Viral Videos That Really Are Viral

davidwr writes to mention a BBC article looking at booby-trapped Windows codecs. While some codecs required for online videos actually let you watch your content, others are just excuses to infect your system with spyware or adware. As davidwr says: "Now virtual sex can make your computer sick." From the article: "Mr Robinson said many security firms were now logging instances in which spyware and adware firms are turning out software bundles that claim to roll together many popular codecs or just have the one needed to play a particular clip. Some of the codecs do help to play clips, but others are disguised as a variety of nuisance or malicious programs. Some rogue codecs plague users with pop-up adverts, while others invisibly install keyloggers that try to grab confidential data. "

Re:One way to know if code is safe to run

Not everyone can read source code you elitist asshole. Not to mention, I don't feel like stopping in mid wank to read the source of a codec I need to watch a pr0n clip.

Moo

[Chacham]

Videos infected with viruses, video at 11.

Re:serves yah right

[pegr]

I have to agree. This has been going on for quite some time, at least a couple of years. That's why I simply don't use codecs that come from questionable sources. You wouldn't run just any arbitrary program, would you?

But wait, if there's porn involved... :)

Re:And if you use those codecs with MPlayer on Lin

[$RANDOMLUSER]

Running Linux does not make you invincable. It would be an easy thing to include some "if (OS == LINUX)" code. A captive Linux box is a worthier target than an XP box, and there are no "automatic" tools to sweep it clean. Many Linux users don't know all the things running on their box, nor pay much attention to it. Do YOU know what all the processes from "ps -ef" do? Are you sure that the process named is really that process?

Re:One way to know if code is safe to run

[CastrTroy]

Although that's a little bit extreme, you can't possibly read and understand the source code for every single program you run, it makes a lot of sense. If they are willing to put the source code out there, then they are most likely not going to try and fool you. If they do, then you have the evidence of what they are doing. This is why the first place I go to look for software is Sourceforge. Because everything there is open source, I can be pretty sure that there's no adware, spyware, or other malicious things lurking around. Also, it's the best way to get full featured tools without paying anything. Searching for freeware using google or any other means other than sourceforge/freshmeat, means I have to take a lot of care to figure out what's spyware, and what's not, and which ones will expire in 15 days.

Some of us have a life

[everphilski]

Some of us have a wife and kids, a full time job, working on a masters/Ph. D, other commitments outside the daily grind. We don't have time to sit down and scrutinize every bit that enters our computers (I could - I'm a compotent programmer. That's not the point.). If I choose to download something I trust the developer. I have a level enough head on my shoulder to figure out what looks fishy and what doesn't. And if, for some reason, something bad does happen? Takes but 10 minutes to reimage a drive. Big deal.

That being said the primary machine at home for gaming/surfing is a windows box. Between me, my wife and my kids I don't think I've had to reformat it since it was built.

Re:How is this any different?

[DragonWriter]

Why do people expect that codecs downloaded from arbitrary untrusted sources would be any less free of viruses, adware, etc... than any other random executables obtained off the net?

Probably because only a minority of users realize that a "codec" is a kind of "executable" or "program", rather than a some kind of electronic "key" or "description" that enables a media player to decode a particular kind of media file. Its not like the boundaries between safe (or at least, safer) "data" and dangerous "code" are always obvious to non-technical users.

Combined Community Codec Pack

[TheSHAD0W]

I'm going to personally recommend a codec pack called CCCP, or the Combined Community Codec Pack. It's primarily meant for viewing anime, but I've never come across any video it couldn't play (aside from MOV and RM). It claims to be free of any sort of malware, and there are a lot of good people vouching for it.

If anyone has any information about malware being present in this codec pack, please respond to this post; since I have this installed on my system I'd be very interested in hearing it. :-)

Re:Combined Community Codec Pack

[thelost]

I will second that recommendation and state that in my personal experience there has never been any spyware or viri in CCCP.

The obvious alternative is of course VLC - however a lot of people will be turned off by VLCs apparent lack of spit and polish compared to other video players for windows, mainly because it is not always simple to use & it's seek bar sucks ass; devs flatly refuse to do anything about that (although it's my understanding that the way it's currently written it is actually impossible to fix the seekbar).

Re:How is this any different?

[99BottlesOfBeerInMyF]

Why do people expect that codecs downloaded from arbitrary untrusted sources would be any less free of viruses, adware, etc... than any other random executables obtained off the net?

