CyberSitter and Win NT

Shirl Kennedy sdk at mindspring.com
Sun Jan 25 18:19:26 EST 1998 

>From Privacy Forum Digest, V07 #03:

[ Excerpted from Risks-Forum Digest; Volume 19 : Issue 56
  by PRIVACY Forum MODERATOR ]

  - - - -

    [Received from Jered J Floyd via Declan McCullagh, and from at least
     8 other contributors as well.  TNX.  PGN]

    [This is from the PerForce mailing list, PerForce is a source-code
     control system that doesn't use mounted drives, but instead uses TCP/IP
     socket communications to check code in and out.]

Well, I just spent several hours tracking something down that I think is SO
brain-dead that it must be called evil.  I hope this will save someone else
some hassle.

There's an NT box on my desk that someone else uses every now and then.
This machine is otherwise used as my programming box and backup server.

All of a sudden, my programming files were being corrupted in odd places.  I
thought "hmm, my copy must be corrupt".  So I refreshed the files.  No
change.  "hmm, the code depot copy must be corrupt"..  Checked from other
machines.  No problem there.  Viewed the file from a web based change
browser in Internet Explorer.  Same corruption in the file.  Telnet-ed to
the server machine and just cat-ed the file to the terminal.  Same problem.
What's going on?

The lines that were corrupted were of the form
#define one 1 /* foo menu */
#define two 2 /* bar baz */
What I always saw ON THIS MACHINE ONLY was:
#define one 1 /* foo     */
#  fine two 2 /* bar baz */

Can you guess what was happening?  Turns out, someone had inadvertently
installed this piece of garbage called CyberSitter, which purports to
protect you from nasty internet content.  Turns out that it does this by
patching the TCP drivers and watching the data flow over EVERY TCP STREAM.
Can you spot the offense word in my example?  It's "NUDE".  Seems that
cybersitter doesn't care if there are other characters in between.  So it
blanks out "nu */ #de" without blanking out the punctuation and line breaks.
Very strange and stupid.

It also didn't like the method name "RefreshItems" in another file, since
there is obviously a swear word embedded in there.  Sheesh.

It's so bad it's almost funny.  Hope this brightens your day as much as it
brightened mine :-).

Ross Johnson, Info Sci/Eng, Univ. of Canberra, PO Box 1, Belconnen ACT 2616
AUSTRALIA  rpj at ise.canberra.edu.au WWW: http://willow.canberra.edu.au/~rpj/

More information about the Web4lib mailing list