Never trust "Trusted sources"

View previous topic View next topic Go down

Never trust "Trusted sources"

Post by Ruhe on 21/6/2010, 15:36

Thats the reason I don't give a damn on the advice "Visit and install from trusted sources only".

Malicious code on Lenovo driver download page

Absolutely every page you visit or software you download, regardless of its source and publisher, can contain code it shouldn't contain.
avatar
Ruhe
Valued Member
Valued Member

Posts : 261
Join date : 2010-04-16
Location : Germany

View user profile

Back to top Go down

Re: Never trust "Trusted sources"

Post by ssj100 on 21/6/2010, 15:59

But I reckon you should give a damn. Why? Because the probability of getting infected from a "trusted source" is much lower than eg. from a site hosting pirated material.

In fact, it's so rare that it made the news on "The H Security" haha. I bet "The H Security" don't post up articles when a user gets infected by eg. a trojan dropper when he installs a pirated program downloaded from a site hosting pirated material.

At the end of the day, most of us do trust "trusted sources". And 99.9999% of the time, there isn't a problem. Just like we trust our food isn't poisoned to kill us etc. Unfortunately in real life, you can't "load up a clean image" of yourself haha.

By the way, I wonder whether checking the hash of a file would make it 100% safe? For example, Sandboxie tells us the hash for each version:
http://www.sandboxie.com/index.php?AllVersions

But yes, I just want to emphasise my point again. In general, not trusting a "trusted source" is perhaps like not trusting a Doctor because a Doctor made the news that he was maliciously treating his patients. The fact is that most Doctors (I hope haha) can be trusted.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Never trust "Trusted sources"

Post by Ruhe on 21/6/2010, 16:03

ssj100 wrote:By the way, I wonder whether checking the hash of a file would make it 100% safe? For example, Sandboxie tells us the hash for each version:
http://www.sandboxie.com/index.php?AllVersions
Hack the server, replace the posted hash and the executable...
But after this the existing digital signature of the file is incorrect or removed.
avatar
Ruhe
Valued Member
Valued Member

Posts : 261
Join date : 2010-04-16
Location : Germany

View user profile

Back to top Go down

Re: Never trust "Trusted sources"

Post by ssj100 on 21/6/2010, 16:07

Ruhe wrote:
ssj100 wrote:By the way, I wonder whether checking the hash of a file would make it 100% safe? For example, Sandboxie tells us the hash for each version:
http://www.sandboxie.com/index.php?AllVersions
Hack the server, replace the posted hash and the executable...

Ah I see. There must be a reason why it doesn't happen very often though - if I was a professional malware writer, I'd target this - so much money could be made by this type of trickery.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Never trust "Trusted sources"

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum