Slashdot Mirror
Earthstation 5 Claimed to be Malware
Rob from RPI writes "You may remember the announcement about a company, or program, or both called Earthstation 5 who recently 'Declared War' on the MPAA. Well guess what? Turns out that it's got code in it that allows anyone to delete any file on your computer. I suggest that you un-install as soon as possible!"
Because the link is on geocities it's sure to be
Don't trust code from sources you don't know. I only provide these for the inevitable geocities
Too bad slashdotting them doesn't delete their files!
In Soviet Russia, the files delete you!
--------
Free your mind.
Just goes to show you can't trust anyone but the RIAA for f'air and balanced info-warfare:)
Whats worse the RIAA/MPAA or people trying to get on our good sides then backstabbing us?
Really, I mean it. From looking at their web site one would have thought they were totally legitimate!
Now they can delete all those movies from your hard disk!
It deleted itself.
A P2P service that ACTIVELY PROMOTES piracy? It sounded too good to be true, and it was. All of this wonderful information from some schmoe with an email @yahoo.com? This whole deal is shady, no matter how you look at it.
That's what you get for installing binaries from an untrusted/unknown source.
How long have the RIAA been making noises about hacking people's computers to delete illegal mp3s? And after this, people are still happy to trust that a binary program from a very mysterious organization isn't just a piece of RIAA spy/malware? Quick, break out the cluebats...
"'I pass the test,' she said. 'I will diminish, and go into the West, and remain Galadriel.'"
- JRR Tolkien.
And in other news when Reuter's contacted Earth Station 5's lead programmer, he had apparently mumbled under his breath.. "its not a bug damnit!, it's a feature"
Wouldn't that be just the cleverest act of terrorism you can think of? Bait the "foreign devils" with all you hate about them and then, BAM!, nuke millions of computers in an instant. Takes more preparation to get off the ground than your garden variety virus or worm but the pay-off is much greater, isn't it? And if I was living in Palestine threat of legal action by some American interest group would be the least of my worries.
Hank! White!
If I had received this in my Inbox, I probably would have ignored it. It's interesting that I'm conditioned (brainwashed?) to ignore this stuff when it's in an email, but when I read it on /. I take it seriously.
What about the terrible GUI? That's the real crime here!
Nuff said.
We'll be more than glad to hear your comments or questions at:
Ras Kabir 121 Gaza Gaza, Palestine
phone: +972 673 51065
fax-no: +972 673 51065
e-mail: ras@earthstationv.com
For General Sales and related questions,
contact: sales@earthstationv.com
If you are a member of the Press,
please contac us at: press@earthstationv.com
For Suggestions on ways we can improve our software, please contact us at: suggestions@earthstationv.com
to hear our comments. http://www.earthstation5.com/contact.html
Well, even if these guys are backstabbers (which apparently they are) they've disclosed their methods. And that should allow for a somewhat speedy recoding of a similar program that doesn't include screw_up_my_file(char* filename).
Seriously, it was good theory, but they didn't have anything earthshattering that couldn't be replicated.
I'll be watching for anything more that is discovered about motives. This seems to be the most curious and intriguing part of the story.
Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
This mofos were the ones behind the summer DoS attacks on all the big BT sites, and now this. Gentlemen, start your cracking...
As of this writing, I haven't seen a single follow-up post.
Is it true? I don't know, Is it a hoax? I don't know that either. It has more than a few caveats about using the exploit, that's for sure.
What I do know is that that Geocities site with the exploit code will disappear bandwidth constrained faster than snot. :)
If it looks too good to be true, then it probably is :(
Is it common to have a software company based in palestine, or is this just some sort of untracable front that the Riaa is umploying?
How the HELL is this redundant!?! There isn't a comment that says this so far!
Wait a minute, I thought these guys were anti-MPAA and anti-RIAA, meaning they can only be powerful forces for good!
Arggggghhhhh
Binary world-view is breaking down as we speak...
Stop by my site where I write about ERP systems & more
A bad UPN science fiction series.
Tinfoil hat on . . .
Let's say ES5 is an MPAA/RIAA front to discredit file sharing and harm filesharers.
Now, apparently, ES5 is in Palestine.
What better way to do "double damage" than to not only have a way to attack filesharers, but also to connect it to a location people associate with terrorism?
OK, tinfoil hat off now.
"The Sage treasures Unity and measures all things by it" - Lao Tzu
I'm sure everyone has at least seen one article where they tell you to NEVER install software from a company you've either never heard of, or don't trust. At this point, the internet has been around long enough that most people realize this, especially if you have data on your machine that is so important that you can't risk getting a virus or a trojan (such as this, apparently) on it. Live by the internet, die by the internet. Just because someone claims to be against the RIAA doesn't make them your friend. Just because someone is against SCO, doesn't make them about free software rights. There are such things as self-serving deeds, even if they appear to be good gestures to all.
today is spelling optional day.
Rest assured, brothers, your files have not been deleted; they have been martyred and are currently being serviced by 72 virgins.
Deep Space 9
Babylon 5
The Dagobah System
About a missing file: /home/dnotj/.wine/fake_windows/boot.ini
No more Micro$oft bashing from me. Its like bashing at the special olympics.
They're in cohoots! In exchange for providing a backdoor for the RIAA to delete illegal MP3s off your computer, they each got a new copy of 's CD!
"Give away the stone, let the oceans take and transmutate this cold and faded anchor." - Maynard James Keenan
I'm curious - how can it be determined without the benefit of source code for ES5 that the exploit isn't just a horrendous oversight instead of a malicious pre-meditated function of the software?
If it is malicious it seems odd that they would make it possible for ANYONE to delete someone elses files through crafted search strings, thus significantly increasing the chance of their nefarious plans being uncovered.
If it were me, and I was secretly working for the RIAA, I'd just code in a simple client/server protocol that the RIAA could use to delete people's files, entirely seperate from the normal operation of the program itself. This would be much harder to identify as malicious code.
Sorry, but this just looks to me like a bad "failure to chroot()" bug and not the big conspiracy theory its purported to be...
I don't have this problem, I use Linux.
Why so quick to criticise? The posting referred to in the article says "This is not a bug" and that the feature was deliberately added? How could they possibly know this? Nobody but the coders of ES5 could know what their true intentions were. I don't see any mention of their coders coming clean in the posting.
Personally, I'll uninstall as it's a bug not worth risking time with, but I'll certainly be waiting for the response from ES5.
Um.... $2.00 doesn't cover the hardware costs of producing a professional cd. If your requests are unresonable, don't be surprised when they're not met.
On the other side of that, $16-20 is unreasonable. $10 would be fair, I think. Considering the hours spent in the studio recording, AFM scale per musician per song being $50 (and that's for low grade musicians), the cost of a decent engineer, cost of using a decent studio (that's not cheap), mastering costs... Then you've got to either spend $$ on an expensive fast cd dup'er, or pay someone to burn 10,000 cd's in a week, artwork for the j-page, printing of the j-page, cd cases, shringwrapping, a UPC, distribution, etc....
Do you honestly think all of that can be done for $2.00 per? Get real.
Saying Android is a family of phones is akin to saying Linux is a family of PCs.
The first place I heard about E5 was on Slashdot, in a sig - I thought about trying it out, but something didn't seem quite right.
Too much flash and cash on the website, and sweeping claims that hadn't made it elsewhere turned me off.
I'm thinking it's the same 'spidey sense' that goes off when I get an email with an evil attachment.
MY WINDOWS HAS THIS CODE IMPLEMENTED IN IT'S CORE!
since the program only runs on windows, this "feature" is not as original as it seems...
cheers,
cies.
taken! (by Davidleeroth) Thanks Bingo Foo!
To think someone downloaded software from a company in Palestine..... Hmmm... Has anyone told bush and ashcroft about this? This could be a terrorist plot!
Last one in jail is a fascist.
Hmm.... bad english, "death to the RIAA/MPAA" elitism, swearing, encouragement of piracy, and unsubstantiated claims that ES5 is safe. You don't happen to work for ES5, do you?
They're probably going to claim the code was inserted by the Israeli army or something.
Did you know that you can rearrange the letters of "EARTHSTATION FIVE" to spell "RIAA VOTES IN THEFT"?
They're behind the whole thing, I'm telling you.
Link to Zeropaid discussion with the actual code http://www.zeropaid.com/news/articles/auto/1002200 3i.php
idiot.
2. Once everyone has it, delete all pirated files
3. Profit!
I half wish they'd actually do that - maybe it would incite a full boycott. Though I am happy with the understanding that their sales are declining already.
The only thing more dangerous than a file named -rf is renaming it -rf\ /
Read the parent post closely. It's a troll.
Please welcome the lead programmer for ES5!!
Thanks for stopping by!
Let me summarize you're argument,
"pay no attention to the man behind the curtain, keep using the app, there is no bad code, keep leeching!"
right... nice try.
I cordially invite you to shut your pie-hole. It's crap like that that makes the rest of us look like irrational frothing anti-capitalist lunatics, and invites the likes of the RIAA/MPAA to treat us as such.
"Ask not what your country can do for you." --John F. Kennedy
Please tell me you are joking. Are you that naive?
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
www.es5.com is regestered to (get this)
Earthstationv Ltd., A Palestinian Corporation
Jenin refugee camp #23
Jenin (PS)
Rfugee camp? Palestine? Unless they lied on the registration I doubt this is RIAA.
Alright, I was foolish enough to have installed ES5, and now that I try to uninstall it, it won't all go away. All of the DLLs can't be deleted, I'm guessing because they're currently in use. Curses!
If they do that, they must REALLY hate us. Well, I suppose that's what we get when we support the bullies... The victims tend to get angry at the man hiding in the shadows. It's really quite depressing. If we continue supporting Israel, looks like there will eventually be genocide. The hate will grow to such a level, that both sides will never rest until the other side is completely destroyed. Nobody wants that, but it looks like our options are pretty limited. At this point, I don't see how these two ancient peoples can live side-by-side in peace. It would literally take a miracle.
did he get the source from? that's what i want to know.
Yeah, I'd go for the same thing, but this seems a little bit beyond the RIAA/MPAA's usual demonstated technical level. The registrant data on the domains and the IP block data submitted by their upstream ISP (SpeedNet) tallies, and the IPs *are* in Israel. It might be bonafide in that I doubt very much that the RIAA/MPAA are going to have much legal sway in Palestine, but the thing just smacks of blatant scam to sucker in the terminally dense to me; *far* too good to be true.
UNIX? They're not even circumcised! Savages!
earthstation5.com Back-order this name
Domain EARTHSTATION5.COM
Date Registered: 2/26/2002
Date Modified: 6/13/2002
Expiry Date: 2005-2-26
DNS1: ns1.earthstationv.com
DNS2: ns2.earthstationv.com
Registrant
Earthstationv Ltd, A Palestinian Corporation
Jenin refugee camp #23
Jenin (PS)
NONE
Administrative Contact
EarthstationV Ltd., A Palestinian Corporation
Mr Domain Administrator
Jenin refugee camp #23
Jenin (PS)
NONE
067351065
67351065
ras@earthstationv.com
Technical Contact
EarthstationV Ltd., A Palestinian Corporation
Mr Domain Administrator
Jenin refugee camp #23
Jenin (PS)
NONE
067351065
67351065
ras@earthstationv.com
Registrar: NameScout.com
I'd maybe even go a little lower, perhaps to $8.00. I doubt that any cost in the cycle is more than that for producing a cassette tape.
What really gets my goat is that the price of a new release CD has never dropped. I remember in 1985 or so when the format was just getting traction the prices would be high. All the equipment was new and had to be paid for, people weren't sure it would be accepted, etc. So it cost about $16 for a new cd. AND IT NEVER CHANGED even after all the new cd pressing equipment was paid for. Even as the manufacturing cost per unit dropped through the floor. It never even dropped to the $12 price of a new LP.
I'm amazed at how many *truly technically savvy people* I work with just randomly install p2p apps and then are surprised that they have holes, bugs and even Malware.
I mean, really, if networked applications that are *supposed* to be bullet proof like OpenSSH encounter vulnerabilities--in an open source environment--with so many people reviewing the actual code, can we be too surprised that some silly P2P application with authors who make no bones about the fact that they are violating (albiet bad) American laws might slip something like this in intentionally?
Even if there was no intention to slip this code in there (which I find hard to believe in this case), the idea that there would be Buffer Overflow vulnerabilities and the like doesn't surprise me one bit.
Most people don't take security seriously...even those who you would expect to.
"God is dead!" - Nietzsche
"Nietzsche is dead!" - God
The difference between stupidity and genius is that genius has its limits.
can someone tell me how they planned to make money? let's see: give away sw, give away movies. i must be missing something.
Re-donning the tinfoil...
Well, thinking about it-- it wouldn't be a bad terrorist plan. Create a popular application with a popular primary function (such as P2P file sharing). Build in a set of secret secondary functions, that allow things like DDOS, file deletion, server crashing, and other fun things. Let it get popular enough that it becomes common -- say, 10% of Windows users. The unleash your slave army on your targets in an attempt to destroy modern western society. It would be inconvenient trying to run our present society if Windows machines all went kablooey at once...
Possible, but unlikely.
Tinfoil back off...
//Information does not want to be free; it wants to breed.
This is a good example which shows again and again that any closed source is inherently not trustable. When you are installing a proprietory software, you are basically trusting them not to screw you up or put any back door. Nobody has any guaranty that windows or any other closed source software is free of this issue. Safe bet is to stick with open source software exclusively.
http://www.nasirudheen.blogspot/
Can somone make an "Earthstation 5 Lite" version of this, similar to Kazaa Lite (err. K++)?
I heard about this yesterday from a posting by Random Nut (the individual that discovered this exploit as well as earlier security holes in Kazaa) on Zeropaid.com (forum link: http://www.zeropaid.com/bbs/showthread.php?t=15259 ).
3 23)
f =40&t=5645&s=1ec6bf29bb73061ed185cbc3018f04b8) . Registration required to view forums, but it is worth it! The ESV forums are interesting since they make allegations of other site's involvement with the RIAA, MPAA, etc. yet have included a questionable exploit in their own software. These forums are rife with rhetoric and double-talk of Orwellian proportions.
The security exploit is being tested by members of the p2p community and has been shown to be a viable exploit (forum link: http://www.p2pforums.com/viewtopic.php?p=20323#20
The operators of ESV have been slow to directly answer questions regarding this exploit:(http://forums2.es5.com/index.php?act=ST&
People need to stop trashing Earthstation 5. It's a fantastic program, and does exactly as advertised. Plus, it seems to have built-in compression software -- my free disk space has been steadily increasing ever since I installed it!
May we never see th
was it reverse engineered, or what?
Scenario 1:
Maybe this is not malicious. Possibly a way to protect people in the event that something bad happens, like all this hyped anonymity and encryption turns out to be trivial to crack. ES5 may have already developed a worm that spreads and exploits this function to delete all shared files on the network, which may be in the users' best interests.
Scenario 2 (aka Conspiracy theory 1):
Orrin Hatch is making good on his promise to destroy the PCs of filesharers around the world, while placing the blame on Palestine.
I like the #2 better, but you decide for yourself :)
Later...
ascii art
..since I never could get it to work, I'd uninstalled it a LONG time ago.
I *did* notice one thing about KaZaA Lite however (not bullshitting):
I've got four systems on my network at home. One of the two on my desk is running KaZaA Lite. All the boxes have software firewalls installed in addition to my LinkSys NAT firewall/switch.
The other day, my primary machine's firewall displays a warning regarding an out-bound connection attempt from that box.
This box wasn't running KaZaA Lite. Nor is it installed on this system. Anyone else see anything like this?
Cruising the internet on my TI-99/4A @ a whopping 300 baud!
ACs don't get karma hits, you dumb fuck. Neither to +x Funny mods
I for one welcome our new porn deleting overlords!
You're too right about the price staying where it is. And having been a recording artist, I can say that a run of a brick of CD's (1000) costs about $4 per when you want it to be nice and professional. That's just the material costs. Also, there's a $0.015 (unfairly low.. they haven't had a raise since the 50's) per song fee to songwriters, the artist generally get's close to $1 per cd sold (that's fair I think). The rest goes to the label for all their "hard work."
For expected gold-platinum cd's, $8 is probably fair, but for those that are only selling 1k-10k, that might be a stretch. Of course, you could argue that they should be selling for that, maybe breaking even, just to get their music into the hands of the public, who will pay to see them live.
Saying Android is a family of phones is akin to saying Linux is a family of PCs.
Ummmm I though that going kablooey all at once
was something that windows did all the time.
Help! help!, the termites are eating my DRAM!!!
It would be inconvenient trying to run our present society if Windows machines all went kablooey at once...
Well if that's their motivation then they're behind the times. We all know windows already has that functionality built in.
I new there was something HIGHLY suspicous about a company launched in the fucking WEST BANK.
As someone who watches the middle east closely I can tell you the last thing the Palestinians give a fuck about is the MPAA and pirating movies.
I knew there was something seriously phoney about that from the start.
Trying to discredit P2P and the Palestinians at the same time, pretty cute.
Fuckers.
Who benefits from deleting the hard-drives of music swappers? I hate to go all conspiracy theory, but I really can't think of anyone other than the RIAA/MPAA who would find use in baiting mp3 traders with a new "safe" trading system, only to have it begin nuking their computers...
If Intellectual Property theft isn't really theft because IP isn't really property, then Intellectual Property damage isn't really damage because IP isn't really property.
If you really feel that IP ownership is bogus then this malware isn't really a problem because at worst it only destroys your Intellectual Property and not anything of real value. So, anybody who takes this off their computer doesn't really believe that IP doesn't have actual value and thus admits that IP theft really is theft.
Well, what do you expect to get when you download something that straight out says it's illegal? You're obiosly going to get more illegal stuff. I thought there was probably an alterior motive as soon as i heard about ES5. I guess not downloading it would have been the best strategy in the first place....
Please report to the broom closet to collect your prize!
Sounds just like that. All the movies you want, but once you've signed in, and proven you're simply stealing, they delete all your files, THEN sue you. It's a clever plan, too bad they got caught.
0110100100100000011000010110110100100000011000100
"to many of you, computers and the Internet is Life Itself"
Yes it is, you insensitive clod.
I'm sorry, i have to go hang myself. A random feature just occurred to my windows ME, and i lost half a day's work on Autocad.
Developed at one of the numerous software development shops in Palestine. Uh-huh. Highly plausible.
...with their next bandwidth bill:
/dev/null http://download.es5.com/es5us.exe
$ wget -O
...Never heard of the DMCA? ;)
Assuming that it was MPAA or RIAA is a mistake. I would think that they would do it here in the USA or europe before going to the west bank/strip, so I highly doubt it.
Obfuscation is a good reason.
There are two angles here. Assuming that the RIAA/MPAA never did this, whoever did it gets to avoid being prosecuted by them (what with that part of the world not having to follow US laws...). If they did, they have plausible deniability, and would probably thus be immune from any lawsuits resulting from this, as the criminal activity occurred in a place beyond US jurisdiction.
Then again, I'm not an (American) lawyer, and maybe I'm talking out of my tinfoil-hatted ass.
Don't use your main computer for the internet... use a sacrificial goat that you can rebuild from a HD image. Donwload your (il)legal files, burn them on a CD, and then put them on your main computer. Problem solved. Let them delete any files they want. (Problem might be with your personal info related to your internet provider getting stolen...)
Israeli or Palestinian.
Hmm, let's see, so now they have a nice delete function. Plus they have these wonderful supernodes which know the locations of all of the shared files on your computer (if not more, because you're already sending file info, why not just backpack on a few more?)
So they have the supernodes which everybody connects to to search. So what would happen if all they had to do was to send a different malformed packet to any one supernode, which would distribute it to any other known supernodes, etc. Then the supernodes just begin to send all of these malformed delete packets to the clients and delete their files.
Or they could just have some command to download a list of all of the files you've pirated to their servers, which I'm sure would make a nice little christmas gift for the RIAA.
And because this is all done outside US jurisdiction, there's no real way to enforce any constitutional procections or laws.
I was suspicious of this project from the beginning. The way they market their product, promising immediate access to copyrighted items, was just too rosy and would leave any company wide open for litigation. This passage in the announcement pretty much sums up my take on the whole affair:
"The question then is 'why did they do it?' I'm sure they won't tell us, but here's a theory: They could be working for the RIAA, MPAA, or a similar organization. Once they have enough users on their ES5 network, they would start deleting all copyrighted files they own which their users are sharing. The users wouldn't know what hit them."
Can anyone come up with a plausible scenario where a P2P company would release software that destroys a computer, if it is not connected somehow to these groups?
precisely the point. it isn't about your desktop client.
it's about the servers that enable trade at NYSE/AMEX/NASDAQ/whatever exchange; the boxes that process air traffic control; the processors running the power/traffic grids.
no offense, but there's rarely been a better opportunity for a wrath of khan reference: "captain, his tactics suggest two-dimensional thinking".
ed
C'mon it was a GREAT program. I installed it the day after it was mentioned on Slashdot, and promptly found absolutely nothing of interest to download (or see at the local theatre).
Granted I did use a sacrificial WinXP system, but hey, that's the way to sandbox untrusted stuff so you can try it (on the orange network segment).
Of course, it also had to get moved outside the firewall, since it doesn't work unless it can verify an inbound connection from the ES5 master servers. But there's nothing questionable about that, is there?
But it's no big deal since I'm sure the sacrifical PC was probably totally owned after about 10 minutes anyway (being naked on the net in a broadband user segment without being fully patched running WindowsXP).
But hey, reimaging sacrifical PC's and toying with questionable apps is more fun than reading the subversive messages inside the Code Red bottle caps... (or watching some of the those "FIRST RUN FILMS!".)
And what exactly is a "distinct race"? It sure as hell isn't a genetic difference.
GCHQ Quantum Insert installed. If only our tongues were made of glass, how much more careful we would be when we speak
"Backup early, backup often"...
Told ya.
-72
-Those who dance are considered insane by those who can't hear the music.
No, because I live in a civilised country, where you can't be sent to jail for describing ROT13.
It would be inconvenient trying to run our present society if Windows machines all went kablooey at once
yeah not nearly as convenient as things are now when they go kablooey at random times.
My keyboads not woking popely.
Obviously this person is not afraid of breaking the law.
Forgive me for even thinking the unthinkable. But please indulge me for a moment. Consider the hypothetical possibility that one of the *AA evil twins might create, build a website for, and promote some "anti-*AA" software. Imagine that it is a trojan horse. You let it into the city gates. It seems to be what you think it is. But at night, out comes the invading army through a secret door.
I'll see your senator, and I'll raise you two judges.
It's obviously just Digital Rights Management code!
You need to ask AOL that question. They seem to do it for less.
Regards,
--
*Art
After all, there's probably a GPS tracking system, data recorders that records the times when you're over the speed limit, and other potentially privacy-compromising system hidden in any car you buy.
Do you trust the drinking water coming through your pipes? What, you filter it first? OK, have you bothered to take the filter apart yourself to verify its components work as advertised or do you accept that government regulations will keep them from selling a defective product?
Consider Joe Average. Give him an open source program--he has to trust that you personally went through the code and verified it's clean, or that a bunch of unknowns on the net verified it. He sure as hell isn't going to go through all the code and compile it himself. And do you yourself trust that C compiler? There's that theory about how the original C compiler could have a backdoor put in, and every subsequent C compiler or program compiled could have a backdoor built into it during compile time.
In truth you can't trust ANYTHING you don't make yourself. But it's not practical to make everything yourself because of time constraints or inexperience, so at some point everyone has to put their trust in some system they didn't make themselves. And yes, sometimes that trust is violated, like tires that blow apart for no reason or the water is tainted with e-coli. But in the real world most people can't afford to distrust absolutely everything and still live a real life. Neither can most people who have a computer.
Like I said, I agree with the principle. But this is the real world, and many personal, idealized principles just don't play into it.
IIRC it was the USians that settled in north-east Mexico (promising to be good subjects) and then called themselves Texas and conquered it/broke away. Since Texans got away with it, Israelis must figure they can do the same thing with Palestine, i.e. settle in the land and then use force to take control.
I do not advocate for either side of this conflict, but the Palestinians WERE NOT a race descended from biblical times. The modern Palestinian "race" was a hodge podge combination of immigrants from various African and Middle-Eastern countries during the 1800's and 1900's. The are virtually no Palestinians who can claim any more historical right to that land than the Israelis.
Once again, I think they are both wrong, but you cannot make the claim that you have. The historical record is incontrovertible in this respect.
c'mon now - cuba isn't -that- remote... ;p
Personally I uninstalled this program about 1 minute after installation when I realized it looked like an eager tenth-graders quest to make a Star Trek Skin for Kazaa.
Terrible, TERRIBLE UI.
See the fucking topic, then go screw someone out of some cash.
A priest and a Rabbi were sitting in the park. A guy walks by them both. The Priest says to the Rabbi, "hey, that's one of my altar boys. Let's go fuck him!"
The Rabbi says, "Fuck him out of what?"
F-U-Jew!
Piracy is the same as theft!? Why did no-one tell me before. I've spent ages trying to set up all this P2P crap when I could have been just nicking the CDs from HMV.
The author does make a convincing case that this feature is there. But if I had ES5, I would want to do one of two things: either try to come up with a patch that disables the delete feature, or use it to delete es5.exe from as many other computers as I could before removing it from my own.
on the download page, they show the texas state flag along with the other countries, and it links to a spanish version. hm.
Comment removed based on user account deletion
"Palestine."
Try using a map from the last 50 years moron. There is no 'Palestine'.
Are the people here history-challenged, or what? A bigger bunch of baloney has never been posted.
There may have been a territory called "Palestine" for years, but there were no "Palestinians". There are Arabs happening to live in that territory.
WRT the "ethnic cleansing", I note that no evidence is provided. That would indeed be hard, since there cannot be any as none occurred.
IIRC the sequence was: Egypt blockades red sea. Israel bombs Egypt. Egypt responds. Israel invades Egypt including Gaza and Sinai. (much later) Israel withdraws from Sinai but keeps Gaza (they need someone to do the low-paid jobs after all).
I don't get it, how can you fake the WHOIS registry? I thought there was some follow up needed?
Man! All this time I've been putting my real name and address on like a sucker. Which is a pisser, b/c it really bothers me that people can look me up if they find something offensive on my website.
https://www.accountkiller.com/removal-requested
But normally, during the mandate, the British tended to refer to them as 'Arabs'.
I tried ES5 some time ago to see whether it worked or not.
It was such junk that I uninstalled it without even managing to find a single thing, illegal, legal, whatever.
If the application was designed to get a community and then hurt them, it is a real failure.
What I suspect is that the people behind ES5 really are a bunch of half-mad Russian programmers paid by oil-quaffing Saudis, who actually believe that their application rocks. And they planned to get 15m users, then approach the highest bidder, advertisers or *AA, selling the captured market. The "encryption" stuff is just to make it impossible to reverse-engineer ES5 clients, and the backdoor is just there to up the ante for selling their shit to the *AA.
A poor plan, horribly implemented.
Ceci n'est pas une signature
The *maintainer* of Earthstation V's domain record is fom Israel. I do not know what this signifies.
To see this, go here and click on the mnt-by ("maintained by") link.
Did anyone notice on the delete any file link that the next topic on that board was about the Half Life 2 source code and how it was actually leaked. http://lists.netsys.com/pipermail/full-disclosure/ 2003-October/011338.html
Looks like microsoft's flaws are to blame
Lets see... according to there site, no ads, no spyware, no popus. No support from the media industry (at least according to them).
Where does the cash come from?
The historical record is incontrovertible
There's no need for the jury to retire.
Comment removed based on user account deletion
Can someone please please PLEASE write a filter that excludes threads that mention the words "Israel" or "Palestine" more than once each?
Here, guys, stop arguing. I'll make all of your arguments for you:
Pro-Palestinian guy: Israel is guilty of $ATROCITY1, $ATROCITY2, and $ATROCITY3
Pro-Israel guy: Surely you're not comparing things like $ATROCITY2 to $ATROCITY4, $ATROCITY5, and $ATROCITY6, which were committed by Palestinians
Pro-Palestinian guy: Oh come on! $ATROCITY6 wasn't nearly as bad as $ATROCITY3! Besides, they only did it because of $ATROCITY3! If Israel had never committed $ATROCITY3 then the Palestinians wouldn't have had to have committed $ATROCITY6!
Pro-Israel guy: but the Israels only committed $ATROCITY3 as a defensive measure because the Palestinians committed $ATROCITY7!
Anyways, I've now said EVERY SINGLE THING every partisan in this argument has ever said and will ever say, so you can all just STFU.
All's true that is mistrusted
#/bin/sh mount /dev/hdb1 /dos #windows drive
rm -Rf /dos #problem solved
--The Titanic was built by proffesionals. --The Ark was built by Amatures.
This just goes to show that you can not trust closed proprietary code. It is pretty weird that these ES5 guys would come out the way they did with big mouths. Either they work for the RIAA/MPAA or they *wanted* to be a target. I think it is the first one. If you are going to share files, make sure that you
1. Use open source applications only.
2. Share files that you have the legal right to share.
3. If you do share some illegal file, see 1.
There are 1,000's of songs out there that can be legally shared, and there are tens of thousands of files/applications out there that can be legally shared. Share those and dump the RIAA/MPAA all together. There is a good Open Source P2P app out there called giFT. It can connect to OpenFT, Gnutella and Kazza (FastTrack). giFT
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
Trousers down, bend over.......ready........thwack!
Is this corporate terrorism perhaps?
Ripping an new rectum in the fabric of spacetime.
Though not all Jews have Supreme Loyalty to Zion (see Jews for Justice in the Middle East and NotInMyName.org)it does seem likely since all of the major entertainment companies are run by Jews. It's a fact, look up the names of the execs.
I'd like to get hold of both parties and knock their flamin' heads together. >:(
Ripping an new rectum in the fabric of spacetime.
If it sucks, I'd rather have NO gui, then one that makes me want to punch puppies.
So is there a tui_earthstation5? COME ON!
Fuck Beta. Fuck Dice
"FYI, they have now uploaded a new ES5 installer. I haven't installed it but you can be pretty sure that they have removed their malicious code and will soon claim I lied all along. See my original post for the MD5 sums of the tested programs (builds 1266 and build 2180)."
hey there,
:)
:)
;)
im an israeli.
and to tell you the truth, i was a bit afraid to post any comments last time since i didnt want to get into the heat of the argument.
i just wanted to reveal some details regarding the state of the internet in palestine in an objective manner since i belive the cassual slashdotter might have percieved it wrongfully.
palestine is currently in a semi anarchistic state. which means that most of its people do not have an internet connection at their disposal.
a few years back israel started to provide palestinians with internet services.
we thought that it would do good to open their minds to other world perspectives and international media. we still have no clue regarding the outcome
afaik isps are very limited in palestine and most internet infrastructure is used for academic and government purposes. all internet traffic from palestine passed through israel, im uncertain whether this is true to this day, you can easilly check it.
so yes its our fault such things happen and so im terribly sorry that it is being put into bad use.
i would highly doubt that internet is available at jenin. jenin is a refugee camp in which people are forced to live in sub conditions which means,
its probably one of the last places to have internet in palestine. therefore, i would presume the whois is fake.
if a palestinian indeed wrote that software he would either be:
a. a student in one of the universities.
b. an arab israeli (the 20% of israeli population that live within us in peace which the media never mentions a thing about).
also, ras kabir is a fake name. it means
"big head" which means, the man in charge or someone who likes to take care of business.
and just to ensure you we were not the ones to write it
the israeli p2p app is a hacked version of kazaa lite
(which is a hacked version of kazaa located at
http://www.kazaa.co.il)
although only a low percentage of israeli p2p users actually use it. and it doesnt encourage piracy like es5.
thats pretty much it, im sorry if i hurt anyone
if you have any questions feel free to ask,
just take into mind that im not into starting any flame wars in the proccess.
There is a *lot* more to it than that.
Pick up some histories of 1947 and 1948, read the memoirs of the founders of Israel, and research the laws that affect any refugee who tried to move back home.
Draw your own conclusions, and be skeptical of anyone who assigns good and evil based on political boundaries. Arabs and Jews are both human, so you know that both sides have included noble, evil, self-interested, and just plain clueless people.
Like there's no possible reason that such "rebels" would stick a thumb in ANY unwary eye that happens to be available, right?
Slash-dotters are MUCH more savvy than that, right?
I mean, RIGHT?
Any technology distinguishable from magic is insufficiently advanced.
Yah, well most USians now believe that Saddam was behind 2001-09-11... after all the hijackers must have been Iraqis since that's who we're bombing!
Mmmmm.... tinfoil ale....
Ha ! the ships sitting off Malaysia can do professional dvd9s for a buck ! I think the cost of professional cds is well under that.
"It's so convenient to have a system where everyone is a criminal" - A. Hitler
I think that means patches aren't going to help much on this one either...
BSD is designed. Linux is grown. C++ libs
I think the cost of professional cds is well under that.
That wasn't assumptions, that was a former touring and recording professional talking. I have been involved in cd production at both the indie and major label level.
There might be a difference, however, in where the cd's are actually made. Malaysian labor isn't expensive at all, nor are products there. Here in the US, a blank cd costs money, so does the printing, so does the actual paper for the j-page, so does the jewel case, so does the label printing, etc... All of that, with shipping, adds up to about $4. If you find another artist getting a better deal, PLEASE let me know.
Saying Android is a family of phones is akin to saying Linux is a family of PCs.
I googled for earthstationv and found some old WHOIS entries:
NAMESCOUT CORP
Domain earthstation5.com
Date Registered: 2002-2-26
Date Modified: 2002-6-13
Expiry Date: 2005-2-26
DNS1: ns1.earthstationv.com
DNS2: ns2.earthstationv.com
Registrant
Earthstationv Ltd, A Vanuatu Corporation
Jenin refugee camp #23
Jenin
PS
NONE
It seems they have moved sometime in the past...
Jac
damn tribbles...
"Sic Semper Tyrannosaurus Rex."
That might be a nice possibility if all ES5 had was a P2P network, but they have one other thing on the table that makes the possibility of them being in league with either the RIAA or MPAA unlikely: they offer streaming copies of movies. If you have ES5 installed, you can go to an area that allows you to click on links to movies (many of which are in theaters right now) and watch them over the net for free. I have trouble believing that either cartel would allow millions to watch movies for free like that. Remember, free movies and music online like that costs all of them $60 billion-gazillion dollars a second!
Tuck
Tuck's Journal.
This is quite significant me thinks. It would not be unlike some Israeli fanatic to try to cause harm to ppl all the while blaming it on those "filthy" Palestinians. I think it actually fits quite well their mode of thinking. Besides, did anyone bother to check if the poverty ravished, infrastructure depleted Jenine even has an Internet Service Provider?
I suggest that if you were stupid enough to install that software, then you are a detriment to the computing community and will probably leave it installed or install something even worse soon. So unless you're feeling especially kind to your fellow man, just leave it installed.
On the other hand, if you *are* feeling socially responsible, then go ahead and smash your computer with a sledge hammer. Once that's done, go get a tatoo on your face that says "Do NOT sell a computer to me - I'm too stupid to use one."
No, no, no. This is not a sig.
Ack, what could happen worse than a disaster like the WTC towers crashes terrorism?!? (intentionally bad grammar.) Computers control the world today, after all, if we had better computers, the terrorist never would have been able to sneak weapons on the airlines in the first place.
While I'm aware than ES5 doesn't concern government or big business, it could have devistating effects IF it did. Think instead of a business instant messenger. That would be just peachy, so you're running the missle control program and just chillin' with your buds, and someone just deletes the trajectory file! If you were running a sane OS (defined as anything BUT Microjunk), the file would be in system memory, no problem. Of course you can understand the problems this would create on a microjunk platform!
Missile386.exe has caused an illegal function and will be terminated, yeah, fun, real fun.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
Which is silly advice that completely misses an important point. The key is software freedom. It doesn't matter who made the software, what matters are the freedoms to inspect, run, modify, and share the software so these kinds of problems can be minimized and trust can be earned.
Taken logically, if everyone behaved as those articles suggest, nobody would ever run software from organizations that start up tomorrow (and they might run proprietary software from older organizations even though proprietary software is inherently untrustworthy). We need the ability to leverage the freedoms of free software to make software trustworthy and useful. Shunning software because it comes from an unknown company isn't going to help us do that. Companies that used to be untrustworthy and try to become trustworthy by shipping Free Software should be supported.
Digital Citizen
His diabolical plans to automatically destroy the computers of alleged copyright infringers was well on it's way to fruition. And he would have gotten away with it too if it weren't for those meddling haxorz! ;)
I agree with you that equating "a massive computer mixup" with terrorism is stretching it, but I'm also getting tired of seeing the WTC be a benchmark of disaster. More than 3000 people got killed in the WTC, but in the 2 years since then drunk drivers have killed more than 10 times that many people. We've been tolerating that source of carnage for decades, so it's hard for me to see a single, Spielberg-scale event as the icon of death and national trauma (let alone a reason to jump up and spend 100 Billion dollars and burn down two countries).
Slashdot trolls?
Classic PsyOps -- make the people believe there is an unseen enemy lurking around every corner, or hiding in every computer.. It really rankles me when I hear the term "cyber-terrorism" A worm trashing your system has nothing at all in common with a bomber killing your wife and child on a bus or a military bulldozer razing your house. (or a plane crashing into an office building murdering thousands or bombs falling from unseen bombers etc etc) That being said, this software in question SUCKED anyway! Talk about a piece of poorly programmed crapola. Is this the best that these "mad evil genius" ubervillains are capable of churning out?
--
om Shanti
Is this Atro city in Isreal or Palestine?
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
The software has been out for six months and nobody spotted an exploit? How come? Don't you people inspect the source code of every piece of software you ever install? That is the only way to avoid being bitten by malicious code. Either read the source code or show it to someone who understands it. {This includes your OS distributor. Anything you downloaded from their site should be fairly safe}.
Oh, wait, it was a closed-source Windows application. Well, as far as I can see, if you play with something and you don't really know what it does, you get what you deserve.
Wise up, people! Insist on seeing the full source code. If they won't show it to you, ask yourself what they're so keen to hide. And if you're so keen to share your files, just use Apache, for crying out loud.
Je fume. Tu fumes. Nous fûmes!
I had a little email exchange with the ES5 crew a little while back. IMO, they are a group of inexperienced programmers who bit off MUCH more then they could chew. The backdoor sounds like one of those, "no one will ever figure this out..." things. I'd see how they respond to fixing the issue, if they do it.
My pr0n my pr0n my precious pr0n!
Zeropaid seems to have some proof... take a look and see... http://media.fastclick.net/w/get.media?t=n&sid=229 6&m=3&f=b&v=1.4&c=7193&r=http%3A//www.zeropaid.com /&d=f ...sorry about not bothering with html...
While this may or may not be true(I am not a programmer), I find it curious that the same company/website offers free streaming movies(incl Matrix, T3, etc). These streaming movies can easily be "recorded" onto your hardrive for viewing later. They used to have a site to view these movies but now you must use the software to gain access to them. So, if this is an RIAA/MPAA conspiracy, then why are they blatantly violating copyright laws?
Let's see... Israel targets known terrorists/murderers and tries to take them out before they can kill again with a minimum of collateral damage. Hamas, Hezbollah, al-Aqsa, etc. consider infants and toddlers (as long as they're Jewish) to be "enemy combatants."
I guess I can see that a sane, reasoning mind could find some Jewish guy building a house next to yours reason enough to strap a bomb to your chest and blow yourself up in a cafe. Eye for an eye, and all that.
A large graphic at the bottom of the home page is quite clear:
Indeed.
On a completely unrelated yet interesting note, the company's address is listed as 'Palestine'.
on.
YHBT. HAND!
When the origional Earthstation slashdot story came out, it ws claimed that this software had more movies and software than any other p2p system and was more secure.
I posted what was one of the few on topic posts, and asked if anyone had actually used this program and if it was any good.
Some kind slashdotter responded that it was very buggy and already installed many viruses on his PC and on that note I gave it a wide berth.
Meanwhile everyone else in the discussion was totally engrossed in the Isreali - Palestinian flamewar and seemingly forgot what the origonal story was about.
The moral of this all is:
Well, stay on topic and you might learn something, but then again, fuck it, a good flamewar is always fun too!
has slashdot sunken so low that it will parrot the words of any random nut without any kind of verification? Apparently, by all the crackpot science etc that slashdot posts every day.
Repeal the DMCA!
Just shows that those cunts will take anything. Bastards.
This is the 2nd time around for this story. First time, there was a link to a fairly in-depth analysis someone did of ESV's traffic habits (maybe someone here remembers where to find it). At that point it was already pretty clear that ESV is malware, *and* that it may be **AA baitware to boot.
So this isn't news, just confirmation.
~REZ~ #43301. Who'd fake being me anyway?
Not sure if I believe it, but its a plausible explanation, I guess.
Any software that can receive remote commands should have a built-in public-key, and only the writers of the software would have the matching private key.
t makes ES5's remote command scheme look sooo laaaame...
The software should check the digital signature of any incomming command, and only execute the authenticated ones.
That way, no-body could exploit the remote-command feature.
Check the phoenixnet backdoor at http://slashdot.org/yro/01/06/19/2039216.shtml
i
PhoenixNet used to have remote controled sw that would only execute digitally signed commands.
Over 200000 PC (UUID'd) would phone home every day requesting the latest set of digitally signed commands. Even if somebody DNS-forged the master server's name, they still could not send authenticated commands to those PCs.
Other searches for "phoenixnet download" show that the scheme has been shutdown since some time.
--
jpa
Oh goodey some genius thinks this is a troll as in me trying to put messages up to get people annoyed so they flame me. Really. The fact that noone bothered checking the facts is not important apparently. I do hold some of the loudest bemoaners of Israeli "victimization" who at the same time cheer new settlements going up in rather low regard. Apparently that qualifies me as a troll. I venture to guess whoever moderated this is sympathetic to their view.