dslreports logo
 story category
Trojan P2P
'Earthstation 5' contains malicious code?

The makers of one of the newer 'stealth' p2p applications, dubbed Earthstation 5, are being accused of including malicious code in their application. We spoke briefly on Earthstation 5 earlier this year. Developed by Palestinian coders who operate from the Jenin (Palestine) refugee camp, the makers proudly proclaimed they were out of the range of the RIAA's lawyers. The application was one of several new p2p clients designed with a limited degree of 'stealth' protection from RIAA subpoenas in mind; the developers proclaiming it was one of the most secure p2p applications around.

Now accusations have surfaced that the client contains some intentionally included malicious code. Conspiracy theories abound, including that the company was an RIAA front; among other so far unfounded suggestions that the move held political motivation. Others argue the warning is the work of the RIAA itself. The developers have apparently offered up a new installer sans foul code, but the question remains why it existed in the first place. Members of our Filesharing forum offer up their own opinions on the rumor.
view:
topics flat nest 
page: 1 · 2 · next

Techie2000
In Vertigo
Premium Member
join:2001-12-05

Techie2000

Premium Member

Not surprised

It was bound to happen sooner or later. Companies were already bundling spyware with their P2P apps, now they want to be 1337 h4X0rz too...

ctceo
Premium Member
join:2001-04-26
South Bend, IN

ctceo

Premium Member

Re: Not surprised

By the way, what do 1,337 h4X0rz have to do with it? {grin}

or is that an address: 1337 h4H0rz Street.

Marilla9
I Am My Own Arbiter
Premium Member
join:2002-12-06
Belpre, OH

Marilla9

Premium Member

Re: Not surprised

said by ctceo:
By the way, what do 1,337 h4X0rz have to do with it? {grin}

or is that an address: 1337 h4H0rz Street.
LMAO!!!!

Techie2000
In Vertigo
Premium Member
join:2001-12-05

Techie2000 to ctceo

Premium Member

to ctceo
said by ctceo:
By the way, what do 1,337 h4X0rz have to do with it? {grin}

or is that an address: 1337 h4H0rz Street.
1,337 h4X0rz at 1,337 typerwriters can't be wrong
crackwhore0
join:2003-10-03
Gainesville, GA

crackwhore0 to Techie2000

Member

to Techie2000

How about Filetopia?

I used to use Filetopia, until I found thousands of spam email coming from my PC. Apparently the chat rooms associated with the software providers have back door also, probably through the ICQ channel. If someone can verify this, I'd appreciate it!

SRFireside
join:2001-01-19
Houston, TX

SRFireside to Techie2000

Member

to Techie2000

Re: Not surprised

Okay call me a noob (er... n0013), but out of all the script kiddie talk I could never figure out 1337. Can someone fill an amateur in?

Techie2000
In Vertigo
Premium Member
join:2001-12-05

Techie2000

Premium Member

Re: Not surprised

1=l
3=e
7=t

1337=leet

leet is an abbreviated forum of "elite"

SRFireside
join:2001-01-19
Houston, TX

SRFireside

Member

Re: Not surprised

Ah... now it makes sense. Never knew hacker shorthand (leet = elite).

flarn
No Logic Left
join:2001-02-10
North Richland Hills, TX

1 recommendation

flarn

Member

Re: Not surprised

»www.google.com/intl/xx-hacker/

check that out then

ctceo
Premium Member
join:2001-04-26
South Bend, IN

ctceo

Premium Member

Re: Not surprised

I wonder if hackereze will be added to google as a translate option?

BulldogXTRM
BulldogXTRM
Premium Member
join:2001-09-28
Gonzales, LA

BulldogXTRM to flarn

Premium Member

to flarn
HAhahahahhahaha!!!

