Slashdot Mirror
Earthstation 5 Claimed to be Malware
Rob from RPI writes "You may remember the announcement about a company, or program, or both called Earthstation 5 who recently 'Declared War' on the MPAA. Well guess what? Turns out that it's got code in it that allows anyone to delete any file on your computer. I suggest that you un-install as soon as possible!"
Whats worse the RIAA/MPAA or people trying to get on our good sides then backstabbing us?
If I had received this in my Inbox, I probably would have ignored it. It's interesting that I'm conditioned (brainwashed?) to ignore this stuff when it's in an email, but when I read it on /. I take it seriously.
to hear our comments. http://www.earthstation5.com/contact.html
Well, even if these guys are backstabbers (which apparently they are) they've disclosed their methods. And that should allow for a somewhat speedy recoding of a similar program that doesn't include screw_up_my_file(char* filename).
Seriously, it was good theory, but they didn't have anything earthshattering that couldn't be replicated.
I'll be watching for anything more that is discovered about motives. This seems to be the most curious and intriguing part of the story.
Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
The first place I heard about E5 was on Slashdot, in a sig - I thought about trying it out, but something didn't seem quite right.
Too much flash and cash on the website, and sweeping claims that hadn't made it elsewhere turned me off.
I'm thinking it's the same 'spidey sense' that goes off when I get an email with an evil attachment.
earthstation5.com Back-order this name
Domain EARTHSTATION5.COM
Date Registered: 2/26/2002
Date Modified: 6/13/2002
Expiry Date: 2005-2-26
DNS1: ns1.earthstationv.com
DNS2: ns2.earthstationv.com
Registrant
Earthstationv Ltd, A Palestinian Corporation
Jenin refugee camp #23
Jenin (PS)
NONE
Administrative Contact
EarthstationV Ltd., A Palestinian Corporation
Mr Domain Administrator
Jenin refugee camp #23
Jenin (PS)
NONE
067351065
67351065
ras@earthstationv.com
Technical Contact
EarthstationV Ltd., A Palestinian Corporation
Mr Domain Administrator
Jenin refugee camp #23
Jenin (PS)
NONE
067351065
67351065
ras@earthstationv.com
Registrar: NameScout.com
I think you may be right; this whole thing does seem a little fishy here. I myself used earthstation5 for a couple of days but deleted it after I got feed up with the slow transfer speeds and terrible interface. I have serious doubts that there are 15 million people (where do they get their numbers? - this is supposed to be completely decentralized program, with no severs)) that are simultaneously willing to put up with all the BS associated with this particular pile of stinking crap. I have since moved over to eMule and haven't been happier. /.ers) to be shut down. The harder they work to shut them down, the more innovative the software will become to bypass their "blocks" (fake files, DoS on servers, etc.)
In the event that this is legit, it would be used as fodder for the anti-P2P suits at the RIAA and MPAA to use to try and scare people from using P2P software. P2P software is far to integrated into our society (at least with the
The premise for E5 is cool, but the execution is flawed, perhaps some developer would like to put together a program based on the same principals that does suck or hack your box.
Just a thought...
Having worked at a small software company, I'll speculate.
This could have been added as an "internal" feature and forgotten about it. It could have been added by one un-professional programmer, unbeknownst to the rest of the group. It could be in there on purpose, and the team is naive enough to believe it'll never get abused. It could be in there on purpose because they want it there and they don't care about the ramifications. And finally, it could be there because they have plans to use it some day to cause havoc.
My bet is the on one of the first two, but I wouldn't rule out any of them.
You fail to realize something. . . *YOU* might only use your computer for stuff that isn't that critical. . . But others do (granted someone would have to be a complete *idiot* to put something like ESV on a computer that is used for critical stuff, but anyhow. . .). As an example, I (currently - temp job) work at a hospital. If somehow, a terrorist group managed to majorly disrupt the hospital computer systems, it would cause a lot of havoc. Probably no one would die. . . but someone could possibly.
.
Consider this scenario - the computers go out. Someone gets rushed into the emergency room. Doctors aren't able to get medical history for the patient, and inadvertantly administer a drug to which the patient has a fatal alergic reaction. That type of thing. Computers are a lot more important in modern life than a lot of people realize. That was just one example of computer systems serving in critical roles. There are many many others. .
