this post was submitted on 13 Jul 2023
280 points (97.6% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

55072 readers
435 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 2 years ago
MODERATORS
 

I wrote this post for a friend, I'm sharing it here for anybody it might help. I got asked multiple times how I download cracked music software so I figured it'd be easier to write it down once. It's meant for people with very low technical skills who just want to start torrenting software without major risks, and it includes a bunch of safety tips that are already known in this community.

If you have feedback, let me know and I'll update the post.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 42 points 1 year ago* (last edited 1 year ago) (5 children)

Running strange software grabbed from unknown sources will never not be a risky proposition.

Uploading the .exe you just grabbed to virustotal and getting the all clear can indicate two very different things: It's either actually safe, or it hasn't yet been detected as malware.

You should expect that malware writers had already uploaded some variant of their work to virustotal before seeding it to ensure maximum impact.
Getting happy results from virustotal could simply mean the malware author simply tweaked their work until they saw those same results.

Notice I said "yet" above. Malware tends to eventually get flagged as such, even when it has a headstart of not being recognized correctly.
You can use that to somewhat lower the odds of getting infected, by waiting. Don't grab the latest crack that just dropped for the hottest game or whatever.
Wait a few weeks. Let other people get infected first and have antiviruses DBs recognize a new malware. Then maybe give it a shot.

And of course, the notion that keygens will often be flagged as "bad" software by unhelpful antivirus just further muddies the waters since it teaches you to ignore or altogether disable your antivirus in one of the most risky situation you'll put yourself into.

Let's be clear: There's nothing safe about any of this, and if you do this on a computer that has access to anything you wouldn't want to lose, you are living dangerously indeed.

[–] [email protected] 11 points 1 year ago

Running sandboxed via sandboxie or similar product is always a good idea imo.

[–] [email protected] 6 points 1 year ago (1 children)

You're right of course, but it's hard to communicate this level of nuance in a post targeted at newbies. If you don't disable your antivirus, 9/10 times it will quarantine the KeyGen automatically, and you don't get anywhere.

I've added a warning about the risk of infection. Do you have any recommendations on how to tackle this in a way that's appropriate for non-nerds?

[–] [email protected] 8 points 1 year ago (2 children)

I honestly don't know. The only advice I'd have for the layman would be "just don't do this", but I understand that's little more than an invitation to be ignored.

[–] [email protected] 7 points 1 year ago

Solid, good advice that gets ignored is still solid, good advice.

[–] [email protected] 3 points 1 year ago

Yup, exactly. We can't gatekeep this too much, even if it's warranted, otherwise people will just give up and never actually spend time to learn about this.

[–] [email protected] 4 points 1 year ago (1 children)

What's life about without a little risk here and there? And the really important stuff should be mirrored somewhere anyways, so: go for it! No fear!

[–] [email protected] 3 points 1 year ago

Note: this doesn't apply to sexual intercourse.

[–] [email protected] 3 points 1 year ago (1 children)

So how do you tell if a keygen is a virus or if it's just being detected as a keygen?

[–] [email protected] 6 points 1 year ago (1 children)

If it's a keygen then you should just assume it contains a virus and run it in a sandbox. You'll only need to run it once anyway to test the key.

[–] [email protected] 1 points 1 year ago

And what about other stuff?

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

Running strange software grabbed from unknown sources will never not be a risky proposition.

I have a jail for wine on my Linux desktop.

There you go, it's save.