Israelis use Free Software to inject malware to blogs
w1 at zak.co.il
Tue Jan 24 13:08:10 IST 2012
I do think that obfuscating code using base64 encoding is against the
GPL requires that source code for software be available.
Source code is whatever form is easiest to edit and modify.
According to this definition, base64 encoded code is not source code.
I suppose that the theme in question was not made available in
non-obfuscated format (i.e. with decodings for all base64 encoded
stuff), hence the GPL violation.
On Tue, 2012-01-24 at 13:02 +0200, Tomer Cohen wrote:
> Why do you think that intentional security holes are breaking the GPL?
> The GPL has a section about malicious activities? I don't remember
> that the GPL having a section REQUIRING users to contribute their
> changes back upstream, neither encoding some of the code in base64 as
> the coder can say that base64 is actually optimizing their code in
> terms of making it more portable, for example.
> On Tue, Jan 24, 2012 at 12:30, Ira Abramov <Ira at abramov.org> wrote:
> Tomer, the TOS is a GPL violation but could be forgiven as a
> misunderstanding. were it not for the proven injection of
> malicious, obfuscated code. read the post I linkd to. this is
> not a naiive mistake, it's an intentional security hole. It's
> not only breaking the GPL, It breaks also Israeli law, and
> probably local laws in other countries where WP blogs may be
> hosted for Israelis. This must not be ignored by our
More proof the End of the World has started. Just saw this online:
I think it's beginning! Ten minutes ago there was a group of people
waiting at the bus stop outside my house. Now, they're all gone!
My own blog is at http://www.zak.co.il/tddpirate/
My opinions, as expressed in this E-mail message, are mine alone.
They do not represent the official policy of any organization with which
I may be affiliated in any way.
WARNING TO SPAMMERS: at http://www.zak.co.il/spamwarning.html
More information about the Discussions