Jump to content


Photo

Can mustymod be a dangerous trojan horse?

- - - - -

  • Please log in to reply
3 replies to this topic

#1
tsphere

tsphere

    Newbie

  • Members
  • Pip
  • 2 posts
update: musty has began sharing his source and collaborating with others in the community. It appears my doubts were ill-founded. I'm still glad I made this post if it at all got people thinking about these issues.
Apologies to mustymod, to the rest enjoy.



As all of you are by now aware, mustymod has managed to create a 2.0 rom which is now (almost) perfectly functional, and I for one find this a hugely impressive achievement. This was something deemed impossible by most beforehand, and he has managed to do this alone and with great success.

However, many of you might not be aware that this mod is closed source. This means that there is theoretically nothing preventing him from stealing your passwords (like your gmail password), maybe even your credit card (if you use the market to buy software), and definitely any information stored in your email. He could also potentially use it for DDoS attacks. Now, I'm not a conspiracy lunatic, and I know that for someone to go to such lengths to do this seems unlikely. It is just that his reluctance to reveal his source code seems suspicious, and there is no way of knowing that there isn't something bad behind it. Even if it is highly unlikely, it IS possible.

I would not like it to seem as if this post is a mean way of trying to get him to post his source code by calling him a crook. First, I do not believe he is a crook. I'm 95% sure he isn't. It is just that there is absolutely no way of eliminating that 5% chance he is. And second, I am not affiliated in any way to the other projects going on who are trying to create a 2.0 rom, and wouldn't really care (aside from the romantic side of me who likes open source) about this if there weren't possible security ramifications.

Tsphere

Edited by tsphere, 01 February 2010 - 03:56 PM.

  • 0

#2
lc_

lc_

    Newbie

  • Members
  • Pip
  • 1 posts

As all of you are by now aware, mustymod has managed to create a 2.0 rom which is now (almost) perfectly functional, and I for one find this a hugely impressive achievement. This was something deemed impossible by most beforehand, and he has managed to do this alone and with great success.

However, many of you might not be aware that this mod is closed source. This means that there is theoretically nothing preventing him from stealing your passwords (like your gmail password), maybe even your credit card (if you use the market to buy software), and definitely any information stored in your email. He could also potentially use it for DDoS attacks. Now, I'm not a conspiracy lunatic, and I know that for someone to go to such lengths to do this seems unlikely. It is just that his reluctance to reveal his source code seems suspicious, and there is no way of knowing that there isn't something bad behind it. Even if it is highly unlikely, it IS possible.

I would not like it to seem as if this post is a mean way of trying to get him to post his source code by calling him a crook. First, I do not believe he is a crook. I'm 95% sure he isn't. It is just that there is absolutely no way of eliminating that 5% chance he is. And second, I am not affiliated in any way to the other projects going on who are trying to create a 2.0 rom, and wouldn't really care (aside from the romantic side of me who likes open source) about this if there weren't possible security ramifications.

Tsphere


+1

  • 0

#3
avi_wizard

avi_wizard

    Newbie

  • Members
  • Pip
  • 8 posts

+1


That is probably the only reason stopping me from upgrading my ROM to mustymod's till now...

  • 0

#4
Fireballs

Fireballs

    Newbie

  • Members
  • Pip
  • 2 posts
  • Devices:Samsung Galaxy

That is probably the only reason stopping me from upgrading my ROM to mustymod's till now...

and maybe the fact that the camera doesnt work

  • 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users