Slashdot Mirror

← Back to Stories (view on slashdot.org)

Earthstation 5 Claimed to be Malware

Posted by michael on from the compiled dept.

Rob from RPI writes "You may remember the announcement about a company, or program, or both called Earthstation 5 who recently 'Declared War' on the MPAA. Well guess what? Turns out that it's got code in it that allows anyone to delete any file on your computer. I suggest that you un-install as soon as possible!"

8 of 548 comments (clear)

  1. Well yeah.. by Anonymous Coward · · Score: 5, Insightful

    A P2P service that ACTIVELY PROMOTES piracy? It sounded too good to be true, and it was. All of this wonderful information from some schmoe with an email @yahoo.com? This whole deal is shady, no matter how you look at it.

  2. Tinfoil alarm! by sebi · · Score: 4, Insightful

    Wouldn't that be just the cleverest act of terrorism you can think of? Bait the "foreign devils" with all you hate about them and then, BAM!, nuke millions of computers in an instant. Takes more preparation to get off the ground than your garden variety virus or worm but the pay-off is much greater, isn't it? And if I was living in Palestine threat of legal action by some American interest group would be the least of my worries.

    --
    Hank! White!
    1. Re:Tinfoil alarm! by cybermace5 · · Score: 4, Insightful

      I realize that perhaps, to many of you, computers and the Internet is Life Itself. However, a massive computer mixup is NOT a disaster on the scale of WTC or some other event causing major casualties.

      I just get annoyed when I hear a computer attack referred to as an effective terrorist strategy. I certainly could survive if my computer didn't turn on today; no terror here, just kind of disappointment. Perhaps something like this could be called a "bummer. oh well" attack.

      --
      ...
  3. Battlestations... by finalnight · · Score: 4, Insightful

    This mofos were the ones behind the summer DoS attacks on all the big BT sites, and now this. Gentlemen, start your cracking...

  4. Indulging in paranoid speculation - tinfoil alert by Badgerman · · Score: 5, Insightful

    Tinfoil hat on . . .

    Let's say ES5 is an MPAA/RIAA front to discredit file sharing and harm filesharers.

    Now, apparently, ES5 is in Palestine.

    What better way to do "double damage" than to not only have a way to attack filesharers, but also to connect it to a location people associate with terrorism?

    OK, tinfoil hat off now.

    --
    "The Sage treasures Unity and measures all things by it" - Lao Tzu
  5. If you use a computer by ruiner13 · · Score: 5, Insightful

    I'm sure everyone has at least seen one article where they tell you to NEVER install software from a company you've either never heard of, or don't trust. At this point, the internet has been around long enough that most people realize this, especially if you have data on your machine that is so important that you can't risk getting a virus or a trojan (such as this, apparently) on it. Live by the internet, die by the internet. Just because someone claims to be against the RIAA doesn't make them your friend. Just because someone is against SCO, doesn't make them about free software rights. There are such things as self-serving deeds, even if they appear to be good gestures to all.

    --

    today is spelling optional day.

  6. Not a buffer overflow? by Durzel · · Score: 5, Insightful

    I'm curious - how can it be determined without the benefit of source code for ES5 that the exploit isn't just a horrendous oversight instead of a malicious pre-meditated function of the software?

    If it is malicious it seems odd that they would make it possible for ANYONE to delete someone elses files through crafted search strings, thus significantly increasing the chance of their nefarious plans being uncovered.

    If it were me, and I was secretly working for the RIAA, I'd just code in a simple client/server protocol that the RIAA could use to delete people's files, entirely seperate from the normal operation of the program itself. This would be much harder to identify as malicious code.

    Sorry, but this just looks to me like a bad "failure to chroot()" bug and not the big conspiracy theory its purported to be...

    1. Re:Not a buffer overflow? by Viol8 · · Score: 4, Insightful

      "I'm curious - how can it be determined without the benefit of source code for ES5 that the exploit isn't just a horrendous oversight instead of a malicious pre-meditated function of the software?"

      Even in assembler its not too hard to see when an operation is a bug resulting from jumping to a bit
      of code when some unexpected events coincide and jumping to the same bit of code when a SPECIFIC packet arrives.