The last time Hackerfall tried to access this page, it returned a not found error. A cached version of the page is below, or click here to continue anyway

Critical Security Issue: "Error138" Backdoor Issue #24 WhiteHatSecurity/Aviator GitHub

Well, here is another interpretation of how Aviator made it to GitHub, to be an open source tool.

Or at least an hypothesis with partial proof and some educated guesses.

It's not meant to be an attack or an attempt to hurt anyone. I just want to understand how it came to this point and therefore share my thoughts and research results to be debated or disproved.

Oh, and admittedly my assumptions are opinionated as I am a bit upset right now.

A Timeline

Other points about Aviator, the mediocre code, the lack of a security bug tracker, no security response process, no technical documentation and the lack of anything else that is recommended if not even required to create and maintain a security critical piece of software are speaking for themselves.

I believe, that Aviator was meant to be a marketing tool that turned out to blow up and backfire on its creators. Aviator claims what it cannot deliver - "The Most Secure Browser Online". And now a blame game is being played to do reputation damage control.

So, to wrap it up and connect to the comment by @DinisCruz, I don't see any altruist move here but a simple and failed attempt to do financial damage control and claim to have done something good while actually throwing off baggage and hiding the fact that Aviator is a dead horse.

I may be dead wrong with all these assumptions. Please challenge them or shout at me or do whatever you feel is adequate :)

Continue reading on