On Fri, Mar 23, 2007 at 12:03:54PM -0700, J.C. Roberts wrote: > On Friday 23 March 2007 11:35, Tobias Weisserth wrote: > > On Mar 23, 2007, at 6:24 PM, Rafael Morales wrote: > > > I need the shared library libasound.so.2, anybody > > > could send to me ???, I don't have a linux box here. > > > > I need my box rooted, can anybody please send me a trojaned binary > > library I have to trust blindly? > > Tobias, > > You telling the above good advice to someone, Rafael, who is *already* > trying to install a trojaned binary (skype) on their OpenBSD system. > > Skype is dangerous. Periord. End of discussion.
Fortunately, when someone writes "end of discussion", the discussion actually doesn't have to end, as you are seeing right now. Here is a bibliography that supports the claim better than a proclamation "Periord". http://blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf See page 104 which seems to claim that there is an arithmetic overflow in skype. Even a screenshot of cracked system is supplied. Though, it's not difficult to fabricate such a screenshot with GIMP ;-) CL< > > If anyone doesn't believe the above statement of fact, they have only > two possible ways to prove or disprove it: > > 1.) Have the many months of time and highly advanced reverse engineering > skills necessary to fully audit the skype binaries including getting > around their executable packing, morphing, validation, anti-debugging > and other nasty ways of preventing much needed auditing and analysis. > > __OR__ > > 2.) Just read the damn skype licnese which requires you to agree to let > your system and bandwidth be used for any known or unknown purposes > that eBay/Skype wants. > > jcr
