Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Viral Videos That Really Are Viral

Zonk posted more than 7 years ago | from the click-wisely dept.

157

davidwr writes to mention a BBC article looking at booby-trapped Windows codecs. While some codecs required for online videos actually let you watch your content, others are just excuses to infect your system with spyware or adware. As davidwr says: "Now virtual sex can make your computer sick." From the article: "Mr Robinson said many security firms were now logging instances in which spyware and adware firms are turning out software bundles that claim to roll together many popular codecs or just have the one needed to play a particular clip. Some of the codecs do help to play clips, but others are disguised as a variety of nuisance or malicious programs. Some rogue codecs plague users with pop-up adverts, while others invisibly install keyloggers that try to grab confidential data. "

cancel ×

157 comments

Sorry! There are no comments related to the filter you selected.

Firstimus Postimus (0, Troll)

DJCacophony (832334) | more than 7 years ago | (#16659383)

This is old news, we already knew that Macs could get GRIDS

Re:Firstimus Postimus (0)

Anonymous Coward | more than 7 years ago | (#16659529)

"Could" get? I thought it came bundled.

One way to know if code is safe to run (1, Troll)

ajs318 (655362) | more than 7 years ago | (#16659401)

There is exactly one way to know if a piece of software is safe to run:

READ THE SOURCE CODE.

If they won't let you read the source code, it's because there's something in there they don't want you to see. If they don't want you to see it, that means they're ashamed of it. Avoid it.

Re:One way to know if code is safe to run (3, Funny)

Anonymous Coward | more than 7 years ago | (#16659449)

Not everyone can read source code you elitist asshole. Not to mention, I don't feel like stopping in mid wank to read the source of a codec I need to watch a pr0n clip.

This is 2006 - get with the times (2, Funny)

Anonymous Coward | more than 7 years ago | (#16659675)

With translucent windows, you can write or audit source code while jacking off to hentai.

And no, it's not a productivity boost. This is actually one of the reasons Vista took so long, tho it can be a source of inspiration. Obviously Vista's protected mode was inspired by a posh wank.

Re:One way to know if code is safe to run (1)

mrjb (547783) | more than 7 years ago | (#16659501)

You don't need to be ashamed of your code not to want other people to read it. It just might be that you don't feel like giving away your life's work. Or that keeping the source closed is the only way not to be sued for patent infringement.

Re:One way to know if code is safe to run (0, Troll)

ajs318 (655362) | more than 7 years ago | (#16659875)

If you want me to run something on MY computer, I have a RIGHT to see the source code. If you don't want me to know what is in a cake you're baking, there's no way I'm going to let you bake it in MY kitchen.

By the way, evaluating Source Code with which you can show you have no association to determine its suitability for use (or otherwise) is a Service which may be considered to have Value.

Re:One way to know if code is safe to run (3, Insightful)

MightyYar (622222) | more than 7 years ago | (#16659987)

But do you only eat cake baked in your own kitchen? Would you give up a piece of cake that everyone is raving about because the recipe is a secret? What if the baker had a solid reputation and thousands of satisfied customers?

I'm not sure why someone would have higher standards for what they run on their stupid computer than for what they allow into their body.

Re:One way to know if code is safe to run (1)

The_Abortionist (930834) | more than 7 years ago | (#16660055)

> If you want me to run something on MY computer, I have a RIGHT to see the source code.

I don't want you to run my software on your computer if you're not going to pay for it. So I guess we have an agreement then.

Re:One way to know if code is safe to run (3, Insightful)

ehrichweiss (706417) | more than 7 years ago | (#16660505)

"If you want me to run something on MY computer, I have a RIGHT to see the source code."

First things first, it is usually less of THEM wanting something run on your computer and more likely YOU wanting to run it. If it's freeware that scenario is lots more likely since they don't make money for every installation, etc. so they couldn't care less.

Next, you don't have a "right", you have a desire. If they publish the source code then you have the right to view it, otherwise you're SOL. You're likely not a king or otherwise powerful enough person to get such things done so put your words in some perspective.

Re:One way to know if code is safe to run (1)

bberens (965711) | more than 7 years ago | (#16661071)

You don't even have the RIGHT to a telephone conversation unmonitored by a government agent without a warrant. Start there, and then come back to me with your piddly little 'I want to see source code' complaints. Asking to see the source from a software company is like asking for the recipe for Coke from Coca Cola. One day you'll just have to get over the fact that most companies will not embrace the open source movement. Whining doesn't help.

Re:One way to know if code is safe to run (2, Insightful)

CastrTroy (595695) | more than 7 years ago | (#16659543)

Although that's a little bit extreme, you can't possibly read and understand the source code for every single program you run, it makes a lot of sense. If they are willing to put the source code out there, then they are most likely not going to try and fool you. If they do, then you have the evidence of what they are doing. This is why the first place I go to look for software is Sourceforge. Because everything there is open source, I can be pretty sure that there's no adware, spyware, or other malicious things lurking around. Also, it's the best way to get full featured tools without paying anything. Searching for freeware using google or any other means other than sourceforge/freshmeat, means I have to take a lot of care to figure out what's spyware, and what's not, and which ones will expire in 15 days.

Some of us have a life (2, Insightful)

everphilski (877346) | more than 7 years ago | (#16659567)

Some of us have a wife and kids, a full time job, working on a masters/Ph. D, other commitments outside the daily grind. We don't have time to sit down and scrutinize every bit that enters our computers (I could - I'm a compotent programmer. That's not the point.). If I choose to download something I trust the developer. I have a level enough head on my shoulder to figure out what looks fishy and what doesn't. And if, for some reason, something bad does happen? Takes but 10 minutes to reimage a drive. Big deal.

