20-Apr-2024 12:18 GMT.		 UNDER CONSTRUCTION
Anonymous, there are 32 items in your selection
[News] Security warning: Elbox' pci.library also contains RDB trashing codeANN.lu
Posted on 14-Nov-2002 14:38 GMT by Qwe32 comments
View flat
View list
Elbox' pci.library also contains code that can trash a users's harddisk RigidDiskBlock. This time I provide informations on how to find the code. Since not everyone was convinced that the code is present in their drivers I provide a step by step information with a GNU GPL decrypter with extensive explanation. This works with pci.library (tested with version 5.6). All source code is provided, there's no trick, you can verify all by yourself.
Find it here.
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 1 of 32ANN.lu
Posted by Anonymous on 14-Nov-2002 13:46 GMT
Well :) Someone could also think your encrypt-tool is a fake which adds that rdb-trashing code to original sourcecode :) A bit paranoid though, eh ? :)
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 2 of 32ANN.lu
Posted by Frodon on 14-Nov-2002 13:49 GMT
In reply to Comment 1 (Anonymous):
Hello,
I think that's why he provided sources with his tool :)
Regards
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 3 of 32ANN.lu
Posted by themoose on 14-Nov-2002 13:54 GMT
Well done. I was wondering if they had add this code to other stuff as well.
You see I bought a Mediator this weekend. Hasn't arrived yet but I don't want to send it back, if I can help it.
Now how about patches for people who own Elbox hardware, to remove
such code, could we just fill those areas with NOPs and re-encrypt them?
I also own a FastATA 4000. Does that have the RDB trashing code, too?
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 4 of 32ANN.lu
Posted by Anonymous on 14-Nov-2002 13:59 GMT
In reply to Comment 3 (themoose):
>could we just fill those areas with NOPs and re-encrypt them?
Would give a different checksum, and as I understand it the driver
would stop to work once it has found a wrong one. You would need
to replace/patch the checksum-routine too.
Or just send the board back with a note why ....
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 5 of 32ANN.lu
Posted by Teemu Suikki on 14-Nov-2002 14:03 GMT
I'd also like to point out, that there are utilities like CyberPatcher
and OxyPatcher, which modify 68k opcodes in memory to get better speed
in 68060..
Apparently pci.library rdb code is triggered if the code is modified,
so running some of these "patcher" programs might be fatal.
--
Teemu
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 6 of 32ANN.lu
Posted by Anonymous on 14-Nov-2002 14:11 GMT
In reply to Comment 5 (Teemu Suikki):
pci.library ? You mean usb.device ? I really hope that same code is not in pci.library :P
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 7 of 32ANN.lu
Posted by Anonymous on 14-Nov-2002 14:12 GMT
In reply to Comment 6 (Anonymous):
ignore that :)
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 8 of 32ANN.lu
Posted by Anonymous on 14-Nov-2002 14:15 GMT
This really sucks :P ELBOX!!! What did you think when you added that code, or did you think at all ? There is no memoryprotection in AmigaOS so there is possibility your code will be activated when something trashes memory :P
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 9 of 32ANN.lu
Posted by themoose on 14-Nov-2002 14:17 GMT
In reply to Comment 4 (Anonymous):
I _am_ tempted to send it back, out of spite. I object to giving money
to such people. However, I also believe that their PCI hardware solution
is the best. I just dont like what I am hearing about their drivers.
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 10 of 32ANN.lu
Posted by Anonymous on 14-Nov-2002 14:43 GMT
In reply to Comment 9 (themoose):
Yep Mediator is the best. Elbox guys are great in hw-design. But when we talk about drivers they act like Microsoft, or now it seems they are worse than Microsoft :P
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 11 of 32ANN.lu
Posted by Björn Hagström on 14-Nov-2002 14:46 GMT
In reply to Comment 10 (Anonymous):
Hey! Microsoft has been causing loss of data since the 80's! ;o)
/Björn
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 12 of 32ANN.lu
Posted by amigammc on 14-Nov-2002 15:15 GMT
So if the code is there and that can be proved, how long before somebody files a lawsuit against Elbox?
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 13 of 32ANN.lu
Posted by Björn Hagström on 14-Nov-2002 15:34 GMT
In reply to Comment 12 (amigammc):
Who has the interrest and financial backing to do it?
/Björn
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 14 of 32ANN.lu
Posted by Anonymous on 14-Nov-2002 16:35 GMT
Well MCP's format protection should protect all of us. That's just a temporary solution and it does not mean ELBOX is allowed to just "forget" this all.
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 15 of 32ANN.lu
Posted by Martin Blom on 14-Nov-2002 17:04 GMT
In reply to Comment 5 (Teemu Suikki):
Hey, cool. If so, then I'd like to add that NallePuh/PuhDerBaer might also trigger the code, just in case someone is using it on their Mediator/SB128 system.
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 16 of 32ANN.lu
Posted by Xeyes on 14-Nov-2002 18:00 GMT
In reply to Comment 15 (Martin Blom):
never thought of that. Jesus! Elbox is going down in flames
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 17 of 32ANN.lu
Posted by Burn on 14-Nov-2002 19:00 GMT
In reply to Comment 16 (Xeyes):
BURN!!! BURN!!!
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 18 of 32ANN.lu
Posted by CodeSmith on 14-Nov-2002 20:23 GMT
In reply to Comment 11 (Björn Hagström):
True enough :)
But this is a stunt not even Microsoft would pull. Jamming an OS down your throat is one thing, but maliciously trashing your hard drive when you violate the EULA is reprehensible. Can they guarantee that the RDB trashing code will NEVER be accidentally triggered? especially since the Amiga has no memory protection, some other buggy program could inadvertently overwrite part of the driver and then you can kiss your filesystem goodbye.
So what do these guys do when someone steals from them? round up a few friends with baseball bats and pay the suspects a visit?
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 19 of 32ANN.lu
Posted by reflect on 14-Nov-2002 21:13 GMT
In reply to Comment 18 (CodeSmith):
also add things like cosmic radiation, however unlikely, it could happen.
feels great to know that your disk can be erased although you did absolutely nothing..
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 20 of 32ANN.lu
Posted by Substance on 14-Nov-2002 21:13 GMT
So if anyone is capable to write RDB protection patch/program
he/they could do that. I heard MCP provides that but it's not
something I would like to install. That would cure the problem.
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 21 of 32ANN.lu
Posted by Joe Bauschek on 14-Nov-2002 23:06 GMT
Hell with this secret harful code thing. Be glad ELbox is making great hardware for the Amiga. Not many Companies(especially in Poland) are creating innovative Hardware for a very old (but cool) platofrm. I cant wait for the shark hardware to come out, and I wish they would attend USA Amiga shows.
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 22 of 32ANN.lu
Posted by Rat on 14-Nov-2002 23:14 GMT
In reply to Comment 20 (Substance):
It is not necessary. It was explained in the other tread:
'Peter if you are not a hacker, you should not worry :-)
I have inspected the whole usb.device code and I must say that elbox security is very good. The suspected procedure cannot be initialized with an accidental code error if the driver is already running. The only way to initialize this suspected procedure is with a DELIBERATE change in the driver code before its start. Of course, any hacker who makes such changes, must also decode the driver and remove safe guards, which do not allow running the driver with a wrong checksum.
But is such a driver modified by a hacker still code from Elbox?'
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 23 of 32ANN.lu
Posted by Rob on 15-Nov-2002 00:56 GMT
I have had no problems with Elbox hardware or software causing
corrupted RDBs or any other such problems.
I am very happy with my Mediator and PF.
Badly behaved software can trash harddrives on its own anyway. I have
lost data because of Voyager crashing long before I had any Elbox
hardware I didn't have any bad feeling towards Vapor about it either.
I think the key here is to always make sure crucial files are backed
up regularly.
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 24 of 32ANN.lu
Posted by Anonymous on 15-Nov-2002 02:06 GMT
In reply to Comment 23 (Rob):
Yes, other software can cause these situations that you loose important data. Nothing is perfect and nothing can protect you best. But the situation with usb.device/pci.device are quite different to Vapour's Voyager.
Voyager has not code inside that is forced to be there and delete your important business Data by trashing the RDB. usb.device/pci.device are known to have RDB trashing code inside them. Elbox knew about the code, they wanted this to happen and they can be held responsible for loss of important business Data. Hope you see the point now. If a normal Software fails for some reasons and you loose Data then you can say 'bad luck it just happened' but you know that there was no bad intention behind it that caused this situation. If Elbox drivers trashes your important Data then you can now stand up and say 'hey why did you embedd an RDB killer ? I bought your Hardware legally including the Drivers but under some stupid conditions it deleted my RDB because Elbox intentions were that this HAS to happen if some shit happens with the drivers'.
The one situation is not forced (Voyager) the other situation IS forced (Elbox).
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 25 of 32ANN.lu
Posted by NeRP on 15-Nov-2002 02:10 GMT
In reply to Comment 23 (Rob):
Yeah, my Amiga could crash anyway, I might as well just format now.
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 26 of 32ANN.lu
Posted by pVC on 15-Nov-2002 06:37 GMT
Hope you all learn how to make backups of RDB now ;) It's good to have backup of it in any case. Use RDBSalv or some other program or simply write down the values from HDToolbox to paper. And if you've lost rdb and don't have any backup, it's usually quite easy to find the correct values and remake the rdb, so don't go and destroy all your data with formatting :)
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 27 of 32ANN.lu
Posted by Piru on 15-Nov-2002 06:57 GMT
The elboxdecrypt homepage appears to be down, here is a mirror:
http://kotisivu.raketti.net/sintonen/elboxdecrypt/
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 28 of 32ANN.lu
Posted by Anonymous on 15-Nov-2002 12:02 GMT
In reply to Comment 23 (Rob):
Don't use FFS :) Install SFS or PFS3 and your data in MUCH better safe. I have used PFS2 and PFS3 many years and I have never lost a single file. And one reason more, PFS and SFS can't go in to invalid state, so no longer irritatiing validations which can last forever.
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 29 of 32ANN.lu
Posted by lopez on 15-Nov-2002 13:50 GMT
the link to http://isuq.selfhost.com/ is down !!!!
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 30 of 32ANN.lu
Posted by Piru on 15-Nov-2002 14:29 GMT
In reply to Comment 29 (lopez):
Mirror at:
http://kotisivu.raketti.net/sintonen/elboxdecrypt/
...and I did post this once already!
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 31 of 32ANN.lu
Posted by lopez on 15-Nov-2002 18:51 GMT
it seems that in mediator3.0 update, there no RDB dstruction command in the pci.libray 5.1
I chekced with elboxdecrypt file : ....
Security warning: Elbox' pci.library also contains RDB trashing code : Comment 32 of 32ANN.lu
Posted by Anonymous on 16-Nov-2002 00:03 GMT
In reply to Comment 3 (themoose):
Well it does contain the RDSK string :-) But in fairness it is a hard drive controller, it ain't encrypted and the string isn't null terminated, so I'd say it's OK :-)
Anonymous, there are 32 items in your selection
Back to Top