"Evil" Addon Developer

dgatsoulis

dgatsoulis

ele2png user
Donator
Joined
Dec 2, 2009
Messages
2,021
Reaction score
623
Points
128
Location
Sparta
What if someone was to make an addon that would look like an "innocent" base or a new ship, but in reality gained access to all your personal information (emails, banking accounts, passwords, etc.) the minute you installed it?

Is it possible?

How would we protect ourselves from such a thing?

Would the current "protection" systems (antiviruses - firewalls) be enough?
 
Yes, it is possible, and no, an AV probably won't protect it. A firewall can help, but it depends on what it does.
 
Theoretically, even a firewall wouldn't help, going off-line completely would. There is no such thing as a perfect firewall in this world.
 
Urwumpe said:
There is no such thing as a perfect firewall in this world.
Click to expand...

Very true. The amount of companies I've seen that say "We are safe, we have a FIREWALL" and then pass around USB drives without AV scanning them. I've also seen Firewalls with more holes than swiss cheese, firewalls with security holes and so on.

No security device/application is perfect hence the term "Defense in Depth"
 
Unless the only objective of the malicious code is to wreak havoc. Running on a limited can reduce significantly the attack area of malicious programs, but nothing is perfect.
 
You can try running Orbiter in Virtual box without shared folders with the host :) !!! Thats really safe.
 
Having seen the orbiter community, I find it hard believe that someone would do that. So I really don't think that's a worry, but if it did, it would get us with no warning, we probably wouldn't stand a chance at first.
 
For the most part I trust the members here with their addons

But in the case of someone trying to make an attack, wouldn't a AV pick it up? (that is if you scanned the .dlls)
 
Bj said:
But in the case of someone trying to make an attack, wouldn't a AV pick it up? (that is if you scanned the .dlls)
Click to expand...

Nope.

AV relies too much on signature sets and as this would be new it would totally ignore it. Now I know you'll say "what about heuristic scans" - These are not a magic bullet for bad behaviour, if they were then signature sets wouldn't be required.
 
dumbo2007 said:
You can try running Orbiter in Virtual box without shared folders with the host :) !!! Thats really safe.
Click to expand...

MeDiCS said:
Unless the only objective of the malicious code is to wreak havoc. Running on a limited can reduce significantly the attack area of malicious programs, but nothing is perfect.
Click to expand...

My first thought also... but would that help you against a keystroke logger?

Bj said:
For the most part I trust the members here with their addons
Click to expand...

I trust most members in this forum too. But NOT everyone who posts addons is a member of the Forum.

There is, of course, a "screening" process by O-H when you post an addon for the first time,(for the first 5 times, if i remember correctly), but i don't know if it is possible to scan the addons for any malicious code.
 
An addon maker who may think about making such a thing should have to be an idiot and a masochist.

Most of hackers rely on being anonymous and hard to be tracked. Even lamers who do the dirty job for hackers need to remain somehow hidden. We are not anonymous here. We are being tracked and you have people here who could provide useful data to authorities to track such a person. It would be like saying "let's be famous in jail", quite a masochist way to waste your life.

Being an Orbiter developer is about the challenge of space, math, not about networks and hacking. Indeed the challenges of making games are far superior that the reward for ego that a teen may have when trying to enter a network without permission, because coding a game means solving more problems of a wide variety of fields. And the effort is rewarded with some comments and downloads, instead of having FBI knocking at your door.

If you think about addon devs, you also should think that every time you download a patch or a fix for a game, you could have malicious code...

Ther was a time when there were attempts to hack this community, making differnt attempts to hurt and destroy. You bet there are people here with enough expertise and connections to create a nightmare for those who want to disturb this community.

Creating is more challenging than destroying. Here we are to create, not to destroy.

Most of times you get either addon makers who are friends of excellence, who want to make themselves a CV and make well debugged code, or you have amateurs who make buggy code that causes game CTDs.

You have higher possibility of having your data stolen when you go to an internet cafe, since some administrators use keyloggers in their network, than downloading an addon where many people here could spot risks and denounce. Orbiter community is a bad place to be an "evil" developer.

