Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×

Viral Videos That Really Are Viral 157

Posted by Zonk from the click-wisely dept.
davidwr writes to mention a BBC article looking at booby-trapped Windows codecs. While some codecs required for online videos actually let you watch your content, others are just excuses to infect your system with spyware or adware. As davidwr says: "Now virtual sex can make your computer sick." From the article: "Mr Robinson said many security firms were now logging instances in which spyware and adware firms are turning out software bundles that claim to roll together many popular codecs or just have the one needed to play a particular clip. Some of the codecs do help to play clips, but others are disguised as a variety of nuisance or malicious programs. Some rogue codecs plague users with pop-up adverts, while others invisibly install keyloggers that try to grab confidential data. "
This discussion has been archived. No new comments can be posted.

Viral Videos That Really Are Viral More

Viral Videos That Really Are Viral

Comments Filter:
  • There is exactly one way to know if a piece of software is safe to run:

    READ THE SOURCE CODE.

    If they won't let you read the source code, it's because there's something in there they don't want you to see. If they don't want you to see it, that means they're ashamed of it. Avoid it.

    • Re: (Score:3, Funny)

      by Anonymous Coward
      Not everyone can read source code you elitist asshole. Not to mention, I don't feel like stopping in mid wank to read the source of a codec I need to watch a pr0n clip.

      • This is 2006 - get with the times (Score:2, Funny)

        by Anonymous Coward
        With translucent windows, you can write or audit source code while jacking off to hentai.

        And no, it's not a productivity boost. This is actually one of the reasons Vista took so long, tho it can be a source of inspiration. Obviously Vista's protected mode was inspired by a posh wank.
      • Not to mention, I don't feel like stopping in mid wank to read the source of a codec I need to watch a pr0n clip.

        Why yes! I can see why they modded you informative. Perhaps a bit too informative...

    • Re: (Score:2)

      by mrjb ( 547783 )
      You don't need to be ashamed of your code not to want other people to read it. It just might be that you don't feel like giving away your life's work. Or that keeping the source closed is the only way not to be sued for patent infringement.

      • Re: (Score:1, Troll)

        by ajs318 ( 655362 )
        If you want me to run something on MY computer, I have a RIGHT to see the source code. If you don't want me to know what is in a cake you're baking, there's no way I'm going to let you bake it in MY kitchen.

        By the way, evaluating Source Code with which you can show you have no association to determine its suitability for use (or otherwise) is a Service which may be considered to have Value.

        • Re:One way to know if code is safe to run (Score:4, Insightful)

          by MightyYar ( 622222 ) on Tuesday October 31, 2006 @01:09PM (#16659987)

          But do you only eat cake baked in your own kitchen? Would you give up a piece of cake that everyone is raving about because the recipe is a secret? What if the baker had a solid reputation and thousands of satisfied customers?

          I'm not sure why someone would have higher standards for what they run on their stupid computer than for what they allow into their body.

          • I wouldn't eat cake I found sitting out on a park bench either... even if it had a pretty hand-painted sign saying it was safe and the best cake ever made. If, however, I could accurately identify all of the ingredients and confirm it wasn't tainted then I'd probably have a bite.
            • Nope, sorry. It's very good cake, but the recipe is a secret. It comes from a very reputable chef, though, and no one has ever gotten sick. A+ from the board of health.

              I'm fairly certain that you've eaten something without first looking at the ingredients.
              • In the case of these codecs though there is nothing to give any assurance that they are safe. The reputation of the author is unknown and whether the codec has made anyone sick or not is unknown. No certification body or board has approved or verified them. Based on all that, not knowing exactly what is in them and still using them is just plain dumb.
                • Yes, but I was responding to the guy who claimed that he had a right to examine the code of anything that was installed on his computer. I was trying to point out that he probably had higher standards for what he "feeds" to his computer than what he feeds to himself. They are both IP issues - the cake recipe is a secret, and so is the software code. I DO NOT condone downloading random codecs from the internet, but you are probably okay downloading from Microsoft, Apple, Real, etc.
                  • Yes you *probably* are.

                    I don't agree that he has the right to look at the source code to everything installed on his computer. He does have the right to only install stuff that he can view the source code of but that's just called freedom of choice.

