this post was submitted on 03 Aug 2023
96 points (83.8% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

62669 readers
221 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):

🏴‍☠️ Other communities

FUCK ADOBE!

Torrenting/P2P:

Gaming:


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 2 years ago
MODERATORS
 

I understand that sharing video, photos, documents etc. is relatively safe because the data is not executed in the processor as instructions. How come people are willing to download and install pirated software though? How can one be confident that it does not contain malicious addons? Are people just don't know the risks? Or are there protection mechanisms that I am missing? I mean since the software is usually cracked there is not much use in comparing checksums with the originals, is it?

top 50 comments
sorted by: hot top controversial new old
[–] pre@feddit.uk 135 points 2 years ago (1 children)

Worth noting that paying for a license for software doesn't stop it being spying malware either. In fact the pirate versions often take out the spying and the reporting-to-homebase that proprietary software does.

The photoshop that phones home to check a license is arguably more malicious than the pirate version that has been cracked so it doesn't do that.

[–] alexg_k@discuss.tchncs.de 12 points 2 years ago (1 children)

Good and valid point. I use opensource software wherever I can.

Though paid software is not going to encrypt your data for ransom or use a keylogger to steal bitcoin (yet).

[–] NullGator@lemmy.ca 5 points 2 years ago (2 children)

There was an antivirus that was caught running a bitcoin miner in the background tbf. If memory serves it was Norton?

load more comments (2 replies)
[–] b1ab@lem.monster 94 points 2 years ago* (last edited 2 years ago) (8 children)

Long story short.

  1. Be prepared for disaster.
  2. Scan it. Sandbox it if concerned.
  3. Firewall inspect/block/allow every outbound comm.
  4. Get it from a trusted source.

Basically the same stuff you should be doing with all software.

Edit for firewall clarification.

load more comments (8 replies)
[–] InterSynth@lemmy.dbzer0.com 65 points 2 years ago (1 children)

I trust pirates more than billion or trillion dollar companies. Also, aggressive DRM such as iLok is worse than malware, so eh.

[–] LeylaLove@lemmy.fmhy.net 18 points 2 years ago

Fuck iLok. Shit made me regret buying plugins, should have stuck with piracy.

[–] merthyr1831@lemmy.world 40 points 2 years ago (2 children)

It's partly an honor system but also, anyone distributing malicious cracks are quickly called out whether its on public tracker comments like PirateBay or removed from private trackers.

Distributors of GOOD and CLEAN cracks often earn good rep in the community too, like Monkrus which I've had no issue with before.

Also, in my experience, installing a malware-packaged adobe app isn't actually all that bad if you run a malware scan immediately afterwards. With the scale and breadth of software piracy there isn't much money in making advanced malwares beyond bundling an existing one into an installer. I don't recommend it, but it's still easier and cheaper than paying Adobe!

TLDR the community polices itself pretty well considering.

[–] lemming007@lemm.ee 14 points 2 years ago (1 children)

Also, I would consider some legitimate licenced software more of a malware than a cracked one. If your software forces always-online license, comes with annoying startup processes, nagging ad screens, etc, it's malware. And if there's a cracked version without those things, I'll take the cracked version any day.

load more comments (1 replies)
[–] alexg_k@discuss.tchncs.de 3 points 2 years ago (2 children)

I agree with what you said, but how do I make sure that the cracked software is not further altered by other people and uploaded. Do you just select the torrent with the most peers? Is that enough? When using one-click-hosters it is even harder...

[–] President@lemmy.zip 6 points 2 years ago (1 children)

No. It isn't about the torrent with most peers. It is about the source and the uploader. As someone has already mentioned it, it is about the Reputation!

load more comments (1 replies)
load more comments (1 replies)
[–] Gush@lemmy.ml 37 points 2 years ago (2 children)

If i were to pay for an AutoCAD license , it would be over 200$ A MONTH

[–] Overzeetop@beehaw.org 15 points 2 years ago (2 children)

What kind of cheap-ass, stripped down AutoDesk suite are you getting for $200/mo. Last I checked, the architectural suite was north of $4500/yr.

[–] SkepticElliptic@beehaw.org 12 points 2 years ago (1 children)
load more comments (1 replies)
load more comments (1 replies)
[–] Mothra@mander.xyz 13 points 2 years ago (3 children)

That's why I'm learning Blender, I think I'll be able to carry on without Maya.

Adobe isn't pretty but Autodesk is a scourge

[–] kylian0087@lemmy.world 5 points 2 years ago

I Love blender. I am also learning it but more because it works on linux unlike AutoCAD

load more comments (1 replies)
[–] tun@lemmy.world 30 points 2 years ago (1 children)

If you get the software from reliable source, it is almost certain it does not have malware.

The piracy is an organized activity and people at higher rank nuke the release if it has malware.

Read more here https://opentrackers.org/i/2600_Guide_to_Internet_Piracy-TYDJ.txt

load more comments (1 replies)
[–] Deathcrow@lemmy.ml 24 points 2 years ago* (last edited 2 years ago)

How come people are willing to download and install pirated software though?

You can just remove "priated" from that statement and come to the same conclusions. Considering the amount of bugs, backdoors and 0-day exploits distributed via official software I sometimes wonder why people execute proprietary, closed source programs at all.

An no, "reputable" companies mean nothing, just look at Microsoft clowning around with their signing keys.