Being evil would deny your chance to be here and learn what brought you here inthe first place. We are not here to play foolish games like doing forbidden things. We are here because we love space, and we are glad to dedicate time an effort to make a community to grow. It brings more advantages than making stupid things like an "evil" dev would do.
 
Last edited:
garyw said:
Nope.

AV relies too much on signature sets and as this would be new it would totally ignore it. Now I know you'll say "what about heuristic scans" - These are not a magic bullet for bad behaviour, if they were then signature sets wouldn't be required.
Click to expand...

So then I guess that leaves us with the only 'buffer' available, having large numbers of people run it before you :lol: ...or just test it on a machine with a fresh copy of XP/Vista/Orbiter so that you can observe for any changes in system behavior and whether or not orbiter tries accessing the internet or obsessively using files ext..

Or the devs could include the source and you can compile it from there... :thumbup:

dgatsoulis said:
There is, of course, a "screening" process by O-H when you post an addon for the first time,(for the first 5 times, if i remember correctly), but i don't know if it is possible to scan the addons for any malicious code.
Click to expand...

Wasn't that 5 screen buffer removed?... or is it still in place? Also I think first 5 addons using spacecraft3/senarions/fillers then the 6th being a malicious dll would render the help of that 5x buffer ineffective anyway, especially like garyw said, AVs are not fool proof.
 
ar81 said:
An addon maker who may think about making such a thing should have to be an idiot and a masochist.
Click to expand...

Which is the reason I trust most people.

...but it would be naive to assume everyone on the online world isn't an idiot/masochist ;)
 
Not if you run Orbiter in VirtualBox, I suppose... Which I already do, since I use virus-free Linux. :tiphat:
 
Bj said:
Wasn't that 5 screen buffer removed?... or is it still in place? Also I think first 5 addons using spacecraft3/senarions/fillers then the 6th being a malicious dll would render the help of that 5x buffer ineffective anyway, especially like garyw said, AVs are not fool proof.
Click to expand...

I uploaded an addon not to long ago so I know that the 5x buffer is still there, and yes uploading 5 addons then having the 6th one with a virus would get though.
 
Bj said:
Which is the reason I trust most people.

...but it would be naive to assume everyone on the online world isn't an idiot/masochist ;)
Click to expand...

This is why not so naive people here have taken measures to prevent idiots masochists from doing what they do. Being an idiot/masochist here would be like sticking his face on the hornet's nest.

There are some people here who have knowledge or connections that would make the life of an idiot/masochist a nightmare. I can recall a case of a guy who targetted the wrong forum member. Let's say this forum member delivered the message that being with the good guys is better than trying to play the wrong game.
 
Hmm, this gives me an idea..... :P

How about an "add-on" that locks Orbiter, and makes you pay to unlock it?
Bwa ha ha ha haaaaa! :lol:
 
Orbinaut Pete said:
Hmm, this gives me an idea..... :P

How about an "add-on" that locks Orbiter, and makes you pay to unlock it?
Bwa ha ha ha haaaaa! :lol:
Click to expand...

If in a .dll module then you would have to do something like an infinite loop
while(1)
but that just makes it look like the screens frozen. All the user would have to do is disable the addon... thus solved. :thumbup:

..or you could just re-download it :lol:
 
You must log in or register to reply here.

Similar threads

Lucy
  • Sticky
Announcement Privacy policy update
Replies
4
Views
2K
Lucy
Lucy
TorchDesigner
Discussion Orbiter User Requirements and Post-2024 Development
2
Replies
21
Views
18K
Lucy
Lucy
polaris149Tiberius
Tutorial Tutorial Development On Orbiter 2016 Stock Space Shuttle ISS to KSC Ballistic Re-entry Case Study Project -v1.0
Replies
0
Views
5K
polaris149Tiberius
polaris149Tiberius
LadyCroussette
Project Bases for the Solar System
2
Replies
32
Views
11K
GodAtum
G
Thunder Chicken
Discussion Why SetTouchdownPoints Sends Your Add-On into Solar Orbit and How to Fix That
Replies
13
Views
5K
Thunder Chicken
Thunder Chicken
Back
Top