        • Re:One way to know if code is safe to run (Score:4, Insightful)

          by ehrichweiss ( 706417 ) on Tuesday October 31, 2006 @01:34PM (#16660505)
          "If you want me to run something on MY computer, I have a RIGHT to see the source code."

          First things first, it is usually less of THEM wanting something run on your computer and more likely YOU wanting to run it. If it's freeware that scenario is lots more likely since they don't make money for every installation, etc. so they couldn't care less.

          Next, you don't have a "right", you have a desire. If they publish the source code then you have the right to view it, otherwise you're SOL. You're likely not a king or otherwise powerful enough person to get such things done so put your words in some perspective.

    • Re: (Score:3, Insightful)

      by CastrTroy ( 595695 )
      Although that's a little bit extreme, you can't possibly read and understand the source code for every single program you run, it makes a lot of sense. If they are willing to put the source code out there, then they are most likely not going to try and fool you. If they do, then you have the evidence of what they are doing. This is why the first place I go to look for software is Sourceforge. Because everything there is open source, I can be pretty sure that there's no adware, spyware, or other malicious

      • Re: (Score:2)

        by GWBasic ( 900357 )
        Actually, I'd be weary of jumping to the "because it's open-source, it's malware-free!" conclusion. A couple of years ago I downloaded a bundled installer from doom9.net, a reputable source. It turns out someone had slipped some malware into the installer. (I don't think it's there anymore.) It's really not the source code of the program that will tell you if there's malware; it's the source code of the installer that will tell you if there's malware. For example, the bad guys can make their own instal
    • Some of us have a wife and kids, a full time job, working on a masters/Ph. D, other commitments outside the daily grind. We don't have time to sit down and scrutinize every bit that enters our computers (I could - I'm a compotent programmer. That's not the point.). If I choose to download something I trust the developer. I have a level enough head on my shoulder to figure out what looks fishy and what doesn't. And if, for some reason, something bad does happen? Takes but 10 minutes to reimage a drive. Big d

      • Re: (Score:1, Funny)

        by Anonymous Coward
        I'm a compotent programmer
        Too bad you're not a competent speller.
        • Too bad you're not a competent speller.

          Too much work to do to give a damn about spelling, did you read my post? :)
    • Outside of the scope of this article, there are dozens of reasons not to relase your sourcecode, among the most common being the proffit motive. A A lot people look at OSS with are "why by the cow when you get the milk for free" attitude. What about companies that haven't yet copyrighted or patented the algorithims in their software before they go to market? And do you really think companies like Adobe and Autodesk are ashamed of their award winning flagship software packages? Quite honestly, your last argu
      • Trade Secret -- sure, that's a reason.

        But, I still prefer "open source". Profit is not the issue. If someone I trust has a look, its good enough. And I don't trust most vendors.

        I personally don't read all the code; not enough time, but I do prefer if it is possible, and if I can get a proxy to do it. I don't run "binary only" software, unless it is in a sandbox (and not directly connected to the internet or internal network).

        FYI: Anything published is pretty much under copyright.

        Sure, distribute the codecs

        • Re: (Score:2)

          by drsmithy ( 35869 )

          I personally don't read all the code; not enough time, but I do prefer if it is possible, and if I can get a proxy to do it. I don't run "binary only" software, unless it is in a sandbox (and not directly connected to the internet or internal network).

          What hardware devices are you using which all have open source firmware ?

          Again, FYI: As long as this is the custom, you will see malware of various sorts.

          You will see malware so long as ignorant people can run arbitrary code on their machines.

          • "Open firmware" - if its available. If not, I need to have the interfaces suitably 'vetted.

            Examples: x86 instruction set. Interfaces to BIOS, monitor, network switch. Interface to keyboard.

            As long as I am reasonably happy that the possibility of malware vector is low, I'll use it.

            YMMV
            Ratboy
    • A paper from the '70s said it best: Trust has to start somewhere, and nothing is trustworthy.

      You can't trust your application source code unless you trust your build and execution environments. This means trusting everything from the chip and motherboard to the firmware to the boot loader to the OS to the compilation environment to the run-time environment. We are already seeing trust issues with virtual machines eating colorful pills when the underlying real machine is compromised.

