A member of the community did a deep security analysis of the extension and found multiple red flags that indicate malicious intent and reported this to us. Our security researchers at Microsoft confirmed this claims and found additional suspicious code.
We banned the publisher from the VS Marketplace and removed all of their extensions and uninstalled from all VS Code instances that have this extension running. For clarity - the removal had nothing to do about copyright/licenses, only about potential malicious intent.
Expect an announcement here with more details soon https://github.com/microsoft/vsmarketplace/
As a reminder, the VS Marketplace continuously invests in security. And more about extension runtime trust can be found in this article https://code.visualstudio.com/docs/editor/extension-runtime-...
Thank you!
I had to manually delete the extension's folder in %USERPROFILE%\.vscode\extensions and delete the entry from the json (%USERPROFILE%\.vscode\extensions\extensions.json).
VSCode 1.97.2, commit e54c774e0add60467559eb0d1e229c6452cf8447
> A member of the community did a deep security analysis of the extension and found multiple red flags that indicate malicious intent and reported this to us.
> As a reminder, the VS Marketplace continuously invests in security
If you’re relying on the community to alert you to the issues in the marketplace, perhaps you’re not investing enough in auditing popular extensions yourself?
I would also suggest that the trust model for VSCode is fundamentally broken - you’re running arbitrary third party code on client machines without any form of sandboxing. This is a level of security you would not deploy into Azure, so why is “run arbitrary 3p code on someone else’s machine” appropriate for VSCode?
While I appreciate the work that the VSCode team does and I use it, the lack of any form of sandboxing has always bothered me.
Mitigations like running in a VM might protect your dev workstation. But not code you put into production that relies on third parties.
Reminder that the Open-VSX extension registry exists: https://open-vsx.org
Idk if they removed the malicious theme (or if they have it at all), but if MS isn't doing anything beyond just responding to user reports, you might as well switch to an open registry that probably does the same level of security work, and avoid giving them yet another monopoly.
I think that's sort of unfair. Of course MS should be relying on the community! That's arguably the best single practice for detecting these kinds of attacks in open source code. Objectively it works rather better even than walled garden environments like the iOS/Android apps stores (which have to be paired with extensive app-level sandboxing and permissions management, something that editor extensions can't use by definition).
The reference case for best practice here is actually the big Linux distros. Red Hat and Canonical and Debian have a long, long track record of shipping secure software. And they did it not on the back of extensive in-house auditing but by relying on the broader community to pre-validate a list of valuable/useful/secure/recommended software which they can then "package".
MS's flaw here, which is shared by NPM and PyPI et. al., is that they want to be a package repository without embracing that kind of upstream community validation. Software authors can walk right in and start distributing junk even though no one's ever heard of them. That has to stop. We need to get back to "we only distribute stuff other people are already using".
More and more, I am starting to think I need to run my development environment (for both work and personal projects) in a VM.
I am on MacOS, so UTM or Parallels would work pretty well I think. Sadly, I think my work explicitly forbids us from running VMs or accessing our services from them.
Sure. As a general rule, you get what you pay for.
https://marketplace.visualstudio.com/items?itemName=t3dotgg....
Hi Isidor, excited for this! At Open VSX, we'd love to take a look and potentially flag the extension as malicious on our side as well. Are you aware of the version range that the malicious code was included in? I'm asking because https://open-vsx.org does not have any version published since the extension went closed-source.
I downloaded the file, and unzipped it, but on a cursory glance I only see obfuscated code nothing malicious.
[0]: !!!WARNING MAY BE MALICIOUS!!! https://marketplace.visualstudio.com/_apis/public/gallery/pu...
The publisher account for Material Theme and Material Theme Icons (Equinusocio) was mistakenly flagged and has now been restored. In the interest of safety, we moved fast and we messed up. We removed these themes because they fired off multiple malware detection indicators inside Microsoft, and our investigation came to the wrong conclusion. We care deeply about the security of the VS Code ecosystem, and acted quickly to protect our users.
I understand that the "Equinusocio" extensions author's frustration and intense reaction, and we hear you. It's bad but sometimes things like this happen. We do our best - we're humans, and we hope to move on from this We will clarify our policy on obfuscated code and we will update our scanners and investigation process to reduce the likelihood of another event like this. These extensions are safe and have been restored for the VS Code community to enjoy.
LINKS: Material Theme https://marketplace.visualstudio.com/items?itemName=Equinuso... Material Theme Icons https://marketplace.visualstudio.com/items?itemName=Equinuso...
