Thats my attitude. Torrents have risks but so do random Russian streaming sites. By now I have it going with Jellyfin and *arr and I barely have to think about it

[–] glibg10b@lemmy.zip 13 points 3 days ago (1 children)

Torrents aren't risky for movies as long as you don't have "Hide file extensions" turned on. Unless someone's wasting their zero-day video player exploit on you, which is unlikely, you wont find malware in an mp4 or mkv unless it's actually an exe in disguise

[–] Cassa@lemmy.blahaj.zone -3 points 3 days ago (3 children)

sry, but that's just straight up wrong. You can hide malware in video files (both mp4 and mkv are great containers!) and you can disguise your virus as a video.

[–] glibg10b@lemmy.zip 6 points 2 days ago (1 children)

That's like encoding malware in a picture and calling it dangerous

[–] Cassa@lemmy.blahaj.zone 0 points 2 days ago* (last edited 2 days ago) (1 children)

yes? opening a picture with malware could infect your computer.

It would be a combination attack, so the virus would either target the correct media player or several of em.

here is a older vulnurability with vlc and avi file https://nvd.nist.gov/vuln/detail/CVE-2021-25801

it is absolutely far less risky than downloading programs that run code, but it's not without any risk

edit: windows programs also lets files call home. Script Command in windows media player f.ex 🤷

[–] glibg10b@lemmy.zip 5 points 2 days ago

Like I said, no one's wasting a 0-day on a lemming like you or me

[–] whoami@sh.itjust.works 2 points 3 days ago (1 children)

But malware wrapped as video (or any other doc or media format) still needs to be executed, right? So if you don't give that file execute permission (which Linux doesn't give by default) and open it through media player or something, could said potential malware still run? I thought it couldn't unless the player itself is vulnerable

[–] Cassa@lemmy.blahaj.zone 2 points 2 days ago

no, these things would try to exploit the program that read them.

it's not a likely attack vector, you need both a malware file, and the right program trying to read it. it might not also be transferrable across different os.

so yes, it needs a media player to attack. https://nvd.nist.gov/vuln/detail/CVE-2021-25801 this one f.ex

[–] IAMgROOT@lemmy.wtf 1 points 3 days ago

kern.exe.mp4 LOL

and the rest are 0days that sell for millions

[–] Naho_Zako@piefed.zip -1 points 3 days ago (1 children)

I'd be fucking nervous to torrent a game tbh, or at least a game that runs on PC. Like I'm not as concerned about my hacked 3DS getting a virus but, to each their own I guess...

Also I basically only torrent anime/shows and music so far...

[–] Aceticon@lemmy.dbzer0.com 3 points 2 days ago (1 children)

Gaming on Linux via Wine is great in that sense - not only is most Windows software not really designed to connect to the Linux side of things when running on top of an adapter layer like Wine/Proton (which are NOT emulators so don't sandbox anything) but you have way better security tools and a kernel designed with it in mind in Linux, so for example you can actually start your games inside a proper sandbox like Firejail to block it from accessing stuff outside the wine instance directory.

On the other hand, forget about all the nice automated configuration scripts that just make the Windows game seamlessly install and work in Linux when installing a pirated repack: you have to actually understand how Wine and Wine-tricks works as you're likely to have to dig through logs of a game that's not running to figure out which DLLs are missing from the wine instance and install them yourself.

[–] mizule@lemmy.blahaj.zone 1 points 2 days ago (1 children)

i've never had the issue you're describing in the end, you are using proton-ge right?

[–] Aceticon@lemmy.dbzer0.com 1 points 2 days ago* (last edited 2 days ago) (1 children)

In all fairness, I've had that issue only with the first game I pirated to play in Linux, which I actually own but the official version won't run in Linux (under Steam, so that was using Proton) hence why I got a pirate version (which, once a couple of missing DLLs were added, worked fine - so the pirated version is the superior product).

My point does stand that if you're used to using things like Steam or Lutris to run your games in Linux, with pirated repacks there's no help from scripts that make sure there are no missing DLLs, so either it's a recent game from a good repacker like Dodi or you're probably going to have to check the logs for missing DLLs and add them via Winetricks.

Switching to proton-ge as the runner in Lutris does often solve the problem running a game in Linux (pirated or otherwise), just not always.

[–] mizule@lemmy.blahaj.zone 1 points 2 days ago

Mhm that is fair. For me, with repacks, the only thing i had to do was add WINE_LARGE_ADDRESS_AWARE=0 as an environment variable in my prefix and then i had no more issues.