Even the site that considered safe in the megathread, there’s report of malware and trojan and I don’t know what site to use

  • phorq@lemmy.ml
    link
    fedilink
    English
    arrow-up
    91
    ·
    1 year ago

    Simple, trust no one. Get a no-reported-logs VPN, don’t download anything that has a strange file size or extension, look at comments, look at the number of seeders if it’s a torrent. If you can, join something like a private tracker where there’s moderation too. If it walks like a duck and quacks like a duck then it’s probably not the movie you were looking for and there might be a Trojan army inside waiting for you to let the duck enter your computer… That metaphor may have fallen apart on me…

      • phorq@lemmy.ml
        link
        fedilink
        English
        arrow-up
        6
        ·
        1 year ago

        I was trying to give general advice, since it didn’t sound like they had a trusted private tracker already it’s a good idea to have a VPN to mask your IP. I agree, it probably won’t help against malware.

      • httpjames
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        1 year ago

        Most come with DNS blocklists now that can prevent you from accessing it

          • FutileRecipe@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            ·
            1 year ago

            It’s part of defense in depth. No single piece will protect you from everything, so you you use multiple layers of protection.

              • FutileRecipe@lemmy.world
                link
                fedilink
                English
                arrow-up
                3
                ·
                1 year ago
                1. Blocking older known malware still blocks them, so that’s good (and saves bandwidth because the connection never happens, so this is really good).
                2. If the site is hijacked, it needs blocked till it’s unhijacked. So this is good as well.
                3. This is not really a point?

                Number one above, stopping the connection before it happens, is really the best benefit, in my opinion. And if they boast a high false positive, you need better lists. You keep saying “they don’t block this or block that.” They are (nothing is) a one stop shop. Simply because they don’t block what you’re cherry picking does not make them bad. Use multiple layers. You say “don’t use a blocklist, use MS Defender instead.” Why not use both the blocklist, MS Defender, and even more stuff? Multiple layers. Defense in depth.

      • twena@lemm.ee
        link
        fedilink
        English
        arrow-up
        26
        ·
        1 year ago

        Piracy using TOR is extremely slow and not really anonymous

          • twena@lemm.ee
            link
            fedilink
            English
            arrow-up
            8
            ·
            1 year ago

            Slowness and bandwith limitations are still an issue and it’s likely that they will always be. It’s already too slow to torrent large files over Tor and it also takes away the bandwith of other users. Tor also still doesn’t support UDP connections, which may cause data leaks.

      • phorq@lemmy.ml
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        I added the word “reported” because I don’t trust VPN providers to not keep logs, but ideally they should report that they don’t keep logs and have an established history of not providing logs. Tor is really not ideal if you’re trying to download anything large and you’re still vulnerable depending on who controls the exit nodes.

        • captain_samuel_brady@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          From what are you protecting yourself? Piracy? Then go with a VPN that has been tested in court and didn’t turn over any logs. The second one of these providers turns over their logs in court they are out of business because no one will ever trust them again. That’s all you really need for the seven seas.

          Can the NSA see what you’re doing? Who cares. If they can, they aren’t revealing that to help anyone in a civil case.