I'm shocked. Staffan
On Fri, Feb 24, 2012 at 4:59 AM, Tony Harminc <t...@harminc.com> wrote: > On 23 February 2012 21:12, Hall, Keven <keh...@informatica.com> wrote: > > The hook that Bill discovered is the same one I'm referring to. After I > > found it I there was some discussion about disabling it to see what > > might shake out but I had already figured who owned the code and even > > located the load module in the vendor's load library so we figured it > > was best to avoid a scene. > > I'd agree that the code is now more convoluted; it would require some > > time and effort to decipher it to the point where it could be exploited. > > Which is not to say I don't consider it an abomination; I do, and it is. > > I don't have the time or inclination to analyse this code, nor is it > my business to do so, but like certain unexpected things one finds on > one's PC, it has some features -- one might use the word signature -- > that jump to the eye of anyone who's been looking at dumps for some > time, and leave a bit of a queasy feeling. > > Quite probably these features are well protected against abuse, and in > that case I would expect that the vendor has documented this to the > satisfaction of its customers. > > Tony H. >