Never knew that existed.
vlad7
join:2002-12-30

vlad7

Member

seems to be true

the creators of ES5 don't say anything about it after 1 day. btw I never installed that crap.

tmdrake
join:2001-12-12
Rancho Palos Verdes, CA

tmdrake

Member

Re: seems to be true

said by vlad7:
the creators of ES5 don't say anything about it after 1 day. btw I never installed that crap.

so thats why my friends computer complained about missing boot.ini

wheelzoff
join:2001-02-14
Irving, TX

wheelzoff

Member

Already fixed.......

They already replaced the installer on the site, with the malicious code removed and they claim there is no longer a problem, but the fact it was there anyway IS the problem.

Omega
Premium Member
join:2002-07-30
Golden, CO

Omega

Premium Member

Re: Already fixed.......

I never installed it.

Now I never will. It looked to be promising, but I will not install it into my computer now.

SuperJudge
Raiden Wins
Premium Member
join:2002-11-14
Atlanta, GA

SuperJudge to wheelzoff

Premium Member

to wheelzoff
said by wheelzoff:
They already replaced the installer on the site, with the malicious code removed and they claim there is no longer a problem, but the fact it was there anyway IS the problem.

They'll take out the malicious code, but leave a loophole that will allow them to just upload a trojan remotely, and you're still hit.

purplejello
join:2001-08-23
Reno, NV

purplejello

Member

Poisoned

Ahh, well let's conduct a thought experiment.

Your lock company decides that all of the locks it produces will be unlockable by a skeleton key, copies of which are given to the CEO and his friends.

The public finds out, becomes outraged, and the locks are replaced without this security flaw.

You would never buy from that company again. And by 'you', I mean 'the entire populace'. What is different about this situation? They've effectively lost the trust (permanently) of their potential user base.

ChrisDAT
djSpinnerCee
join:2002-02-26
Hollis, NY

ChrisDAT

Member

Don't sleep on the RIAA...

They have the deep pockets to outright buyout smaller, less known p2p players for the sole purpose of droppin dime on the users... Remember, they have to be able to "get" however many copyrighted works from an offender. If you're dialed up, that could take months, and if you only stay online long enough to get what you want (regardless of your connection type/speed), you're virtually untouchable... The goal of the RIAA is to halt the sharing of their protected works, either by litigation, or by otherwise making it "dangerous" to be assiciated with p2p in general...

I make sure I pay attention to what is happening... wholesale downloading will get an ip [or ISP] banned, as will accelerators and other, seemingly automation driven attempts at "lifting" stuff....

BeWare... Big brother is on the prowl, and the list is in the open. cjw

shans001
join:2000-08-13
Chesapeake, VA

shans001

Member

Re: Don't sleep on the RIAA...

The thing that has me worried is it is possible for the RIAA to do something like this. However, considering the current methods used, the RIAA would probably launch a P2P just to log users and IP's. They can already subpoena records from ISP's which I think is crazy. I think having this digital record would be more important then removing the files off a hard drive via a trojan.

LordMalak
join:2003-07-02
Brazil

LordMalak

Member

Are we suposed to trust Palestinian software??

Sorry, but I have a problem using software made in countries that are hostile to the United States, or are involved in some kind of religious/political conflict with us.

Here we have a Palestinian software that puts trojans in US computers. Now the Palestinians are eternally at war with Israel, which seems to be in bed with Washington. If this is not Yasser Arafat's last attempt to attack the United States, I don't know what is.

dmd8605
join:2001-12-13
West Milton, OH

1 recommendation

dmd8605

Member

Re: Are we suposed to trust Palestinian software??

I think your tin foil hat is a little bit tight.

footballdude
Premium Member
join:2002-08-13
Imperial, MO

1 recommendation

footballdude

Premium Member

Re: Are we suposed to trust Palestinian software??

Remember all of the Palestinians dancing in the streets when they heard about the World Trade Center attack? Have you noticed all of the Palestinians blowing themselves up lately? Why is it so hard to think that some of them might have tried to strike at American computers? I haven't seen any evidence of that but I certainly wouldn't think of it as a wacko conspiracy theory, either.

morbo
Complete Your Transaction
join:2002-01-22
00000

morbo

Member

Re: Are we suposed to trust Palestinian software??

said by footballdude:
wacko conspiracy theory
sounds about right.
Plldwnyrpnts
join:2003-04-19
Chicago, IL

Plldwnyrpnts

Member

Re: Are we suposed to trust Palestinian software??

I never installed it because of where it came from. Sounded promising but too scary at the same time.

Conspiracy theory??? Maybe. Maybe not. Who cares now...

SomeoneElse
@207.139.x.x

SomeoneElse

Anon

Re: Are we suposed to trust Palestinian software??

Are we supposed to trust American software, full of spyware and full of security breach?

Yowzaaah
Ours Go To Eleven
join:2000-12-14
DamnFlat, OH

Yowzaaah

Member

Re: Are we suposed to trust Palestinian software??

Oh yes, and please ...... do tell me, what has Quebec EVER made or contributed to the world? Remember, making the British and Anglo-Canadians angry doesn't actually count as "making" something.

Try being grateful that America and her dominance has protected Canada for the last century. Those riding coat-tails have no right to complain about the view.

SRFireside
join:2001-01-19
Houston, TX

SRFireside

Member

Re: Are we suposed to trust Palestinian software??

said by Yowzaaah:
Oh yes, and please ...... do tell me, what has Quebec EVER made or contributed to the world?
-John Candy
-Jim Carrey
-Rick Moranis
-The Kids in the Hall
-Rush
-Brian Adams
-Alanis Morrisette
-Celine Dion (benefit or bane? you decide)
-Martin Short
-Gravy on french fries
-Backbacon
-Flannel shirts
-Terrence and Phillip (according to South Park)
-Legal gambling less than 20 minutes away from Detroit
-Cheap on-location shots for various television shows
-Wacky and often in the U.S.'s favor exchange rate
-Identification of asthma being a bronchile disease
-Insulin
-The pacemaker
-The zipper
-Hockey

I think Canada has contributed a fair amount. As far as Quebec is concerned you got me, but since they are a part of Canada I might as well roll the whole stogie together since such discussions tend to be about a nation and not a single province in that nation. It would be like picking on Montana and asking what they have contributed to the world.

Yowzaaah
Ours Go To Eleven
join:2000-12-14
DamnFlat, OH

Yowzaaah

Member

Re: Are we suposed to trust Palestinian software??

Quebecois (my keyboard won't make the proper accents) most certainly do not consider themselves to be actual Canadians. They fancy themselves displaced Europeans or rather a chunk of France that somehow found itself in a sea of unwashed anglos. BTW, I'm all for invading Canada

SRFireside
join:2001-01-19
Houston, TX

SRFireside

Member

Re: Are we suposed to trust Palestinian software??

Ahh... Canadian Bacon.... classic movie making.

I call 'em Quebecoids myself. And if I were you I would invade them first. Since they cling to their French heritage maybe they will surrender fast.
Chair5
join:2002-04-08
San Francisco, CA

Chair5 to Yowzaaah

Member

to Yowzaaah
Americans do have big mouths huh? You do realize that the world is not centered around AMERICANS, even though I am one myself.. We should just invade you..

TheChosenOne2
I Will Bring Balance
join:2003-08-17
Deep River, CT

TheChosenOne2

Member

Re: Are we suposed to trust Palestinian software??

We don't want bleeding heart left-wing liberals like you in this country. Pick up and move to France with all the other frogs who roll over for Saddam.

Yowzaaah
Ours Go To Eleven
join:2000-12-14
DamnFlat, OH

1 recommendation

Yowzaaah to Chair5

Member

to Chair5
Au contraire mon ami! The world DOES in fact revolve around the USA. Our culture and ideals have taken over nearly every corner of the world. Our economy is HUGE, no other country on this earth can hope to thrive without us. Compare North and South Korea.... The South are our friends, the North are our enemies. The south sells us cars and electronics and they enjoy a wonderful standard of living, the north sells us nothing and they eat straw and/or starve without heat or electricity.

