Malware in ES5?
According to a post on the Full Disclosure mailing list, filesharing application Earth Station 5 contains code that allows attackers to delete any file on a user’s hard drive. Such vulnerabilities are a dime a dozen, except:
The people behind ES5 have intentionally added malicious code to ES5. If you have followed the ES5 discussions on message boards and read what the ES5 people have said and done (eg. DoS attacking BitTorrent sites), this comes as no surprise. The question then is “why did they do it?” I’m sure they won’t tell us, but here’s a theory: They could be working for the RIAA, MPAA, or a similar organization. Once they have enough users on their ES5 network, they would start deleting all copyrighted files they own which their users are sharing. The users wouldn’t know what hit them.
That theory makes perfect sense, but when I heard about the vulnerability, the one fact I knew about Earth Station 5 immediately popped into my head:
We’ll be more than glad to hear your comments or questions at:
Ras Kabir 121 Gaza Gaza, Palestine
Within reason, I sympathize with the Palestinian cause. “Within reason” means I don’t pretend there aren’t a lot of people there who, for whatever reason, would like to hurt a lot of people here. The same people also severely disapprove of much of the material exchanged over filesharing networks.
If the Full-Disclosure post is correct, is it too rash an assumption to suspect that Earth Station 5 was an attempted act of cyberterrorism? Could the creators have been waiting for a day on which they would scan the entire Internet and delete critical system files on every computer running ES5? The terrorism theory makes more sense to me than the RIAA conspiracy theory.