Open Linux Forums
Like Ubuntu forums, except with beer.
Moderator
Joined: Oct 04 2017
Posts: 1193

Saw this in Join Diaspora this morning. Thought I'd post in case some use or are thinking on it.

https://www.zdnet.com/article/windows-and-linux-kodi-users-infected-with-cryptomining-malware/#ftag=RSSbaffb68

Administrator
Joined: Nov 08 2017
Posts: 964

Thanks.

Hadn't planned on using any of that, but it is always good to know about that sort of thing.

Member
avatar
Joined: Dec 31 2017
Posts: 116

So Android Kodi is still safe?

Moderator
avatar
Joined: Oct 04 2017
Posts: 206

I've never used Kodi myself.

Member
Joined: Oct 04 2017
Posts: 361

Mirknight wrote:

So Android Kodi is still safe?
I know this is late as hell but feel this needs said.

Kodi, not an application that I actually like all that much, has always been save to use. All the repos that offer "improvements" for Kodi are not trustworthy in the least.

I can't say I personally have anything against "piracy" of stuff on the web but it is a criminal offense. But being stupid enough to use Kodi as a tool for such is just that. Stupid.

While it doesn't appeal to me, I keep trying it about once a year and removing it a day or a week later, the project has my admiration. They do a good job of what they are doing. People misusing it with those "improvements" are giving it a bad name and could, possibly, destroy the project. Don't do that.

If you feel you need to - at least use your head. First get those "improvements" is a safe manner. Download them with a live session to a stick and then - very carefully and completely check them for malware.

And then if you use them use them with at least a good vpn and preferably the tor network. Being prosecuted (or persecuted if you prefer that term) is expensive and causes long term harm to yourself. This needs taken into consideration as a cost in your calculations.

In my opinion there is very little out there that is worth the risk but people do it all the time. They need to think on it a bit. May come up with an answer that is very different than mine. Fine with me. But think about it.

Member
avatar
Joined: Dec 31 2017
Posts: 116

Piracy is a very grey area legally. In most of the US (some specific locations have local laws that differ, but lack the means to find and prosecute offenders) only uploaders of pirated media (this is why torrenting pirated media is a big risk) can face any legal penalties.

Downloading pirated media is surprisingly still legal, though I have no idea why. I agree that using Kodi to do that is highly problematic, especially if laws related to receiving pirated media become a reality in countries which currently permit it. Another reason using Kodi is problematic is unless properly isolated [sandboxed] from the rest of the system, you're trusting a tool with dubious legality. Any site or app with dubious legality is always coming with some sort of risk, as displayed in pirateBay's use of browser-based bitcoin mining to mention one of the least problematic effects from one of the largest sites associated with piracy.

Member
avatar
Joined: Dec 31 2017
Posts: 116

I don't think PB still uses cryptominers but my point is the dangers of trusting those operating outside of the law.

Administrator
avatar
Joined: Jan 06 2018
Posts: 1684

My understanding is that Tor along with most, if not all, of the VPN's is now completely compromised.

Member
Joined: Oct 04 2017
Posts: 361

Mirknight wrote:

Piracy is a very grey area legally. In most of the US (some specific locations have local laws that differ, but lack the means to find and prosecute offenders) only uploaders of pirated media (this is why torrenting pirated media is a big risk) can face any legal penalties.

Downloading pirated media is surprisingly still legal, though I have no idea why. I agree that using Kodi to do that is highly problematic, especially if laws related to receiving pirated media become a reality in countries which currently permit it. Another reason using Kodi is problematic is unless properly isolated [sandboxed] from the rest of the system, you're trusting a tool with dubious legality. Any site or app with dubious legality is always coming with some sort of risk, as displayed in pirateBay's use of browser-based bitcoin mining to mention one of the least problematic effects from one of the largest sites associated with piracy.

If you actually study IP law you will find that the US is one of the most repressive countries when it comes to laws that effect their citizens behavior.

I use Debian. They are, actually like most distros, a bit reluctant to put out software that in illegal in ANY country. If you look in the deb-multimedia repo you will find some fine open source applications that are no in servers controlled by Debian because they don't want banned from those countries that have outlawed those applications. Like handbrake.

If you sort through all those applications and then list them under repressive governments you will find that the US actually outlaws more applications than say Iran. Or the Saudis.

A number of them are illegal to posses in the US. And are definitely illegal to distribute.

Remember that this is the country that gave MS the legal authority to actually be in charge of and plan physical raids on servers suspected of distribution of IP using US Marshals as MS deputies basically and lead by MS lawyers.

Watch your butt.

Member
Joined: Oct 04 2017
Posts: 361

warfacegod wrote:

My understanding is that Tor along with most, if not all, of the VPN's is now completely compromised.

I don't know about completely compromised but for most of us the only way onto any other network is first through our ISP. So your first connection is known. That is a pretty big deal and as any old hunter or farm/ranch hand that has to track animals in tough country will tell you that one true track is the one you have to find. Find that and you are better than half way to the next track.

I think if you live in a well populated area with unsecured wifi available, and several devices to connect with, you could probably be pretty secure on about any VPN if you used a rotating bunch of hardware to connect with and wifi spots widely spaced and not repeated. Expensive and very shaky due to any tracked animals tendency to, with enough tracks (evidence) to form patterns.

And all the tracker really has to do is be lucky once and you have to be lucky every time. Good luck with that.

So it doesn't really matter if they are totally compromised or not. All they have to be is accessible to a tracker once at the right time and you are screwed.

I have always thought that an independent, long haul truck driver may have the best chance of getting away with that sort of thing the longest. As long as they were actually independent and worked different odd hauling jobs through different brokers all the time. Would make for a long search for a pattern. Also have the risk of someone, sometime actually noticing the number of devices in your rig. That happens you are busted. But it could take years. And cost you several years because each devise would be a separate batch of charges.

This country is not the place to play that sort of games. Almost anywhere else is better. All are really not a good idea.