      If there's a trustwort
      • Comment removed based on user account deletion

      • Re: (Score:2)

        by ajs318 ( 655362 )
        No, source code alone is not enough; but it's a bloody good start all the same. Even if you don't understand it yourself, you can always show it to someone who does.

        The reason source code is not a sufficient condition for security is that the compiler (which you have to run as a binary) may produce binaries that do something other than the source code fed into it would suggest. If you use it to compile the source code for a compiler, it might produce a "dirty" compiler which similarly mungs any source
    • Have you ever seen the sourcecode of your BIOS EEPROM?

    • Re: (Score:2)

      by drsmithy ( 35869 )

      If they won't let you read the source code, it's because there's something in there they don't want you to see. If they don't want you to see it, that means they're ashamed of it. Avoid it.

      Your logic is broken.

  • Will your box be at stake then?

    • Re:And if you use those codecs with MPlayer on Lin (Score:5, Interesting)

      by $RANDOMLUSER ( 804576 ) on Tuesday October 31, 2006 @12:45PM (#16659517)
      Running Linux does not make you invincable. It would be an easy thing to include some "if (OS == LINUX)" code. A captive Linux box is a worthier target than an XP box, and there are no "automatic" tools to sweep it clean. Many Linux users don't know all the things running on their box, nor pay much attention to it. Do YOU know what all the processes from "ps -ef" do? Are you sure that the process named is really that process?
      • Yeah an "if (OS = LINUX)" in a .EXE file would be so dangerous to a linux box, riiiiight.

        How about this - video sites stop trying to serve codecs and special players, they just serve the video DATA, and let the user decide what software to use to play them.

        If you see 'click here for the video' and its 'http:// [..] / [..] .EXE' - heres a hint - its not a video, its malware.
        • Yeah an "if (OS = LINUX)" in a .EXE file would be so dangerous to a linux box, riiiiight.

          It depends on whether or not Wine is on the box. On an Ubuntu or Debian box, for instance, .exe files are, by default, associated with wine in the GNOME mimetypes. Before you say "Yeah, but anyone bright enough to be running Wine isn't gonna just automatically click on an .EXE", realize that installing and configuring Wine is very easy these days with programs like winetools [von-thadden.de].

          If Wine is on the box, all bets are off. T

          • Re: (Score:2)

            by jandrese ( 485 )
            To be honest, I'm not that worried about the Wine infection vector. It's my experiance that even well behaved programs are a crapshoot in Wine, trying to get something underhanded working in Wine would be a nightmare, especially with all of the different versions out there.
            • On the contrary, getting things to run in Wine is hard, because we cannot see what the code of the program and as such cannot recreate the perfect environment for it to run in easily.

              Designing something to work in wine would be much easer, as you know what wine does, at what time, and with what resources.

              In a way, writing a virus to exploit wine to plant a different Linux virus on the host, would be easier than using a worm to drop a trojan on a windows box... and that happens all the time.
          • Meanwhile, we're talking about using binary codecs, which MPlayer does without Wine's interference. The codec could easily cause havoc, but it really has no way of knowing it's under Linux, and would most likely fail to do whatever it attempts (the whole device infrastructure is different). Of course, one could be written specifically to be able to operate in linux, grabbing on to /dev/tty*, for example. You know, if it can even do an fopen.

            • Meanwhile, we're talking about using binary codecs, which MPlayer does without Wine's interference.

              1. MPlayer makes use of Windows codecs through the use of Winelib.
              2. If you read TFA, you'd know that some of the malware came in the codec, while others came in the installer (i.e., a secondary program installed at the same time as the codec)
              3. Yes, the codec does have a way of knowing it's running under Linux if the writer of the codec designed it.
              4. Grabbing on to /dev/tty* is of limited use in a syste

              • 1. Please read the MPlayer documentation, or, at the very least build it for yourself at least once. It doesn't use winelib. Feel free to correct me if you can find it anywhere on <a href="http://www.mplayerhq.hu/DOCS/HTML/en/softre q .html">this page</a> or <a href="http://www.mplayerhq.hu/DOCS/README">this page</a>. I see no mention of needing it as a dependency, or even a bit of credit to the authors (which would be required under the GPL if it was added to the source and not li

        • Re: (Score:2)

          by MbM ( 7065 )
          I think you missed the point of the article. You attempt to play a file in your favorite media player and the following message pops up:

          "Could not find codec for proprietary-spyware-codec; would you like to install the spyware from the website?"