Again, we apologize that the author got caught up in the blast radius and we look forward to their future themes and extensions. We've corresponded with him to make these amends and thanked him for his patience.
Scott Hanselman and the Visual Studio Code Marketplace Team - @shanselman
- build an open-source thing
- wait till thousands or millions of people are using it
- change the license and close down the source
- implement malicious code
- push an update
- profit! you now have your malware running on millions of systems
I did a thorough combing of the code base when I forked. Just did another audit and still not seeing anything suspicious. Gutting all of the opencollective and changelog code to be 1000% sure.
The extension file is still available to download directly from MS.[0] (Which, why if you pull it from users are you still allowing downloads first of all.)
I downloaded the file, and unzipped it. On a cursory glance I see obfuscated code but zero "red flag" level code, has anyone seen the malicious code claimed?
[0]: !!!WARNING CLAIMED TO BE MALICIOUS!!! https://marketplace.visualstudio.com/_apis/public/gallery/pu...
We do not plan to add a permission model in the next 6 months.
The only sane way to contain the blast radius is to run is to run code-server in a container (or in a VM) and use it through a browser tab.
Luckily, the UI works perfectly, hotkeys and everything. They did an awesome work there.
Anyway, thank you for the update.
https://www.wired.com/story/gravy-location-data-app-leak-rtb...
The maintainer went off the deep end last year. He pulled the (originally apache 2) source offline, then started threatening to sue people for hosting alternative versions, including them in other IDEs, etc. Genuine lunatic.
Out of an abundance of precaution, I've taken the following action on my fork:
1. I have the VS Code team auditing it as we speak, and I've given them full permission to immediately pull it from the marketplace & force uninstall it from users if they find ANYTHING malicious.
2. I have audited the code base thoroughly (nothing seemed malicious)
3. I have removed ALL code related to changelogs, analytics, Open Collective and html rendering.
The only thing that seemed slightly concerning was the html + sanity loader for changelogs, so I gutted it entirely. Two PRs removed almost all the deps and over 7,000loc (mostly package-lock)
Repo is here if anyone else would like to audit https://github.com/t3dotgg/vsc-material-but-i-wont-sue-you
however, I found this from the malware creator's website itself: https://framerusercontent.com/images/G17CYe9tTL2GP1Rw4mUI8YC...
[1] https://www.reddit.com/r/vscode/comments/1eq40o2/has_the_mat...
VS Code is maybe the best product Microsoft has ever released, largely because the extension market. If Microsoft polices the marketplace more, you can probably expect VS Code quality to degrade.
Here's my argument: More scrutiny of the marketplace will lead to less extensions overall (the scrutiny process will reduce the number of extensions overall as barrier to entry will be increased). Less extensions available will create an incentive for Microsoft to add features to VS Code directly. The more features MS adds, the more bloated VS Code will become.
So then, more security auditing in the extensions marketplace will lead to a more bloated VS Code.
All that said, it would be nice if there were better security controls in the extensions marketplace, I just don't trust Microsoft to do anything in a way that actually improves their products for the people who use them.
he sucks at tech and has driven away everyone good at it. I don't use his software, but I hope he gets out of this episode soon (and learns he didn't invent material!)
Pantone would like a word.
These aren't mutually exclusive.
https://marketplace.visualstudio.com/items?itemName=t3dotgg....
===============================================================================
Language Files Lines Code Comments Blanks
===============================================================================
CSS 2 142 119 0 23
TypeScript 32 2026 1650 243 133
-------------------------------------------------------------------------------
HTML 2 59 49 1 9
|- JavaScript 2 2 2 0 0
(Total) 61 51 1 9
===============================================================================
Total 36 2227 1818 244 165
===============================================================================
So the question remains: what the hell is there to maintain (that takes more than a couple minutes every $godknowshowlong)? I've published and maintained waaaaay more substantial open source projects for years without expectation of any financial contribution.
What's wrong is the bait and switch, as these projects end up being popular because of their FOSS nature.
just did a pass and removed everything that was not necessary - it's even less code now lmao
-------------------------------------------------------------------------------
Language files blank comment code
-------------------------------------------------------------------------------
TypeScript 23 50 169 1307
Markdown 6 129 0 224
YAML 2 8 6 52
INI 1 1 0 7
-------------------------------------------------------------------------------
SUM: 32 188 175 1590
-------------------------------------------------------------------------------At least that one wasn't literally just colours.
Found the obfuscated code here https://web.archive.org/web/20250226020241/https://github.co...
