Hiluxury Bitcoin
Jr. Member
Offline
Activity: 199
Merit: 1
|
|
June 23, 2019, 04:00:04 PM |
|
ooh thanks mate for sharing with us this good news and now i have deleted my VLC player. So it it good to delete it?.
|
--------------------Trustdice.win - Fair gaming platform built on blockchain technology--------------------
|
|
|
finaleshot2016
Legendary
Offline
Activity: 1778
Merit: 1009
Degen in the Space
|
|
June 23, 2019, 04:44:10 PM |
|
VLC software version 3.0.4 was already considered as a malware last year but fixed. VLC was very known as an open source software so hackers can easily put some malware on it. Just a fact, VLC was also used by the Government of America, CIA specifically, to spy target people.
|
|
|
|
gentlemand
Legendary
Offline
Activity: 2590
Merit: 3014
Welt Am Draht
|
|
June 23, 2019, 05:27:14 PM |
|
The average computer must have 50-100 third party programs that could pounce on you at any moment.
I long ago stopped doing anything directly crypto related on anything other than a dedicated machine. I am guilty of continuing to do exchange related things but it's 2FA'd up the arse and I don't put significant sums through any exchange either.
This will never, ever, ever end and will only get sneakier and more creative. It does make me wonder about crypto's future viability when the machines we use seem to be throwing an ever increasing number of weaknesses.
|
|
|
|
LbtalkL
|
|
June 26, 2019, 01:32:46 AM |
|
According to the article,
"All the attacker needs to do is craft a malicious MKV or AVI video file and trick users into playing it using the vulnerable versions of VLC."
So generally, for that hacking thing to work, it will come from a video file as source. Not by using directly the outdated VLC to the prior downloads (in other words new downloads from random sites).
Am I right here?
I just wonder how can they trick the user here. Hopefully, those internet guys out there know how to deal on any download site they will encounter.
And I can't find the latest news about it. Can someone link it to me?
a) Stick with the popular and reputable download sites (especially torrent sites). b) Use common sense c) MORE IMPORTANTLY, UPDATE TO THE LATEST VERSION! (Version 3.0.7.1)
I will not stop using VLC. It's the fastest player, at least based on my user experience for 10 years I guess. I'm using a super outdated version of VLC lol (version 2) so I just need to update it.
To those newbies who are confused, better stop using VLC.
This means even if I use older version of VLC if the video file I play is not suspicious I am safe from these hacks?
|
|
|
|
TryNinja
Legendary
Offline
Activity: 3010
Merit: 7425
Top Crypto Casino
|
|
June 26, 2019, 01:39:52 AM |
|
This means even if I use older version of VLC if the video file I play is not suspicious I am safe from these hacks?
Yeah. Only if the file is malicious. But why risk it? Just update to the latest version.
|
|
|
|
jos.walker
Newbie
Offline
Activity: 2
Merit: 0
|
|
June 26, 2019, 03:22:28 AM |
|
Thanks for the warning I have read in many places around that media player classic is a way better player in terms of quality. However, vlc is more compatible with different video files (and I love the 125% audio volume function, which is missing on mpc) More discussions here First of all, thanks for the warning OP. From time to time I get lags and crashes using VLC, so stopped to use it for some time. Seems like it's time to update to the latest. Better safe than sorry. Second, that's pretty sad that VLC is losing this fight, since MPC can play anything, but it uses more RAM than VLC. I attempted to watch an episode of Macross Frontier (1920x1080 23.976FPS) and while MPC taking up 25% CPU (quad-core) the video lagged every second or two. VLC however uses 7% on the same PC and plays lagless.
|
|
|
|
hatshepsut93
Legendary
Online
Activity: 3038
Merit: 2161
|
|
June 26, 2019, 04:34:40 AM |
|
The average computer must have 50-100 third party programs that could pounce on you at any moment.
I long ago stopped doing anything directly crypto related on anything other than a dedicated machine. I am guilty of continuing to do exchange related things but it's 2FA'd up the arse and I don't put significant sums through any exchange either.
This will never, ever, ever end and will only get sneakier and more creative. It does make me wonder about crypto's future viability when the machines we use seem to be throwing an ever increasing number of weaknesses.
