this post was submitted on 03 Aug 2023
100 points (83.8% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54716 readers
415 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

I understand that sharing video, photos, documents etc. is relatively safe because the data is not executed in the processor as instructions. How come people are willing to download and install pirated software though? How can one be confident that it does not contain malicious addons? Are people just don't know the risks? Or are there protection mechanisms that I am missing? I mean since the software is usually cracked there is not much use in comparing checksums with the originals, is it?

you are viewing a single comment's thread
view the rest of the comments
[–] b1ab@lem.monster 98 points 1 year ago* (last edited 1 year ago) (2 children)

Long story short.

  1. Be prepared for disaster.
  2. Scan it. Sandbox it if concerned.
  3. Firewall inspect/block/allow every outbound comm.
  4. Get it from a trusted source.

Basically the same stuff you should be doing with all software.

Edit for firewall clarification.

[–] Micromot@feddit.de 2 points 1 year ago (1 children)

Is it smart to test if it is malicious in a vm first?

[–] b1ab@lem.monster 20 points 1 year ago (1 children)

I don’t.

But I take many precautions.

I’ve been pirating software since the C64. About 40 years. Never stopped. Never will.

I buy the good software I encounter. As a developer, i know it’s important to keep funding further development. Unfortunately most is overpriced garbage.

[–] Micromot@feddit.de 2 points 1 year ago (1 children)

I'm pretty new and extremely cautious with pirated software, i still need to find the precautions i have to take, luckily pirating games is much safer and easier than pirating software

[–] 7Sea_Sailor@lemmy.dbzer0.com 6 points 1 year ago (2 children)

Could you elaborate how pirating games is "safer" than pirating software? Both are executables that could run whatever code they wish on your system, and since pirated games are so desirable, in my experience they are far more often spread around bundled with malware than software is. Oftentimes, you'll find people take legitimate repacks, add malware, then share the repack under the same repackers name.

[–] wolfshadowheart@kbin.social 5 points 1 year ago (1 children)

I think their idea is that if you know a specific repacker like an athletic woman, compared to downloading softwares that could be uploaded by any elitists trying to fuck with you.

In practice both are the same, but the reputation of the athletic woman makes her more trustworthy.

However outside of that specific repacker I actually agree with you, it's exactly the same lol.

[–] alexg_k@discuss.tchncs.de 4 points 1 year ago (1 children)

Interesting. If there are reputable packers / crackers, why do they not uses GPG to sign the software? That way, no one can manipulate and reupload the software.

[–] b1ab@lem.monster 1 points 1 year ago

Many do provide some form of checksum.

[–] Micromot@feddit.de 1 points 1 year ago

It feels safer as there are a few sites with a good reputation which is just easier to find which makes me feel safer. Idk if it is really safer than with software.

[–] mnemonicmonkeys@sh.itjust.works 2 points 1 year ago (1 children)

What software do you recommending for scanning? Microsoft defender?

[–] b1ab@lem.monster 4 points 1 year ago (1 children)

I don't really use Windows except for playing games, so someone else may have a better answer.

For me, I want 3 types of protection, priority order.

  1. Rootkit and ransomware protection. Lock down and protect system files.

  2. Firewall. Stop software from calling home (and possibly invalidating my forged license) and to stop malware from reaching out to command and control systems.

  3. Malware scanning and suspect execution detection. Most antivirus software detections will be in only one of a couple categories: keygen, generic trojan, or obfuscated executable. If I encounter this, I go to VirusTotal.com and drop the offending file(s) for it to scan. If I'm still concerned I will use an online sandbox execution recorder that tells you what the exe does such as outbound comms, file modifications, registry read/writes, etc.

Windows Defender accomplishes these requirements. Although it is a bit clunky and other mainstream antivirus (paid or free) accomplish the same in a much cleaner interface.

I cannot stress enough the importance of downloading pirated software from a trusted source.

[–] MrPoopyButthole@lemmy.dbzer0.com 2 points 1 year ago* (last edited 1 year ago) (1 children)

We are seeing on our corporate network lots of browser hikackers that connect to c&c and are used in botnet DDOS as a service. Once you install x software it sets up a persistent service that keeps modding chrome.exe etc

Firewalling the .exe that you installed does nothing to stop the calls to c&c

[–] b1ab@lem.monster 1 points 1 year ago (1 children)

Fair point. Malware can tunnel through existing comms, thus firewalling the exe would do little to protect you.

That’s why I recommended a multilayered defense and practicing good opsec.

An exe that installs a service, modifies unrelated executables, and sends comms through an unrelated application would be a catastrophic failure in any good defense.

If your system is this wide open then you’ll be likely to have all sorts of problems from non pirated software. Such as freeware that installs adware.

I have tried to find these in the wild to no avail.

[–] MrPoopyButthole@lemmy.dbzer0.com 1 points 1 year ago (1 children)

Unfortunately the machines that get infected are not fully controlled by us but they get networking and internet from us (space rental in the building), so we isolate them as much as possible and we black hole all the bad traffic on the router level.

Our machines all have EDR and strict security policies. Not much gets past that.

[–] b1ab@lem.monster 1 points 1 year ago

Right on. Gotcha.