[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Unofficial PHP 4.1.2 PKG available
- Subject: Re: [cobalt-security] Unofficial PHP 4.1.2 PKG available
- From: "Joe Boise" <my_hidden_email@xxxxxxxxx>
- Date: Mon, 4 Mar 2002 08:55:21 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
You know what burns me, is when he announced that
pkg to the list he never mentioned anything about
the spyware in the pkg.
He just simply gave a URL to the package, not his site,
in his email here.
He should have just gave a link to the site where the pkg
was so we could read the warning about the embedded
spyware. I just went to the link of the pkg and downloaded
the pkg, never aware of any spyware.
I will think twice about getting something from him in the
future!
Joe
Message: 1
From: "cbtrussell" <cbtrussell@xxxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Subject: Re: [cobalt-security] Unofficial PHP 4.1.2 PKG available
Date: Sun, 3 Mar 2002 19:58:24 -0500
Reply-To: cobalt-security@xxxxxxxxxxxxxxx
> well, if this is detailed information or not is to be argued about. But
> well, yes. It is phoning home so that I'm able to track the spreading of
> the package.
Busted.
> And now tell me which information in
> this e-mail is sensitive to your privacy?!
I would be very upset if I installed a piece of software that sent the
author the address of my machine, as well the kernel info enclosed below. I
think it's sneaky and ill-advised at BEST. The worst part is your failure
to disclose the spyware prior to being caught red-handed, which speaks
volumes about your ethics. Is there a sinister motive here? I honestly doubt
it, but even so, you can bet I won't ever be installing any pkg's from your
site.
Michael - how did you notice the message home? Nice work. And BTW, you owe
me an email!
Brandon
--__--__--
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security
End of cobalt-security Digest