Alphane_Moon@lemmy.world
on 07 Apr 05:24
nextcollapse
I once got a really nasty cryptominer that shut down all attempt to remove it via a fully patched WinRar opening an archive with what seemed to mostly JPEGs (maybe some PDFs as well). Perhaps this vulnerablility the root enabler of the cryptominer.
thisbenzingring@lemmy.sdf.org
on 07 Apr 08:32
nextcollapse
7z is far superior. It’s does rar
STOP USING WINRAR PEOPLE
Alphane_Moon@lemmy.world
on 07 Apr 08:54
nextcollapse
I like the interface of WinRAR more (just a matter of habit).
I even have a license for WinRAR that I bought 15 years ago.
thisbenzingring@lemmy.sdf.org
on 07 Apr 08:56
collapse
p03locke@lemmy.dbzer0.com
on 09 Apr 14:00
collapse
It’s not.
Go ahead and look through your filesystem. Just random parts of it. Count the number of things you downloaded off of the Internet. And yes, all of those files you extracted from an downloaded archive still count as downloaded from the internet.
If you’re using Linux, the ISO you downloaded is from the Internet. All of the security patches and updates were downloaded from the Internet. Every single web site you visit was downloaded from the Internet. If you wanted to use a new program, you downloaded it from the Internet. If you created a new file, chances are good that you used some sort of cloud-based service and it was downloaded from the Internet.
There’s a reason why Apple got rid of the CD-ROM drive. Because nobody was fucking using it and everything is installed off of the fucking internet! I was going to say that I haven’t touched my CD-ROM drive in ages, but then I looked down and realized that I don’t even have one installed on this PC.
Putting a “Mark of the Web” on a file is functionally useless. It’s like putting a boolean on a file that says “this came from a computer”.
I have a driver usb key in front of me that was shipped from the vendor by mail.
Based on your arrogance, attitude, and confident wrongness I also assume you’re a early-to-mid-20s male in which case I have files as old as you on my computer. I definitely have some music I ripped from CDs, I definitely have movies I ripped myself, and I definitely have video games I ripped myself.
It’s ok to be wrong, little guy.
p03locke@lemmy.dbzer0.com
on 10 Apr 00:11
collapse
Stop cherry-picking. If 95% of your HDD’s files are downloaded from the Internet, including all of your OS and security patch files, marking all of them as “insecure” isn’t a valid security method. It invites a ton of false positives, and is practically useless.
Also, stop assuming my age, my height, and who I am. I know what it used to be like pre-Internet, but it’s not like that any more.
It’s something called ADS (Alternate Data Stream) which you can see as some kind of second hidden file content. Browsers create an ADS with name Zone.Identifier when downloading a file and attach it to the downloaded file. The content of the ADS is the information where the file was downloaded from, i.e. the Zone (3 for Internet) and usually the URL.
Programs and Windows usually use the existence of the Zone.Identifier to show you a warning that a file was downloaded and may pose a risk to your system when opening/exexuting it.
p03locke@lemmy.dbzer0.com
on 08 Apr 23:50
collapse
What the fuck is this arcane metadata bullshit?
I download a file on Linux, and it has data, a filename, and some permission metadata. That’s it. It sounds like this metadata layer deserves all of the hacks that will come for it.
Most if not all file systems have features that include metadata. For example, ext4 will have a create and modify timestamp, as well as permissions on the file and ownership of the file. Fat also has timestamps but they are less precise. Zfsbootmenu uses zfs metadata to find your key file for encryption.
Your gut reaction of “metadata is over-complication” is not only bizarre (metadata is extremely common in file systems as well as for a variety of file formats - try using musicbrainzpicard without metadata), but makes you look very petulant.
p03locke@lemmy.dbzer0.com
on 09 Apr 13:50
collapse
Most file systems have a very limited footprint of metadata. Static information. And they are usually following basic POSIX standards, to ensure that file transfers between mediums are as cross-compatible as possible.
This Alternative Data Stream is now creating this entirely new variable data stream for hackers to hide shit in. No longer can just you scan a file’s data to make sure nothing malicious is in there. Now you need complex logic to be able to both read this new stream, interpret the flags and other metadata, and take all of those different pieces of information and figure out if it’s even worth opening the damn file.
Data is data. Keep data in the data layer. Everything else is secondary, and should be kept tiny.