That being said the primary machine at home for gaming/surfing is a windows box. Between me, my wife and my kids I don't think I've had to reformat it since it was built.

Re:Some of us have a life (1, Funny)

Anonymous Coward | more than 7 years ago | (#16659973)

I'm a compotent programmer
Too bad you're not a competent speller.

Re:Some of us have a life (1)

everphilski (877346) | more than 7 years ago | (#16661241)

Too bad you're not a competent speller.

Too much work to do to give a damn about spelling, did you read my post? :)

Re:Some of us have a life (1)

lerxstz (692089) | more than 7 years ago | (#16660417)

Compotent programmer; "Competent omnipotent important component coder"?? :-)

Read the Source code? Are you serious? (3, Insightful)

runlevel 5 (977409) | more than 7 years ago | (#16659773)

Outside of the scope of this article, there are dozens of reasons not to relase your sourcecode, among the most common being the proffit motive. A A lot people look at OSS with are "why by the cow when you get the milk for free" attitude. What about companies that haven't yet copyrighted or patented the algorithims in their software before they go to market? And do you really think companies like Adobe and Autodesk are ashamed of their award winning flagship software packages? Quite honestly, your last argument is utterly rediculous. To bring things a bit closer to home, it's often way simpler, smarter, and faster to distribute codecs in binary form. People just want them to work right away without firing up the windows equivalent of "./configure --with-notrojans". If they have trade-secret compression algorithims, then your company may not want to give them to your competitors. Finally, even if the source code were made public, users have to read thousands of lines of code before knowing if it was "safe" or not. I seriously doubt you'd find any comments that say ""// Computer-destroying virus begins here". And safe is a relative term, because for some machines a segfault is just as bad as a trojan horse.

Re:Read the Source code? Are you serious? (1)

ratboy666 (104074) | more than 7 years ago | (#16660075)

Trade Secret -- sure, that's a reason.

But, I still prefer "open source". Profit is not the issue. If someone I trust has a look, its good enough. And I don't trust most vendors.

I personally don't read all the code; not enough time, but I do prefer if it is possible, and if I can get a proxy to do it. I don't run "binary only" software, unless it is in a sandbox (and not directly connected to the internet or internal network).

FYI: Anything published is pretty much under copyright.

Sure, distribute the codecs (or whatever) in binary form -- but I assert it is negligent to run a binary only program, unless you trust the vendor/supplier (if you are connected via high-speed link to the internet).

I don't care if is a codec, or a major application. Its just wrong.

Again, FYI: As long as this is the custom, you will see malware of various sorts.

Raboy

Source code is NOT enough (1)

davidwr (791652) | more than 7 years ago | (#16659911)

A paper from the '70s said it best: Trust has to start somewhere, and nothing is trustworthy.

You can't trust your application source code unless you trust your build and execution environments. This means trusting everything from the chip and motherboard to the firmware to the boot loader to the OS to the compilation environment to the run-time environment. We are already seeing trust issues with virtual machines eating colorful pills when the underlying real machine is compromised.

If there's a trustworthy place to get a PC, OS, build-environment, and run-time libraries, there's probably a trustworthy place to get codecs and other application binaries too.

If you are really paranoid, get a trusted PC with a OS and build- and run-time environments even if it's not one to your liking, then build your own environment, create an install image, install it, then build your codec from source. Very few of us have the time to be that paranoid.

Re:Source code is NOT enough (1)

lisaparratt (752068) | more than 7 years ago | (#16660121)

Far out reading disc E:

(T)urn on, T(u)ne in, (D)rop out?

Re:Source code is NOT enough (1)

ajs318 (655362) | more than 7 years ago | (#16660347)

No, source code alone is not enough; but it's a bloody good start all the same. Even if you don't understand it yourself, you can always show it to someone who does.

The reason source code is not a sufficient condition for security is that the compiler (which you have to run as a binary) may produce binaries that do something other than the source code fed into it would suggest. If you use it to compile the source code for a compiler, it might produce a "dirty" compiler which similarly mungs any source code fed to it. You can get around that by writing a simple C interpreter in assembler, just able to run the C compiler interpretatively as it compiles itself. Even then, you can't be sure that, say, a MOV instruction will just move a value from one register to another. Beyond that, you really need to build your own processor from discrete components.

Re:One way to know if code is safe to run (1)

klingens (147173) | more than 7 years ago | (#16660351)

Have you ever seen the sourcecode of your BIOS EEPROM?

Re:One way to know if code is safe to run (0)

Anonymous Coward | more than 7 years ago | (#16661601)

It's exactly this kind of unilateralism that gives OS a bad name.
'I AM CORRECT! YOU ARE WRONG! BOW TO MY MIGHTY RTFM!'

And if you use those codecs with MPlayer on Linux? (1)

mrjb (547783) | more than 7 years ago | (#16659405)

Will your box be at stake then?

Re:And if you use those codecs with MPlayer on Lin (4, Interesting)

$RANDOMLUSER (804576) | more than 7 years ago | (#16659517)

Running Linux does not make you invincable. It would be an easy thing to include some "if (OS == LINUX)" code. A captive Linux box is a worthier target than an XP box, and there are no "automatic" tools to sweep it clean. Many Linux users don't know all the things running on their box, nor pay much attention to it. Do YOU know what all the processes from "ps -ef" do? Are you sure that the process named is really that process?

