Slashdot Mirror
Earthstation 5 Claimed to be Malware
Rob from RPI writes "You may remember the announcement about a company, or program, or both called Earthstation 5 who recently 'Declared War' on the MPAA. Well guess what? Turns out that it's got code in it that allows anyone to delete any file on your computer. I suggest that you un-install as soon as possible!"
Because the link is on geocities it's sure to be
Don't trust code from sources you don't know. I only provide these for the inevitable geocities
Just goes to show you can't trust anyone but the RIAA for f'air and balanced info-warfare:)
Whats worse the RIAA/MPAA or people trying to get on our good sides then backstabbing us?
Really, I mean it. From looking at their web site one would have thought they were totally legitimate!
Now they can delete all those movies from your hard disk!
It deleted itself.
A P2P service that ACTIVELY PROMOTES piracy? It sounded too good to be true, and it was. All of this wonderful information from some schmoe with an email @yahoo.com? This whole deal is shady, no matter how you look at it.
And in other news when Reuter's contacted Earth Station 5's lead programmer, he had apparently mumbled under his breath.. "its not a bug damnit!, it's a feature"
Wouldn't that be just the cleverest act of terrorism you can think of? Bait the "foreign devils" with all you hate about them and then, BAM!, nuke millions of computers in an instant. Takes more preparation to get off the ground than your garden variety virus or worm but the pay-off is much greater, isn't it? And if I was living in Palestine threat of legal action by some American interest group would be the least of my worries.
Hank! White!
If I had received this in my Inbox, I probably would have ignored it. It's interesting that I'm conditioned (brainwashed?) to ignore this stuff when it's in an email, but when I read it on /. I take it seriously.
What about the terrible GUI? That's the real crime here!
to hear our comments. http://www.earthstation5.com/contact.html
Well, even if these guys are backstabbers (which apparently they are) they've disclosed their methods. And that should allow for a somewhat speedy recoding of a similar program that doesn't include screw_up_my_file(char* filename).
Seriously, it was good theory, but they didn't have anything earthshattering that couldn't be replicated.
I'll be watching for anything more that is discovered about motives. This seems to be the most curious and intriguing part of the story.
Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
This mofos were the ones behind the summer DoS attacks on all the big BT sites, and now this. Gentlemen, start your cracking...
As of this writing, I haven't seen a single follow-up post.
Is it true? I don't know, Is it a hoax? I don't know that either. It has more than a few caveats about using the exploit, that's for sure.
What I do know is that that Geocities site with the exploit code will disappear bandwidth constrained faster than snot. :)
Wait a minute, I thought these guys were anti-MPAA and anti-RIAA, meaning they can only be powerful forces for good!
Arggggghhhhh
Binary world-view is breaking down as we speak...
Stop by my site where I write about ERP systems & more
A bad UPN science fiction series.
Tinfoil hat on . . .
Let's say ES5 is an MPAA/RIAA front to discredit file sharing and harm filesharers.
Now, apparently, ES5 is in Palestine.
What better way to do "double damage" than to not only have a way to attack filesharers, but also to connect it to a location people associate with terrorism?
OK, tinfoil hat off now.
"The Sage treasures Unity and measures all things by it" - Lao Tzu
I'm sure everyone has at least seen one article where they tell you to NEVER install software from a company you've either never heard of, or don't trust. At this point, the internet has been around long enough that most people realize this, especially if you have data on your machine that is so important that you can't risk getting a virus or a trojan (such as this, apparently) on it. Live by the internet, die by the internet. Just because someone claims to be against the RIAA doesn't make them your friend. Just because someone is against SCO, doesn't make them about free software rights. There are such things as self-serving deeds, even if they appear to be good gestures to all.
today is spelling optional day.
Rest assured, brothers, your files have not been deleted; they have been martyred and are currently being serviced by 72 virgins.
Deep Space 9
Babylon 5
The Dagobah System
About a missing file: /home/dnotj/.wine/fake_windows/boot.ini
No more Micro$oft bashing from me. Its like bashing at the special olympics.
I'm curious - how can it be determined without the benefit of source code for ES5 that the exploit isn't just a horrendous oversight instead of a malicious pre-meditated function of the software?
If it is malicious it seems odd that they would make it possible for ANYONE to delete someone elses files through crafted search strings, thus significantly increasing the chance of their nefarious plans being uncovered.
If it were me, and I was secretly working for the RIAA, I'd just code in a simple client/server protocol that the RIAA could use to delete people's files, entirely seperate from the normal operation of the program itself. This would be much harder to identify as malicious code.
Sorry, but this just looks to me like a bad "failure to chroot()" bug and not the big conspiracy theory its purported to be...
Um.... $2.00 doesn't cover the hardware costs of producing a professional cd. If your requests are unresonable, don't be surprised when they're not met.
On the other side of that, $16-20 is unreasonable. $10 would be fair, I think. Considering the hours spent in the studio recording, AFM scale per musician per song being $50 (and that's for low grade musicians), the cost of a decent engineer, cost of using a decent studio (that's not cheap), mastering costs... Then you've got to either spend $$ on an expensive fast cd dup'er, or pay someone to burn 10,000 cd's in a week, artwork for the j-page, printing of the j-page, cd cases, shringwrapping, a UPC, distribution, etc....
Do you honestly think all of that can be done for $2.00 per? Get real.
Saying Android is a family of phones is akin to saying Linux is a family of PCs.
The first place I heard about E5 was on Slashdot, in a sig - I thought about trying it out, but something didn't seem quite right.
Too much flash and cash on the website, and sweeping claims that hadn't made it elsewhere turned me off.
I'm thinking it's the same 'spidey sense' that goes off when I get an email with an evil attachment.
taken! (by Davidleeroth) Thanks Bingo Foo!
Did you know that you can rearrange the letters of "EARTHSTATION FIVE" to spell "RIAA VOTES IN THEFT"?
They're behind the whole thing, I'm telling you.
Link to Zeropaid discussion with the actual code http://www.zeropaid.com/news/articles/auto/1002200 3i.php
2. Once everyone has it, delete all pirated files
3. Profit!
I half wish they'd actually do that - maybe it would incite a full boycott. Though I am happy with the understanding that their sales are declining already.
The only thing more dangerous than a file named -rf is renaming it -rf\ /
www.es5.com is regestered to (get this)
Earthstationv Ltd., A Palestinian Corporation
Jenin refugee camp #23
Jenin (PS)
Rfugee camp? Palestine? Unless they lied on the registration I doubt this is RIAA.
earthstation5.com Back-order this name
Domain EARTHSTATION5.COM
Date Registered: 2/26/2002
Date Modified: 6/13/2002
Expiry Date: 2005-2-26
DNS1: ns1.earthstationv.com
DNS2: ns2.earthstationv.com
Registrant
Earthstationv Ltd, A Palestinian Corporation
Jenin refugee camp #23
Jenin (PS)
NONE
Administrative Contact
EarthstationV Ltd., A Palestinian Corporation
Mr Domain Administrator
Jenin refugee camp #23
Jenin (PS)
NONE
067351065
67351065
ras@earthstationv.com
Technical Contact
EarthstationV Ltd., A Palestinian Corporation
Mr Domain Administrator
Jenin refugee camp #23
Jenin (PS)
NONE
067351065
67351065
ras@earthstationv.com
Registrar: NameScout.com
The difference between stupidity and genius is that genius has its limits.
This is a good example which shows again and again that any closed source is inherently not trustable. When you are installing a proprietory software, you are basically trusting them not to screw you up or put any back door. Nobody has any guaranty that windows or any other closed source software is free of this issue. Safe bet is to stick with open source software exclusively.
http://www.nasirudheen.blogspot/
I heard about this yesterday from a posting by Random Nut (the individual that discovered this exploit as well as earlier security holes in Kazaa) on Zeropaid.com (forum link: http://www.zeropaid.com/bbs/showthread.php?t=15259 ).
3 23)
f =40&t=5645&s=1ec6bf29bb73061ed185cbc3018f04b8) . Registration required to view forums, but it is worth it! The ESV forums are interesting since they make allegations of other site's involvement with the RIAA, MPAA, etc. yet have included a questionable exploit in their own software. These forums are rife with rhetoric and double-talk of Orwellian proportions.
The security exploit is being tested by members of the p2p community and has been shown to be a viable exploit (forum link: http://www.p2pforums.com/viewtopic.php?p=20323#20
The operators of ESV have been slow to directly answer questions regarding this exploit:(http://forums2.es5.com/index.php?act=ST&
People need to stop trashing Earthstation 5. It's a fantastic program, and does exactly as advertised. Plus, it seems to have built-in compression software -- my free disk space has been steadily increasing ever since I installed it!
May we never see th
Scenario 1:
Maybe this is not malicious. Possibly a way to protect people in the event that something bad happens, like all this hyped anonymity and encryption turns out to be trivial to crack. ES5 may have already developed a worm that spreads and exploits this function to delete all shared files on the network, which may be in the users' best interests.
Scenario 2 (aka Conspiracy theory 1):
Orrin Hatch is making good on his promise to destroy the PCs of filesharers around the world, while placing the blame on Palestine.