WE ARE ROME, although, unlike Rome we don't pratice genocide to make our point. And I'm not talking mamby pamby PC speak genocide where you blabber on about the hegemony of fast food culture being "genocide"
in developing cultures, I'm talking about sending in a fews legion of centurians to kill every man woman and child in a country or region and leave the bodies our to rot as a reminder to anyone else who thinks it would be smart to challenge Rome's will. No we "rule the world" with free trade, allowing friendly countries access to our markets and money, thereby bringing increases to their standard of living along the way (again, look at South Korea). We are such horrible people....so arrogant...so self righteous...blah blah blah. Get your head out of your ass and FOR ONCE be proud at what your country has accomplished.

Got news for ya sparky, the world could do much worse than to have us as it's "master". Just think of say.... oh .... I don't know... Adolph Hitler. Had the maniacal ridgeling (yes it's true he had one nut) been left to conquer the world unchecked due to the self loathing isolationism of people like yourself, I'm sure the nazi's wouldn't have been arrogant in how they ran things. They would have been most polite about killing your whole family in retaliation for you having voiced your displeasure with your country.

In short, it's easy to be a Bohemian "free thinker" and condemn your country, hey anarchy is fun...I've had a blast with it from time to time, but the real world is ugly, violent and, frankly, jealous of us. If being here and experiencing the peace and prosperity that our arrogant big mouths (and hundred trillion dollar economy) have brought to you trouble you so much, the only intellectually honest thing to do is leave and join the oppressed masses in the rest of the world. Renounce your citizenship and fight against US dominance. Don't expect many people to join your cause however, bitching about the US is common sport, but it is just that. Come Monday morning when it's time to buy and sell, the US market is right in the middle or their daily lives, hopes and dreams.

Da22in
Buck Fush
join:2002-06-10
Charlotte, NC

Da22in to SRFireside

Member

to SRFireside
Quebec, full of snobby french-speaking people who are too good to be part of Canada. They should be annexed by France, would serve them proper. heh

SRFireside
join:2001-01-19
Houston, TX

SRFireside

Member

Re: Are we suposed to trust Palestinian software??

Weird Al Yankovic has a song on his new album called Genius in France. Funny stuff. Recommended listening for you and Yowzaah.

Lyric sample: I couldn't pour water out of a boot if the instructions were on the heel. But I'm a genius in France. (yeah) Genius in France
PolarBearWY
join:2002-02-20
Laramie, WY

PolarBearWY to footballdude

Member

to footballdude
said by footballdude:
Remember all of the Palestinians dancing in the streets when they heard about the World Trade Center attack? Have you noticed all of the Palestinians blowing themselves up lately? Why is it so hard to think that some of them might have tried to strike at American computers? I haven't seen any evidence of that but I certainly wouldn't think of it as a wacko conspiracy theory, either.
Tough to call. Sounds like a good way into the homes and businesses of so many Americans, but these people blow themselves up in hopes of killing one or two innocent bi-standers. Can these idiots really work computers?

•••

keith2468
Premium Member
join:2001-02-03
Winnipeg, MB

1 recommendation

keith2468 to LordMalak

Premium Member

to LordMalak
Are you suggesting that people in other countries boycott US vendors and services when their countries are involved in some kind of relgious or political conflict with the USA?

The USA is a big powerful country and it is or has been in some kind of conflict with just about every country in the world, usually involving broken trade treaties, but sometimes involving political interference in domestic elections, giving weapons to "rebel" groups (aka terrorists). I'm sure a political scientist or historian could give a longer more detailed list.

And talk about spyware or defective software.

Home of Microsoft, Gator, etc., etc.