Re:And if you use those codecs with MPlayer on Lin (0)

Anonymous Coward | more than 7 years ago | (#16659635)

dumbest post ever

Re:And if you use those codecs with MPlayer on Lin (1)

The Cisco Kid (31490) | more than 7 years ago | (#16659949)

Yeah an "if (OS = LINUX)" in a .EXE file would be so dangerous to a linux box, riiiiight.

How about this - video sites stop trying to serve codecs and special players, they just serve the video DATA, and let the user decide what software to use to play them.

If you see 'click here for the video' and its 'http:// [..] / [..] .EXE' - heres a hint - its not a video, its malware.

Re:And if you use those codecs with MPlayer on Lin (1)

morgan_greywolf (835522) | more than 7 years ago | (#16660493)

Yeah an "if (OS = LINUX)" in a .EXE file would be so dangerous to a linux box, riiiiight.

It depends on whether or not Wine is on the box. On an Ubuntu or Debian box, for instance, .exe files are, by default, associated with wine in the GNOME mimetypes. Before you say "Yeah, but anyone bright enough to be running Wine isn't gonna just automatically click on an .EXE", realize that installing and configuring Wine is very easy these days with programs like winetools [von-thadden.de] .

If Wine is on the box, all bets are off. The .EXE could easily embed a Linux binary payload and even execute it (or at least cause it to be executed).

Of course, if you don't run wine apps as root and you have taken reasonable security precautions, the damage that can be done is limited.

Re:And if you use those codecs with MPlayer on Lin (1)

jandrese (485) | more than 7 years ago | (#16660765)

To be honest, I'm not that worried about the Wine infection vector. It's my experiance that even well behaved programs are a crapshoot in Wine, trying to get something underhanded working in Wine would be a nightmare, especially with all of the different versions out there.

Re:And if you use those codecs with MPlayer on Lin (1)

MbM (7065) | more than 7 years ago | (#16660595)

I think you missed the point of the article. You attempt to play a file in your favorite media player and the following message pops up:

"Could not find codec for proprietary-spyware-codec; would you like to install the spyware from the website?"

(Obviously not worded so blatently)

Re:And if you use those codecs with MPlayer on Lin (1)

ehrichweiss (706417) | more than 7 years ago | (#16660843)

Are you that obtuse that you can't read between the lines OR notice what the real issue is here?

The "if(OS=LINUX)" doesn't have to come in a ***Windows*** exe, or did you not think about that? And most of the malware like this doesn't portray itself as an .exe but can be a dll or otherwise AND on video sites like TFA is talking about, you go to download the video and are unable to view it and then they suggest you use their codec, not once will you see "http://blah.com/blah/blah.exe" since most is done with ActiveX or the like. The weak link here isn't the computer or operating system. PEBCAM.

Re:And if you use those codecs with MPlayer on Lin (3, Informative)

element-o.p. (939033) | more than 7 years ago | (#16660543)

and there are no "automatic" tools to sweep it clean

meh...not sure I entirely agree with you here, although I will concede that many Linux users don't know what tools are available and even less use those that are available on a regular basis.

Tools that I use regularly to keep tabs on my boxen:
1) http://www.chkrootkit.org/ [chkrootkit.org] chkrootkit: can be run from cron to look for suspicious files and rootkit signatures;
2) netstat -ep: to show what processes are using network connections;
3) lsof: to show what files on your system are open, who opened them and with what process they were opened;
4) http://www.tripwire.com/ [tripwire.com] Tripwire or http://www.gecko-ak.org/Sentinel/ [gecko-ak.org] my own, open-source, much less functional, still really in development Tripwire-like file system auditor: to check for changes in binaries, config files or anything else on your file system that you would like to keep tabs on;
5) http://www.insecure.org/ [insecure.org] nmap: to remotely scan computers on your network for open ports, and to audit the services using these open ports;
6) http://www.nessus.org/ [nessus.org] nessus: like nmap, only different;
7) tcpdump/ethereal/wireshark: to monitor packets in or out of your computer;
8) http://www.snort.org/ [snort.org] snort: okay, I haven't (yet) used this one, but it's the open-source standard for IDS;
9) http://www.bitdefender.com/ [bitdefender.com] bit defender: anti-virus for Linux--we had to use this once at work to remove a Windows virus that had infected our Samba shares (note: the Samba server wasn't infected, but the Windows machines that were mounting shares from the Samba server were--and they kept rewriting infected Windows executables to the server).

So, no most of these aren't automatic, and most of these won't clean your Linux PC's, but there are a host of tools that you can use to detect problems on your Linux computers. And, if you're really paranoid, there are several vendors that provide anti-virus software, just like what you find on your Windows machines.

Re:And if you use those codecs with MPlayer on Lin (1)

zbyte64 (720193) | more than 7 years ago | (#16659747)

Simply put, not likely

1) The installer for these "codecs" is probably what installs the spyware, not the codec itself. So unless you ran the installer on wine I don't really see how you could install the codecs. And if you did install it on wine, there's no gaurantee the spyware would be able to run on wine and it would be rather strange to see an instance of wine running even after the installer is finished.

2) If the codecs are simply in a zip file and the spyware is embedded in the DLL then the spyware part of the codec will make calls that mplayer's environment will not likely provide it.

A person below your post said that this was the dumbest post ever, sadly he was modded down, but then again, he didn't explain why.

serves yah right (1)

jedimastermopar (1015773) | more than 7 years ago | (#16659417)

serves yah right for downloading your codecs from limewire just like your porn.

Re:serves yah right (3, Insightful)

pegr (46683) | more than 7 years ago | (#16659489)

I have to agree. This has been going on for quite some time, at least a couple of years. That's why I simply don't use codecs that come from questionable sources. You wouldn't run just any arbitrary program, would you?

But wait, if there's porn involved... :)

Re:serves yah right (1)

PlasticArmyMan (967433) | more than 7 years ago | (#16660185)

The thing is, people do. I've seen on numerous occasions on Limewire and such networks an executable or a zip file for Microsoft Office or Windows XP that is something ridiculously small like 100k. It exists because some twat clicks on it and wonders why a small window opens and then vanishes shortly before their system grinds to a halt...

Re:serves yah right (1)

johnmorganjr (960148) | more than 7 years ago | (#16659555)

porn?? yes!! yes!!

STDs (2, Funny)

guybert (827110) | more than 7 years ago | (#16659421)

Now your computer can get STDs as well!

Re:STDs (3, Funny)

spun (1352) | more than 7 years ago | (#16660135)

Now your computer can get STDs as well!

Stupidity Transmitted Diseases?

Naaah... (1)

Svartalf (2997) | more than 7 years ago | (#16661049)

In the case of the computer, it's PTD's...Pr0n Transmitted Diseases...

How is this any different? (1)

rreyelts (470154) | more than 7 years ago | (#16659447)

At first glance I thought the article was talking about security flaws in trusted codecs that allowed malformed content (i.e. videos) to install virii, etc... That's a little scary - much akin to the libjpeg flaw from a year back or so.

However, this article is talking about something much more inane. Why do people expect that codecs downloaded from arbitrary untrusted sources would be any less free of viruses, adware, etc... than any other random executables obtained off the net?

Re:How is this any different? (2, Interesting)

DragonWriter (970822) | more than 7 years ago | (#16659577)

Why do people expect that codecs downloaded from arbitrary untrusted sources would be any less free of viruses, adware, etc... than any other random executables obtained off the net?


Probably because only a minority of users realize that a "codec" is a kind of "executable" or "program", rather than a some kind of electronic "key" or "description" that enables a media player to decode a particular kind of media file. Its not like the boundaries between safe (or at least, safer) "data" and dangerous "code" are always obvious to non-technical users.

Re:How is this any different? (3, Funny)

99BottlesOfBeerInMyF (813746) | more than 7 years ago | (#16659605)

Why do people expect that codecs downloaded from arbitrary untrusted sources would be any less free of viruses, adware, etc... than any other random executables obtained off the net?

The average person assumes data they download will not be able to infect their computer. What kind of an idiot would design a computer such that it lets a random codec someone downloads run as an executable and have access to read their e-mail addresses, capture keystrokes, etc., especially in this day of malware. MS should have fixed this long ago. It looks like Apple has ported MAC from TrustedBSD and will be solving this in OS X 10.5. Maybe t is time you stopped blaming the user for making reasonable assumptions and started looking at just how badly designed most OS's are these days.

Re:How is this any different? (1)

The Cisco Kid (31490) | more than 7 years ago | (#16659863)

s/most OS's/a certain mainstream OS (but very few others)/

Re:How is this any different? (1)

0racle (667029) | more than 7 years ago | (#16660279)

If an application you want to have access to that data can access it, an application running under the same or higher credentials that you don't want to have access to that data can access it. OS X and Linux/UNIX might be a little better designed then Windows, but they do not magically know what should and should not be happening.

Most of virus and spyware infections are the users fault. Computers are meant to do what the user tells them to do, most users tell computers to do stupid things so they do them.

Re:How is this any different? (1)

99BottlesOfBeerInMyF (813746) | more than 7 years ago | (#16660797)

If an application you want to have access to that data can access it, an application running under the same or higher credentials that you don't want to have access to that data can access it. OS X and Linux/UNIX might be a little better designed then Windows, but they do not magically know what should and should not be happening.

Ever run SELinux? It isn't a matter of higher or lower credentials, but of mandatory access control lists that specify exactly what an application/process can access. In this case, a codec should be able to take an input from the player and hand an output to the player and that is it.

Most of virus and spyware infections are the users fault. Computers are meant to do what the user tells them to do, most users tell computers to do stupid things so they do them.

Bullshit. It is not a reasonable assumption for the average person to assume something they download will have complete access to do anything it wants. Ask the average person if double clicking on something called "funny_picture" can and should be able to give someone access to all the e-mail addresses they have stored. The naive assumption that people will only run programs they trust should have died many years ago, when computers became commonplace and so did malware. The only reason Windows has not been fixed to prevent this is because MS has a monopoly and does not have to react to customer demand. The only reason other OS's don't have this, is that they are designed for use in situations where malware is not a problem (OS X, desktop linux distros). Even so, both OS X and the remaining Linux distros at least have these technologies in their roadmaps for the very near future.

People want to run untrusted software. The OS should be providing them with an easy, secure, usable way to do so.

Re:How is this any different? (1)

0racle (667029) | more than 7 years ago | (#16661813)

Bullshit. It is not a reasonable assumption for the average person to assume something they download will have complete access to do anything it wants. Ask the average person if double clicking on something called "funny_picture" can and should be able to give someone access to all the e-mail addresses they have stored.
Is that so? Ask the average person how a computer works. I doubt you'll get any sort of coherent answer. To the average user, a computer is a magical white box that they don't understand. They will pretty much believe whatever you tell them about computers. Until people learn that computers are not a toy and to use it properly you do have to learn something about it, users are the largest problem.

Ever run SELinux?
Ever seen the average user set up SELinux or any other type of ACL? We're talking about people that don't maintain computers professionally remember. It is more reasonable to expect users to format their system every month or so then it is to have them set up good, or even useful ACL's. These are the types of people that just say 'Yes' to everything. On top of all that ACL's require setting up by someone with a good understanding of what the computer will do, what each application does and exactly what should and should not be allowed. Not only does the average user not fall into that catagory, but most system admins, techs and developers don't either.

