DrawyahGames Posted February 18, 2018 Share Posted February 18, 2018 Evening guys, Quite an interesting one this evening, it has been revealed that the FSLabs A320 installer potentially logs and sends your Chrome stored passwords back to their own systems! Nothing has been confirmed as of yet, but we do 100% know from the code that the installer does in fact store your passwords into a text file onto your computer. This reddit post explains this in a little more detail including screenshots of how this is done. Looking deeper into the code, the password logger, named 'test.exe', is triggered by the 'FSLInstallerLib.dll' but by using the eSellerate DRM, we cannot look deeper into the networking side of things which means we cannot confirm what happens to your passwords after they are logged. As soon as we have updated or even an announcement from FSLabs themselves, I'll be sure to let you all know! EDIT: FSLabs have now released an official statement, feel free to give it a read here. https://forums.flightsimlabs.com/index.php?/announcement/10-a320-x-drm-clarification/ EDIT: Looks like some of the wider media has now also picked this article up too! https://www.rockpapershotgun.com/2018/02/19/flight-sim-group-put-malware-in-a-jet-and-called-it-drm/ Check out my YouTube Channel for FSX, X-Plane and other simulator content! https://www.youtube.com/c/Drawyah/ Link to comment Share on other sites More sharing options...
Rupert Posted February 19, 2018 Share Posted February 19, 2018 Thanks for that update!! I'm sure we all, whether we use that software or not, are very concerned about issues like that!!:eek::eek: Rupert Being an old chopper guy I usually fly low and slow. Link to comment Share on other sites More sharing options...
Wildthing Posted February 19, 2018 Share Posted February 19, 2018 A complete PR nightmare. Just another example of the DRM turning everybody but the pirates into common criminal. I don't buy the official response that the text file was just for checking false SN. Of course, after page after page of customers threatening to call their CC companies for refund and refusing to buy another FSLabs product ever again, they issued a new installer minus the test file. This response took too long and FSLabs still couldn't issue a real apology. I think Aerosoft just got a whole slew of new customers for their bus. Link to comment Share on other sites More sharing options...
CRJ_simpilot Posted February 19, 2018 Share Posted February 19, 2018 If you're using Win 10 there's already a built-in keylogger. OOM errors? Read this. What the squawk? An awesome weather website with oodles of Info. and options. Wile E. Coyote would be impressed. Link to comment Share on other sites More sharing options...
TightGit Posted February 19, 2018 Share Posted February 19, 2018 Yet another reminder that NOTHING you do on line is confidential! Hill Street Blues said it decades ago: Let's be careful out there... Link to comment Share on other sites More sharing options...
davidjones Posted February 19, 2018 Share Posted February 19, 2018 Before everybody gets too excited read this: https://forums.flightsimlabs.com/index.php?/announcement/10-a320-x-drm-clarification/ and the forum discussion on the subject. DJ Link to comment Share on other sites More sharing options...
Mark Hurst Posted February 19, 2018 Share Posted February 19, 2018 https://www.youtube.com/c/drawyah?sub_confirmation=1 Ironic sig for someone preaching about malware :pilot: MarkH Link to comment Share on other sites More sharing options...
CRJ_simpilot Posted February 19, 2018 Share Posted February 19, 2018 Which is easy to turn off. Better read through this. http://message.snopes.com/showthread.php?t=92266 OOM errors? Read this. What the squawk? An awesome weather website with oodles of Info. and options. Wile E. Coyote would be impressed. Link to comment Share on other sites More sharing options...