Add to this the fact that many people like to pirate software and media (no judgement here), and you got a recipe for a disaster. Right now there are so many options for getting electronic devices that can be used with Bitcoin - I personally have 2 old PC's for those purposes, but if I didn't, I'd probably buy a Raspberry Pi - at 40-50 they are cheaper than hardware wallets, offer the same level of security when used as cold storage, more flexible, and can be used for a wide variety of purposes. You can install Tails on a USB stick, and do your online trading from it, and it will have much higher level of security than using your main PC and hardware wallet.
|
|
|
|
Kakmakr
Legendary
Offline
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
|
|
June 26, 2019, 07:49:34 AM |
|
The average computer must have 50-100 third party programs that could pounce on you at any moment.
I long ago stopped doing anything directly crypto related on anything other than a dedicated machine. I am guilty of continuing to do exchange related things but it's 2FA'd up the arse and I don't put significant sums through any exchange either.
This will never, ever, ever end and will only get sneakier and more creative. It does make me wonder about crypto's future viability when the machines we use seem to be throwing an ever increasing number of weaknesses.
Add to this the fact that many people like to pirate software and media (no judgement here), and you got a recipe for a disaster. Right now there are so many options for getting electronic devices that can be used with Bitcoin - I personally have 2 old PC's for those purposes, but if I didn't, I'd probably buy a Raspberry Pi - at 40-50 they are cheaper than hardware wallets, offer the same level of security when used as cold storage, more flexible, and can be used for a wide variety of purposes. You can install Tails on a USB stick, and do your online trading from it, and it will have much higher level of security than using your main PC and hardware wallet. Yea, but Tails can also be vulnerable if you using a Persistent volume & a outdated version of the wallet that comes pre-configured and installed with the OS. I use Tails, but I rarely use the wallet that comes with it, because it is mostly outdated and I do not want to update it on a persistent volume, every time I "clean" boot it. Consider using virtual pc's too, because you basically have a "clean" OS every time you end a session and fire up a new one.
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
nakamura12
|
|
June 27, 2019, 07:25:48 AM |
|
I am not using VLC Media player anymore in my computer years ago rather than using the media player that your computer's operating system. As of now I only use windows Media Player or Windows Media Player Classic. VLC player have problems when i'm using it before that is why I am only using those two media players until now.
|
|
|
|
Harlot
|
|
June 27, 2019, 09:12:35 AM |
|
I don't get it so is the video file the one vulnerable or is VLC the one triggering it to do so? If it's the latter then you need to have two of the corrupted files for you to be hackable am I right on this one? Or is the article unclear on their explanation because based on their message suspicious video files if played with VLC will make the hacker have full acces with your computer.
|
|
|
|
Lafu
Legendary
Offline
Activity: 3150
Merit: 3222
|
|
June 27, 2019, 11:34:11 AM |
|
I never trusted VLC player in the past and i havnt installed it , glad i am havnt used it and i was expecting some kind of security problems ! The software Develop. for some Malware and other Trojans getting everyday smarter ! Just remember about the Fake Anns with the download links on the Wallet Link .
|
|
|
|
bernardos
Member
Offline
Activity: 686
Merit: 45
|
|
June 27, 2019, 01:41:32 PM |
|
I dont use it that often but when I do watch videos on my PC VLC is my main player. Thanks iasenko, I had 3.0.5 installed but now I have updated to the newest version.
|
Content writer and Croatian translator. Contact me for more information.
|
|
|
Velkro
Legendary
Offline
Activity: 2296
Merit: 1014
|
|
June 27, 2019, 04:42:20 PM |
|
And another vulnerability found, no one is safe.
I know many people use it that's why I post it here. Keep your coins save.
Read below.
Its most popular video player in the world. Its huge vulnerability and noone is safe while using it now. Update asap or just dont use it for a while. Be safe, i didnt hear reports someone lost BTC because of it, but you never know, better to be safe than sorry.
|
|
|
|
Stedsm
Legendary
Offline
Activity: 3052
Merit: 1273
|
|
June 27, 2019, 04:57:28 PM |
|
--snip--
Almost all cracked versions of valuable Software (windows, photoshop, etc..) are infected with malware. If you are using cracked software, you should definitely regard your computer as compromised. Even if my PC has a reputed Anti-Virus/Anti-Malware/Anti-Spyware software to ^protect^ my PC, should I still consider it compromised if my OS is pirated? Just because noone stole cryptos from you yet, it doesn't mean that they can't. Chances are high that they have access to your computer and/or it is used for spam mails / any other kind of botnet. Once again, what about those preventive softwares? Cracking a software so it is able to run without activation keys etc. is not an easy task. It takes quite some time and they want to be paid for that work.
