Originally posted by CrowleyAgreed..
If you work in IT you should know there's no way this site (or anyone affiliated with it) can 'infiltrate' your PC and 'spy' on anyone.
Stop fueling god damn paranoia!
Theres no way your browser can access what processes are running on your computer or the computer filesystem.
It could only be done by using a known expliot in the browser/OS (stack overrun etc), and I can't see Russ running the risk of doing something like that + breaking the law just for the sake of chasing some cheaters.
If it was found out it would be the end of this site too, i think he has more financial sense than that.
Originally posted by Steve ExeterChrist.
Numbnuts - read it again - I said [b]I am convinced that it's NOT Spyware and I only posted that in a direct response to Starman's enquiry as to what covert methods I had evidence of.[/b]
You also posted this:
I think a mistake has been made, I think that the only hard evidence is that Russ' secret tools have detected a known engine on my PC - GNU Chess which comes with Winboard - I also suspect that he has detected log files that show the engine has been used, well it would have cos I play the engine myself as an opponent and also I did run analysis on some of my completed RHP games to see what it could tell me.
Did Russ ever have access to your PC to install these super secret tools Numbnuts!?
3 edits
Originally posted by Crowley[/b]I believe that the functionality exists within Winboard already.
Christ.
You also posted this:
[b]I think a mistake has been made, I think that the only hard evidence is that Russ' secret tools have detected a known engine on my PC - GNU Chess which comes with Winboard - I also suspect that he has detected log files that show the engine has been used, well it would have cos I play the engine myself as an opponent and
Did Russ ever have access to your PC to install these super secret tools Numbnuts!?
Originally posted by CrowleyXBoard/Winboard Command Line Buffer Overflow
But he would need to exploit bugs in IE, to get access to your local files and /or running processes then exploit bugs in Winboard.
Without anyone finding out?
I think not.
Description: XBoard and WinBoard are graphical user interfaces for
chess. Xboard versions 4.2.7 and prior are vulnerable. A large
hostname used with the '-icshost' option will trigger a buffer
overflow that could lead to arbitray code execution or privilege
escalation.
Ref: http://secunia.com/advisories/11016/
Originally posted by Steve ExeterSo what?
XBoard/Winboard Command Line Buffer Overflow
Description: XBoard and WinBoard are graphical user interfaces for
chess. Xboard versions 4.2.7 and prior are vulnerable. A large
hostname used with the '-icshost' option will trigger a buffer
overflow that could lead to arbitray code execution or privilege
escalation.
Ref: http://secunia.com/advisories/11016/
Like I posted before, an 'attacker' would still need to exploit browser bugs in order to exploit the winboard bug.
Good security software should stop this from happening. Hell, just using FireFox would stop most attackers in their tracks...
No matter how many exploit or hacker sites you quote with security holes and bugs - it still does not detract from the fact that Russ just wouldn't do it.
I can't see anyone taking a chance like that with a commercial site. If he got caught, this site would lose all the paying customers and he'd be liable to civil suits.
No way.