Main Area and Open Discussion > Living Room
Skype users: beware (silver needle in the skype)
brotherS:
[...]
I should think this to be only fair.
As far as fodders "reasons". :harhar:
They're B.S.
[...]
Also under U.S. law [...] A crime is a crime.
-Cpilot (May 16, 2006, 11:12 PM)
--- End quote ---
You don't need to be rude just because you can't agree with f0dder here...
Regarding U.S. laws: maybe you've heard that they are a few countries on the same planet that don't share all of the U.S. opinions. And even in the U.S. there are legal entities that test all kinds of products to protect customers. They don't only look at the products or use them, they often disassemble them to look at the core of things.
f0dder:
There are already tools out there to test applications for bandwidth usage and memory leaks etc. without ripping someones code apart in violation of the EULA.
--- End quote ---
Sorry, but you don't really have a clue what the PDF I linked to was about, do you? Checking *just* the bandwidth usage (amount of bytes/second transferred) as well as unmatched allocations/deallocations can be done trivially, yes. But this is NOT what this is about.
This is about detecting whether Skype is trojanizing your system, exactly what information it is relaying when it should be idle, and getting buffer overflows fixed so that evil people can't zombify your machine. To do this, sorry to break your illusions, Reverse Engineering has to be applied.
You should really be thankful that it's the good guys that found out this information first, before the bad guys were able to trojanize all the Skype clients in the world.
And do realize that the PDF has nothing to do with "Hacking" or "Cracking". It doesn't remove any copy protection or license scheme (because Skype doesn't have any). It's Reverse Engineering, and it has uncovered a very grave problem with the Skype software. I don't think you realize just how bad those flaws are.
He like a few others believe that they can do as they please with other peoples property.
--- End quote ---
Not really. But I do believe that somebody has to make sure the software companies aren't pulling dirty tricks behind our backs, and I think it's nice that there's white/grey-hat security analysts rather than just the virus/malware fringe who reverse engineer. Otherwise you'd be victimized a lot more often by the spammers and scammers... there will always be bad people trying to attack any piece of software they can, simply because they can profit from it. Software companies don't have the time and motivation to go through their entire million-lines of sourcecode, but you can bet your ass that some hacker in russia or china will.
I still think it's wrong that the PDF was disclosed before SKype had been notified and given due time to fix their bugs. A more tactful approach would have been posting "Skype users beware: you are highly exploitable. Skype has been notified, and in 30 days we will do full disclosure."
PS: US-based security companies reverse engineer code all the time too, regardless of the DMCA. They have to.
Cpilot:
f0dder,
I am truly not interested in convincing you of my position, it's wasted effort.
Sorry, but you don't really have a clue what the PDF I linked to was about, do you?
--- End quote ---
Again I could really care less what you believe my understanding of the pdf is.
My position is that the unauthorized hacking of someone else's software/property is theft. Theft is theft, no matter what country your in. Apparently you have no concept of this and have been practicing your rationalizations for a long time.
You don't need to be rude just because you can't agree with f0dder here...
--- End quote ---
I find this one almost too funny for words. You got someone linking to pirated, illegally obtained information and your worried about who's being rude?
:wallbash:
While the bad guys are hacking around I think it is absolutely necessary that the good guys should also be hacking about.
--- End quote ---
And who determines who are the good guys and bad guys?
If it's such a boon then how come we don't see websites with "Hack my code please"? Instead of EULA's that specifically prohibit this sort of stuff.
The bottom line is this, how realistic do think it is that a shareware author would care to participate with a group of people who feel that a EULA don't mean anything? Who have no respect for their property?
Gothi[c]:
Thanks for the info, f0dder!
lol, cpilot. so you think that everyone should just cover their eyes and plug their ears and be good citicens and obey the nice totalitarian policestate law until some terrorist finds the bug exploits it :D
Carol Haynes:
While the bad guys are hacking around I think it is absolutely necessary that the good guys should also be hacking about.
And who determines who are the good guys and bad guys?
If it's such a boon then how come we don't see websites with "Hack my code please"? Instead of EULA's that specifically prohibit this sort of stuff.
The bottom line is this, how realistic do think it is that a shareware author would care to participate with a group of people who feel that a EULA don't mean anything? Who have no respect for their property?
--- End quote ---
To me this is a bit of a no brainer:
Bad guys - people who write Trojans/Viruses etc. to steal from users, hijack their computers for various reasons including spamming the world at your expense, people who steal identities, credit card details etc., people who do malicious damage for the fun of it
Good guys - people who try to find some of the flaws in software to stop the bad guys doing what they are doing.
No one on this forum is suggesting that software should be ripped off in anyway - in fact if you read the comments of others in this thread in other parts of the forum you will read many items arguing precisely the opposite.
Yes US law says you can't reverse engineer copyright material - but we live in a real world where reverse engineering takes place, and not everyone is American. If only the bad guys do it we will be in real trouble.
I presume your computer does not run behind a firewall (that could break some EULAs), you don't run AntiVirus software, AnitTrojan software or any AntiSpyware products because they all break EULA conditions either during production, everyday producing updates or when they are actually running on your system.
Finally do you actually read EULAs? If you took them all seriously you would never install a piece of software on your computer (including but not limited to the operating system). Windows EULA explicitly gives Microsoft the right to do practically anything to your system without your knowledge or permission - can anyone really take such a thing seriously? I have even seen EULAs that specifically remove your right to uninstall the software or block its access to the internet !!!
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version