It’s assumed that your contribution will be licensed with the current license (generally). Maintainers can change the license but that wouldn’t affect prior contributions. Basically anything up to that license change would still have the original license. This is what makes forks possible when popular software changes their license.
In order to go back in history and change a license, you need either the consent of your contributors or a document that would grant you the power to do that. A CLA could (but not all CLAs will) grant a maintainer to change a license at will back in time.
Other famous software that has seen a license change: Redis and Terraform. In those cases the license changed but already released software is still available with the old license and that old license allows for forks.
https://github.com/material-theme/vsc-material-theme/commits...
I'm not sure why the initial commit already says "official", but that's almost a decade ago.
Of course, it's also nice that it's possible to theme the software to such a degree and improve usability and accessibility in some cases, just that the feature requests about limiting permissions need to be addressed.
In this case, this is one of the most extreme instances of people installing lots of dependencies. The moment I realized something was different in me was left pad, I already felt that couldn't be me.
The log4j incident hit me different, it COULD have easily been me. A security vulnerability is like death or a terminal illness in my eyes. Successful companies that scale do so without incidents, If you are running a company and you have a vuln you are out of the race. So I tightened up a lot after that.
I realize something similar with sex I just can't fathom putting my whole life on the line just to have sex with somebody and then have nothing to show for it, no relationship, nothing.
And today we see this, people are really risking their companies, their reputation, their pride to have pretty colors on their IDE.
I used to fight it, try to convince people, of course I still keep the pride of being different and weary, but in the end, you will likely be fine, and I only hold a statistical advantage, both are valid strategies of going about life I guess.
That said, I do agree that dependency management and reliance is a Problem these days. left-pad was the camel that broke the proverbial camel's back for many people, and it made people realise how ridiculous dependencies in at least NodeJS land has become. It was already silly in Java land since the 2000s, but more from the layers of abstraction and overhead that frameworks like Spring add (which is ironic because Spring was originally conceived to be a lightweight alternative to J2EE, but that's a thread on its own).
I know the general community atmosphere in the Go ecosystem is adverse to adding dependencies and frameworks; it has a good standard library which was complete enough and which isn't yet fully bogged down by design by committee like Java and JS were (to their credit things are moving again), and its users are like "you know, plain Go is good enough", so they are much less likely to add frameworks or DSLs like assertion libraries.
I'd like to know if the same thing is happening in the Rust ecosystem, I've never ventured there before.
That couldn't be me, because I don't use Java, PHP, Windows APIs, or `xdg-open`. The closest I come to Java-esque "include ALL THE BATTERIES" is the occasional Python script, but I won't use `http.server`. (Incidentally, I don't get very much done.)
> I don't use Java I didn't use Java either, but whatever I was using at the moment (Python) could have been anything, if I stayed in my other job or gotten a different one I could very well been using Java and been the one that installed the thing.
>Python script, but I won't use `http.server`. (Incidentally, I don't get very much done.)
Interesting, I use http.server or the Tcp socket server thing, but I consider myself to be in the extreme, there's still people that use Flask (and I do partake ocasionally) or things like Django, Spring, Next,etc... Same with binaries like Apache, Nginx.
I mean you gotta use something, and if you go too far on the deep end, you get the risk of introducing the vulnerabilities yourself, (in addition to the risk of getting nothing done as you mentioned). I know my limits I wouldn't implement cryptography for example.
> "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License.
This covers not just the users, but also the "author" here who exercises the permissions granted below:
> 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.
> 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions:
> (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and
So let's interpret that. Regardless of the whatever intent to re-license the code exists in the mind of the author, in order to distribute the code which was contributed by others, the only legal means to distribute this code must comply with the requirements of the license. Technically they could remove all code contributions which were contributed by others (I've done this in the past, it's a pain to do right), or seek permission from the others to add additional grants that are not included in the Apache license here (I've seen various projects do the post-facto CLA thing for this). But that has not happened here.
So (in my opinion) the github repo of the author is a currently infringing the copyright of all the other contributors. Any one of whom could enforce it or raise a DMCA take down notification on the repo.
So given that we're talking about material that is in breach of copyright, it's likely that being able to enforce a license on that as a consumer is not really a thing which is possible as the conditions on what must be included bind the person distributing the material not the person receiving it.
The reason he forked it in the first place is, as he said himself, because he's famous.
> reading the review responses by the creator, I don't really trust it anymore. Being rude to others who are concerned over the recent move to closed-source (and without warning!) is pretty disheartening.