n4gix Posted February 22, 2018 Share Posted February 22, 2018 Lost in all the noise is the rather interesting fact that this was "discovered and reported" by a P I R A T E who suddenly found his stolen toy no longer worked. Poor sod! :rolleyes: Bill Leaming http://smileys.sur-la-toile.com/repository/Combat/0054.gif Gauge Programming - 3d Modeling Military Visualizations Flightsim.com Panels & Gauges Forum Moderator Flightsim Rig: Intel Core i7-2600K - 8GB DDR3 1333 - EVGA GTX770 4GB - Win7 64bit Home Premium Development Rig1: Intel Core i7-3770k - 16GB DDR3 - Dual Radeon HD7770 SLI 1GB - Win7 64bit Professional Development Rig2: Intel Core i7-860 - 8GB DDR3 Corsair - GeForce GTS240 1GB - Win7 64bit Home Premium NOTE: Unless explicitly stated in the post, everything written by my hand is MY opinion. I do NOT speak for any company, real or imagined... Link to comment Share on other sites More sharing options...
MrUnSavory Posted February 22, 2018 Share Posted February 22, 2018 Won't be buying anymore FSLabs products. Link to comment Share on other sites More sharing options...
mallcott Posted February 22, 2018 Share Posted February 22, 2018 Lost in all the noise is the rather interesting fact that this was "discovered and reported" by a P I R A T E who suddenly found his stolen toy no longer worked. Poor sod! :rolleyes: Pirate reporting pirate. Where's the honour among thieves? Especially the one attempting to pass themselves off as a legitimate developer... Link to comment Share on other sites More sharing options...
il88pp Posted February 22, 2018 Share Posted February 22, 2018 Won't be buying anymore FSLabs products. Nah. If you buy there is no issue. The issue in this thread only appears when you are using a pirated version. See the link posted by davidjones to see the details. [sIGPIC][/sIGPIC] Link to comment Share on other sites More sharing options...
davidjones Posted February 22, 2018 Share Posted February 22, 2018 Nah. If you buy there is no issue. The issue in this thread only appears when you are using a pirated version. See the link posted by davidjones to see the details. And only if you are using P3D. Folks are seriously over-reacting to all this. Yes, it was a stupid idea, yes, it was an anti-piracy feature, yes, they have new installers that are DRM free. Now everybody take a breath. DJ Link to comment Share on other sites More sharing options...
Luke Posted February 22, 2018 Share Posted February 22, 2018 Nah. If you buy there is no issue. The issue in this thread only appears when you are using a pirated version. Isn't that akin to saying we don't need judges or juries since you will never get arrested if you don't do anything wrong? What FSLabs did is against the law of numerous jurisdictions. There is no "but I think they're pirates!" exception in the law. Cheers! Luke Link to comment Share on other sites More sharing options...
n4gix Posted February 22, 2018 Share Posted February 22, 2018 Here are some thoughts of mine after having spent considerable time contemplating this situation: Armchair lawyering and finger-wagging is useless. Any investigation and possible litigation is best left to the appropriate authorities. We should all acknowledge that rampant speculation and hysteria can permanently damage a person's reputation and livelihood unfairly. Everyone deserves an opportunity to defend themselves against any accusers in a proper venue. Crucifixion in absentia is counter-productive in these situations. For Lefteris and FSLabs to attempt to mount any form of defense against all of the accusations and innuendo leveled against them in every single forum, reddit, facebook, et cetera venues would be as useless as a rural fire department attempting to control and contain all of the forest and house fires on the west coast by themselves. For this reason alone I feel that AVSIM and the BoD have made the correct decision to disallow such discussion there. I truly wish other websites and venues would have done the same. Let the appropriate authorities investigate and litigate, if such is needed. Bill Leaming http://smileys.sur-la-toile.com/repository/Combat/0054.gif Gauge Programming - 3d Modeling Military Visualizations Flightsim.com Panels & Gauges Forum Moderator Flightsim Rig: Intel Core i7-2600K - 8GB DDR3 1333 - EVGA GTX770 4GB - Win7 64bit Home Premium Development Rig1: Intel Core i7-3770k - 16GB DDR3 - Dual Radeon HD7770 SLI 1GB - Win7 64bit Professional Development Rig2: Intel Core i7-860 - 8GB DDR3 Corsair - GeForce GTS240 1GB - Win7 64bit Home Premium NOTE: Unless explicitly stated in the post, everything written by my hand is MY opinion. I do NOT speak for any company, real or imagined... Link to comment Share on other sites More sharing options...