Re:How is this any different? (1)

rreyelts (470154) | more than 7 years ago | (#16660371)

The average person assumes data they download will not be able to infect their computer.

And how did this get modded as insightful? Codecs aren't data, they are programs. What's your first clue? CODEC stands for Compressor/Decompressor (Here's a linky [wikipedia.org] for you). I actually worked on a wavelet codec almost 10 years ago, before anybody had heard about them in relation to JPEG2K.

If you want to argue that operating systems should secure users from malevolent programs that is an entirely different ball of wax. That's a hard problem, and it's what Sun and Microsoft have been trying to solve by creating sandboxes through VMs with the JVM and CLI.

Re:How is this any different? (1)

99BottlesOfBeerInMyF (813746) | more than 7 years ago | (#16660965)

And how did this get modded as insightful? Codecs aren't data, they are programs.

So? Data is the extreme case, which on Windows is not often differentiated from executables in the UI. To the end user, a codec is simply a decoder ring and there is no reason it should be able to adversely effect the computer.

If you want to argue that operating systems should secure users from malevolent programs that is an entirely different ball of wax. That's a hard problem, and it's what Sun and Microsoft have been trying to solve by creating sandboxes through VMs with the JVM and CLI.

It's a complex problem, but it is one that should be mitigated in every mainstream, desktop OS. In this particular instance, codecs require very, very limited access to the system. Why are codecs not restricted to taking input from the player and handing it back? Why should they have any other permissions? By default they certainly should not. If there is some weird case where they need it, the user should have to explicitly enable that.

Solaris, SELinux, and TrustedBSD all have this functionality, but it is mostly aimed at advanced users and servers. It absolutely needs to be brought to consumer desktops with a good GUI and sensible defaults. Hopefully it will be done properly in OSX 10.5 and MS can copy that.

Do you have ANY idea how this works? (1)

DeadCatX2 (950953) | more than 7 years ago | (#16661851)

What kind of an idiot would design a computer such that it lets a random codec someone downloads run as an executable and have access to read their e-mail addresses, capture keystrokes, etc., especially in this day of malware.

Are you for real?

Have you ever heard of a buffer overflow? That's pure data - hex bytes, etc. A buffer gets properly crafted with malicious data that can point the Program Counter of the microprocessor into data memory, which is entirely possible with these Von-Neumann architectures [wikipedia.org] that we use. And where does the PC end up pointing? To some machine-code, which does something like launch a shell.

So, because John Von Neumann designed a memory architecture that allows data to be executed as code, do you think he's an idiot too?

And even forgetting for a moment that data will always represent a possible attack vector (unless we change the way RET works, or we switch to Harvard architectures [wikipedia.org] ), a codec is essentially a program that uses instructions to operate upon data, changing it from one format to another. The codec author can make these instructions be anything at all, as long as it interfaces properly to DirectShow or whatever the Unix equivalent is.

Besides. You still have to run an installer to put the codec into your system and register it with the appropriate software components.

Re:How is this any different? (1)

kabocox (199019) | more than 7 years ago | (#16661867)

The average person assumes data they download will not be able to infect their computer. What kind of an idiot would design a computer such that it lets a random codec someone downloads run as an executable and have access to read their e-mail addresses, capture keystrokes, etc., especially in this day of malware. MS should have fixed this long ago. It looks like Apple has ported MAC from TrustedBSD and will be solving this in OS X 10.5. Maybe t is time you stopped blaming the user for making reasonable assumptions and started looking at just how badly designed most OS's are these days.

I agree with you. This is a tech problem rather than a user problem. I remember back in college browsing for porn or warez the only big things to beware of were the porn dailer.exe that wanted your computer to dail out to a 900 number for porn and also the sites that would open 10 windows or the warez sites that made you read the porn site to find their warez site password (that was some times pretty fun.) Now, a day with spy ware, malware, adware and these porn codecs it has just gotten annoying. I downloaded a .avi porn file the other day. I tried to play it. I use either media player or videolan player. Those tso programs should play most of what I download. When an avi that I got off of some random P2P search requires a porn codec to run, I've given up. There is just too much garabe and traps out there. I don't know why I even bother to hunt more porn when I already have GBs of it already.

Re:How is this any different? (1)

Phroggy (441) | more than 7 years ago | (#16660799)

However, this article is talking about something much more inane. Why do people expect that codecs downloaded from arbitrary untrusted sources would be any less free of viruses, adware, etc... than any other random executables obtained off the net?

Because as soon as they do, fresh porn is waiting for them! Or so they've been told.

Question (0, Troll)

jackharrer (972403) | more than 7 years ago | (#16659467)

Let me guess - only one very popular operating system affected?

Re:Question (1)

MightyYar (622222) | more than 7 years ago | (#16660061)

Probably, but this technique would work on Mac or Linux, too. Actually, the Linux crowd might be a little skeptical of an "installer"... what the hell is that??? You mean make install?

Re:Question (1)

nacturation (646836) | more than 7 years ago | (#16660243)

Probably, but this technique would work on Mac or Linux, too. Actually, the Linux crowd might be a little skeptical of an "installer"... what the hell is that??? You mean make install?

Good point. And how many Linux users download some source code and run sudo make install without any code review first?
 

Moo (2, Funny)

Chacham (981) | more than 7 years ago | (#16659479)

Videos infected with viruses, video at 11.

