LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Blogs > In The Middle Of Nowhere [edK's blog]
User Name
Password

Notices



In The Middle Of Nowhere

Life, universe and everything...
--
Blog title (C) Orbital
Rate this Entry

Shareaza: "don't play with IE"

Posted 02-15-2010 at 07:57 AM by Web31337
Updated 02-15-2010 at 08:04 AM by Web31337

A short story about Infernet Exploiter usage in popular P2P app "Shareaza".
It was last summer, when SourceForge wasn't so bad and I was always sitting and helping on their channel @ freenode, and, also, I was a windowz user.
Persons:
_AnywhereIs_: me
Ryo-oh-ki: Shareaza developer

Local time: GMT+06 (in DST)
Channel: #sourceforge
Place: IRC.FreeNode.net
Date: June 13-14, 2009

--------
16:34:18 <_AnywhereIs_> Ryo-oh-ki yore developer of shareaza?
17:01:40 <Ryo-oh-ki> yes, my login is "raspopov"
17:09:34 <_AnywhereIs_> i just wanted to report a... a bug that shareaza is hard-bounded to IE and when i try to connect Gnutella network it fails when IE is disabled(i disable it setting up proxy at 127.0.0.1 where there is no actual proxy exist). it connects ok when i reset ie settings to direct connection and launch shareaza again. it's a bug i believe. using 2.4, winserv 2003, can send out a video showing this bug in work.
17:10:02 <_AnywhereIs_> no software should depend on ie engine.
17:25:59 <Ryo-oh-ki> _AnywhereIs_, Shareaza is windows addict application and IE using is advantage. But Gnutella 2 sybsystem don't depends on IE so you probably broke something else.
17:26:44 <_AnywhereIs_> well i can send video.
17:26:53 <_AnywhereIs_> which i will record right now
18:31:11 <Ryo-oh-ki> btw you cant disable IE by setting wrong proxy you just cut all windows apps and windows itself from internet and for example from Windows Update site
02:07:27 <_AnywhereIs_> Ryo-oh-ki would you fix that issue with shareaza?
02:09:59 <Ryo-oh-ki> ist requires no fixing
02:33:30 <Ryo-oh-ki> _AnywhereIs_, dont play with IE
--------

Few more notes, from today.
I just fetched 2.5.2.0(latest on sf.net) in my virtualbox where I run winxp sp2 when required, and it refused me in installation, complaining about I am not administrator. Why the hell should I be an administrator? I work under user account there. One more reason not to use this piece of software.
The bug with IE binding still wasn't fixed. It still gets hub list using IE engine.

I suggest everyone, who develops window$ apps to read one good book: "Writing Secure Code" from M$ by M.Howard and D.LeBlank. Though it contains abusing of "hacker" word, I can say it teached me many tricks in securing applications and coding them the secure way. Not related to specific platform even.

The general rule here is "Don't abuse privileges. Try to make your application available for installation in almost any environment".
Posted in opensource, security
Views 1202 Comments 0
« Prev     Main     Next »
Total Comments 0

Comments

 

  



All times are GMT -5. The time now is 10:32 AM.

Main Menu
Advertisement

Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration