Jump to content

Can mustymod be a dangerous trojan horse?


Guest tsphere

Recommended Posts

Guest tsphere

update: musty has began sharing his source and collaborating with others in the community. It appears my doubts were ill-founded. I'm still glad I made this post if it at all got people thinking about these issues.

Apologies to mustymod, to the rest enjoy.

As all of you are by now aware, mustymod has managed to create a 2.0 rom which is now (almost) perfectly functional, and I for one find this a hugely impressive achievement. This was something deemed impossible by most beforehand, and he has managed to do this alone and with great success.

However, many of you might not be aware that this mod is closed source. This means that there is theoretically nothing preventing him from stealing your passwords (like your gmail password), maybe even your credit card (if you use the market to buy software), and definitely any information stored in your email. He could also potentially use it for DDoS attacks. Now, I'm not a conspiracy lunatic, and I know that for someone to go to such lengths to do this seems unlikely. It is just that his reluctance to reveal his source code seems suspicious, and there is no way of knowing that there isn't something bad behind it. Even if it is highly unlikely, it IS possible.

I would not like it to seem as if this post is a mean way of trying to get him to post his source code by calling him a crook. First, I do not believe he is a crook. I'm 95% sure he isn't. It is just that there is absolutely no way of eliminating that 5% chance he is. And second, I am not affiliated in any way to the other projects going on who are trying to create a 2.0 rom, and wouldn't really care (aside from the romantic side of me who likes open source) about this if there weren't possible security ramifications.

Tsphere

Edited by tsphere
Link to comment
Share on other sites

As all of you are by now aware, mustymod has managed to create a 2.0 rom which is now (almost) perfectly functional, and I for one find this a hugely impressive achievement. This was something deemed impossible by most beforehand, and he has managed to do this alone and with great success.

However, many of you might not be aware that this mod is closed source. This means that there is theoretically nothing preventing him from stealing your passwords (like your gmail password), maybe even your credit card (if you use the market to buy software), and definitely any information stored in your email. He could also potentially use it for DDoS attacks. Now, I'm not a conspiracy lunatic, and I know that for someone to go to such lengths to do this seems unlikely. It is just that his reluctance to reveal his source code seems suspicious, and there is no way of knowing that there isn't something bad behind it. Even if it is highly unlikely, it IS possible.

I would not like it to seem as if this post is a mean way of trying to get him to post his source code by calling him a crook. First, I do not believe he is a crook. I'm 95% sure he isn't. It is just that there is absolutely no way of eliminating that 5% chance he is. And second, I am not affiliated in any way to the other projects going on who are trying to create a 2.0 rom, and wouldn't really care (aside from the romantic side of me who likes open source) about this if there weren't possible security ramifications.

Tsphere

+1

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.