Few examples or details (0)

Anonymous Coward | more than 7 years ago | (#16659499)

The article doesn't say much or give any details you can work with. I suspect codecs themselves are immune as infection vectors as they are not executables. WMP files can cause a redirect to a web site and have licensing which cause me no stay away from them.

As far as codecs, I stick with the K-lite codec pack or K-lite mega codec pack (which features quicktime and real without all the startup crap). Don't download video that is packed in an executable, and if it doesn't play with the k-lite codecs, you don't need to watch it.

Re:Few examples or details (1)

dunkers (845588) | more than 7 years ago | (#16660693)

Codecs are executables - they're basically DLL's with specific calls exported to suit the multimedia subsystem. Windows Media Player also downloads codecs automatically if you let it, so all the bad guys need to do is make sure Windows knows where their codec is located then give you a video that will require it. Windows will then toddle off and run the malware completely automatically.

Re:Few examples or details (1)

grondu (239962) | more than 7 years ago | (#16660751)

Suspicious... (0)

Anonymous Coward | more than 7 years ago | (#16659503)

Just as people are taking to qt and real alternative this news comes out.

WARNING: Unofficial kool-aid is bad for you!


Media codecs suck. I encode theora, are people going to stop installing that in favor of official DRM malware because of this? How very...

Install FFDShow (1)

N8F8 (4562) | more than 7 years ago | (#16659513)

Install FFDShow [free-codecs.com] , Flash and Quicktime. If it don't play then it ain't woth playing.

Re:Install FFDShow (1)

Salsaman (141471) | more than 7 years ago | (#16659559)

What about ogg theora and x264 ? Without those, you are missing a) the most popular Free codec, and b) probably the best "Free" codec available today.

Re:Install FFDShow (1)

N8F8 (4562) | more than 7 years ago | (#16659741)

I believe both are currently supported.

Re:Install FFDShow (1)

just_another_sean (919159) | more than 7 years ago | (#16659749)

Not sure about x264 but I'm pretty sure that ffdshow does support theora with their latest release.

Related links:
Wikipedia [wikipedia.org]
afterdawn.com [afterdawn.com]

Re:Install FFDShow (1)

CastrTroy (595695) | more than 7 years ago | (#16659915)

Well, if you want to play x264, you can just use quicktime, which is one of the things your parent mentioned. If you want to play Ogg Theora, then you can install that, although I don't think it's really that popular. I can count on one hand the number of videos i've downloaded that were encoded using Ogg Theora. And they weren't anything that was really worth seeing.

Re:Install FFDShow (1)

Snover (469130) | more than 7 years ago | (#16660639)

The latest version of ffdshow supports both Theora and X.264 (AVC1). X.264 needs to be manually enabled, but it is there, and it works great.

Re:Install FFDShow (0)

Anonymous Coward | more than 7 years ago | (#16659679)

The best package I've seen to date is the K-Lite Mega CodeC Pack. If you can't view a particular video with that package, get a mac! ;-)

Re:Install FFDShow (1)

Antiocheian (859870) | more than 7 years ago | (#16660753)

Yes, FFDshow and codec packs are nice, but the reliance on DirectShow is still disturbing.

The best solution is to avoid DirectShow and Media Player (or Windows Media) completely.

You can use the VideoLan client. It is faster than DirectShow and does not rely on codecs. And it will never download executable code.

hmmm... (1)

testednegative (843833) | more than 7 years ago | (#16659541)

that takes STD's to a whole different level. lets get the ball rolling.
Spyware Through Download

Combined Community Codec Pack (5, Informative)

TheSHAD0W (258774) | more than 7 years ago | (#16659597)

I'm going to personally recommend a codec pack called CCCP [softpedia.com] , or the Combined Community Codec Pack. It's primarily meant for viewing anime, but I've never come across any video it couldn't play (aside from MOV [free-codecs.com] and RM [free-codecs.com] ). It claims to be free of any sort of malware, and there are a lot of good people vouching for it.

If anyone has any information about malware being present in this codec pack, please respond to this post; since I have this installed on my system I'd be very interested in hearing it. :-)

Re:Combined Community Codec Pack (1)

Nanoda (591299) | more than 7 years ago | (#16659895)

Don't have mod points, so I'll just second your post. CCCP [cccp-project.net] is actually a bunch of separate packages, including ffdshow and others. Lots of work goes in to making sure all the codecs work together, and that it's installable / uninstallable / upgradeable with minimum hassle.
I haven't seen a file yet they won't work on, and they're efficient enough to allow my underpowered laptop to have full-screen video.

I've got nothing against Russia... (1)

benhocking (724439) | more than 7 years ago | (#16659945)

But naming a codec after the former Soviet Union [wikipedia.org] does not exactly inspire confidence.

Re:I've got nothing against Russia... (0)

Anonymous Coward | more than 7 years ago | (#16660831)

They say that true irony requires two audiences: those that "get it", and those that don't.

Re:I've got nothing against Russia... (0)

Anonymous Coward | more than 7 years ago | (#16661725)

Isn't that supposed to be 10 audiences?

Re:Combined Community Codec Pack (2, Informative)

thelost (808451) | more than 7 years ago | (#16660093)

I will second that recommendation and state that in my personal experience there has never been any spyware or viri in CCCP.

The obvious alternative is of course VLC - however a lot of people will be turned off by VLCs apparent lack of spit and polish compared to other video players for windows, mainly because it is not always simple to use & it's seek bar sucks ass; devs flatly refuse to do anything about that (although it's my understanding that the way it's currently written it is actually impossible to fix the seekbar).

Re:Combined Community Codec Pack (1)

bmajik (96670) | more than 7 years ago | (#16660471)

The CCCP is a great project, and i've dropped into their IRC channel before with bug reports / problems / questions. CCCP works on Vista and lets you get softsubs, mkv support, etc under Media Center on both XP and Vista.

I've only found a small sampling of content that doesn't "just work" with CCCP, in which case, VLC usually suffices. To be fair, to get CCCP playing how i want in MCE i usally set Haali to always load VSFilter, and i set ffdaudio to SPDIF passthrough for ac3/dts, which means i can only mute/unmute those audio streams with the MCE remote. Also, I configure the Haali splitter for my language preferences so that i don't have to try and get WMP/MCE to talk to the stream switchers in those formats (it doesn't).

Re:Combined Community Codec Pack (0)

Anonymous Coward | more than 7 years ago | (#16661453)

Que?

Re:Combined Community Codec Pack (1)

bmajik (96670) | more than 7 years ago | (#16662081)

No Comprendo.
Verzeihung. Viederholst, bitte.
sumimasen, wakarimasen.

all i can figure is that you are making some pun/joke about setting language preferences, in which case, i'll elaborte.

Haali Media Splitter lets you set audio/subtitle language sets in a prioritized list, so soft subbed content in MKV or OGM containers can display the right streams according to your preferences.

If i can get it, i like japanese audio with english subtitles, but if i cant, i like english audio with no subtitles. Haali contains all of the stream mathcing/selection logic to encode my preferences so that i dont need to hit any buttons to get the right language/subtitle tracks, assuming the MKV is authored with language tags on the streams. If not, MKVToolnix can add the tags and re-encode the media (without actually doing a decode/re-encode of any streams... it just updates stream metadata)

Codec packs are for morons (1)

dark_requiem (806308) | more than 7 years ago | (#16659601)

Codec packs are for suckers, I think most people should know that by now. Even when everything in them is legit, you end up with a dozen codecs for a given format, which you don't need, and are bound to create problems. Besides which, you want to be sure you're using the best codecs for a given format, which is harder when you have a dozen to chose from. You should always install individual codecs for a specific format. Go to this page [inmatrix.com] for a list of all common formats and specific codecs to use for each of them (they also make a bitchin' media player, and, no, I do not work for them). I followed this guide to install codecs on my system, and I have yet to run into a video format I can't play.

Actually, I have run into one "format" I can't play, and that's Vodei. Another problem with codecs is jerks like this. The video and audio are already encoded, but they add an additional useless layer so you have to buy the vodei "codec" to play a movie, even though you may already have the proper codecs to actually decode the video data. So just a brief PSA, don't buy vodei or download movies that use it, it's a scam

In short, do it yourself and you'll do it correctly, stay away from codec packs.

Re:Codec packs are for morons (0)

Anonymous Coward | more than 7 years ago | (#16659709)

These Windows codec packs work great with mplayer in Linux.

Re:Codec packs are for morons (0)

Anonymous Coward | more than 7 years ago | (#16661013)

I use Zoom Player primarily, as well as VLC and Media Player Classic. What bugs the shit out of me is that I really need all 3. And all 3 crash spectacularly on various media, many times rendering my system unusable for minutes at a time. They all have problems skipping forward on some media.

In Zoom Player, GraphEdt.exe crashes all the time, particularly on low grade webcam type videos. When it does crash, it can hose my system for several minutes if not permanently, making the windows UI so unresponsive it takes minutes to open Task Manager and kill it. It also seems to like to play subtitles by default, especially if they are in a mkv container. I like Zoom Player's customizability the best tho. I just replaced my 2 Via Epia media systems with Pentium M 770 on the Aopen i915GMm-HFS mobo (with bultin DVI/Component 1080p video out). But before that I had to use a specific version of PowerDVD's MPEG2 codec for Hardware accleration to work on the Via systems, which only Zoom Player supported well.

I use an IR keyboard, along with an IR remote that has learned the keyboards cursor keys, space bar etc so I can use a remote or the keyboard to navigate in the apps. It's annoying that I need all three players because I have to go and set up the keybinds in each.

Media Player classic doesn't cut it because it's UI is so bad. It also has crashing issues on various videos, or hangs on media occasionally.
VLC is okay, but it has crashing issues too. It's UI is a little better, with at least some on screen display stuff, but pause is 'squishy' (it's not immediate). And why does the slider have to jump in increments when I click it? Why can't it just jump right where I clicked? I guarantee, that almost no one, when they click just to the right of the slider, expects the slider to jump PAST where they clicked.

Fast Forward and Skip ahead in these apps is atrocious as well. I know that at a certain point it is the media itself, and jumping into a bunch of P frameslooks like garbage until you get another I frame. But Zoom Player and MPC just HANG. Or take 30-60s to I guess process every frame to get there, sometimes more. VLC handles this the best, but I am usually only using it after one or the other has already crashed on the media...

The one feature I miss in all of these players is Xine's 10% increments on the number keys. I had it set up so 1-0 did 10%/20%...100% on the keyboard. So much easier than skipping ahead Xseconds 20 times. I had a MythTv setup a couple of years ago with all the players, but it just took so much effort to get going on the Via systems at that point. I would consider going back, on my new systems, but again with the i915 having hardware support for mpeg2, I can only imagine the custom driver/kernel/xine-mplayer rebuilding nightmares from my past.

And don't get me get me started on the various encoders, like MeGUI, etc. You need as PhD in signal processing to figure these things out. And the only way to get there is by reading hundreds of contradictory posts in the forums.

OH, and while I'm at it... the forum software used on most sites and doom9? When I do a search for something, I don't want to be taken to an index that says 'Somewhere in the next 213 pages of posts in this thread, your search phrase was used'. Seriously.