          (Obviously not worded so blatently)
          • My 'favorite media player' isnt designed so stupidly as to ever display such a message. If it doesnt understand a given media file, it just produces a meaningful message to that effect, and exits. Then, I can go look at sites I trust to see if what it identified as needed is a real codec, and where to get it.
        • Are you that obtuse that you can't read between the lines OR notice what the real issue is here?

          The "if(OS=LINUX)" doesn't have to come in a ***Windows*** exe, or did you not think about that? And most of the malware like this doesn't portray itself as an .exe but can be a dll or otherwise AND on video sites like TFA is talking about, you go to download the video and are unable to view it and then they suggest you use their codec, not once will you see "http://blah.com/blah/blah.exe" since most is done
        • I just don't bother executing that shit. Fact is, if you're after media, and you're asked to download a program, chances are you're being scammed.

          Does this line of thinking apply to iTunes and Vongo? Well, for me it does. They're getting you to pay for DRM'd content. Sounds scammy to me.

      • Re:And if you use those codecs with MPlayer on Lin (Score:4, Informative)

        by element-o.p. ( 939033 ) on Tuesday October 31, 2006 @01:36PM (#16660543) Homepage
        and there are no "automatic" tools to sweep it clean

        meh...not sure I entirely agree with you here, although I will concede that many Linux users don't know what tools are available and even less use those that are available on a regular basis.

        Tools that I use regularly to keep tabs on my boxen:
        1) http://www.chkrootkit.org/ [chkrootkit.org]chkrootkit: can be run from cron to look for suspicious files and rootkit signatures;
        2) netstat -ep: to show what processes are using network connections;
        3) lsof: to show what files on your system are open, who opened them and with what process they were opened;
        4) http://www.tripwire.com/ [tripwire.com]Tripwire or http://www.gecko-ak.org/Sentinel/ [gecko-ak.org]my own, open-source, much less functional, still really in development Tripwire-like file system auditor: to check for changes in binaries, config files or anything else on your file system that you would like to keep tabs on;
        5) http://www.insecure.org/ [insecure.org]nmap: to remotely scan computers on your network for open ports, and to audit the services using these open ports;
        6) http://www.nessus.org/ [nessus.org]nessus: like nmap, only different;
        7) tcpdump/ethereal/wireshark: to monitor packets in or out of your computer;
        8) http://www.snort.org/ [snort.org]snort: okay, I haven't (yet) used this one, but it's the open-source standard for IDS;
        9) http://www.bitdefender.com/ [bitdefender.com]bit defender: anti-virus for Linux--we had to use this once at work to remove a Windows virus that had infected our Samba shares (note: the Samba server wasn't infected, but the Windows machines that were mounting shares from the Samba server were--and they kept rewriting infected Windows executables to the server).

        So, no most of these aren't automatic, and most of these won't clean your Linux PC's, but there are a host of tools that you can use to detect problems on your Linux computers. And, if you're really paranoid, there are several vendors that provide anti-virus software, just like what you find on your Windows machines.
      • Running Linux does not make you invincable.

        Very true. Having unprotected connections with unknown providers of active content is risky.

        It is risky to open an e-mail and it says use this key to open the attachment. I apply the same caution to any video which requires me to use this provided player to view the content.

        If the video says it needs Quicktime, I should be able to go to Apple on my own and install Quicktime from the source (don't follow a provided link).

        In Linux I run as a user, not an admin. It

      • The answer here is NO, your Linux box is not in danger.

        You know... Windows malware don't count on a stupid user that much, on this case the Linux user is safe simply because MPlayer doesn't go out at the net dowloading and running any codec that a movie tell it to.

    • Simply put, not likely

      1) The installer for these "codecs" is probably what installs the spyware, not the codec itself. So unless you ran the installer on wine I don't really see how you could install the codecs. And if you did install it on wine, there's no gaurantee the spyware would be able to run on wine and it would be rather strange to see an instance of wine running even after the installer is finished.

      2) If the codecs are simply in a zip file and the spyware is embedded in the DLL then the spyware pa
  • serves yah right for downloading your codecs from limewire just like your porn.

  • STDs (Score:1, Funny)

    by guybert ( 827110 )
    Now your computer can get STDs as well!

  • At first glance I thought the article was talking about security flaws in trusted codecs that allowed malformed content (i.e. videos) to install virii, etc... That's a little scary - much akin to the libjpeg flaw from a year back or so.

    However, this article is talking about something much more inane. Why do people expect that codecs downloaded from arbitrary untrusted sources would be any less free of viruses, adware, etc... than any other random executables obtained off the net?

    • Re: (Score:3, Interesting)

      by DragonWriter ( 970822 )

      Why do people expect that codecs downloaded from arbitrary untrusted sources would be any less free of viruses, adware, etc... than any other random executables obtained off the net?

      Probably because only a minority of users realize that a "codec" is a kind of "executable" or "program", rather than a some kind of electronic "key" or "description" that enables a media player to decode a particular kind of media file. Its not like the boundaries between safe (or at least, safer) "data" and dangerous "code" are

    • Re:How is this any different? (Score:4, Funny)

      by 99BottlesOfBeerInMyF ( 813746 ) on Tuesday October 31, 2006 @12:48PM (#16659605)

      Why do people expect that codecs downloaded from arbitrary untrusted sources would be any less free of viruses, adware, etc... than any other random executables obtained off the net?

      The average person assumes data they download will not be able to infect their computer. What kind of an idiot would design a computer such that it lets a random codec someone downloads run as an executable and have access to read their e-mail addresses, capture keystrokes, etc., especially in this day of malware. MS should have fixed this long ago. It looks like Apple has ported MAC from TrustedBSD and will be solving this in OS X 10.5. Maybe t is time you stopped blaming the user for making reasonable assumptions and started looking at just how badly designed most OS's are these days.

      • s/most OS's/a certain mainstream OS (but very few others)/

      • Re: (Score:2)

        by 0racle ( 667029 )
        If an application you want to have access to that data can access it, an application running under the same or higher credentials that you don't want to have access to that data can access it. OS X and Linux/UNIX might be a little better designed then Windows, but they do not magically know what should and should not be happening.

        Most of virus and spyware infections are the users fault. Computers are meant to do what the user tells them to do, most users tell computers to do stupid things so they do them.

        • If an application you want to have access to that data can access it, an application running under the same or higher credentials that you don't want to have access to that data can access it. OS X and Linux/UNIX might be a little better designed then Windows, but they do not magically know what should and should not be happening.

          Ever run SELinux? It isn't a matter of higher or lower credentials, but of mandatory access control lists that specify exactly what an application/process can access. In this ca

          • Re: (Score:2)

            by 0racle ( 667029 )

            Bullshit. It is not a reasonable assumption for the average person to assume something they download will have complete access to do anything it wants. Ask the average person if double clicking on something called "funny_picture" can and should be able to give someone access to all the e-mail addresses they have stored.

            Is that so? Ask the average person how a computer works. I doubt you'll get any sort of coherent answer. To the average user, a computer is a magical white box that they don't understand. The

            • Until people learn that computers are not a toy and to use it properly you do have to learn something about it, users are the largest problem.

              Thank you for that wonderful example of why computer security sucks so badly. If you ignore the human component and write it off as "someday maybe people will learn" you are sure to fail to design a secure system. Ignoring that half of the problem does not fix it. It requires education, but before that it requires a system that can be operated securely without year

      • The average person assumes data they download will not be able to infect their computer.

        And how did this get modded as insightful? Codecs aren't data, they are programs. What's your first clue? CODEC stands for Compressor/Decompressor (Here's a linky [wikipedia.org] for you). I actually worked on a wavelet codec almost 10 years ago, before anybody had heard about them in relation to JPEG2K.

        If you want to argue that operating systems should secure users from malevolent programs that is an entirely different ball of wax.

        • And how did this get modded as insightful? Codecs aren't data, they are programs.

