base64_decode isn't the only evidence for some suspicious activities. Others use some openssl functions to encrypt their code, and I guess there are other options as well. It is better to always look into the code before using it, especially when it comes from unknown/untrusted sources.
The Israeli WordPress theme scene is indeed very small, but they are not well-educated about the meaning of GPL and what they should do after fixing a bug in the code or customizing some code to have Hebrew support or right-to-left. This is why I prefer to use the code from the original maintainer and not forks made by people who change few words in the code and ship it as their own creation without notifying the original theme/plugin maintainers and contributing the code upstream. The recent panic could be an opportunity to us to publish our thoughts and ask coders to better behave in the Open Source scene. On Tue, Jan 24, 2012 at 12:13, Ira Abramov <[email protected]> wrote: > Read this: http://n2b.org/archives/2316 > > If you have a Wordpress blog and you've used a Hebrew-converted theme from > Mastergate, you probably have malware on your site. > > crude quick way to find potential problems: run ' grep > "eval.*base64_decode" * -r ' on your web directories. > > The Israeli Free Software scene is small and we should go out in a unified > strong declaration against such ethical/legal violations, possibly also a > GPL violation. This pond is too small to piss in and stay unpunished. I say > the responsible parties need to be named and condemned, and I personally > hope one of the people affected would sue them as well. > > _______________________________________________ > Discussions mailing list > [email protected] > http://hamakor.org.il/cgi-bin/mailman/listinfo/discussions > -- *Tomer Cohen* http://tomercohen.com
_______________________________________________ Discussions mailing list [email protected] http://hamakor.org.il/cgi-bin/mailman/listinfo/discussions
