Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

port -1?

3 views
Skip to first unread message

brunoredneck

unread,
Jun 17, 2007, 4:21:44 PM6/17/07
to
I'm trying to help a friend who is going to a website that has a
system checker. She's getting this exception I don't understand:

Java version: 1.6.0_01
HTTP Agent: Mozilla/4.0 (Windows XP 5.1)
http://techsupport.esylvan.com/pccheck
next selected
java.lang.IllegalArgumentException: port out of range:-1
at java.net.InetSocketAddress.createUnresolved(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.<init>(Unknown Source)
at
com.esylvan.pccheck.download.FileDownloadManager.downloadFiles(FileDownloadManager.java:
62)
at
com.esylvan.pccheck.wizard.pages.DownloadWizardPage.download(DownloadWizardPage.java:
96)
at com.esylvan.pccheck.wizard.pages.DownloadWizardPage.access
$200(DownloadWizardPage.java:22)
at com.esylvan.pccheck.wizard.pages.DownloadWizardPage
$4.run(DownloadWizardPage.java:113)
at java.lang.Thread.run(Unknown Source)
Exception: port out of range:-1

The folks at E-Sylvan seem less then anxious to help... not a good
sign. It sounds like their system checker wizard is trying to open
port -1 to downlod a file. Does that make any sense to anyone?? I
don't remember port -1 having any significance.

I'm suggesting that my friend uninstall the JRE she has and try it
with an older version like 1.4.2. I'm grasping at straws but I wonder
if earlier JREs attached some significance to port -1??

Eric Sosman

unread,
Jun 17, 2007, 4:37:26 PM6/17/07
to

Another straw: Is it possible that the port number is
really 65535 but was stored in a short? Maybe all that's
needed is a `port & 0xFFFF' somewhere.

(Having taken a brief look at the site, though, I find
that all my mental alarm bells are clanging and every hair
on the nape of my neck is standing on end. There is NO way
I would cough up all the information these people demand,
and NO way I would allow their software to have elevated
privileges on my computer. Not until I learned a whole lot
more about them, anyhow. The site has the appearance of a
marketing dragnet, if not an outright phishing firm or worse.
If you have reason to believe they're on the up-and-up, then
fine -- but I'll just stay here in my hole and pull it in
after me.)

--
Eric Sosman
eso...@acm-dot-org.invalid

brunoredneck

unread,
Jun 17, 2007, 4:53:58 PM6/17/07
to
On Jun 17, 4:37 pm, Eric Sosman <esos...@acm-dot-org.invalid> wrote:
> Another straw: Is it possible that the port number is
> really 65535 but was stored in a short? Maybe all that's
> needed is a `port & 0xFFFF' somewhere.
>
> (Having taken a brief look at the site, though, I find
> that all my mental alarm bells are clanging and every hair
> on the nape of my neck is standing on end. There is NO way
> I would cough up all the information these people demand,
> and NO way I would allow their software to have elevated
> privileges on my computer. Not until I learned a whole lot
> more about them, anyhow. The site has the appearance of a
> marketing dragnet, if not an outright phishing firm or worse.
> If you have reason to believe they're on the up-and-up, then
> fine -- but I'll just stay here in my hole and pull it in
> after me.)

Thanks for your take on it, Eric. I'll keep your thoughts in mind.

So you were able to run the checker? What JRE do you have?

Twisted

unread,
Jun 17, 2007, 5:05:32 PM6/17/07
to
On Jun 17, 4:37 pm, Eric Sosman <esos...@acm-dot-org.invalid> wrote:
> (Having taken a brief look at the site, though, I find
> that all my mental alarm bells are clanging and every hair
> on the nape of my neck is standing on end. There is NO way
> I would cough up all the information these people demand,
> and NO way I would allow their software to have elevated
> privileges on my computer. Not until I learned a whole lot
> more about them, anyhow. The site has the appearance of a
> marketing dragnet, if not an outright phishing firm or worse.
> If you have reason to believe they're on the up-and-up, then
> fine -- but I'll just stay here in my hole and pull it in
> after me.)

It's THIS that really alarms me:

> > at com.esylvan.pccheck.wizard.pages.DownloadWizardPage.access
> > $200(DownloadWizardPage.java:22)

One of their classes has 200 nested and inner classes? I don't want to
contemplate what it must be like to try to maintain their codebase.
*shudder*

Eric Sosman

unread,
Jun 17, 2007, 5:21:05 PM6/17/07
to

No, I did not try to run the checker. Which part of
"NO way" is unclear to you? *You* may choose to let this
code escape your security sandbox, but I'm a suspicious
sonuvabitch and a wearisome worrywart. "Why," I asked,
"does an `Info Check' of my machine's hardware and software
start by asking whether its principal user is a Student, a
Teacher, or a Job Applicant?" I stopped right there and
don't know what other prying and irrelevant questions might
have been asked on succeeding pages.

The intro page had already instructed me to answer "Yes"
to a security dialog, comforting me with the intelligence
that "eSylvan certifies that this program is secure." Thanks,
but no thanks -- eSylvan and I aren't that well acquainted yet.
As I wrote before, they may be an entirely legitimate and
blameless enterprise; I might grow to love them dearly if only
I knew them better. But I don't know them yet, and nothing
about their site inspires trust in me.

--
Eric Sosman
eso...@acm-dot-org.invalid


Philipp Leitner

unread,
Jun 17, 2007, 6:10:42 PM6/17/07
to
> It's THIS that really alarms me:
>
> > > at com.esylvan.pccheck.wizard.pages.DownloadWizardPage.access
> > > $200(DownloadWizardPage.java:22)
>
> One of their classes has 200 nested and inner classes? I don't want to
> contemplate what it must be like to try to maintain their codebase.
> *shudder*

I wouldn't deduce from this $200 that there are actually 200 inner
classes :) I have seen things like that quite often, for instance with
thread pools etc ... this is just a random generated name ...

/philipp


0 new messages