> So, uh, the guy who made the VS Code Material Theme is threatening everyone who uses it in their products. He seems to have forgotten it was originally licensed under the Apache License, 2.0.. He wiped the commit history to make it look like it was always his weird fake license.
Real messy. It’s always shocking to me how little people realize - or care - how their behavior - especially their treatment of others reflects on them.
https://github.com/material-theme/vsc-material-theme/activit...
The founder of Bikram Yoga, tried to copyright a sequence of yoga poses, even though similar sequences have existed for for thousands of years. Monster, the energy drink maker, went after business for using the word "monster" in totally unrelated contexts. Disney trademarked "Hakuna Matata" (a Swahili phrase roughly equivalent to "no worries") after using it in The Lion King, prohibiting African businesses from using a common idiom in their own damn language. Don't get me started on Happy Fucking Birthday.
So I run a small game that has a couple thousand active users, and part of that is allowing users to chat via written text. The amount of vitriol some users spew just amazes me. If they acted like that in person, I expect they would get punched in the mouth quite often. I also have a suspicion that some of these people are literally mentally ill, and online is basically where they live.
They hide it mostly to their family, but other human beings are treated like NPCs.
For example I live in the south of France and people are literally crazy on the road but they still avoid accidents by some kind of miracle. These are people from all sex, color, and age. The good middle-aged white father becomes a fucking moron when his car is turned on. The young new mom who pretends to love her children is speeding on the road like an idiot.
Society accepts that or turns its head the other way not to look at it, but it’s definitely around us and I see it every time I go to work.
My consideration on this is:
A lot of software that at least I write privately is rather a manifestation of some deeper values/opinions that I have. So in some sense the software is just the tip of an iceberg, a manifestation of something deeper. The software might isolatedly be independently useful for other people, but this is not is essence. Its essence is the deeper values/opinions that made the software to be created.
In this sense, it is rather the rational thing to expect that most discussions of the software are strongly intertwined with the values/opinions of the programmer, because these form the bottom of the iceberg of the software.
P.S. Just to be clear: I am not the kind of person who does personal jabs or passive aggressive snipes.
https://medium.com/agoric/pola-would-have-prevented-the-even...
An absolute failure of contemporary programming language design.
Software firms need to think harder about what kind of guarantees the languages they use can give them - which part of a project's code can access which (and how many) resources - access to other project components, filesystems, the network, and the amount of process memory and CPU time they are allowed to consume. The current default answer is usually "any place has authority to access everything else, and a simple infinite loop will use up all the system's resources"
obviously its obfuscated by the guy originally
I've seen literally nothing malicious in it so far.
!!! WARNING CLAIMED MALICIOUS PACKAGE !!!
https://marketplace.visualstudio.com/_apis/public/gallery/pu...
People are willing to pay for nice things. Especially if it takes longer to create it yourself.
A theme is more than a list of colors. Monokai Pro contains custom designed icons and color filters too, and some code logic to sync it all up. It needs continued updates, as editors keep evolving with new UX/UI elements.
Free themes are a dime a dozen.
Paid themes means someone's incentivized to keep working on it and adding icons, &c.
I'm comfortable working without any syntax highlighting at all. It's not that I go to the effort of turning it off, I just don't really care that it's there. I used to use Sam as my daily editor - got used to plain black text pretty quick. It's all a matter of preference.
I suck at colors and want nice themes. I'm glad people better at this than me take time to make nice things.
But, I don't want to ever manage licenses for my theme. My dotfiles need to fetch it automatically or it's out.
Is the original source code still uploaded somewhere?
I mean, when I use Vim and Emacs, the benefits clearly flow to users and the developer community. Back when I paid for the IntelliJ license - I knew exactly how their revenue model worked. Yet whenever I download and use VSCode, I don't really know what's Microsoft's grand plan here, does anyone else do?
Same reason Xcode is free.
EDIT: Did some research and looks like it is different code by different developers, so we should be good.
I'm increasingly suspecting there was nothing actually wrong with the extension, and Theo and others may have simply demolished an open-source developer's reputation primarily because they found him difficult to collaborate with.
This is nuts.
Edit: the whole repo has been put to private.
My bank does this for my suspicious transactions, with a near %100 false positive rate.
Seems common sense and usually remedied by a text to a bot.
https://github.com/material-theme/vsc-material-theme/discuss...
(As throw16180339 said, please email hn@ycombinator.com with these things - that's the only way to be (mostly) sure I'll see it.)
Source?
> disrupted
Source?