Does 'Earthstation 5' contain malicious code? And is it an RIAA front?

ES5 is the p2p wannabe based in Palestine. It uses its location to attract gullible reporters to what's an otherwise thoroughly uninteresting app and this might, in fact, lend credibility to the RIAA agent theory.

[ok. OK! I'm kidding !!!! - Ed]

However, when random nut says in his Full Disclosure report here, "There exists malicious code in ES5.exe's 'Search Service' packet handler," he's not joking.

"By sending packet 0Ch, sub-function 07h to the *Search Service*'s IP:Port, a remote attacker could delete any file the user is sharing," he states. "If the remote attacker uses "filenames" with a relative path in them (eg. "..\..\..\WINDOWS\NOTEPAD.EXE"), the remote attacker could also delete files in eg. the windows and windows\system32 folders, or any other folder on the same partition as any of the shared folders. Since most users using Windows are in the Administrators group, a remote attacker could also delete the C:\BOOT.INI file which is a required boot file used by ntldr."

Random nut also stresses: "IMPORTANT: This is not a bug! They intentionally added this code to ES5."

What's it all about?

"Conspiracy theories abound,"Broadband Reports here, including that the company was an RIAA front; among other so far unfounded suggestions that the move held political motivation. Others argue the warning is the work of the RIAA itself. The developers have apparently offered up a new installer sans foul code, but the question remains why it existed in the first place.

"Members of our Filesharing forum offer up their own opinions on the rumor."

They do indeed ; )

This is really old. The speculations made by that arse random nut are idiotic to boot. Why would the RIAA be funding something that promotes that they're fighting against, not to mention open themselves up to lawsuits from other companies? Random Nut has always had an agenda against ES5.

No one but the programmers know why that was in there. Regardless, a new build is out that fixes the problem.

If people want to know why the code was in there, wait for an official statement.

If you read the ES5 forums you will find that they completely removed the comments made by random nut and replaced it with lots of comments and bashing of Zeropaid. It's old news. We all know that the owner of Zeropaid is onvolved with DRM technology. Yet in all the time I have visited Zeropaid they have never tried to promote DRM or force their opinions on me. There seems to be free reign on P2P talk there and they do not censor (Unless it's extremely offensive). Sure you could say they are logging all visitors IP's but that's a little paranoid. There isn't a lot they could do with that info anyhow.

Now on the other hand on ES5's forums they wiped the thread only leaving the thread top intact and posted all this info about Zeropaid like it was some big secret and that Zeropaid are some bad guys. Then created a new installer for their app and have not defended why the code was in the earlier version at all. They simply are trying to pretend it never happened and that it is just going to go away. Well that does not fly with me. Their own methods. The way their 'company' was setup. The way the app was created. Their own claims of 15 million users. There own claims of being uncrackable. The way they taunted the media companies. Where they are based. The way they gained money to develop it. The way they spammed all the boards prior to it in order to promote it and all the other shady dealings involved seem too strange to me.

If they cannot even offer a defense to random nuts claims doesn't that sound odd to you?

I am by no means saying Zeropaid has a clean sheet. Yet ES5 as a whole and where it originates from smack entirely of some form of subterfuge. The app itself installs a lot of DLL's into the registry that remain even after uninstalling. You cannot delete them unless you delete them from the registry first as they are loaded at bootup time. Why?

I leave you to make you own thoughts on this one.

I discovered ES5 when it was in early beta, downloaded it, but didn't try to use it. Later, when I honestly just tried to find files with it, it was the creepiest mess I ever tried. The thing just took that Star Trek scenarios too far to me. I never did fine a decent source of any files, just lots of sci fi wannabe crap.

It was almost as useless as bearshare and the others were. Fact is, kazaa (kazaa lite/++) has been the only P2P that ever had files that users would actually let you download -just from my experience. I never tried SoulSeek, but heard good things about it.
-bulkeraser

They didn't remove the comments. If you'd take a closer look, it was all merged into one thread.

LOL..I found ES5 to be so silly, I have expected that when you started a search, that you would hear Patrick
Stewart's voice saying "Make it so Number One."

ES5 was, is a joke and "IF" the riaa did produce it, well that tells you how their software would be.

I agree with bulkeraser in that at first I could find no files at all on ES5, but later I starded finding more and more. I say give it a shot, the more people that are on a network, the better... oh and read ES5's response to randomnut here:
http://forums2.es5.com/index.php?act=ST&f=50&t=5718&s=75b9906dc944f171ca8ba04f4f70b483

I think you need a password... you can either sign up for one (you need not dl the program) or wait to see it on the News section, if it gets acceptd... i already submittd it... sorry bout the complications there.

I just posted it as a news story. (And I signed up, but STILL couldn't get into the forum, : )

The Palestinians thru ES5 have taken the war with the West and Israel to a whole new theater. Maybe they should KILL arafat and stop pussyfooting around with their tanks. Let it become a REAL war, and get it settled once and for all. None of this suicide and terror shit.

If ES5 is a political or RIAA front that would be REALLY interesting, considering I used them to stream PORN movies.................

Haha, eintier i just remembered you could do that... yeah that would be pretty good proof against the RIAA theory, and if not, would that not be hilarious if the RIAA was streaming porn?

BACKUP YOUR FILES!

Hard drives are not perfect.

whatever, ES5 is crap. Personally I think if the RIAA did it, they would have made it a decent network.

ES5 sucks anyways.

I knew that ES5 wasn't any good from the begining, and this confirms my belief. The RIAA put time and money in a phoney network, Shur they would and it would suck just like ES5. ES5 is nothing to rave about, they even make KaZaA look clean (which it isn't).