[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: POINTCAST - Could it be a Trojan Horse?



The following came from another mailing list.
An interesting Cypherpunks opportunity is that it appears to provide
a general broadcasting capability, depending on what authentication methods
(if any) it's using.  Aside from the fun of automatic-upgrade software,
it's a great opportunity for a media hack.  Maybe it won't be widely
supported by April 1, 1996, but it certainly should be by April 1, 1997.
(Hmmm - isn't X-Day in 1997?)  I assume it either runs UDP or runs
http to poll.
                        Bill

>     There is a new web site http://www.pointcast.com which provides a
>     program file pcninstl.exe. You download pcninstl.exe and run the
>     program on your PC from Windows 95 or Windows 3.1
>
>     PCN is a program that interfaces to the Internet using port 80 and
>     provides you customizable up-to-the minute downloads of news
>     headlines, stocks, customizable sports, customizable weather,
>     customizable financial, Internet access (HTTP only with this release)
>     and personal (horoscopes and lotteries).  You can click on the dynamic
>     advertisements and go directly to their web page.  PCN even turns into
>     a dynamic screen saver with your specific preference.  Periodically,
>     you are informed that there is an upgraded version, would you like to
>     down load; automatic upgrades.  PointCast Network is currently in
>     Beta 0.9, is FREE and they say it will continue to be free, support by
>     advertising commercials.  Does this sound too good to be true???
>
>     Well, Maybe it is too good to be true.  This program becomes a proxy
>     operator for you. Downloading, through your firewall, whatever it
>     decides should be downloaded, data, new executables, etc.  What is to
>     prevent a hacker (or cracker if you like that term better) from
>     offering a similar product which captures you PC keystrokes and scans
>     your hard drive and uploads information, accesses your LAN or PC
>     functions, or destroys PC files and data.
>
>     Even worse what if a hacker breaks into the PointCast Web site after
>     it has successfully distributed its product to millions of Internet
>     users?  Are you sure you trust PointCast enough to perform that next
>     automatic upgrade?
>
>     What about other proxy type programs, such as CompuServe's WinCim? It
>     appears that any type of user proxy program opens the door that most
>     of us have closed using firewalls.
>
>     What are you thoughts and comments? Do you have any concerns with
>     products like this? How do you or your company handle these products?
>
>     Thanks,
>     Bill Roswell
>     Occidental Petroleum Corporation
>     email [email protected] or email [email protected]
>
>
#--
#			Thanks;  Bill
# Bill Stewart, [email protected], +1-415-442-2215 pager 408-787-1281
# "At year's end, however, new government limits on Internet access threatened
# to halt the growth of Internet use.  [...] Government control of news media 
# generally continues to depend on self-censorship to regulate political and
# social content, but the authorities also consistently penalize those who
# exceed the permissable."  - US government statement on China...