Even the site that considered safe in the megathread, there’s report of malware and trojan and I don’t know what site to use

@phorq@lemmy.ml
link
fedilink
English
941Y

Simple, trust no one. Get a no-reported-logs VPN, don’t download anything that has a strange file size or extension, look at comments, look at the number of seeders if it’s a torrent. If you can, join something like a private tracker where there’s moderation too. If it walks like a duck and quacks like a duck then it’s probably not the movie you were looking for and there might be a Trojan army inside waiting for you to let the duck enter your computer… That metaphor may have fallen apart on me…

Fedora
link
fedilink
English
91Y

VPN providers don’t protect you from malware.

Most come with DNS blocklists now that can prevent you from accessing it

Fedora
link
fedilink
English
3
edit-2
1Y

DNS blacklists also don’t protect you from most malware.

It’s part of defense in depth. No single piece will protect you from everything, so you you use multiple layers of protection.

Fedora
link
fedilink
English
01Y

I can’t call DNS blacklists part of defense in depth. DNS blacklists are a poor man’s version of existing and pre-installed anti-malware software.

  • DNS blacklists block only older known malware, similar to existing anti-malware, but less effective.
  • DNS blacklists block hijacked, but legit websites that host malware, contrary to existing anti-malware.
  • DNS blacklists? What is that? I use DoH, get fucked. Contrary to existing anti-malware.

They’re completely bypassable, they boast a high false positive rate due to how threat actors host malware, and they don’t even block newer malware. Just use Windows Defender. It ain’t perfect, but it’s leagues better than any DNS blacklist.

  1. Blocking older known malware still blocks them, so that’s good (and saves bandwidth because the connection never happens, so this is really good).
  2. If the site is hijacked, it needs blocked till it’s unhijacked. So this is good as well.
  3. This is not really a point?

Number one above, stopping the connection before it happens, is really the best benefit, in my opinion. And if they boast a high false positive, you need better lists. You keep saying “they don’t block this or block that.” They are (nothing is) a one stop shop. Simply because they don’t block what you’re cherry picking does not make them bad. Use multiple layers. You say “don’t use a blocklist, use MS Defender instead.” Why not use both the blocklist, MS Defender, and even more stuff? Multiple layers. Defense in depth.

Fedora
link
fedilink
English
-11Y

Because Defender already covers what DNS blacklists block and more with less false positives and a proper way to manage exceptions for non-technical people. Older malware is a solved problem for Defender since it’s literally pre-installed everywhere. VPN providers don’t have a way to manage DNS blacklist exceptions, so have fun disabling your VPN to do any research. You also don’t get to choose the blacklists your VPN provider uses. Saying 3. is not a point is like saying malware that’s always able to bypass your anti-malware solution is irrelevant.

@phorq@lemmy.ml
link
fedilink
English
81Y

I was trying to give general advice, since it didn’t sound like they had a trusted private tracker already it’s a good idea to have a VPN to mask your IP. I agree, it probably won’t help against malware.

nicman24
link
fedilink
-291Y

Get a no-reported-logs VPN

lol there is no such thing. use tor

Fedora
link
fedilink
English
-4
edit-2
1Y

You can’t trust VPN providers to store no logs. It’s impossible to verify. I don’t get why people downvote this comment.

From what are you protecting yourself? Piracy? Then go with a VPN that has been tested in court and didn’t turn over any logs. The second one of these providers turns over their logs in court they are out of business because no one will ever trust them again. That’s all you really need for the seven seas.

Can the NSA see what you’re doing? Who cares. If they can, they aren’t revealing that to help anyone in a civil case.

Fedora
link
fedilink
English
01Y

You conflate VPN providers have an incentive to store no logs with it’s impossible to verify whether VPN providers store logs. It’s like trusting your friend to keep a secret. They promise not to write down what you say, but you can’t be sure. You accept that risk in your threat model, and that’s fine. But newcomers should judge that risk themselves. I feel like “Don’t worry bro, they don’t keep logs.” is an inappropriate response to people that’re about to commit a crime that can land them in jail.

@twena@lemm.ee
link
fedilink
English
261Y

Piracy using TOR is extremely slow and not really anonymous

nicman24
link
fedilink
-121Y

maybe 5 years ago

@averyminya@beehaw.org
link
fedilink
English
81Y

Don’t torrent over tor, its nodes should be used for more important things than piracy

nicman24
link
fedilink
01Y

you do not have to use exit nodes. you can p2p with other tor users. piracy imo is important due to the censorship that countries can have on legitimate content.

@averyminya@beehaw.org
link
fedilink
English
21Y

Regarding your last point, I agree, however it is not as important and it does take up resources that could otherwise be used for the people who need it (journalists utilizing tor, victims trying to get away from abusers etc).

Especially given that there are still alternatives to piracy without tor, whereas there are far fewer alternatives for these people.

That said, you’re still right, it’s minimal. Overall though, options for piracy without tor are accessible and should still be used when possible. From my understanding, few circumstances arise where pirating over tor is a better method for you and for others

Basically, use tor for legitimate content to help make tor safer for others using it.

@twena@lemm.ee
link
fedilink
English
101Y

Slowness and bandwith limitations are still an issue and it’s likely that they will always be. It’s already too slow to torrent large files over Tor and it also takes away the bandwith of other users. Tor also still doesn’t support UDP connections, which may cause data leaks.

For p2p it is better to use i2p, not tor

nicman24
link
fedilink
11Y

yeah completely agree although it is even more niche

@phorq@lemmy.ml
link
fedilink
English
61Y

I added the word “reported” because I don’t trust VPN providers to not keep logs, but ideally they should report that they don’t keep logs and have an established history of not providing logs. Tor is really not ideal if you’re trying to download anything large and you’re still vulnerable depending on who controls the exit nodes.

@CrabAndBroom@lemmy.ml
link
fedilink
English
121Y

Mullvad I think is very good for this. They have an extensive description of their no-logs policy on their site, and have also been raided by the police before, who apparently were unable to find any customer information.

Shenanigans are always possible of course so you shouldn’t 100% blindly trust anyone, but all the available evidence seems to point to them being pretty legit IMO.

Kumatomic
link
fedilink
English
271Y

I know they’re an army in this metaphor but I still want to hug them.

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
!piracy@lemmy.dbzer0.com
Create a post
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don’t request invites, trade, sell, or self-promote

3. Don’t request or link to specific pirated titles, including DMs

4. Don’t submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

  • 1 user online
  • 108 users / day
  • 272 users / week
  • 1K users / month
  • 3.5K users / 6 months
  • 1 subscriber
  • 3.4K Posts
  • 82.2K Comments
  • Modlog