Let us hope, for the sake of the US software and hardware industry, that people in other countries are not so quick to blame the whole country for the actions of a few companies.

"Do unto others as you would have others do unto you."

theblonde07
Premium Member
join:2002-04-28
Piney Creek, NC

theblonde07 to LordMalak

Premium Member

to LordMalak
OK......help........ I installed this program. I thought that with the discussion on here concerning it.....that it would be safe. I ran the uninstall and am running spybot now. What else should I do?

keith2468
Premium Member
join:2001-02-03
Winnipeg, MB

keith2468 to LordMalak

Premium Member

to LordMalak
That is probably sufficient Kenita. You should watch the discussion of the people who say they found the exploit to see if they recommend more.

reub2000
Premium Member
join:2001-12-28
Evanston, IL

reub2000

Premium Member

We'll be hearing about this from the RIAA.

It wouldn't suprise me if the RIAA uses this as an excuse to get rid of p2p. They've already used p2ps abilty to share files on your hard drive against p2p.

••••

Wolverine2
It Wasn't Me
Premium Member
join:2001-01-30
Wilton, CA

Wolverine2

Premium Member

Hmm, nothing catchy comes to mind

How about this, the RIAA is involved in the malcious code included within the p2p software. They of course dont admit this, having the software made by a palestinian company benefits the RIAA, because now the government could use some portion of the patriot act to disallow the use of p2p programs because they could represent a threat to national security. Far fetched . Wouldn't it be a brilliant plan though .

•••

devrandom
I got a pot, full of random stuff here
Premium Member
join:2003-06-28

devrandom

Premium Member

ESV5 never really caught on anyway

Of all the people that I know that use filesharing services often and heavily (Hi guys, hows it going at the universities?) they have all abandoned ESV5.

It was a piece of crap softawre in the beginning anyway. It loaded slow, the interface was all wacko, downloading files wasn't a breeze and encryption? Forget it.

I don't know about anybody else, but from what i've seen, ESV5 never really caught on.

ctceo
Premium Member
join:2001-04-26
South Bend, IN

ctceo

Premium Member

LOL

They just probably wanted to see how many suckers would fall for it.
tdkyo
join:2002-12-07
Rochester, NY

tdkyo

Member

zeropaid.com should get shot

I seriously think that we should flame all the users in zeropaid.com who flamed other users that ES5 is not a spyware/trojan by the RIAA. Now they know they were stupid all along.

••••

aurgathor
join:2002-12-01
Lynnwood, WA

1 recommendation

aurgathor

Member

ok, so it's an exploit

Methinks having the code there, however suspicious that might be, doesn't prove intent. It may very well be an oversight on there part, or the action of a single mischievous programmer. Of course I don't, and probably will never be using ES5, especially after exploits of this caliber.

keith2468
Premium Member
join:2001-02-03
Winnipeg, MB

keith2468

Premium Member

Could it be Kazaa?

Add to the lengthy list of suspects Kazaa.

The file sharing company that sues others for copyright infringement.

ES5_User_6
@70.xx.69.ip.alltel.n

ES5_User_6

Anon

You've got it all wrong

the code is left over from a VERY old build, some was used to control es5 servers, which were in remote locations, and the file erasure was there way or combatting kiddy porn

this was all there intent all along, the code is now gone and all you have to do is get the newest client and walah, exploit gone

if RandomNut or any coder out there wants to confirm it, go right ahead, it was garbage code for internal use only, sorry for the confusion

at-work
@via-christi.org

at-work

Anon

Re: You've got it all wrong

Yeah right. An option to fight kiddy porn huh. SO tell me wise one if this software is so good with privacy who in the blue hell could tell if you were downloading kiddy porn? That exploit may be "gone" but why do you have to open so many ports in your firewall. That is crap I say. You shouldn't have to open any ports to access a proxy server.