          So? Data is the extreme case, which on Windows is not often differentiated from executables in the UI. To the end user, a codec is simply a decoder ring and there is no reason it should be able to adversely effect the computer.

          If you want to argue that operating systems should secure users from malevolent programs that is an entirely different ball of wax. That's a hard problem, and it's what Sun and Microsoft have been t

      • What kind of an idiot would design a computer such that it lets a random codec someone downloads run as an executable and have access to read their e-mail addresses, capture keystrokes, etc., especially in this day of malware.

        Are you for real?

        Have you ever heard of a buffer overflow? That's pure data - hex bytes, etc. A buffer gets properly crafted with malicious data that can point the Program Counter of the microprocessor into data memory, which is entirely possible with these Von-Neumann architectures [wikipedia.org]

        • Are you for real?

          Yes.

          Have you ever heard of a buffer overflow?

          Yes, it is the result of a bug. Proper input validation when coding fixes most of these. For the rest, a MAC system like I described mitigates their effects. So data overflows a buffer and executes as the thread it overflowed. With a jail, ACL, or container and new chipsets, that thread is still limited to the functions of the thread it has overflowed. That means while your video codec may be executing random code instead, it still can't d

      • Re: (Score:2)

        by kabocox ( 199019 )
        The average person assumes data they download will not be able to infect their computer. What kind of an idiot would design a computer such that it lets a random codec someone downloads run as an executable and have access to read their e-mail addresses, capture keystrokes, etc., especially in this day of malware. MS should have fixed this long ago. It looks like Apple has ported MAC from TrustedBSD and will be solving this in OS X 10.5. Maybe t is time you stopped blaming the user for making reasonable ass

    • Re: (Score:2)

      by Phroggy ( 441 ) *
      However, this article is talking about something much more inane. Why do people expect that codecs downloaded from arbitrary untrusted sources would be any less free of viruses, adware, etc... than any other random executables obtained off the net?

      Because as soon as they do, fresh porn is waiting for them! Or so they've been told.

    • Re: (Score:2)

      by qazwart ( 261667 )
      Okay...

      I know better than to answer random emails, and download executables off of websites I never heard of. I know that the "free" software that allows me to search the web or shows me the temperature offered by many websites contains all sorts of malware. I know not to "verify" my financial information on the whim of some email saying my PayPal account needs it. I even know that President Mazutu or whoever he is from Nigeria is not wanting to deposit a couple of million dollars into my bank account. I am

  • Moo (Score:2, Funny)

    by Chacham ( 981 )
    Videos infected with viruses, video at 11.
  • Install FFDShow [free-codecs.com], Flash and Quicktime. If it don't play then it ain't woth playing.
    • What about ogg theora and x264 ? Without those, you are missing a) the most popular Free codec, and b) probably the best "Free" codec available today.

      • Re: (Score:2)

        by N8F8 ( 4562 )
        I believe both are currently supported.
      • Not sure about x264 but I'm pretty sure that ffdshow does support theora with their latest release.

        Related links:
        Wikipedia [wikipedia.org]
        afterdawn.com [afterdawn.com]

      • Well, if you want to play x264, you can just use quicktime, which is one of the things your parent mentioned. If you want to play Ogg Theora, then you can install that, although I don't think it's really that popular. I can count on one hand the number of videos i've downloaded that were encoded using Ogg Theora. And they weren't anything that was really worth seeing.

      • Re: (Score:2)

        by Snover ( 469130 )
        The latest version of ffdshow supports both Theora and X.264 (AVC1). X.264 needs to be manually enabled, but it is there, and it works great.
  • that takes STD's to a whole different level. lets get the ball rolling.
    Spyware Through Download

  • Combined Community Codec Pack (Score:5, Informative)

    by TheSHAD0W ( 258774 ) on Tuesday October 31, 2006 @12:48PM (#16659597) Homepage
    I'm going to personally recommend a codec pack called CCCP [softpedia.com], or the Combined Community Codec Pack. It's primarily meant for viewing anime, but I've never come across any video it couldn't play (aside from MOV [free-codecs.com] and RM [free-codecs.com]). It claims to be free of any sort of malware, and there are a lot of good people vouching for it.