The average person assumes data they download will not be able to infect their computer. What kind of an idiot would design a computer such that it lets a random codec someone downloads run as an executable and have access to read their e-mail addresses, capture keystrokes, etc., especially in this day of malware. MS should have fixed this long ago. It looks like Apple has ported MAC from TrustedBSD and will be solving this in OS X 10.5. Maybe t is time you stopped blaming the user for making reasonable assumptions and started looking at just how badly designed most OS's are these days.

This is 2006 - get with the times

With translucent windows, you can write or audit source code while jacking off to hentai.

And no, it's not a productivity boost. This is actually one of the reasons Vista took so long, tho it can be a source of inspiration. Obviously Vista's protected mode was inspired by a posh wank.

Read the Source code? Are you serious?

[runlevel+5]

Outside of the scope of this article, there are dozens of reasons not to relase your sourcecode, among the most common being the proffit motive. A A lot people look at OSS with are "why by the cow when you get the milk for free" attitude. What about companies that haven't yet copyrighted or patented the algorithims in their software before they go to market? And do you really think companies like Adobe and Autodesk are ashamed of their award winning flagship software packages? Quite honestly, your last argument is utterly rediculous. To bring things a bit closer to home, it's often way simpler, smarter, and faster to distribute codecs in binary form. People just want them to work right away without firing up the windows equivalent of "./configure --with-notrojans". If they have trade-secret compression algorithims, then your company may not want to give them to your competitors. Finally, even if the source code were made public, users have to read thousands of lines of code before knowing if it was "safe" or not. I seriously doubt you'd find any comments that say ""// Computer-destroying virus begins here". And safe is a relative term, because for some machines a segfault is just as bad as a trojan horse.

Booby-trapped sex-video codecs

[ettlz]

Boobs... uh-huh-uhh-huh-uhh...

Um... sorry, just had a bit of Beavis and Butthead moment there.

Re:One way to know if code is safe to run

[MightyYar]

But do you only eat cake baked in your own kitchen? Would you give up a piece of cake that everyone is raving about because the recipe is a secret? What if the baker had a solid reputation and thousands of satisfied customers?

I'm not sure why someone would have higher standards for what they run on their stupid computer than for what they allow into their body.

Re:STDs

[spun]

Now your computer can get STDs as well!

Stupidity Transmitted Diseases?

Re:One way to know if code is safe to run

[ehrichweiss]

"If you want me to run something on MY computer, I have a RIGHT to see the source code."

First things first, it is usually less of THEM wanting something run on your computer and more likely YOU wanting to run it. If it's freeware that scenario is lots more likely since they don't make money for every installation, etc. so they couldn't care less.

Next, you don't have a "right", you have a desire. If they publish the source code then you have the right to view it, otherwise you're SOL. You're likely not a king or otherwise powerful enough person to get such things done so put your words in some perspective.

Re:And if you use those codecs with MPlayer on Lin

[element-o.p.]

and there are no "automatic" tools to sweep it clean

meh...not sure I entirely agree with you here, although I will concede that many Linux users don't know what tools are available and even less use those that are available on a regular basis.

Tools that I use regularly to keep tabs on my boxen:
1) http://www.chkrootkit.org/chkrootkit: can be run from cron to look for suspicious files and rootkit signatures;
2) netstat -ep: to show what processes are using network connections;
3) lsof: to show what files on your system are open, who opened them and with what process they were opened;
4) http://www.tripwire.com/Tripwire or http://www.gecko-ak.org/Sentinel/my own, open-source, much less functional, still really in development Tripwire-like file system auditor: to check for changes in binaries, config files or anything else on your file system that you would like to keep tabs on;
5) http://www.insecure.org/nmap: to remotely scan computers on your network for open ports, and to audit the services using these open ports;
6) http://www.nessus.org/nessus: like nmap, only different;
7) tcpdump/ethereal/wireshark: to monitor packets in or out of your computer;
8) http://www.snort.org/snort: okay, I haven't (yet) used this one, but it's the open-source standard for IDS;
9) http://www.bitdefender.com/bit defender: anti-virus for Linux--we had to use this once at work to remove a Windows virus that had infected our Samba shares (note: the Samba server wasn't infected, but the Windows machines that were mounting shares from the Samba server were--and they kept rewriting infected Windows executables to the server).

So, no most of these aren't automatic, and most of these won't clean your Linux PC's, but there are a host of tools that you can use to detect problems on your Linux computers. And, if you're really paranoid, there are several vendors that provide anti-virus software, just like what you find on your Windows machines.