Roger Wensley Posted February 22, 2018 Share Posted February 22, 2018 Makes me really like Windows 7 and FS9 Link to comment Share on other sites More sharing options...
davidjones Posted February 22, 2018 Share Posted February 22, 2018 I can't get my head around how some people react so much to software piracy but seem unconcerned that FSL have actually committed an even greater crime (legally). It doesn't matter that the malware only kicks in if you've got pirated software. Just the fact that they installed malware on your system, no matter how briefly, is against the law in many countries. As someone said on another forum, it's also against the law to collect someone's private data (even from criminals) without either their consent or a court order. Apparently they even went as far as telling someone on a forum whose antivirus caught the malware to turn it off during installation as it was a false positive! "Folks are seriously over-reacting to all this" - really? You clearly don't understand the legal consequences of what FSL did. You going to sue them? Do you even know what country they are in? Can you show damages? If not, give it a rest. DJ Link to comment Share on other sites More sharing options...
MrUnSavory Posted February 22, 2018 Share Posted February 22, 2018 The fact that they would even do this is not only illegal but unethical. Once you give support to these kinds of things more company's will try it. Nope, not on my machine. Link to comment Share on other sites More sharing options...
loki Posted February 23, 2018 Share Posted February 23, 2018 It was wrong when Sony tried something similar 12 years ago, and it is still wrong today. Piracy is also wrong, but two wrongs don't make a right. https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal Link to comment Share on other sites More sharing options...
mallcott Posted February 23, 2018 Share Posted February 23, 2018 Well if were FS Labs I'd be reinforcing my files, servers and internet connections because where you get pirates you get hackers, and it's almost certain they'll be coming for them... The counterpoint to all this publicity is it raises their profile enough to make them targets - as individuals and as a group.:rolleyes: Customers should back up their installer files before they get corrupted, or their site brought down by a DNS attack. Personally, I wouldn't touch `em with a barge pole. Any organisation or individual that thinks the rules don't apply to them is inherently untrustworthy. Vacuous apologies and minor tweaks to installers don't diminish the untrustworthiness. Link to comment Share on other sites More sharing options...
americaan Posted February 23, 2018 Share Posted February 23, 2018 Eesh, the amount of people on their forums who really have trouble understanding the issue with what they did is absolutely frightening (and even more annoying, those on their forums who seem to think it being FSLabs' software means anything goes/they can do anything - ignoring that there are laws and social norms regarding data collection, etc) - from the shady way they added this software, to how it operates, to the fact that it will decrypt Chrome credentials for ANYONE who uses the computer in question, and sends it over HTTP, UNENCRYPTED (as opposed to HTTPS), which provides a HUGE potential for fraud, identity theft. Link to comment Share on other sites More sharing options...
n4gix Posted February 24, 2018 Share Posted February 24, 2018 Lost in all the noise and rampant hysteria is one singular fact: One and only one specific serial number activated this program. For everyone else, the .exe file was deleted completely, safely and silently. Don't believe me? Scan your system with any and all AV software as you wish. You will not find a trace of this anywhere... Before bringing out the pitchforks and lighting those torches, please understand that I too think what FS Labs did was incredibly stupid. In no way do I condone their actions! Bill Leaming http://smileys.sur-la-toile.com/repository/Combat/0054.gif Gauge Programming - 3d Modeling Military Visualizations Flightsim.com Panels & Gauges Forum Moderator Flightsim Rig: Intel Core i7-2600K - 8GB DDR3 1333 - EVGA GTX770 4GB - Win7 64bit Home Premium Development Rig1: Intel Core i7-3770k - 16GB DDR3 - Dual Radeon HD7770 SLI 1GB - Win7 64bit Professional Development Rig2: Intel Core i7-860 - 8GB DDR3 Corsair - GeForce GTS240 1GB - Win7 64bit Home Premium NOTE: Unless explicitly stated in the post, everything written by my hand is MY opinion. I do NOT speak for any company, real or imagined... Link to comment Share on other sites More sharing options...
