Sign in to follow this  
Followers 0
tsphere

Can mustymod be a dangerous trojan horse?

4 posts in this topic

update: musty has began sharing his source and collaborating with others in the community. It appears my doubts were ill-founded. I'm still glad I made this post if it at all got people thinking about these issues.

Apologies to mustymod, to the rest enjoy.

As all of you are by now aware, mustymod has managed to create a 2.0 rom which is now (almost) perfectly functional, and I for one find this a hugely impressive achievement. This was something deemed impossible by most beforehand, and he has managed to do this alone and with great success.

However, many of you might not be aware that this mod is closed source. This means that there is theoretically nothing preventing him from stealing your passwords (like your gmail password), maybe even your credit card (if you use the market to buy software), and definitely any information stored in your email. He could also potentially use it for DDoS attacks. Now, I'm not a conspiracy lunatic, and I know that for someone to go to such lengths to do this seems unlikely. It is just that his reluctance to reveal his source code seems suspicious, and there is no way of knowing that there isn't something bad behind it. Even if it is highly unlikely, it IS possible.

I would not like it to seem as if this post is a mean way of trying to get him to post his source code by calling him a crook. First, I do not believe he is a crook. I'm 95% sure he isn't. It is just that there is absolutely no way of eliminating that 5% chance he is. And second, I am not affiliated in any way to the other projects going on who are trying to create a 2.0 rom, and wouldn't really care (aside from the romantic side of me who likes open source) about this if there weren't possible security ramifications.

Tsphere

Edited by tsphere
0

Share this post


Link to post
Share on other sites
As all of you are by now aware, mustymod has managed to create a 2.0 rom which is now (almost) perfectly functional, and I for one find this a hugely impressive achievement. This was something deemed impossible by most beforehand, and he has managed to do this alone and with great success.

However, many of you might not be aware that this mod is closed source. This means that there is theoretically nothing preventing him from stealing your passwords (like your gmail password), maybe even your credit card (if you use the market to buy software), and definitely any information stored in your email. He could also potentially use it for DDoS attacks. Now, I'm not a conspiracy lunatic, and I know that for someone to go to such lengths to do this seems unlikely. It is just that his reluctance to reveal his source code seems suspicious, and there is no way of knowing that there isn't something bad behind it. Even if it is highly unlikely, it IS possible.

I would not like it to seem as if this post is a mean way of trying to get him to post his source code by calling him a crook. First, I do not believe he is a crook. I'm 95% sure he isn't. It is just that there is absolutely no way of eliminating that 5% chance he is. And second, I am not affiliated in any way to the other projects going on who are trying to create a 2.0 rom, and wouldn't really care (aside from the romantic side of me who likes open source) about this if there weren't possible security ramifications.

Tsphere

+1

0

Share this post


Link to post
Share on other sites
+1

That is probably the only reason stopping me from upgrading my ROM to mustymod's till now...

0

Share this post


Link to post
Share on other sites
That is probably the only reason stopping me from upgrading my ROM to mustymod's till now...

and maybe the fact that the camera doesnt work

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

MoDaCo is part of the MoDaCo.network, © Paul O'Brien 2002-2016. MoDaCo uses IntelliTxt technology.