RichMark
join:2001-05-10
Morgan Hill, CA

RichMark to ES5_User_6

Member

to ES5_User_6
OK.

I downloaded randomnut's esv bin and source and (after checking it out) I ran it against the latest version of es5. Esv sends it's commands OK but it fails to erase my readme text file I placed in "C:\Program Files\EarthStation5\New Media Files".

This appears to be a non-issue. Has anyone else tried it and got it to erase a file? Anyone at all?

-Rich

ssj4android
Redefining Reality
join:2002-04-14
Wyoming, MI

ssj4android

Member

Bit Torrent

They're the ones who have been DoSing the bit torrent sites? EVIL! WIll anyone use this software now? They better not. But I'm sure there are some people that don't know it has / is a trojan. I don't trust it.
crackwhore0
join:2003-10-03
Gainesville, GA

crackwhore0

Member

Re: Bit Torrent

How about Tesla and Filetopia, they appear to have backdoors also??

mustang03282
join:2003-01-10
Bridgeton, NJ

mustang03282

Member

Re: Bit Torrent

what is the big difference between this and msblast except from the countrys they come from

Rejected One
I Suffer From Id10t Errors
Premium Member
join:2003-07-31
Wilmington, DE

Rejected One

Premium Member

The Truth...

Every software has flaws weather it be malicious code or an over sight on the programmers part or a backdoor whatever the case may be no software is safe this shouldn't surprise anyone. nothing is 100% anything it claims. there will always be someone out there looking for a way to exploit exsisting software or making their own to exploit. so it really shouldn't be any surprise someone has a software out there with a virus/trojan. just my .005 cents

bottom line no one should be surprised just a lil smarter now to know what to remove.

Wills9
join:2001-01-03
Port Charlotte, FL

Wills9

Member

Catchy Title

And we trusted software from a refugee camp why?

Thrawn2
Grand Admiral Thrawn
Premium Member
join:2001-04-09
Davenport, IA

Thrawn2

Premium Member

HAHA soo true

Why in the world would we trust the very people who hate us. Im surpirsed the computers didnt just say BURN america burn then turn off.

whizkid3
MVM
join:2002-02-21
Queens, NY

whizkid3

MVM

Palestinian hatred and software

As much as I despise the Palestinian terrorists, I am troubled to see that so many of you instantly assume that because a coder is from Palestine, that he/she is automatically a terrorist, and was dancing in the street after 9-11. This is blatant stereotyping and is just plain wrong.

Should a coder be automatically hated, based on the country he/she is from? This is how the terrorists themselves think, and part of the reason it is so difficult to break the cycle of Palestinian/Israeli hatred.

Has anyone though that possible the person(s) who coded this filesharing application might just possibly be some productive person(s) one who is trying to stay out of trouble, away from the violence, and providing for a future, and perhaps a few bucks?

Or do you really think that this person(s) codes in their spare time, in between building bombs and loading AK-47s?

While I love conspiracy theories, it is more likely that adding the 'back-door' to this application, was more a matter of simple foolishness, not realizing the marketing damage it would create. The organization that created this app, is obviously not staffed by Stanford and MIT educated professionals.
espionage007
join:2003-06-14
Herndon, VA

espionage007

Member

Re: Palestinian hatred and software

Hot Damn.....you know what whizkid3, what you just said makes a lot of sense. (now if I can only make an applauding smiley)

TheChosenOne2
I Will Bring Balance
join:2003-08-17
Deep River, CT

TheChosenOne2 to whizkid3

Member

to whizkid3

[text was edited by author 2003-10-05 16:36:13]
CablePower
Tmd
join:2003-08-29
Milton, FL

CablePower

Member

It's all fake

Use ES5. It's perfectly safe.

TheChosenOne2
I Will Bring Balance
join:2003-08-17
Deep River, CT

TheChosenOne2

Member

Re: It's all fake


[text was edited by author 2003-10-05 16:35:57]
page: 1 · 2 · next