I'm not sure if it still requires it, but many early users gladly gave over their gmail account passwords (required at the time) to the program without question, so why would they care (or even know) if it did anything else?
On Sat, Jul 10, 2010 at 5:25 PM, g4ilo <[email protected]> wrote: > > > As a (retired) amateur software developer myself I cannot imagine why the > developer did it this way instead of letting people pick their own cluster > (preferably one located near them) and send their own spots manually. It > would have been easier. Connecting to random servers and sending randomly > selected text strings is often a hallmark of malware. Perhaps he has > developed a clever way of stealing passwords without people realizing it? > You know, like those coded messages where the secret text was made from the > first letter of every line. I'm not saying it's actually likely but you have > to wonder why he has made such a bizarre design decision. > > If nothing else it shows how easy it is to get people to load software on > their computer when they have no real idea who the developer is or what the > software may be doing. > > Julian, G4ILO > > > --- In [email protected] <digitalradio%40yahoogroups.com>, > "Laurie, VK3AMA" <group...@...> wrote: > > > > Yesterday I ran some tests and can confirm that ROS software (Betas > > 4.5.7, 4.5.8, 4.6.0 & 4.6.2) is auto-spotting to the cluster without any > > control from the op. > > > > ROS has hard-coded the following Clusters and connects to one of these > > if possible. > > > > dxc.us6iq.com > > dxc.ham.hr > > 9a0dxc.hamradio.hr > > remo3.renet.ru > > cluster.sk4bw.net > > ax25.org > > sk3w.se > > sector7.nu > > sm7gvf.dyndns.org > > > > I setup my internet router to re-route these addresses (and ports) to a > > Cluster Node I have setup locally for testing to avoid spotting to the > > live Cluster. > > > > Then left the ROS software in RX mode (no TX) monitoring 20M. Over 20 > > spots were generated over a 2 hour period. Different comment strings > > were sent in the spots. > > > > A closer inspection of the internal code of ROS reveals randomising code > > (select a random string) and the following hard-coded Cluster spotting > > strings. > > > > "tnx ros mode" > > "73 ROS Mode" > > "tnx fer ROS QSO" > > "ROS 599" > > "ROS 559" > > "CQ ROS" > > "CQ ROS Mode" > > "CQ ROS." > > "ROS" > > "ros" > > "599 ROS Mode" > > "73, ros mode" > > "ROS, 73" > > "tu ROS Mode" > > "ROS test" > > "copy ROS Mode -<SN> dB" > > "ROS QSO <NAME>" > > "ros mode <QTH>" > > "ROS Mode <QTH>" > > "599 ROS -<SN> dB" > > "ROS -<SN> dB at <QTH>" > > "ROS CQ -<SN> dB" > > "ROS. TNX QSO. 73 <NAME>" > > > > <NAME>, <QTH> are substitued with the configured settings and <SN> the > > received S/N ratio. > > > > Clearly the use of several variations of text, mixing upper- & > > lower-case letters, 599 & 559 reports is all designed to make anyone > > viewing the Cluster think that these ROS spots are Human generated and > > not auto-spot spam. > > > > The ROS developer has NOT documented, in ether the User Guide or FAQ, > > this auto-spot advertising facility of his software. > > > > My observations. > > > > de Laurie, VK3AMA > > > > > -- Dave K3DCW www.k3dcw.net "Real radio bounces off of the sky"
