51

Even the site that considered safe in the megathread, there's report of malware and trojan and I don't know what site to use

top 34 comments
sorted by: hot top controversial new old
[-] phorq@lemmy.ml 95 points 1 year ago

Simple, trust no one. Get a no-reported-logs VPN, don't download anything that has a strange file size or extension, look at comments, look at the number of seeders if it's a torrent. If you can, join something like a private tracker where there's moderation too. If it walks like a duck and quacks like a duck then it's probably not the movie you were looking for and there might be a Trojan army inside waiting for you to let the duck enter your computer... That metaphor may have fallen apart on me...

[-] cheezoid@retrolemmy.com 35 points 1 year ago
[-] kumatomic@lemmy.dbzer0.com 28 points 1 year ago

I know they're an army in this metaphor but I still want to hug them.

[-] lukas@lemmy.haigner.me 9 points 1 year ago

VPN providers don't protect you from malware.

[-] phorq@lemmy.ml 8 points 1 year ago

I was trying to give general advice, since it didn't sound like they had a trusted private tracker already it's a good idea to have a VPN to mask your IP. I agree, it probably won't help against malware.

[-] httpjames@sh.itjust.works 3 points 1 year ago

Most come with DNS blocklists now that can prevent you from accessing it

[-] lukas@lemmy.haigner.me 3 points 1 year ago* (last edited 1 year ago)

DNS blacklists also don't protect you from most malware.

[-] FutileRecipe@lemmy.world 6 points 1 year ago

It's part of defense in depth. No single piece will protect you from everything, so you you use multiple layers of protection.

[-] lukas@lemmy.haigner.me 0 points 1 year ago

I can't call DNS blacklists part of defense in depth. DNS blacklists are a poor man's version of existing and pre-installed anti-malware software.

  • DNS blacklists block only older known malware, similar to existing anti-malware, but less effective.
  • DNS blacklists block hijacked, but legit websites that host malware, contrary to existing anti-malware.
  • DNS blacklists? What is that? I use DoH, get fucked. Contrary to existing anti-malware.

They're completely bypassable, they boast a high false positive rate due to how threat actors host malware, and they don't even block newer malware. Just use Windows Defender. It ain't perfect, but it's leagues better than any DNS blacklist.

[-] FutileRecipe@lemmy.world 3 points 1 year ago
  1. Blocking older known malware still blocks them, so that's good (and saves bandwidth because the connection never happens, so this is really good).
  2. If the site is hijacked, it needs blocked till it's unhijacked. So this is good as well.
  3. This is not really a point?

Number one above, stopping the connection before it happens, is really the best benefit, in my opinion. And if they boast a high false positive, you need better lists. You keep saying "they don't block this or block that." They are (nothing is) a one stop shop. Simply because they don't block what you're cherry picking does not make them bad. Use multiple layers. You say "don't use a blocklist, use MS Defender instead." Why not use both the blocklist, MS Defender, and even more stuff? Multiple layers. Defense in depth.

[-] lukas@lemmy.haigner.me -1 points 1 year ago

Because Defender already covers what DNS blacklists block and more with less false positives and a proper way to manage exceptions for non-technical people. Older malware is a solved problem for Defender since it's literally pre-installed everywhere. VPN providers don't have a way to manage DNS blacklist exceptions, so have fun disabling your VPN to do any research. You also don't get to choose the blacklists your VPN provider uses. Saying 3. is not a point is like saying malware that's always able to bypass your anti-malware solution is irrelevant.

[-] bionicjoey@lemmy.ca 33 points 1 year ago
[-] xilliah@beehaw.org 13 points 1 year ago

I'd avoid any websites containing the string google.

[-] Sterben@lemmy.ml 2 points 1 year ago

Yes, true that. :)

[-] Sterben@lemmy.ml 12 points 1 year ago

Surface the Web with VPN, Ad blocker, Anti-Tracker, use Linux. In 5 years, I have never encountered a virus or a trojan. Following these 4 "rules" and you'll be fine on any website.

[-] chriscz@iusearchlinux.fyi 4 points 1 year ago

If you want to go one step further, isolate/sandbox your media player, browser and torrenting apps in firejail.

[-] Sterben@lemmy.ml 1 points 1 year ago

Really extreme, but good to know. 😉

[-] rockhandle@lemm.ee 10 points 1 year ago

Depends on what you want. For games, find a trustworthy repacker (fitgirl and dodi are good in my experience) and only download from them. For software, again, it depends. For adobe products, M0nkrus is pretty good, but I'm unsure about other software. Movies and music are typically quite safe as long as you practice due diligence (basically dont open a file called song.mp3.exe).

[-] julianarestrepo@lemmy.world 8 points 1 year ago

cs.rin.ru they use the ban hammer for malware distributing hard

[-] user224 1 points 1 year ago

None. If you want to stay safe, always assume danger. False sense of security is much worse.

this post was submitted on 27 Nov 2023
51 points (91.8% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

55056 readers
295 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 2 years ago
MODERATORS