VODEI (2, Informative)

LCookie (685814) | more than 7 years ago | (#16659649)

Can anybody say Vodei??
This is not even a Codec, it's a wrapper. Vodei infected AVI files require you to download
their "codec" from http://www.vodei.com/ [vodei.com] . Funny thing is Vodei infected AVI's
actually become BIGGER and it's a real pain in the ass to convert them back to regular AVI.

Actually it's a good plot since the same guy who owns Vodei also owns moviesempire.com.

1) Illegaly distribute crippled pr0n movies.
2) Make ppl download the spyware/malware ridden "codec"
3) Profit!

Now? (0)

Anonymous Coward | more than 7 years ago | (#16659653)

As davidwr says: "Now virtual sex can make your computer sick."

From the living-under-a-rock department?

99% hosted on Esthost /Atriva (0)

Anonymous Coward | more than 7 years ago | (#16659655)

http://www.esthost.com/ [esthost.com]

based in ...USA !
yet nobody Police, FBI, SEC or even who they peer with will shut them down, money talks in USA i guess
land of the Outlaws [google.co.uk]

oy, that was obvious (and painful to read) (1)

Red Flayer (890720) | more than 7 years ago | (#16659727)

Some of the codecs do help to play clips, but others are disguised as a variety of nuisance or malicious programs.
I know when I want people to use my codec, I disguise it as malware.

The upcoming Halloween holiday is already being exploited by malicious hackers who are baiting websites with viruses and trojans.
Who would bait their website with viruses? I mean really, is someone going to click on a link that says "Get your viruses here!" The video content is the bait, the malware is the payload.

Ha Ha Ha... you said Booby. (1)

agent (7471) | more than 7 years ago | (#16659753)

Yah Boobies! Yah Boobies rock.

Fox and ABC episode viewers (1)

meburke (736645) | more than 7 years ago | (#16659785)

Yup, the article is right on. ABC won't run unless adblocker is off, Fox's episode viewers not only won't run unless adblocker is off, but installs popup ads.

Welcome to 15 years ago. (1)

Purity Of Essence (1007601) | more than 7 years ago | (#16659853)

This is news? This matters? Nerds know better.

this is the best I've found.. (1)

mottie (807927) | more than 7 years ago | (#16659887)

The DefilerPak is a minimalist collection of video and audio codecs designed to keep you up to date with the latest developments. http://hellninjacommando.com/defilerpak/ [hellninjacommando.com] What's included? ffdshow: Rapidly making codec packs obsolete. Plays almost everything. Haali Media filter: Supports the Matroska, MP4, and OGM A/V container formats. VSFilter: Supports a wide variety of subtitle formats. DivX ;-) Audio: Just in case. AC3 XForm filter: Makes life a little easier for folks with external Dolby Digital decoders. HDTVPump: Support for HD/ATSC transport streams.

Booby-trapped sex-video codecs (2, Funny)

ettlz (639203) | more than 7 years ago | (#16659905)

Boobs... uh-huh-uhh-huh-uhh...

Um... sorry, just had a bit of Beavis and Butthead moment there.

I Blame Apple and MS (0)

Anonymous Coward | more than 7 years ago | (#16659995)

You need Quicktime to play stuff, and you have to download it from Apple. That s*** isn't included in Windows. Worse yet, it tries to push iTunes and other crap you don't want. So. Apple sets the standard pretty low for 3rd party codecs that need to be installed. Then, MS for whatever reason can't bundle DivX.

Apple either won't or can't play nice with MPlayer. MPlayer's update mechanism is insufficient.

Together, they create a climate in which it's believable that you need to download and install a 3rd party codec yourself, and that's where the fun begins.

Baghdad Bob Has a New Job! (1)

adavies42 (746183) | more than 7 years ago | (#16660051)

Baghdad Bob [wikipedia.org] is alive and well and living in China!

Re:Baghdad Bob Has a New Job! (1)

Dr. Eggman (932300) | more than 7 years ago | (#16660413)

uhh... I think you ment to post that here. [slashdot.org]

Really? (0)

Anonymous Coward | more than 7 years ago | (#16660057)

I thought my PC was lying when it told me that it burned while defragging...

Where has the beeb been for the last 20 years? (1)

Cid Highwind (9258) | more than 7 years ago | (#16660063)

"Now virtual sex can make your computer sick."

Is the situation now really that different from when people propagated computer viruses by trading infected Apple ][ floppies? Anyone who ever tried to download Leisure Suit Larry from a pirate BBS can tell you "virtual sex" has always carried a risk.

BBC: Welcome to the internet, circa late 90s (1)

Ayanami Rei (621112) | more than 7 years ago | (#16660553)

I remember seeing this stuff even as far back as '98 when I first starting using high speed internet through school. USENET and the early file trading networks for chock full of propietary encoded formats that would install 1-900 number dialing VFW filters if you tried to get them to work.

Ok, So What Are the 'Safe' Codec Packs? (1)

ubuwalker31 (1009137) | more than 7 years ago | (#16660587)

What are the safe, 'all in one' codec packs for windows? Links please! Also, the article doesn't mention the unsafe packages...are there any notorious ones?

I saw this happen ages ago (0)

Anonymous Coward | more than 7 years ago | (#16661473)

This is old news; I ran across a video clip about 3 years ago that got WMPlayer to download one of these "codecs" for me. It actually did make the video play, but also dropped a trojan.

Of course, it wasn't a very good attempt, since it was easy to notice / get rid of before the first reboot, but I remember a lot of people complaining about it at the time...
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>