Thnk twice before downloading or viewing files

If it doesn't relate to Debian, but you still want to share it, please do it here

Thnk twice before downloading or viewing files

Postby cuckooflew » 2020-04-30 19:32

Some , maybe most of us may think, "Oh, it is just a harmless file", or "harmless image", think twice before downloading anything. Do you know how to check the file and make sure it is safe ? ...
Here is some interesting reads, this is nothing new, but many people are not aware of the potential risks when down loading what appear to be innocent files,....It is not very hard to do, I mean make a file ,with some text and a image, then pretend to be asking for help , "Please view this for the details",,.etc,...we see it all the time here. Do the moderators and admins, check every single file or image that is offered for download ? I don't think so, and they shouldn't need too. Some members might check them, and some might even know how to spot anything wrong or bad about it,....but then again, If security is a concern to you , it is not wise to just assume someone else has checked it for you.
Any way here is a coulple of links,...:https://its.ucsc.edu/security/download.html
==========================
https://thehackernews.com/2015/06/Stegosploit-malware.html
==========================
One could claim it is a image, photo or screenshot, with the error messages in it, and it might look just like that, just a photo of plain text.
Ok, well the question is, How can we know if a file is safe, or not safe before viewing or downloading it ?
======edited=====================
This is another one I read, and it kind of makes me paranoid, but I do realize it is published by a company that supposedly has software to help "scan" the images, so maybe they even just made it all up so they can sell their product ? I don't know, I am asking, is it really possible to to these things ? (RE: the below link) any one know for sure ?
https://www.sentinelone.com/blog/hiding-code-inside-images-malware-steganography/
It is not my intention to promote this company, in fact I think it is questionable, any way, now that I made myself paranoid I am going to research this more. Thank you for any input, and have agood day
Please Read What we expect you have already Done
Search Engines know a lot, and
"If God had wanted computers to work all the time, He wouldn't have invented RESET buttons"
and
Just say NO to help vampires!
cuckooflew
 
Posts: 683
Joined: 2018-05-10 19:34
Location: Some where out west

Re: Thnk twice before downloading or viewing files

Postby Head_on_a_Stick » 2020-04-30 20:32

cuckooflew wrote:is it really possible to to these things ? (RE: the below link) any one know for sure ?

Only if the person downloaded the image then opened it with their browser (with javscript enabled), which seems unlikely.

For that Google drive thread I just used the image preview, I didn't download anything.
Black Lives Matter

Debian buster-backports ISO image: for new hardware support
User avatar
Head_on_a_Stick
 
Posts: 12528
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Thnk twice before downloading or viewing files

Postby cuckooflew » 2020-04-30 21:26

Thanks, mostly that is what I am wondering, if I am being overly paranoid,...but also my ISP is slow, and generally I do not down load any images, and if they take to long to load, I don't,even view them .
Thanks
p.s. I am reading some stuff now, supposedly with Image Magick:
Code: Select all
 convert -strip debian9-openbox.png img2.png
is effective, EG: if debian9-openbox.png was infected, or suspicious, the above command would produce a "clean" image, "img2.png" . Warning, though, it could also destroy the image,.... a hex editor, or xxd can be used to see the difference...any way, back to reading this material.
Please Read What we expect you have already Done
Search Engines know a lot, and
"If God had wanted computers to work all the time, He wouldn't have invented RESET buttons"
and
Just say NO to help vampires!
cuckooflew
 
Posts: 683
Joined: 2018-05-10 19:34
Location: Some where out west

Re: Thnk twice before downloading or viewing files

Postby sunrat » 2020-04-30 22:53

Steganography has been around possibly since before the internet. I won't lose any sleep starting to worry about it now.
“ computer users can be divided into 2 categories:
Those who have lost data
...and those who have not lost data YET ”
Remember to BACKUP!
User avatar
sunrat
 
Posts: 3198
Joined: 2006-08-29 09:12
Location: Melbourne, Australia

Re: Thnk twice before downloading or viewing files

Postby cuckooflew » 2020-05-01 00:07

Yes that is true, as well as cryptography, but the point is about how it is being used nowadays , on the internet to hide malicious code. Any way, please don't lose any sleep over it, I certainly am not either.
https://publications.computer.org/computer-magazine/2018/11/15/how-steganography-works/
Please Read What we expect you have already Done
Search Engines know a lot, and
"If God had wanted computers to work all the time, He wouldn't have invented RESET buttons"
and
Just say NO to help vampires!
cuckooflew
 
Posts: 683
Joined: 2018-05-10 19:34
Location: Some where out west


Return to Offtopic

Who is online

Users browsing this forum: No registered users and 9 guests

fashionable