    If anyone has any information about malware being present in this codec pack, please respond to this post; since I have this installed on my system I'd be very interested in hearing it. :-)

    • Re: (Score:1)

      by Nanoda ( 591299 )
      Don't have mod points, so I'll just second your post. CCCP [cccp-project.net] is actually a bunch of separate packages, including ffdshow and others. Lots of work goes in to making sure all the codecs work together, and that it's installable / uninstallable / upgradeable with minimum hassle.
      I haven't seen a file yet they won't work on, and they're efficient enough to allow my underpowered laptop to have full-screen video.
    • But naming a codec after the former Soviet Union [wikipedia.org] does not exactly inspire confidence.

    • Re: (Score:3, Informative)

      by thelost ( 808451 )
      I will second that recommendation and state that in my personal experience there has never been any spyware or viri in CCCP.

      The obvious alternative is of course VLC - however a lot of people will be turned off by VLCs apparent lack of spit and polish compared to other video players for windows, mainly because it is not always simple to use & it's seek bar sucks ass; devs flatly refuse to do anything about that (although it's my understanding that the way it's currently written it is actually impossible

    • Re: (Score:2)

      by bmajik ( 96670 )
      The CCCP is a great project, and i've dropped into their IRC channel before with bug reports / problems / questions. CCCP works on Vista and lets you get softsubs, mkv support, etc under Media Center on both XP and Vista.

      I've only found a small sampling of content that doesn't "just work" with CCCP, in which case, VLC usually suffices. To be fair, to get CCCP playing how i want in MCE i usally set Haali to always load VSFilter, and i set ffdaudio to SPDIF passthrough for ac3/dts, which means i can only mu
    • At least link to the project page [cccp-project.net]....

  • Codec packs are for suckers, I think most people should know that by now. Even when everything in them is legit, you end up with a dozen codecs for a given format, which you don't need, and are bound to create problems. Besides which, you want to be sure you're using the best codecs for a given format, which is harder when you have a dozen to chose from. You should always install individual codecs for a specific format. Go to this page [inmatrix.com] for a list of all common formats and specific codecs to use for each

  • Some of the codecs do help to play clips, but others are disguised as a variety of nuisance or malicious programs.

    I know when I want people to use my codec, I disguise it as malware.

    The upcoming Halloween holiday is already being exploited by malicious hackers who are baiting websites with viruses and trojans.

    Who would bait their website with viruses? I mean really, is someone going to click on a link that says "Get your viruses here!" The video content is the bait, the malware is the payload.

  • Yup, the article is right on. ABC won't run unless adblocker is off, Fox's episode viewers not only won't run unless adblocker is off, but installs popup ads.
  • This is news? This matters? Nerds know better.
  • The DefilerPak is a minimalist collection of video and audio codecs designed to keep you up to date with the latest developments. http://hellninjacommando.com/defilerpak/ [hellninjacommando.com] What's included? ffdshow: Rapidly making codec packs obsolete. Plays almost everything. Haali Media filter: Supports the Matroska, MP4, and OGM A/V container formats. VSFilter: Supports a wide variety of subtitle formats. DivX ;-) Audio: Just in case. AC3 XForm filter: Makes life a little easier for folks with external Dolby Digital dec

  • Booby-trapped sex-video codecs (Score:3, Funny)

    by ettlz ( 639203 ) on Tuesday October 31, 2006 @01:05PM (#16659905) Journal

    Boobs... uh-huh-uhh-huh-uhh...

    Um... sorry, just had a bit of Beavis and Butthead moment there.

  • Baghdad Bob [wikipedia.org] is alive and well and living in China!

  • I remember seeing this stuff even as far back as '98 when I first starting using high speed internet through school. USENET and the early file trading networks for chock full of propietary encoded formats that would install 1-900 number dialing VFW filters if you tried to get them to work.
  • Dear Lord! Are you saying that there are actually programs available for download on the internet that might be harmful to your computer, which might also be disguised as something else?! I've never been so outraged in all my life!

    People will install anything if it promises naked pictures. How is this news?

Slashdot Top Deals

"Look! There! Evil!.. pure and simple, total evil from the Eighth Dimension!" -- Buckaroo Banzai

Close