If you REALLY insist on using cracked software, use linux as main OS and run all of this cracked stuff in a virtual machine if you really can't just use the open source alternatives.
Ok, I've got some extra questions here for more knowledge and I really don't want to make an extra thread for the same: What IF?1) I run Pirated Windows in a Linux OS based PC through Virtual Machine software 2) I run Linux OS in a Pirated Windows through Virtual Machine software and keep my coins in Linux 3) I run both by installing both these OS in one PC simultaneously 4) I've an Antivirus which is itself cracked to use its Premium features
|
| .SHUFFLE.COM.. | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ | . ...Next Generation Crypto Casino... |
|
|
|
ABCbits
Legendary
Offline
Activity: 3052
Merit: 8055
Crypto Swap Exchange
|
|
June 27, 2019, 05:13:17 PM |
|
Even if my PC has a reputed Anti-Virus/Anti-Malware/Anti-Spyware software to ^protect^ my PC, should I still consider it compromised if my OS is pirated?
Yes, your system is still vulnerable against zero-day exploit, especially due to update is disabled by default on some pirate distribution. 1) I run Pirated Windows in a Linux OS based PC through Virtual Machine software 2) I run Linux OS in a Pirated Windows through Virtual Machine software and keep my coins in Linux 3) I run both by installing both these OS in one PC simultaneously 4) I've an Antivirus which is itself cracked to use its Premium features
1, 2) Should be secure, it's difficult to "get out" from Virtualization & vice-versa 3) Should be secure, use drive encryption on Linux OS if you have serious security concern 4) No Idea
|
|
|
|
tranthidung
Legendary
Offline
Activity: 2450
Merit: 4273
Farewell o_e_l_e_o
|
|
June 28, 2019, 02:45:41 AM |
|
< ... > To those newbies who are confused, better stop using VLC.
I read from one member of group I joined that animated images also a highly vulnerable things. It sounds like you have good knowledge about that, so if you have time, can you give me some basics about such vulnerabilities of animated images, please
You made a very helpful recommendations, but you also made me shocked by saying you have still used the version 2.
|
|
|
|
Stedsm
Legendary
Offline
Activity: 3052
Merit: 1273
|
|
June 28, 2019, 05:02:06 AM |
|
Even if my PC has a reputed Anti-Virus/Anti-Malware/Anti-Spyware software to ^protect^ my PC, should I still consider it compromised if my OS is pirated?
Yes, your system is still vulnerable against zero-day exploit, especially due to update is disabled by default on some pirate distribution. And what about a crack (or an activator) that allows you to freely update your software even with a fake key? If my OS remains updated, is it still vulnerable to hacks just because it isn't genuine? 4) I've an Antivirus which is itself cracked to use its Premium features
4) No Idea Sorry for the incomplete statement there. What I mean is: What if I have an Antivirus software which is cracked by a software from some website to use its Premium features like adding extra database of all the known viruses from that Antivirus company, even though my Windows is genuine and not cracked?
|
| .SHUFFLE.COM.. | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ | . ...Next Generation Crypto Casino... |
|
|
|
TheBeardedBaby (OP)
Legendary
Offline
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
|
|
June 28, 2019, 06:05:35 AM |
|
Even if my PC has a reputed Anti-Virus/Anti-Malware/Anti-Spyware software to ^protect^ my PC, should I still consider it compromised if my OS is pirated?
Yes, your system is still vulnerable against zero-day exploit, especially due to update is disabled by default on some pirate distribution. And what about a crack (or an activator) that allows you to freely update your software even with a fake key? If my OS remains updated, is it still vulnerable to hacks just because it isn't genuine? 4) I've an Antivirus which is itself cracked to use its Premium features
4) No Idea Sorry for the incomplete statement there. What I mean is: What if I have an Antivirus software which is cracked by a software from some website to use its Premium features like adding extra database of all the known viruses from that Antivirus company, even though my Windows is genuine and not cracked? Everything that's is cracked is not secure, just because it's very common that the cracking files are injected with Trojan horses. So you are infected right after your fresh installation. Try to avoid all the unlicensed software.
|
|
|
|
|