>, Use.Netuser.de
wrote:
> The other said of the debate ES5 speaks out.
> http://www.p2pnet.net/article/8295
Their explanation is bogus. They claim that they need a remote file delete
function as part of their remote update procedure. A proper update
procedure would do any necessary file deletion by having the updated version
do the file deletion. There is no need, as part of updating, to have a wide
open remotely accessible delete command.
The only question here is were they really being malicious, or just
incompetent?
--
Evidence Eliminator is worthless. See evidence-eliminator-sucks.com
--Tim Smith
I agree this is my post to another group
The comment from ES5 say that it was intentional ....
http://www.p2pnet.net/article/8295
"The problem with the Earthstation5 software that RandomNut found truly
exists, however the sordid motives he attributes to Earthstation5 are
incorrect. The following functions were put into Earthtation5 to allow
automatic, remote upgrade of the Earthstation5 software.
"These functions are:
1) Reload Earthstation5
2) Shutdown Earthstation5
3) Delete a File
"All of these functions are necessary to perform when upgrading software.
Whereas initially they state ...
"There is no malicious code in ES5," says ES5's Ras Kabir in a post on an
non-associated list. "That 'bug' refers to a users ability to erase his own
computer files! 127.0.0.1 refers to LOCAL HOST or your own computer. It does
not allow you to erase your peers files!"
So on the one hand it an intentional inclusion so files may be deleted and on
the other hand one can only delete files from the local host! Which is it? I'm
confused ;-)
"Tim Smith" <reply_in_group@mouse-potato.com> wrote in message
news:5NJfb.1886$Qy2.1266@newsread4.news.pas.earthl ink.net...
: In article <bln86q$dsh8v$1@ID-151068.news.uni-berlin.de>, Use.Netuser.de
: wrote:
: > The other said of the debate ES5 speaks out.
: > http://www.p2pnet.net/article/8295
:
: Their explanation is bogus. They claim that they need a remote file delete
: function as part of their remote update procedure. A proper update
: procedure would do any necessary file deletion by having the updated version
: do the file deletion. There is no need, as part of updating, to have a wide
: open remotely accessible delete command.
:
: The only question here is were they really being malicious, or just
: incompetent?
:
: --
: Evidence Eliminator is worthless. See evidence-eliminator-sucks.com
: --Tim Smith
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote