Earthstation 5 Claimed to be Malware

Rob from RPI writes "You may remember the announcement about a company, or program, or both called Earthstation 5 who recently 'Declared War' on the MPAA. Well guess what? Turns out that it's got code in it that allows anyone to delete any file on your computer. I suggest that you un-install as soon as possible!"

Well yeah..

A P2P service that ACTIVELY PROMOTES piracy? It sounded too good to be true, and it was. All of this wonderful information from some schmoe with an email @yahoo.com? This whole deal is shady, no matter how you look at it.

Tinfoil alarm!

[sebi]

Wouldn't that be just the cleverest act of terrorism you can think of? Bait the "foreign devils" with all you hate about them and then, BAM!, nuke millions of computers in an instant. Takes more preparation to get off the ground than your garden variety virus or worm but the pay-off is much greater, isn't it? And if I was living in Palestine threat of legal action by some American interest group would be the least of my worries.

Re:Tinfoil alarm!

[cybermace5]

I realize that perhaps, to many of you, computers and the Internet is Life Itself. However, a massive computer mixup is NOT a disaster on the scale of WTC or some other event causing major casualties.

I just get annoyed when I hear a computer attack referred to as an effective terrorist strategy. I certainly could survive if my computer didn't turn on today; no terror here, just kind of disappointment. Perhaps something like this could be called a "bummer. oh well" attack.

Re:Tinfoil alarm!

[skarmor]

realize that perhaps, to many of you, computers and the Internet is Life Itself. However, a massive computer mixup is NOT a disaster on the scale of WTC or some other event causing major casualties. I just get annoyed when I hear a computer attack referred to as an effective terrorist strategy. I certainly could survive if my computer didn't turn on today; no terror here, just kind of disappointment. Perhaps something like this could be called a "bummer. oh well" attack.

Nobody really cares if you can turn your computer on. However, a carefully planned attack on financial institutions/networks, military networks and other government systems could be quite effective. This is why said institutions are fanatical about security (or at least they should be).

Re:Tinfoil alarm!

[cybermace5]

Oh come on, nobody worries about that! Everyone here's just scared they won't be able to check email, post on Slashdot, run a game of Counterstrike. They would have to stumble out of doors, mixing with the rest of the population...uh...ok I see why this would be a terrorist attack now.

Re:Tinfoil alarm!

Please provide a reference to the seperate existence of a group known as the 'Palestinians' from before 1960 or so. Otherwise, readers might think you were just making it up and repeating Palestinian propaganda wholesale.

Re:Tinfoil alarm!

[VT_hawkeye]

Sure, if by "ethnically cleansed" you meant "watched the Palestinians get out of the way, then defended their homes as the armies of every surrounding Arab state rushed in to kill off the Jews."

The Arabs living in the former British protectorate of Palestine basically decided in '48 that they'd just head out for a little bit, let their cousins next door clear the Jews out, and create an Arab state. They didn't bet on the Israelis (a) being able to leave behind their self-destructive infighting and (b) kicking the Jordanians', Egyptians' and Syrians' collective asses.

That's what makes the "refugee camps" such a joke, albeit a sad one. These people were voluntary refugees. The Israeli Jews didn't run away, they defended their homes. The Palestinians could have done the same, but they didn't. Case closed. When it became clear Israel wasn't going away, the rest of the Arab world should have accepted the Palestinians into their societies rather than keeping them in camps for 55 years. Their failure to do the same, and subsequent usage of the Palestinians for political purposes is an indictment on them.

Re:Tinfoil alarm!

[cybermace5]

Maybe Homer Simpson would run Earthstation 5 on the nuclear control system, I don't know. But my point remains that while all of the above are inconvenient, they are not the same as sitting in your office with your morning coffee, and looking up to see an airliner bearing down on your stapler. Or getting your throat slit with a razor. See the difference? Attaching terrorism to computers is only another way to raise up fear and hype in this community too, and welcome more control of it. I realize that we who work with computers would like to think it is so important as to classify an attack as terrorism, but it just does not have that whole aspect of terror. Terror is looking out the window and seeing all your kids killed by a rocket-propelled grenade on your front lawn. Do you care about the fridge not working at that point?

Re:Tinfoil alarm!

[X-rated+Ouroboros]

Because you just know that a well organized technologically sophisticated terrorist cell would target the average user's access to pr0n. Hit us where it hurts, right? Infidel western devils just gotta have that pr0n.

Perhaps it hasn't occurred to you, but computers run: air traffic control, banking, train switching, power production and distribution, water treatment purification and distribution, and pretty much all communication technology at this point.

Having your computer not turn on might be an "aw bummer" moment, but when you realize it's because your power isn't on... unfortunately when you try to report the outage you realize your phone can't get tone. Cellphone doesn't get service either. "Ah, well." you grumble, and get in your car to go get something to eat. Traffic is a bitch, though, all the lights are either out (due to lack of power) or behaving erratically. You stop at the ATM to get some cash for some food, but it doesn't seem to be working. You figure you could just use debit or credit card, but when you finally find a restaurant that's open they explain that they can't seem to process the cards that day. You sigh and content yourself to what you can afford with the few dollars on you: a small bowl of soup and a big glass of water. The glass of water was a bad idea, though, since a valve mix-up at the threatment plant (after they lost computer control and coordination) has contaminated half the water in the city. Your last thought a few days later as the dehydration from the sickness finally steals your conciousness for the last time? It's not about missed e-mail.

Battlestations...

[finalnight]

This mofos were the ones behind the summer DoS attacks on all the big BT sites, and now this. Gentlemen, start your cracking...

Indulging in paranoid speculation - tinfoil alert

[Badgerman]

Tinfoil hat on . . .

Let's say ES5 is an MPAA/RIAA front to discredit file sharing and harm filesharers.

Now, apparently, ES5 is in Palestine.

What better way to do "double damage" than to not only have a way to attack filesharers, but also to connect it to a location people associate with terrorism?

OK, tinfoil hat off now.

If you use a computer

[ruiner13]

I'm sure everyone has at least seen one article where they tell you to NEVER install software from a company you've either never heard of, or don't trust. At this point, the internet has been around long enough that most people realize this, especially if you have data on your machine that is so important that you can't risk getting a virus or a trojan (such as this, apparently) on it. Live by the internet, die by the internet. Just because someone claims to be against the RIAA doesn't make them your friend. Just because someone is against SCO, doesn't make them about free software rights. There are such things as self-serving deeds, even if they appear to be good gestures to all.

Not a buffer overflow?

[Durzel]

I'm curious - how can it be determined without the benefit of source code for ES5 that the exploit isn't just a horrendous oversight instead of a malicious pre-meditated function of the software?

If it is malicious it seems odd that they would make it possible for ANYONE to delete someone elses files through crafted search strings, thus significantly increasing the chance of their nefarious plans being uncovered.

If it were me, and I was secretly working for the RIAA, I'd just code in a simple client/server protocol that the RIAA could use to delete people's files, entirely seperate from the normal operation of the program itself. This would be much harder to identify as malicious code.

Sorry, but this just looks to me like a bad "failure to chroot()" bug and not the big conspiracy theory its purported to be...

Re:Not a buffer overflow?

[scambaiter]

Well, the conclusion simply says that they dont know what the use for some special "delete file" command could be and add the MPAA/RIAA story as a theory.

I dont think that its simply something like a missing chroot() bug, i cant think of any good reason why you would have "delete file" command implemented in a P2P client... Fellow slashdotters, anyone got an idea why one would implement this?

Re:Not a buffer overflow?

[Viol8]

"I'm curious - how can it be determined without the benefit of source code for ES5 that the exploit isn't just a horrendous oversight instead of a malicious pre-meditated function of the software?"

Even in assembler its not too hard to see when an operation is a bug resulting from jumping to a bit
of code when some unexpected events coincide and jumping to the same bit of code when a SPECIFIC packet arrives.

Re:Not a buffer overflow?

[godzillion]

Including a remote file deletion in the protocol is only part of the problem, though, and that's obviously intentional. The really dangerous part is that you can tell a remote computer to delete a file on a relative path including "../../../", wiping out (unshared) files from the arbitrary directories on the machine.

Sounds to me more like somebody forgot to check for "." at the beginning of the deletion path. If you can delete arbitrary files in this way, it would seem likely that you can retrieve arbitrary (not intentionally shared) files, too.

Re:BAH! THIS IS JUST FUD

[I8TheWorm]

Um.... $2.00 doesn't cover the hardware costs of producing a professional cd. If your requests are unresonable, don't be surprised when they're not met.

On the other side of that, $16-20 is unreasonable. $10 would be fair, I think. Considering the hours spent in the studio recording, AFM scale per musician per song being $50 (and that's for low grade musicians), the cost of a decent engineer, cost of using a decent studio (that's not cheap), mastering costs... Then you've got to either spend $$ on an expensive fast cd dup'er, or pay someone to burn 10,000 cd's in a week, artwork for the j-page, printing of the j-page, cd cases, shringwrapping, a UPC, distribution, etc....

Do you honestly think all of that can be done for $2.00 per? Get real.

Re:Stupid stupid people.

[dcphoenix]

Well, you know what Sun-Tsu said about knowing yourself and your enemies ( he who knows both is assured a victory ).

In a computer's case, it's knowing as much about the program you're about to install as you can and monitoring your computer to see what's going on with it. That way, malware stands a smaller chance of screwing with your system.

