[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: POINTCAST - Could it be a Trojan Horse?
The following came from another mailing list.
An interesting Cypherpunks opportunity is that it appears to provide
a general broadcasting capability, depending on what authentication methods
(if any) it's using. Aside from the fun of automatic-upgrade software,
it's a great opportunity for a media hack. Maybe it won't be widely
supported by April 1, 1996, but it certainly should be by April 1, 1997.
(Hmmm - isn't X-Day in 1997?) I assume it either runs UDP or runs
http to poll.
Bill
> There is a new web site http://www.pointcast.com which provides a
> program file pcninstl.exe. You download pcninstl.exe and run the
> program on your PC from Windows 95 or Windows 3.1
>
> PCN is a program that interfaces to the Internet using port 80 and
> provides you customizable up-to-the minute downloads of news
> headlines, stocks, customizable sports, customizable weather,
> customizable financial, Internet access (HTTP only with this release)
> and personal (horoscopes and lotteries). You can click on the dynamic
> advertisements and go directly to their web page. PCN even turns into
> a dynamic screen saver with your specific preference. Periodically,
> you are informed that there is an upgraded version, would you like to
> down load; automatic upgrades. PointCast Network is currently in
> Beta 0.9, is FREE and they say it will continue to be free, support by
> advertising commercials. Does this sound too good to be true???
>
> Well, Maybe it is too good to be true. This program becomes a proxy
> operator for you. Downloading, through your firewall, whatever it
> decides should be downloaded, data, new executables, etc. What is to
> prevent a hacker (or cracker if you like that term better) from
> offering a similar product which captures you PC keystrokes and scans
> your hard drive and uploads information, accesses your LAN or PC
> functions, or destroys PC files and data.
>
> Even worse what if a hacker breaks into the PointCast Web site after
> it has successfully distributed its product to millions of Internet
> users? Are you sure you trust PointCast enough to perform that next
> automatic upgrade?
>
> What about other proxy type programs, such as CompuServe's WinCim? It
> appears that any type of user proxy program opens the door that most
> of us have closed using firewalls.
>
> What are you thoughts and comments? Do you have any concerns with
> products like this? How do you or your company handle these products?
>
> Thanks,
> Bill Roswell
> Occidental Petroleum Corporation
> email [email protected] or email [email protected]
>
>
#--
# Thanks; Bill
# Bill Stewart, [email protected], +1-415-442-2215 pager 408-787-1281
# "At year's end, however, new government limits on Internet access threatened
# to halt the growth of Internet use. [...] Government control of news media
# generally continues to depend on self-censorship to regulate political and
# social content, but the authorities also consistently penalize those who
# exceed the permissable." - US government statement on China...