Slashdot Mirror
Earthstation 5 Claimed to be Malware
Rob from RPI writes "You may remember the announcement about a company, or program, or both called Earthstation 5 who recently 'Declared War' on the MPAA. Well guess what? Turns out that it's got code in it that allows anyone to delete any file on your computer. I suggest that you un-install as soon as possible!"
Because the link is on geocities it's sure to be
Don't trust code from sources you don't know. I only provide these for the inevitable geocities
Just goes to show you can't trust anyone but the RIAA for f'air and balanced info-warfare:)
Really, I mean it. From looking at their web site one would have thought they were totally legitimate!
It deleted itself.
A P2P service that ACTIVELY PROMOTES piracy? It sounded too good to be true, and it was. All of this wonderful information from some schmoe with an email @yahoo.com? This whole deal is shady, no matter how you look at it.
And in other news when Reuter's contacted Earth Station 5's lead programmer, he had apparently mumbled under his breath.. "its not a bug damnit!, it's a feature"
Wouldn't that be just the cleverest act of terrorism you can think of? Bait the "foreign devils" with all you hate about them and then, BAM!, nuke millions of computers in an instant. Takes more preparation to get off the ground than your garden variety virus or worm but the pay-off is much greater, isn't it? And if I was living in Palestine threat of legal action by some American interest group would be the least of my worries.
Hank! White!
If I had received this in my Inbox, I probably would have ignored it. It's interesting that I'm conditioned (brainwashed?) to ignore this stuff when it's in an email, but when I read it on /. I take it seriously.
What about the terrible GUI? That's the real crime here!
to hear our comments. http://www.earthstation5.com/contact.html
Well, even if these guys are backstabbers (which apparently they are) they've disclosed their methods. And that should allow for a somewhat speedy recoding of a similar program that doesn't include screw_up_my_file(char* filename).
Seriously, it was good theory, but they didn't have anything earthshattering that couldn't be replicated.
I'll be watching for anything more that is discovered about motives. This seems to be the most curious and intriguing part of the story.
Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
This mofos were the ones behind the summer DoS attacks on all the big BT sites, and now this. Gentlemen, start your cracking...
As of this writing, I haven't seen a single follow-up post.
Is it true? I don't know, Is it a hoax? I don't know that either. It has more than a few caveats about using the exploit, that's for sure.
What I do know is that that Geocities site with the exploit code will disappear bandwidth constrained faster than snot. :)
Wait a minute, I thought these guys were anti-MPAA and anti-RIAA, meaning they can only be powerful forces for good!
Arggggghhhhh
Binary world-view is breaking down as we speak...
Stop by my site where I write about ERP systems & more
A bad UPN science fiction series.
Tinfoil hat on . . .
Let's say ES5 is an MPAA/RIAA front to discredit file sharing and harm filesharers.
Now, apparently, ES5 is in Palestine.
What better way to do "double damage" than to not only have a way to attack filesharers, but also to connect it to a location people associate with terrorism?
OK, tinfoil hat off now.
"The Sage treasures Unity and measures all things by it" - Lao Tzu
I'm sure everyone has at least seen one article where they tell you to NEVER install software from a company you've either never heard of, or don't trust. At this point, the internet has been around long enough that most people realize this, especially if you have data on your machine that is so important that you can't risk getting a virus or a trojan (such as this, apparently) on it. Live by the internet, die by the internet. Just because someone claims to be against the RIAA doesn't make them your friend. Just because someone is against SCO, doesn't make them about free software rights. There are such things as self-serving deeds, even if they appear to be good gestures to all.
today is spelling optional day.
Rest assured, brothers, your files have not been deleted; they have been martyred and are currently being serviced by 72 virgins.
Deep Space 9
Babylon 5
The Dagobah System
I'm curious - how can it be determined without the benefit of source code for ES5 that the exploit isn't just a horrendous oversight instead of a malicious pre-meditated function of the software?
If it is malicious it seems odd that they would make it possible for ANYONE to delete someone elses files through crafted search strings, thus significantly increasing the chance of their nefarious plans being uncovered.
If it were me, and I was secretly working for the RIAA, I'd just code in a simple client/server protocol that the RIAA could use to delete people's files, entirely seperate from the normal operation of the program itself. This would be much harder to identify as malicious code.
Sorry, but this just looks to me like a bad "failure to chroot()" bug and not the big conspiracy theory its purported to be...
The first place I heard about E5 was on Slashdot, in a sig - I thought about trying it out, but something didn't seem quite right.
Too much flash and cash on the website, and sweeping claims that hadn't made it elsewhere turned me off.
I'm thinking it's the same 'spidey sense' that goes off when I get an email with an evil attachment.
taken! (by Davidleeroth) Thanks Bingo Foo!
Did you know that you can rearrange the letters of "EARTHSTATION FIVE" to spell "RIAA VOTES IN THEFT"?
They're behind the whole thing, I'm telling you.
Link to Zeropaid discussion with the actual code http://www.zeropaid.com/news/articles/auto/1002200 3i.php
earthstation5.com Back-order this name
Domain EARTHSTATION5.COM
Date Registered: 2/26/2002
Date Modified: 6/13/2002
Expiry Date: 2005-2-26
DNS1: ns1.earthstationv.com
DNS2: ns2.earthstationv.com
Registrant
Earthstationv Ltd, A Palestinian Corporation
Jenin refugee camp #23
Jenin (PS)
NONE
Administrative Contact
EarthstationV Ltd., A Palestinian Corporation
Mr Domain Administrator
Jenin refugee camp #23
Jenin (PS)
NONE
067351065
67351065
ras@earthstationv.com
Technical Contact
EarthstationV Ltd., A Palestinian Corporation
Mr Domain Administrator
Jenin refugee camp #23
Jenin (PS)
NONE
067351065
67351065
ras@earthstationv.com
Registrar: NameScout.com
I heard about this yesterday from a posting by Random Nut (the individual that discovered this exploit as well as earlier security holes in Kazaa) on Zeropaid.com (forum link: http://www.zeropaid.com/bbs/showthread.php?t=15259 ).
3 23)
f =40&t=5645&s=1ec6bf29bb73061ed185cbc3018f04b8) . Registration required to view forums, but it is worth it! The ESV forums are interesting since they make allegations of other site's involvement with the RIAA, MPAA, etc. yet have included a questionable exploit in their own software. These forums are rife with rhetoric and double-talk of Orwellian proportions.
The security exploit is being tested by members of the p2p community and has been shown to be a viable exploit (forum link: http://www.p2pforums.com/viewtopic.php?p=20323#20
The operators of ESV have been slow to directly answer questions regarding this exploit:(http://forums2.es5.com/index.php?act=ST&
People need to stop trashing Earthstation 5. It's a fantastic program, and does exactly as advertised. Plus, it seems to have built-in compression software -- my free disk space has been steadily increasing ever since I installed it!
May we never see th
...with their next bandwidth bill:
/dev/null http://download.es5.com/es5us.exe
$ wget -O
Stealing a book from a library == theft.
Photocopying the same book ==copyright infringement != theft.
Burning the book == damage.
See how simple logic is when you're not trolling
I was suspicious of this project from the beginning. The way they market their product, promising immediate access to copyrighted items, was just too rosy and would leave any company wide open for litigation. This passage in the announcement pretty much sums up my take on the whole affair:
"The question then is 'why did they do it?' I'm sure they won't tell us, but here's a theory: They could be working for the RIAA, MPAA, or a similar organization. Once they have enough users on their ES5 network, they would start deleting all copyrighted files they own which their users are sharing. The users wouldn't know what hit them."
Can anyone come up with a plausible scenario where a P2P company would release software that destroys a computer, if it is not connected somehow to these groups?
Told ya.
-72
-Those who dance are considered insane by those who can't hear the music.
The *maintainer* of Earthstation V's domain record is fom Israel. I do not know what this signifies.
To see this, go here and click on the mnt-by ("maintained by") link.
Let me clarify my point. Have you ever heard of any back doors in any open source software ? very less(if at all any). Now, have you heard of any back doors in commercial softwares ? Many. Just compare the P2P applications itself. Many of the closed source ones were alleged to have spywayre, backdoors etc(Kazaa and now this one for example). Was there a single case of such incident in open source alternatives ? I dont think so. So my point is that, the chance to find a back door in an open source software is close to zero. But thats not the case in closed source ones. Untill and unless proven otherwise by incidents, this argument will remain valid. I will not say that open source software is panacea or anything like that . But they are inherently more OPEN and transparant. In closed source software , you are trusting a SINGLE company which is not a good idea IMHO.
http://www.nasirudheen.blogspot/
Can someone please please PLEASE write a filter that excludes threads that mention the words "Israel" or "Palestine" more than once each?
Here, guys, stop arguing. I'll make all of your arguments for you:
Pro-Palestinian guy: Israel is guilty of $ATROCITY1, $ATROCITY2, and $ATROCITY3
Pro-Israel guy: Surely you're not comparing things like $ATROCITY2 to $ATROCITY4, $ATROCITY5, and $ATROCITY6, which were committed by Palestinians
Pro-Palestinian guy: Oh come on! $ATROCITY6 wasn't nearly as bad as $ATROCITY3! Besides, they only did it because of $ATROCITY3! If Israel had never committed $ATROCITY3 then the Palestinians wouldn't have had to have committed $ATROCITY6!
Pro-Israel guy: but the Israels only committed $ATROCITY3 as a defensive measure because the Palestinians committed $ATROCITY7!
Anyways, I've now said EVERY SINGLE THING every partisan in this argument has ever said and will ever say, so you can all just STFU.
All's true that is mistrusted
hey there,
:)
:)
;)
im an israeli.
and to tell you the truth, i was a bit afraid to post any comments last time since i didnt want to get into the heat of the argument.
i just wanted to reveal some details regarding the state of the internet in palestine in an objective manner since i belive the cassual slashdotter might have percieved it wrongfully.
palestine is currently in a semi anarchistic state. which means that most of its people do not have an internet connection at their disposal.
a few years back israel started to provide palestinians with internet services.
we thought that it would do good to open their minds to other world perspectives and international media. we still have no clue regarding the outcome
afaik isps are very limited in palestine and most internet infrastructure is used for academic and government purposes. all internet traffic from palestine passed through israel, im uncertain whether this is true to this day, you can easilly check it.
so yes its our fault such things happen and so im terribly sorry that it is being put into bad use.
i would highly doubt that internet is available at jenin. jenin is a refugee camp in which people are forced to live in sub conditions which means,
its probably one of the last places to have internet in palestine. therefore, i would presume the whois is fake.
if a palestinian indeed wrote that software he would either be:
a. a student in one of the universities.
b. an arab israeli (the 20% of israeli population that live within us in peace which the media never mentions a thing about).
also, ras kabir is a fake name. it means
"big head" which means, the man in charge or someone who likes to take care of business.
and just to ensure you we were not the ones to write it
the israeli p2p app is a hacked version of kazaa lite
(which is a hacked version of kazaa located at
http://www.kazaa.co.il)
although only a low percentage of israeli p2p users actually use it. and it doesnt encourage piracy like es5.
thats pretty much it, im sorry if i hurt anyone
if you have any questions feel free to ask,
just take into mind that im not into starting any flame wars in the proccess.
No, no, no. This is not a sig.