So you acknowledge metadata is useful but you draw a line because you think it’s too much metadata? Or just the wrong kind, because the POSIX standard is the defining document for your life, a set of rules so perfect that nobody need add functionality past that standard?
threaded - newest
I once got a really nasty cryptominer that shut down all attempt to remove it via a fully patched WinRar opening an archive with what seemed to mostly JPEGs (maybe some PDFs as well). Perhaps this vulnerablility the root enabler of the cryptominer.
7z is far superior. It’s does rar
STOP USING WINRAR PEOPLE
I like the interface of WinRAR more (just a matter of habit).
I even have a license for WinRAR that I bought 15 years ago.
good on you, for buying a copy.
People is stuck on winrar by nostalgia
I would miss having decide whether to buy it every time I open it.
oh WinRAR, the freest paid app in history
What the hell is a “Mark of the Web”?
Notification/warning that an executable was downloaded from the internet.
Protip: All things are downloaded from the Internet.
That’s certainly a take
It’s wrong
It’s not.
Go ahead and look through your filesystem. Just random parts of it. Count the number of things you downloaded off of the Internet. And yes, all of those files you extracted from an downloaded archive still count as downloaded from the internet.
If you’re using Linux, the ISO you downloaded is from the Internet. All of the security patches and updates were downloaded from the Internet. Every single web site you visit was downloaded from the Internet. If you wanted to use a new program, you downloaded it from the Internet. If you created a new file, chances are good that you used some sort of cloud-based service and it was downloaded from the Internet.
There’s a reason why Apple got rid of the CD-ROM drive. Because nobody was fucking using it and everything is installed off of the fucking internet! I was going to say that I haven’t touched my CD-ROM drive in ages, but then I looked down and realized that I don’t even have one installed on this PC.
Putting a “Mark of the Web” on a file is functionally useless. It’s like putting a boolean on a file that says “this came from a computer”.
I have a driver usb key in front of me that was shipped from the vendor by mail.
Based on your arrogance, attitude, and confident wrongness I also assume you’re a early-to-mid-20s male in which case I have files as old as you on my computer. I definitely have some music I ripped from CDs, I definitely have movies I ripped myself, and I definitely have video games I ripped myself.
It’s ok to be wrong, little guy.
Stop cherry-picking. If 95% of your HDD’s files are downloaded from the Internet, including all of your OS and security patch files, marking all of them as “insecure” isn’t a valid security method. It invites a ton of false positives, and is practically useless.
Also, stop assuming my age, my height, and who I am. I know what it used to be like pre-Internet, but it’s not like that any more.
Emphasis mine
I only assumed your age and sex, none of those other things.
It’s something called ADS (Alternate Data Stream) which you can see as some kind of second hidden file content. Browsers create an ADS with name Zone.Identifier when downloading a file and attach it to the downloaded file. The content of the ADS is the information where the file was downloaded from, i.e. the Zone (3 for Internet) and usually the URL.
Programs and Windows usually use the existence of the Zone.Identifier to show you a warning that a file was downloaded and may pose a risk to your system when opening/exexuting it.
What the fuck is this arcane metadata bullshit?
I download a file on Linux, and it has data, a filename, and some permission metadata. That’s it. It sounds like this metadata layer deserves all of the hacks that will come for it.
Most if not all file systems have features that include metadata. For example, ext4 will have a create and modify timestamp, as well as permissions on the file and ownership of the file. Fat also has timestamps but they are less precise. Zfsbootmenu uses zfs metadata to find your key file for encryption.
Your gut reaction of “metadata is over-complication” is not only bizarre (metadata is extremely common in file systems as well as for a variety of file formats - try using musicbrainzpicard without metadata), but makes you look very petulant.
Most file systems have a very limited footprint of metadata. Static information. And they are usually following basic POSIX standards, to ensure that file transfers between mediums are as cross-compatible as possible.
This Alternative Data Stream is now creating this entirely new variable data stream for hackers to hide shit in. No longer can just you scan a file’s data to make sure nothing malicious is in there. Now you need complex logic to be able to both read this new stream, interpret the flags and other metadata, and take all of those different pieces of information and figure out if it’s even worth opening the damn file.
Data is data. Keep data in the data layer. Everything else is secondary, and should be kept tiny.
So you acknowledge metadata is useful but you draw a line because you think it’s too much metadata? Or just the wrong kind, because the POSIX standard is the defining document for your life, a set of rules so perfect that nobody need add functionality past that standard?