I like the #2 better, but you decide for yourself :)
Later...
ascii art
You're too right about the price staying where it is. And having been a recording artist, I can say that a run of a brick of CD's (1000) costs about $4 per when you want it to be nice and professional. That's just the material costs. Also, there's a $0.015 (unfairly low.. they haven't had a raise since the 50's) per song fee to songwriters, the artist generally get's close to $1 per cd sold (that's fair I think). The rest goes to the label for all their "hard work."
For expected gold-platinum cd's, $8 is probably fair, but for those that are only selling 1k-10k, that might be a stretch. Of course, you could argue that they should be selling for that, maybe breaking even, just to get their music into the hands of the public, who will pay to see them live.
Saying Android is a family of phones is akin to saying Linux is a family of PCs.
...with their next bandwidth bill:
/dev/null http://download.es5.com/es5us.exe
$ wget -O
Stealing a book from a library == theft.
Photocopying the same book ==copyright infringement != theft.
Burning the book == damage.
See how simple logic is when you're not trolling
I was suspicious of this project from the beginning. The way they market their product, promising immediate access to copyrighted items, was just too rosy and would leave any company wide open for litigation. This passage in the announcement pretty much sums up my take on the whole affair:
"The question then is 'why did they do it?' I'm sure they won't tell us, but here's a theory: They could be working for the RIAA, MPAA, or a similar organization. Once they have enough users on their ES5 network, they would start deleting all copyrighted files they own which their users are sharing. The users wouldn't know what hit them."
Can anyone come up with a plausible scenario where a P2P company would release software that destroys a computer, if it is not connected somehow to these groups?
Told ya.
-72
-Those who dance are considered insane by those who can't hear the music.
Forgive me for even thinking the unthinkable. But please indulge me for a moment. Consider the hypothetical possibility that one of the *AA evil twins might create, build a website for, and promote some "anti-*AA" software. Imagine that it is a trojan horse. You let it into the city gates. It seems to be what you think it is. But at night, out comes the invading army through a secret door.
I'll see your senator, and I'll raise you two judges.
It's obviously just Digital Rights Management code!
After all, there's probably a GPS tracking system, data recorders that records the times when you're over the speed limit, and other potentially privacy-compromising system hidden in any car you buy.
Do you trust the drinking water coming through your pipes? What, you filter it first? OK, have you bothered to take the filter apart yourself to verify its components work as advertised or do you accept that government regulations will keep them from selling a defective product?
Consider Joe Average. Give him an open source program--he has to trust that you personally went through the code and verified it's clean, or that a bunch of unknowns on the net verified it. He sure as hell isn't going to go through all the code and compile it himself. And do you yourself trust that C compiler? There's that theory about how the original C compiler could have a backdoor put in, and every subsequent C compiler or program compiled could have a backdoor built into it during compile time.
In truth you can't trust ANYTHING you don't make yourself. But it's not practical to make everything yourself because of time constraints or inexperience, so at some point everyone has to put their trust in some system they didn't make themselves. And yes, sometimes that trust is violated, like tires that blow apart for no reason or the water is tainted with e-coli. But in the real world most people can't afford to distrust absolutely everything and still live a real life. Neither can most people who have a computer.
Like I said, I agree with the principle. But this is the real world, and many personal, idealized principles just don't play into it.
I thought the MPAA -was- a terrorist outfit.
Are the people here history-challenged, or what? A bigger bunch of baloney has never been posted.
There may have been a territory called "Palestine" for years, but there were no "Palestinians". There are Arabs happening to live in that territory.
WRT the "ethnic cleansing", I note that no evidence is provided. That would indeed be hard, since there cannot be any as none occurred.
I don't get it, how can you fake the WHOIS registry? I thought there was some follow up needed?
Man! All this time I've been putting my real name and address on like a sucker. Which is a pisser, b/c it really bothers me that people can look me up if they find something offensive on my website.
https://www.accountkiller.com/removal-requested
I tried ES5 some time ago to see whether it worked or not.
It was such junk that I uninstalled it without even managing to find a single thing, illegal, legal, whatever.
If the application was designed to get a community and then hurt them, it is a real failure.
What I suspect is that the people behind ES5 really are a bunch of half-mad Russian programmers paid by oil-quaffing Saudis, who actually believe that their application rocks. And they planned to get 15m users, then approach the highest bidder, advertisers or *AA, selling the captured market. The "encryption" stuff is just to make it impossible to reverse-engineer ES5 clients, and the backdoor is just there to up the ante for selling their shit to the *AA.
A poor plan, horribly implemented.
Ceci n'est pas une signature
The *maintainer* of Earthstation V's domain record is fom Israel. I do not know what this signifies.
To see this, go here and click on the mnt-by ("maintained by") link.
Did anyone notice on the delete any file link that the next topic on that board was about the Half Life 2 source code and how it was actually leaked. http://lists.netsys.com/pipermail/full-disclosure/ 2003-October/011338.html
Looks like microsoft's flaws are to blame
Can someone please please PLEASE write a filter that excludes threads that mention the words "Israel" or "Palestine" more than once each?