Re:Let's be logical about it

[Lochin+Rabbar]

Stealing a book from a library == theft.

Photocopying the same book ==copyright infringement != theft.

Burning the book == damage.

See how simple logic is when you're not trolling

I was suspicious

[techsoldaten]

I was suspicious of this project from the beginning. The way they market their product, promising immediate access to copyrighted items, was just too rosy and would leave any company wide open for litigation. This passage in the announcement pretty much sums up my take on the whole affair:

"The question then is 'why did they do it?' I'm sure they won't tell us, but here's a theory: They could be working for the RIAA, MPAA, or a similar organization. Once they have enough users on their ES5 network, they would start deleting all copyrighted files they own which their users are sharing. The users wouldn't know what hit them."

Can anyone come up with a plausible scenario where a P2P company would release software that destroys a computer, if it is not connected somehow to these groups?

Called it.

[72beetle]

Told ya.

-72

Re:Called it.

How did you call it? Looks to me like you just replied to someone who sort of called it.

A bit tired of this argument...

[quacking+duck]

While I agree with the principle behind this argument, this is like saying you'll never get behind the wheel of a car unless you bought all the parts yourself and built it yourself based on freely available plans.

After all, there's probably a GPS tracking system, data recorders that records the times when you're over the speed limit, and other potentially privacy-compromising system hidden in any car you buy.

Do you trust the drinking water coming through your pipes? What, you filter it first? OK, have you bothered to take the filter apart yourself to verify its components work as advertised or do you accept that government regulations will keep them from selling a defective product?

Consider Joe Average. Give him an open source program--he has to trust that you personally went through the code and verified it's clean, or that a bunch of unknowns on the net verified it. He sure as hell isn't going to go through all the code and compile it himself. And do you yourself trust that C compiler? There's that theory about how the original C compiler could have a backdoor put in, and every subsequent C compiler or program compiled could have a backdoor built into it during compile time.

In truth you can't trust ANYTHING you don't make yourself. But it's not practical to make everything yourself because of time constraints or inexperience, so at some point everyone has to put their trust in some system they didn't make themselves. And yes, sometimes that trust is violated, like tires that blow apart for no reason or the water is tainted with e-coli. But in the real world most people can't afford to distrust absolutely everything and still live a real life. Neither can most people who have a computer.

Like I said, I agree with the principle. But this is the real world, and many personal, idealized principles just don't play into it.

Re:A bit tired of this argument...

[pirhana]

Let me clarify my point. Have you ever heard of any back doors in any open source software ? very less(if at all any). Now, have you heard of any back doors in commercial softwares ? Many. Just compare the P2P applications itself. Many of the closed source ones were alleged to have spywayre, backdoors etc(Kazaa and now this one for example). Was there a single case of such incident in open source alternatives ? I dont think so. So my point is that, the chance to find a back door in an open source software is close to zero. But thats not the case in closed source ones. Untill and unless proven otherwise by incidents, this argument will remain valid. I will not say that open source software is panacea or anything like that . But they are inherently more OPEN and transparant. In closed source software , you are trusting a SINGLE company which is not a good idea IMHO.

Re:Oh God not again...

[salesgeek]

Anyways, I've now said EVERY SINGLE THING every partisan in this argument has ever said and will ever say, so you can all just STFU.

Because of what the implecations of the actions 5000 years ago that let to the current state of injustice, future attrocities 9 and 11 will be committed in anticipation of attrocity 8. And the other side will preemptivly perform attrocity 13 to prevent numbers 9 and 10, but in doing so will actually guarantee that numbers 9 and 10 occur.

Seriously: these people would do well to accept reality as it is, and start building their lives. Get rid of the leaders on both sides that are so hell bent on holding thier breath the longest. Exhale and get on with your lives. You only have so many years on earth, so why spend the rest of it fighting over things you have NO CONTROL OVER, DID NOT START AND REALISTICALLY CANNOT FINISH WITHOUT IT ENDING IN YET ANOTHER POMGROM? Neither side has the will or ability to kill off the other, and the world will not let that happen right now.

On topic

[edxwelch]

When the origional Earthstation slashdot story came out, it ws claimed that this software had more movies and software than any other p2p system and was more secure.
I posted what was one of the few on topic posts, and asked if anyone had actually used this program and if it was any good.
Some kind slashdotter responded that it was very buggy and already installed many viruses on his PC and on that note I gave it a wide berth.
Meanwhile everyone else in the discussion was totally engrossed in the Isreali - Palestinian flamewar and seemingly forgot what the origonal story was about.
The moral of this all is:
Well, stay on topic and you might learn something, but then again, fuck it, a good flamewar is always fun too!