amiga-news.de - Archive

Archiv 'News from the business world'

`14.Nov.2002` Chris Hodges (E-Mail)	Offensive Elbox driver and consequences for Poseidon Chris Hodges writes: Dear Poseidon Users, in the last few days, there were rumours posted to ann.lu, claiming that the usb.device, that is provided by Elbox Computer Inc. for the Spider USB PCI card would contain malicious code. This code was posted disassembled on various websites. This source code, if assemblied into an executable, would indeed have the ability to kill the RDB (if it was found in block 0). Code destroying data on purpose like this is illegal in most countries (including Germany) and moreover, is one of the ethically worst things I've ever seen. As the source of this security warning was an anonymous poster and therefore was not reliable, I wanted to check for myself. So I loaded the usb.device (some friendly Mediator user sent me, as Elbox never offered me a SpiderCD to check the contents of the CD), let it decrypt itself and just searched for the 'RDSK' string in the driver (as seen on the disassembled source code on the websites). No disassembly was used. The string was found. I could therefore verify that the offensive code is at least in version 1.2 of the device, I had here to test (there is absolutely NO reason why 'RDSK' would appear in an usb hardware device driver). I gave Elbox the chance to clear things up in public by posting an apology and removing the code. They didn't. Instead, they said that all my "doubts" would be answered in the press statement released yesterday and ignored the consequences that I already had proposed to them. Well, my "doubts", which actually are facts, that I could see with my own eyes, remain. Any Mediator user can check this by using a memory monitor and searching for the usb.device in memory (after loading up Poseidon) and see, if there's the 'RDSK' ID string within the next 10000 bytes. As a consequence, I have to warn Mediator users that their machine is in danger, when running the usb.device. In the non-memory protected Amiga environment it might get damaged at any time and then cause the routine that kills the RDB to become active. The next update of Poseidon will refuse to load up the usb.device, if it detects malicious code. This is to protect yourself from damage and myself from being held liable for any loss of data or damage done. Moreover, I hereby withdraw the permission to include Poseidon in ELBOX's software distributions, until they admit, that the code was in their driver, admit, that they have constantly lied to the users, have placed a public apology for the first time in their life, and have removed any malicious code. I don't want Poseidon to be included with third party software, that's highly illegal and whose originators don't deserve any trust. I do understand that people try to protect their work from being hacked. I do this too, but not by risking the data of legal users and I cannot tolerate this offensive behaviour any longer (I admit, I'm again rather upset and therefore this statement is not as objective as it could have been). The Spider users out there are adviced to confront Elbox with the demands mentioned above, so to allow Poseidon again accept the usb.device driver. I hope that you believe the facts and my worries and understand the steps taken. (ps) [News message: 14. Nov. 2002, 17:45] [Comments: 1 - 15. Nov. 2002, 01:01] [Send via e-mail] [Print version] [ASCII version]
`14.Nov.2002` Mirko Naumann (E-Mail)	Elbox dispels rumours about usb.device Press release: For long years, our company has been making efforts to make users of our hardware proud that they receive the best software support. This support is also the most dynamically expanded in the Amiga market. Some persons/companies do not like this situation, as they would like to compete with Elbox. They know they cannot, though: they have no knowledge or employees to work with or determination to provide on-going support for their products. However, we continue receiving signals from various sources on attempts at disassembling and hacking our drivers for the purpose of stealing the results of our efforts and work. In recent days the Amiga community witnessed rumours related to our latest product: the Spider USB 2.0 card. In order to clarify this we feel obliged to respond officially to them. Rumour: Using the Elbox usb.device with an USB PCI card other than Spider USB 2.0 High-Speed may lead to trashing the disk RDB. Answer: Not true. If anyone is trying to run the Elbox usb.device with any USB PCI card other than Spider USB 2.0 (for which this driver is dedicated), the only result is that the driver