this post was submitted on 03 Aug 2023
80 points (100.0% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

1444 readers
12 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

I understand that sharing video, photos, documents etc. is relatively safe because the data is not executed in the processor as instructions. How come people are willing to download and install pirated software though? How can one be confident that it does not contain malicious addons? Are people just don't know the risks? Or are there protection mechanisms that I am missing? I mean since the software is usually cracked there is not much use in comparing checksums with the originals, is it?

top 50 comments
sorted by: hot top controversial new old
[–] pre@feddit.uk 89 points 1 year ago (1 children)

Worth noting that paying for a license for software doesn't stop it being spying malware either. In fact the pirate versions often take out the spying and the reporting-to-homebase that proprietary software does.

The photoshop that phones home to check a license is arguably more malicious than the pirate version that has been cracked so it doesn't do that.

[–] alexg_k@discuss.tchncs.de 8 points 1 year ago (1 children)

Good and valid point. I use opensource software wherever I can.

Though paid software is not going to encrypt your data for ransom or use a keylogger to steal bitcoin (yet).

[–] NullGator@lemmy.ca 5 points 1 year ago (1 children)

There was an antivirus that was caught running a bitcoin miner in the background tbf. If memory serves it was Norton?

[–] AzzyDev 2 points 1 year ago

It was opt-in, and I think to make your subscription cheaper. Then again, Norton sucks!

[–] b1ab@lem.monster 60 points 1 year ago* (last edited 1 year ago) (1 children)

Long story short.

  1. Be prepared for disaster.
  2. Scan it. Sandbox it if concerned.
  3. Firewall inspect/block/allow every outbound comm.
  4. Get it from a trusted source.

Basically the same stuff you should be doing with all software.

Edit for firewall clarification.

[–] Micromot@feddit.de 1 points 1 year ago (1 children)

Is it smart to test if it is malicious in a vm first?

[–] b1ab@lem.monster 13 points 1 year ago (1 children)

I don’t.

But I take many precautions.

I’ve been pirating software since the C64. About 40 years. Never stopped. Never will.

I buy the good software I encounter. As a developer, i know it’s important to keep funding further development. Unfortunately most is overpriced garbage.

[–] Micromot@feddit.de 2 points 1 year ago (1 children)

I'm pretty new and extremely cautious with pirated software, i still need to find the precautions i have to take, luckily pirating games is much safer and easier than pirating software

[–] 7Sea_Sailor@lemmy.dbzer0.com 5 points 1 year ago (2 children)

Could you elaborate how pirating games is "safer" than pirating software? Both are executables that could run whatever code they wish on your system, and since pirated games are so desirable, in my experience they are far more often spread around bundled with malware than software is. Oftentimes, you'll find people take legitimate repacks, add malware, then share the repack under the same repackers name.

[–] wolfshadowheart@kbin.social 4 points 1 year ago (1 children)

I think their idea is that if you know a specific repacker like an athletic woman, compared to downloading softwares that could be uploaded by any elitists trying to fuck with you.

In practice both are the same, but the reputation of the athletic woman makes her more trustworthy.

However outside of that specific repacker I actually agree with you, it's exactly the same lol.

[–] alexg_k@discuss.tchncs.de 4 points 1 year ago (1 children)

Interesting. If there are reputable packers / crackers, why do they not uses GPG to sign the software? That way, no one can manipulate and reupload the software.

[–] b1ab@lem.monster 1 points 1 year ago

Many do provide some form of checksum.

[–] Micromot@feddit.de 1 points 1 year ago

It feels safer as there are a few sites with a good reputation which is just easier to find which makes me feel safer. Idk if it is really safer than with software.

[–] InterSynth@lemmy.dbzer0.com 43 points 1 year ago (1 children)

I trust pirates more than billion or trillion dollar companies. Also, aggressive DRM such as iLok is worse than malware, so eh.

[–] LeylaLove@lemmy.fmhy.net 13 points 1 year ago

Fuck iLok. Shit made me regret buying plugins, should have stuck with piracy.

[–] Gush@lemmy.ml 25 points 1 year ago (2 children)

If i were to pay for an AutoCAD license , it would be over 200$ A MONTH

[–] Overzeetop 15 points 1 year ago (2 children)

What kind of cheap-ass, stripped down AutoDesk suite are you getting for $200/mo. Last I checked, the architectural suite was north of $4500/yr.

[–] SkepticElliptic 12 points 1 year ago (1 children)
[–] Obi@sopuli.xyz 2 points 1 year ago

Technically you can do all the same things with paint and a LOT of patience.

load more comments (1 replies)
[–] Mothra@mander.xyz 9 points 1 year ago (1 children)

That's why I'm learning Blender, I think I'll be able to carry on without Maya.

Adobe isn't pretty but Autodesk is a scourge

[–] Obi@sopuli.xyz 2 points 1 year ago

Blender is fully capable these days, have fun!

[–] Mandy 23 points 1 year ago

You severely underestimate the power of free stuff

[–] Deathcrow@lemmy.ml 17 points 1 year ago* (last edited 1 year ago)

How come people are willing to download and install pirated software though?

You can just remove "priated" from that statement and come to the same conclusions. Considering the amount of bugs, backdoors and 0-day exploits distributed via official software I sometimes wonder why people execute proprietary, closed source programs at all.

An no, "reputable" companies mean nothing, just look at Microsoft clowning around with their signing keys.

