EarthStation 5 P2P application contains malicious code

Oh please.
This is a personal thing between Random Nut and ES5, he has been attacking them for a while now.
I think this should be removed until somebody independant has at least checked it out.
I can see at least 10 outright lies in that post.

Welsh, before calling me a liar, test the code. It's there. That'll prove I'm right.

And for the people who don't know who Welsh is, he's an ES5 fanboy who spammed the K-Lite board today and yesterday. He nearly got banned.

Well since ES5 is so malicious couldnt you show this to someone like symantec so they can add it as a trojan or something?

I'm sure they read Full Disclosure and BugTraq.

ES5 has code which allows a remote user to delete a user's shared files. That's the "only" malicious code I found, but I can't rule out that there's more.

Originally Posted by darktiger_64

Could you please identify the 10 lies, and tell us the truth.

Okay, so I'll do my best.
With my own opinions.

1.They intentionally added this code to ES5.
Not unless it's a bug they didn't.

2.and that they have more than 15 million simultaneous users on-line 24/7
It's an old claim, no longer being claimed.

3.This is not a bug!
I believe if anything, it is a bug.

4.The people behind ES5 have intentionally added malicious code to ES5
No they haven't.

5.(eg. DoS attacking BitTorrent sites)
Pure speculation based on a conversational screenshot from ES5 Radio Chat, denied, never proven, never admitted, and explained.

6.They could be working for the RIAA, MPAA, or a similar organization.
I know it's a speculation, but it's rubbish.

7.Once they have enough users on their ES5 network, they would start deleting all copyrighted files they own which their users are sharing.
Another speculation, but still a load of rubbish.

8.The users wouldn't know what hit them.
Well if this rubbish was true, then there wouldn't be any users and so nobody would be "hit".

9.Credits
me for discovering it
You deserve no credits if you are lying.

10.Tested ES5 builds
ES5 build 1266
ES5 build 2180 (latest version)
I doubt that "Tested" is the correct word.

Okay, maybe lies was the wrong word, but rubbish, speculations, and scaremongering is what this post is all about.


@Random Nut, I have already told you that I respected your work and opinions, but after the fiasco on the K-Lite board recently I find it hard to believe anything posted by anybody from those discussions.
I know nothing about code etc, but this postt is full of the kind of rubbish that people complained about when ES5 was over-hyped.
I'm happy to admit being wrong and taken as a fool if this does turn out to be malicious.
I have absolutely no axe to grind with you, but I hope for the sake of your credibility that you haven't gone a step too far with this.

Originally Posted by random_nut

Welsh, before calling me a liar, test the code. It's there. That'll prove I'm right.

And for the people who don't know who Welsh is, he's an ES5 fanboy who spammed the K-Lite board today and yesterday. He nearly got banned.

No spam there, just corrections being made to nasty comments and speculation.
K-Lite board folk have conveniently deleted all of the topics and posts, and nearly banned me even though it was their people, (balamm?) who were in the wrong.
Lock them and then delete them, then claim I was spamming?
Nice.

Welsh, what the fuck (sorry) is your problem? I have provided the exploit code, you have ES5 installed, so what are you waiting for ES5 fanboy? Too afraid of the truth? Too afraid that I'm right? Just test it and stop calling me a liar when I have already presented source code and binary for anyone to download and test.

At first I thought you were a nice guy. But that changed when you showed your real self by spamming the K-Lite board today and yesterday, and now calling me a liar without even having tested the code.

JiMiThInG: I just PM'd you...

@Random Nut:
I am a nice guy!
I did nothing wrong on the K-Lite board and you know it.
I am honest and pride myself upon that.
I have absolutely no idea what to do with that code, but I still can't believe it is malicious rather than a bug.
That is the point.
If I am wrong in trusting ES5 then shite, you got me, I should have listened to you all along and for that I will be sorry.
But what if I'm right, and it is merely a bug and proven to be so?

Originally Posted by drwtwn312

just because it is speculation doesn't me it's a lie so i don't think you even have 10 there bud

Okay, maybe not 10 outright lies, but you can surely see the justification for me posting.
I am angry that people continue to crucify ES5 without justification, based on posts exactly along these lines.
ES5 and the RIAA?
Come on.
Random Nut is on a mission because a while back he went to the ES5 boards claiming some vulnerability and was proved wrong, publically.
So he has certainly something to gain, and I believe he is using his good, respected name to gain revenge.
ES5 is not evil, bad or malicious.
It is improving all of the time and does not deserve this crap being plastered all over it.

I half suspect or at least wouldn't be suprised if ES5 had like 1 or 2 guys out there spamming up p2p community boards with pro-ES5 rubbish

Wrong. ES5 has many many people out there telling the truth as they see it instead of bashing a program they are afraid to use because of posts like Random Nut's.
Fanboy?
No. Just a user, like I use k-Lite and Shareaza.
But you cannot only go by one opinion.
Use your own thoughts!