[–] Mandy@beehaw.org 24 points 2 years ago

You severely underestimate the power of free stuff

[–] doppelgangmember@lemmy.world 22 points 2 years ago (3 children)

i mean you could always sandbox it

[–] fat_stig@lemmy.world 6 points 2 years ago

Sandboxie-plus for the win! Saved my sanity several times.

load more comments (2 replies)
[–] rambos@lemm.ee 18 points 2 years ago* (last edited 2 years ago)

I feel safe, maybe I shouldnt, but my life wouldnt be this good if I didnt have access to everything I cracked lol

[–] Gothian@lemmy.world 17 points 2 years ago (1 children)

Your assumption is wrong mail can contain executables. Picture can hold executable instructions and so do videos. For example videos and pictures in mail can contain virus. You are not safe just because you download movies and pictures

[–] kionite231@lemmy.ca 8 points 2 years ago (2 children)

Can you explain how can a picture holds a executable in it? Also you have to make the file executable to run it. Something like chmod +x random.mp4

[–] Gothian@lemmy.world 15 points 2 years ago (1 children)

You are thinking it wrong about malware in pictures. They don’t act like an executable rather then injecting instructions to an executable program you are opening your picture in. In that case you don’t need the +x flag on your file. Think of it as a Trojan horse

https://gizmodo.com/malware-images-virus-photos-pictures-how-block-antiviru-1849572516 If you are more interested

[–] alexg_k@discuss.tchncs.de 11 points 2 years ago (3 children)

I think it is very rare to find or even craft a video file that is able to allow for arbitrary code execution on an updated video player software like VLC. The same is true for photos or documents with the exception of office documents using macros.

[–] DrJenkem@lemmy.blugatch.tube 4 points 2 years ago

"Updated" is doing a lot of heavy lifting here. Lots of people don't keep their software up to date.

But yeah, the likelihood of any of us randomly happening upon 0days in the wild is pretty low.

load more comments (2 replies)
[–] Ragerist@lemmy.world 3 points 2 years ago* (last edited 2 years ago)

One of the techniques is called buffer overflow. Where you target a flaw in some software. Computers are logic, they will do EXACTLY what you tell them. Imagine if an image viewer uses an dll to process jpg. That dll expects a very specific header. If this is not handled correctly and a malicious attacker crafts the header to be slightly larger and the larger part contains executable code. This code spills over in the adjacent memory area. The OS then reads this as code to run.. and boom you are in.

This is oversimplified and proberly not explained correctly, but its something like that; and that kids, is why its important to update your OS and software.

Sometimes they find bugs like this, that have existed for many years before being discovered.

[–] chicken@lemmy.dbzer0.com 14 points 2 years ago (1 children)

If I get malware, I can just go reinstall my OS. If I pay for software, I'm never getting that money back.

[–] alexg_k@discuss.tchncs.de 4 points 2 years ago (3 children)

If you notice the malware..

[–] nestEggParrot@lemmy.sdf.org 5 points 2 years ago (5 children)

And have something worth loosing on gheir PC. Many professional software users using cracks may worry of losing their work files which could be easily backed up.

As long as they dont have their financials or personal information thats worth stealing, the cost saving of the pirated software is worth infection, which at max needs a fresh install.

load more comments (5 replies)
load more comments (2 replies)
[–] HeneryHawk@thelemmy.club 13 points 2 years ago

I installed trusted cracks from scene groups. Not everyone who can crack will be a scene group. To get into the scene you need to be well trusted. Scene groups would NOT damage their integrity to install something malicious through a crack

As another user said, check the files you have match the direct uploads from the scene with a site like predb.me

You can search online for more info on scene groups/warez/topsites

[–] Pommel_Knight@lemmy.dbzer0.com 10 points 2 years ago

Most don't invest that much into anti-piracy protection and you can avoid it with simple firewall and GPEdit corrections for the unlimited premium spoof.

There are also the key gens that emulates the server or the software to receive the codes or give a confirmation to the software.

This is all very oversimplified and there are an infinite number of anti-piracy methods that the companies don't even want to try to solve since it's all free advertising and it gets people used to their software when they have to buy it.

[–] gwi1785@feddit.de 10 points 2 years ago

when you dl from any seller site do you know what you get regarding spy/mal/bloatware? for sure?

i would not dl from usenet or a public tracker though.

[–] idkman@lemmy.dbzer0.com 10 points 2 years ago (1 children)

Denuvo games performed worse than the cracked version, FYI.

load more comments (1 replies)
[–] nicman24@kbin.social 8 points 2 years ago

it is the same as any binary. you do not know what the author has baked it.

[–] TCB13@lemmy.world 5 points 2 years ago
[–] Mothra@mander.xyz 5 points 2 years ago (3 children)

It's one of those high-risk, high-returns case scenarios. You gamble. If you succeed, you will be saving some buck. Some software licences can be very, very expensive.

There is no way of knowing the answer to your questions. You just use your intuition and take a leap of faith.

load more comments (3 replies)
[–] DrJenkem@lemmy.blugatch.tube 4 points 2 years ago

Yeah checksums are useless. But if you know assembly, you could diff the original binary with the crack and look for anything malicious.

[–] Pulp@lemmy.dbzer0.com 4 points 2 years ago (1 children)

Get software from reputable private trackers only

load more comments (1 replies)
load more comments
view more: next ›