[–] rambos@lemm.ee 13 points 1 year ago* (last edited 1 year ago)

I feel safe, maybe I shouldnt, but my life wouldnt be this good if I didnt have access to everything I cracked lol

[–] idkman@lemmy.dbzer0.com 10 points 1 year ago (1 children)

Denuvo games performed worse than the cracked version, FYI.

load more comments (1 replies)
[–] HeneryHawk@thelemmy.club 10 points 1 year ago

I installed trusted cracks from scene groups. Not everyone who can crack will be a scene group. To get into the scene you need to be well trusted. Scene groups would NOT damage their integrity to install something malicious through a crack

As another user said, check the files you have match the direct uploads from the scene with a site like predb.me

You can search online for more info on scene groups/warez/topsites

[–] chicken@lemmy.dbzer0.com 10 points 1 year ago (1 children)

If I get malware, I can just go reinstall my OS. If I pay for software, I'm never getting that money back.

[–] alexg_k@discuss.tchncs.de 4 points 1 year ago (2 children)

If you notice the malware..

[–] nestEggParrot@lemmy.sdf.org 4 points 1 year ago (5 children)

And have something worth loosing on gheir PC. Many professional software users using cracks may worry of losing their work files which could be easily backed up.

As long as they dont have their financials or personal information thats worth stealing, the cost saving of the pirated software is worth infection, which at max needs a fresh install.

[–] chicken@lemmy.dbzer0.com 2 points 1 year ago (1 children)

I have a two PC setup, I treat the windows one with the pirated software as always potentially infected so the potential damage is limited. It's probably not infected though, I do take the most basic precautions and haven't had issues with malware for many years.

[–] alexg_k@discuss.tchncs.de 1 points 1 year ago

That's smart, but requires extra work and hardware.

[–] gwi1785@feddit.de 8 points 1 year ago

when you dl from any seller site do you know what you get regarding spy/mal/bloatware? for sure?

i would not dl from usenet or a public tracker though.

Most don't invest that much into anti-piracy protection and you can avoid it with simple firewall and GPEdit corrections for the unlimited premium spoof.

There are also the key gens that emulates the server or the software to receive the codes or give a confirmation to the software.

This is all very oversimplified and there are an infinite number of anti-piracy methods that the companies don't even want to try to solve since it's all free advertising and it gets people used to their software when they have to buy it.

[–] ProcurementCat@feddit.de 5 points 1 year ago (1 children)

You can always run software in a Virtual Machine to see if it's the real deal or not. Additionally, people really like to be "the first" or "the one" who actually provides something. See for example the first cracked Version of Read Dead Redemption 2 - it was announced like a special record (and it was!). Being the first to provide an actual, working copy brings fame, that's why people go to such lengths to crack and provide software. And the people who download it? Well, they can often rely on those with virtual machines testing the software and then on reviews and ratings available on the download sites.

[–] r3nder 3 points 1 year ago* (last edited 1 year ago)

Virtual machine testing is a good idea, but I wouldn't rely on it. Well written malware will check for a virtual environment and might even hold off executing if it detects it. Better malware will have already gained persistence as your testing for it.

[–] nicman24@kbin.social 5 points 1 year ago

it is the same as any binary. you do not know what the author has baked it.

[–] tormeh@discuss.tchncs.de 4 points 1 year ago (3 children)

Make a dedicated user on your machine for pirated software. Never give that user root. Should contain it.

[–] Micromot@feddit.de 4 points 1 year ago
[–] Pulp@lemmy.dbzer0.com 3 points 1 year ago
[–] nestEggParrot@lemmy.sdf.org 1 points 1 year ago

Wouldn't most sw need admin to insgall anyways? How would that help prevent embedded malware?

[–] Mothra@mander.xyz 4 points 1 year ago (1 children)

It's one of those high-risk, high-returns case scenarios. You gamble. If you succeed, you will be saving some buck. Some software licences can be very, very expensive.

There is no way of knowing the answer to your questions. You just use your intuition and take a leap of faith.

[–] dejalynn@kbin.social 2 points 1 year ago* (last edited 1 year ago) (1 children)

Some software licences can be very, very expensive.

When I was in art school in the early 2000’s, I worked with computer controlled weaving looms. The program for drafting patterns and running the AVL Compu Dobby on the loom was free to download. In order to use it, though, you had to have a $3000 usb key.

[–] Mothra@mander.xyz 1 points 1 year ago (1 children)
[–] dejalynn@kbin.social 1 points 1 year ago

The part that hurt was the ancient Mac II that ran the loom. When I encountered the Y2K bug on it, some upperclassmen said, “Oh we’ve just been turning the clock back a year.” Turned it back as far as it would go…1969

[–] DrJenkem@lemmy.blugatch.tube 3 points 1 year ago

Yeah checksums are useless. But if you know assembly, you could diff the original binary with the crack and look for anything malicious.

[–] stappern@lemmy.one 3 points 1 year ago

trusted sources.

[–] Pulp@lemmy.dbzer0.com 2 points 1 year ago (1 children)

Get software from reputable private trackers only

[–] b1ab@lem.monster 2 points 1 year ago

This is one of the single most important pieces of advice. Unless you have access to topsites, then this is about as close to the source as you are going to get, except for FitGirl repacks that can be DDLd from her site.

load more comments
view more: next ›