Here, guys, stop arguing. I'll make all of your arguments for you:
Pro-Palestinian guy: Israel is guilty of $ATROCITY1, $ATROCITY2, and $ATROCITY3
Pro-Israel guy: Surely you're not comparing things like $ATROCITY2 to $ATROCITY4, $ATROCITY5, and $ATROCITY6, which were committed by Palestinians
Pro-Palestinian guy: Oh come on! $ATROCITY6 wasn't nearly as bad as $ATROCITY3! Besides, they only did it because of $ATROCITY3! If Israel had never committed $ATROCITY3 then the Palestinians wouldn't have had to have committed $ATROCITY6!
Pro-Israel guy: but the Israels only committed $ATROCITY3 as a defensive measure because the Palestinians committed $ATROCITY7!
Anyways, I've now said EVERY SINGLE THING every partisan in this argument has ever said and will ever say, so you can all just STFU.
All's true that is mistrusted
This just goes to show that you can not trust closed proprietary code. It is pretty weird that these ES5 guys would come out the way they did with big mouths. Either they work for the RIAA/MPAA or they *wanted* to be a target. I think it is the first one. If you are going to share files, make sure that you
1. Use open source applications only.
2. Share files that you have the legal right to share.
3. If you do share some illegal file, see 1.
There are 1,000's of songs out there that can be legally shared, and there are tens of thousands of files/applications out there that can be legally shared. Share those and dump the RIAA/MPAA all together. There is a good Open Source P2P app out there called giFT. It can connect to OpenFT, Gnutella and Kazza (FastTrack). giFT
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
hey there,
:)
:)
;)
im an israeli.
and to tell you the truth, i was a bit afraid to post any comments last time since i didnt want to get into the heat of the argument.
i just wanted to reveal some details regarding the state of the internet in palestine in an objective manner since i belive the cassual slashdotter might have percieved it wrongfully.
palestine is currently in a semi anarchistic state. which means that most of its people do not have an internet connection at their disposal.
a few years back israel started to provide palestinians with internet services.
we thought that it would do good to open their minds to other world perspectives and international media. we still have no clue regarding the outcome
afaik isps are very limited in palestine and most internet infrastructure is used for academic and government purposes. all internet traffic from palestine passed through israel, im uncertain whether this is true to this day, you can easilly check it.
so yes its our fault such things happen and so im terribly sorry that it is being put into bad use.
i would highly doubt that internet is available at jenin. jenin is a refugee camp in which people are forced to live in sub conditions which means,
its probably one of the last places to have internet in palestine. therefore, i would presume the whois is fake.
if a palestinian indeed wrote that software he would either be:
a. a student in one of the universities.
b. an arab israeli (the 20% of israeli population that live within us in peace which the media never mentions a thing about).
also, ras kabir is a fake name. it means
"big head" which means, the man in charge or someone who likes to take care of business.
and just to ensure you we were not the ones to write it
the israeli p2p app is a hacked version of kazaa lite
(which is a hacked version of kazaa located at
http://www.kazaa.co.il)
although only a low percentage of israeli p2p users actually use it. and it doesnt encourage piracy like es5.
thats pretty much it, im sorry if i hurt anyone
if you have any questions feel free to ask,
just take into mind that im not into starting any flame wars in the proccess.
No, no, no. This is not a sig.
Ack, what could happen worse than a disaster like the WTC towers crashes terrorism?!? (intentionally bad grammar.) Computers control the world today, after all, if we had better computers, the terrorist never would have been able to sneak weapons on the airlines in the first place.
While I'm aware than ES5 doesn't concern government or big business, it could have devistating effects IF it did. Think instead of a business instant messenger. That would be just peachy, so you're running the missle control program and just chillin' with your buds, and someone just deletes the trajectory file! If you were running a sane OS (defined as anything BUT Microjunk), the file would be in system memory, no problem. Of course you can understand the problems this would create on a microjunk platform!
Missile386.exe has caused an illegal function and will be terminated, yeah, fun, real fun.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
When the origional Earthstation slashdot story came out, it ws claimed that this software had more movies and software than any other p2p system and was more secure.
I posted what was one of the few on topic posts, and asked if anyone had actually used this program and if it was any good.
Some kind slashdotter responded that it was very buggy and already installed many viruses on his PC and on that note I gave it a wide berth.
Meanwhile everyone else in the discussion was totally engrossed in the Isreali - Palestinian flamewar and seemingly forgot what the origonal story was about.
The moral of this all is:
Well, stay on topic and you might learn something, but then again, fuck it, a good flamewar is always fun too!