Not sure if this fits here…

An OPSEC community would probably say no, so I probably don’t need to ask in those communities. But I’m curious about a (digital) pirate’s perspective on this issue…

I mean, the sources listed here are supposedly “safe” right? But honestly, how much would you trust these “safe” sources?

When doing sensitive tasks like banking or filing taxes, do you:

  • Use a different OS on the same machine? (Dualboot)
  • Or put the pirated content inside a virtual machine?
  • Or just use a completely separate computer?

And since PC is much different than a Smartphone:

  • Would the extra sandboxing on Smartphones make pirating games on a Smartphone much safer compared to on a PC? (Not that there are much mobile games worth playing, just curious)

(PC in this context referring to all personal computers, regardless of OS)

And last question:

  • Non-installed/non-executable files such as .mp4 .mkv .mp3 .pdf .epub, are mostly safe right? I mean, you are using another program to opening it, not executing a file, there aren’t much attack vectors as long as the video player / ebook viewer is up to date right? (Or am I understanding it wrong?)
  • Commiunism@beehaw.orgEnglish
    7·
    5 days ago

    I’m on Linux, using Bottles to run pirated games. It adds a little bit of sandboxing, compatdata is usually a weird environment for malware to effectively work in (unless the malware is written specifically for it), if the game is really sketchy then I’d just disable network access for bottles flatpak too just to make sure.

    All in all, I do sometimes have a little bit of paranoia and look through processes to see if there’s anything running and periodically go through some folders to see if there’s anything weird or unusual there, I’d still consider my machine to be safe.

    As for the last question, PDF’s are an attack vector and should be used with caution. As for other file types, it depends on the software you use to run them - if it’s something pretty barebones that just plays it then it’s usually fine, but if its something more complex and reads some custom data embeded into those files, then it can be a vulnerability. Not a security expert though, but it’s the gist I got from looking at some historical vulnerabilities.

    • ancoraunamoka@lemmy.dbzer0.comEnglish
      5·
      5 days ago

      First thing a malware would do is to replace top/ps and related utilities, to mask itself. Or directly replace kernel calls. You will not notice by just checking running processes