loki Posted February 24, 2018 Share Posted February 24, 2018 One and only one specific serial number activated this program. For everyone else, the .exe file was deleted completely, safely and silently. Can you or anyone else guarantee with 100% certainty that this will always be the case? Or that someone else couldn't find a way to take advantage of the situation, especially now that it is widely known? According to one review of the files and server the data was being sent too, the data wasn't encrypted and the server had the Windows RDP ports exposed to the internet. Not exactly reassuring. See the CCleaner infection from last summer for one example where malicious hackers broke into a legitimate company's servers through security holes and infected the downloads. https://www.fidusinfosec.com/fslabs-flight-simulation-labs-dropping-malware-to-combat-piracy/ The backlash from the flight sim community and elsewhere, I think, is rightly justified to make it clear to all developers that installing malware is without question unacceptable. This is also a good time to highlight that one should not use the save password functionality in web browsers. Standalone password managers such as 1Password, Dashlane and Keepass are far better solutions. Link to comment Share on other sites More sharing options...
mallcott Posted February 24, 2018 Share Posted February 24, 2018 Can you or anyone else guarantee with 100% certainty that this will always be the case? Or that someone else couldn't find a way to take advantage of the situation, especially now that it is widely known? According to one review of the files and server the data was being sent too, the data wasn't encrypted and the server had the Windows RDP ports exposed to the internet. Not exactly reassuring. See the CCleaner infection from last summer for one example where malicious hackers broke into a legitimate company's servers through security holes and infected the downloads. https://www.fidusinfosec.com/fslabs-flight-simulation-labs-dropping-malware-to-combat-piracy/ The backlash from the flight sim community and elsewhere, I think, is rightly justified to make it clear to all developers that installing malware is without question unacceptable. This is also a good time to highlight that one should not use the save password functionality in web browsers. Standalone password managers such as 1Password, Dashlane and Keepass are far better solutions. Better still, UNPLUG: The sims only require a live connection at the whim of an aftermarket supplier, And FS Lapdogs prove they are inherently untrustworthy. Much like ORBX a few years ago. Everyone else should be subject to independent scrutiny. After all, they're using the world wide web to disseminate the products... It's time to separate the piracy of personal greed from the complicity of corporate gain. And if that means assessing the large proportion of innocent developers as potential criminals? Well THEY can blame the likes of FSlabs and ORBX for starting it... Link to comment Share on other sites More sharing options...
il88pp Posted February 25, 2018 Share Posted February 25, 2018 Lesh, you are the one who is being economical with the truth. Malware?? Installed?? Just read the statement FSLabs gave. the link was also posted in pst 7, I will post it again below so you can read it at your leasure. 1) First of all - there are no tools used to reveal any sensitive information of any customer who has legitimately purchased our products. We all realize that you put a lot of trust in our products and this would be contrary to what we believe. 2) There is a specific method used against specific serial numbers that have been identified as pirate copies and have been making the rounds on ThePirateBay, RuTracker and other such malicious sites. 3) If such a specific serial number is used by a pirate (a person who has illegally obtained our software) and the installer verifies this against the pirate serial numbers stored in our server database, it takes specific measures to alert us. "Test.exe" is part of the DRM and is only targeted against specific pirate copies of copyrighted software obtained illegally. That program is only extracted temporarily and is never under any circumstances used in legitimate copies of the product. The only reason why this file would be detected after the installation completes is only if it was used with a pirate serial number (not blacklisted numbers). Source: https://forums.flightsimlabs.com/index.php?/announcement/10-a320-x-drm-clarification/ See, only temporarily, so not "installed". And, not in legally purchased copies. Maybe Lesh you should complain to the companies such as ThePirateBay, RuTracker and other such malicious sites. [sIGPIC][/sIGPIC] Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.