Of course, since the hospital uses a variety of different types of computer systems, not just MS servers and workstations, the hospital becomes much less suseptible to a truly crippling attack. . . because an exploit/virus/worm that attacks MS software isn't gonna bother the mainframes or other servers running non-MS software.
I just get annoyed when I hear a computer attack referred to as an effective terrorist strategy. I certainly could survive if my computer didn't turn on today;
Hey tough guy, could you eat if the trucks supplying your local grocery stores suddenly stopped coming? How about your garbage pickup? I live in Memphis, where we know a thing or two about what happens when the city doesn't collect trash for a couple weeks.
If you could sever a major metropolitan area's communication, and/or screw it up to the point where major city services weren't getting done, you could make the WTC look like a bad day at the office.
Forgive me for even thinking the unthinkable. But please indulge me for a moment. Consider the hypothetical possibility that one of the *AA evil twins might create, build a website for, and promote some "anti-*AA" software. Imagine that it is a trojan horse. You let it into the city gates. It seems to be what you think it is. But at night, out comes the invading army through a secret door.
I'll see your senator, and I'll raise you two judges.
Or maybe this is just a ploy by the RIAA/MPAA to get people to uninstall the software. I realize that code is provided and this is probably legit, but if they see that a "scare" of this type succeeds in getting people to stop using ES5, maybe they'll try something similar with Kazaa, but fake.
There are only 10 kinds of people in this world... those who understand binary and those who don't
Did anyone notice on the delete any file link that the next topic on that board was about the Half Life 2 source code and how it was actually leaked. http://lists.netsys.com/pipermail/full-disclosure/ 2003-October/011338.html
Looks like microsoft's flaws are to blame
hey there,
:)
:)
;)
im an israeli.
and to tell you the truth, i was a bit afraid to post any comments last time since i didnt want to get into the heat of the argument.
i just wanted to reveal some details regarding the state of the internet in palestine in an objective manner since i belive the cassual slashdotter might have percieved it wrongfully.
palestine is currently in a semi anarchistic state. which means that most of its people do not have an internet connection at their disposal.
a few years back israel started to provide palestinians with internet services.
we thought that it would do good to open their minds to other world perspectives and international media. we still have no clue regarding the outcome
afaik isps are very limited in palestine and most internet infrastructure is used for academic and government purposes. all internet traffic from palestine passed through israel, im uncertain whether this is true to this day, you can easilly check it.
so yes its our fault such things happen and so im terribly sorry that it is being put into bad use.
i would highly doubt that internet is available at jenin. jenin is a refugee camp in which people are forced to live in sub conditions which means,
its probably one of the last places to have internet in palestine. therefore, i would presume the whois is fake.
if a palestinian indeed wrote that software he would either be:
a. a student in one of the universities.
b. an arab israeli (the 20% of israeli population that live within us in peace which the media never mentions a thing about).
also, ras kabir is a fake name. it means
"big head" which means, the man in charge or someone who likes to take care of business.
and just to ensure you we were not the ones to write it
the israeli p2p app is a hacked version of kazaa lite
(which is a hacked version of kazaa located at
http://www.kazaa.co.il)
although only a low percentage of israeli p2p users actually use it. and it doesnt encourage piracy like es5.
thats pretty much it, im sorry if i hurt anyone
if you have any questions feel free to ask,
just take into mind that im not into starting any flame wars in the proccess.
Ack, what could happen worse than a disaster like the WTC towers crashes terrorism?!? (intentionally bad grammar.) Computers control the world today, after all, if we had better computers, the terrorist never would have been able to sneak weapons on the airlines in the first place.
While I'm aware than ES5 doesn't concern government or big business, it could have devistating effects IF it did. Think instead of a business instant messenger. That would be just peachy, so you're running the missle control program and just chillin' with your buds, and someone just deletes the trajectory file! If you were running a sane OS (defined as anything BUT Microjunk), the file would be in system memory, no problem. Of course you can understand the problems this would create on a microjunk platform!
Missile386.exe has caused an illegal function and will be terminated, yeah, fun, real fun.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14