does not work with this card and a requester window appears on the screen: 'No Spider USB 2.0 card found.' Rumour: Whoever has a Mediator may modify Spider drivers so that they support USB PCI cards from other parties. Answer: No. The Elbox usb.device is software protected by international copyright law. Only owners of the Spider card are licensed to use these drivers (the drivers are bundled with the cards). The only legal way to acquire the usb.device drivers is to buy the original Spider package. The software is always licensed for a specific person and only that person. The licence for using the driver does not give any right to modify the code (which is property of Elbox). Rumour: The usb.device driver has some procedures, which may damage hdd RDB if any external program accidentally damages the driver code. Answer: No. Elbox pays much attention to protect its drivers against any improper operation in case of accidental damage to their code by any external events. To ensure this, Elbox drivers are encrypted. When run, they automatically decrypt themselves and verify internal checksums to guarantee the maximum security of operation. This is the best way to prevent program crash if, due to any reason, the code is damaged when read from the media. Obviously, even such protection measures cannot protect the program against a hacking attack, that is against a program, which purposefully modifies the code to make some part of it operate in a way different from the original intention. No software available for Amiga computers, including Amiga operating systems, can be 100% protected against such hacking attacks. We hope that what we have stated here explains away all the doubts for good. As always, we stand with full guarantee for our software and our registered users have no reasons to worry. We develop and distribute software, which is reliable, efficient and innovative. Mariusz Wloczysiak ELBOX COMPUTER, Press Department (ps) [News message: 14. Nov. 2002, 12:30] [Comments: 0] [Send via e-mail] [Print version] [ASCII version]
`12.Nov.2002` AmiSpaTra	Australia: Synapse Computer closes - many special offers The Australian trader Synapse Computer closes after ten years at 30th November 2002 its shop and has created a list with Amiga software offered at special prices. (ps) (Translation: gf) [News message: 12. Nov. 2002, 19:53] [Comments: 0] [Send via e-mail] [Print version] [ASCII version]
`10.Nov.2002` Andreas Magerl (ANF)	Audio: APC&TCP has acquired rights to DigiBooster Professional Lately APC&TCP have concluded a contract with the programmers of DigiBoosterPro and thus acquired all rights to the program, source and the name DigiBoosterPro. DigiBooster Professional is a sample based music tracker program. With more than 60 commands a choice of 128 tracks 255 available sample locations DSP echo and much more there are no boundaries for inspiration. So, those who have already worked with programs such as Protracker will be able to shortly find their way around DBPro. As DBPro runs completely through AHI, any sound card whose driver is AHI based is automatically supported. Also well known module formats get their fair share. So DBPro is currently able to read and process MOD (Protracker/Noisetracker) DIGI (Digibooster 1.x) XM (FastTracker) S3M (ScreamTracker) MED (Octamed & OctamedSoundStudio). As soon as an able programmer will have been found, it is planned to further develop the program in big steps. Furthermore it is planned to publish future versions on CD instead of diskettes. Detailed information about the program can be found on the APC&TCP homepage which has been extensively updated this week. In the future, APC&TCP will also work very closely with the DigiBoosterPro community. Thus, for example, Dennis Lohr (Psyria) is taking over support for this extensive program. In order to have support for the program as uncomplicated as possible, a forum has been set up especially which can be accessed from the community, APC&TCP as well as the Amiga Future homepage. We would be glad if you would write down your suggestions for improvements and new features in the support forum. This is how you can contact us: Distribution : http://www.apc-tcp.de/ Community : http://www.digiboosterpro.de/ Support Forum APC&TCP : http://www.amigafuture.de/forum/index.php?c=3 Support Forum DigiBoosterPro : http://www.amigafuture.de/forum/index.php?c=4 Distribution (E-Mail) : info@apc-tcp.de Support (E-Mail) : Psyria@apc-tcp.de (sd) (Translation: cb) [News message: 10. Nov. 2002, 16:04] [Comments: 0] [Send via e-mail] [Print version] [ASCII version]

1 110 215 ... <- 220 221 222 223 224 225 226 227 228 229 230 -> ... 235 258 287