Is Bearshare a dangerous aplication?

Discussion in 'other security issues & news' started by POS, Nov 21, 2005.

Thread Status:
Not open for further replies.
  1. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    If an executable file has an extension MP3 to fool the user and the user double clicks that file, will the file be executed ?
     
  2. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Not in Windows, no. Try renaming an .exe in .mp3 and see.
     
  3. Mysterion

    Mysterion Guest

    Well, I could use Opera or Firefox to go and download a bunch of warez and cracks (which is what this kid must have been doing with Limewire), get infected, and then bitch about how dangerous these alternative browsers are.
     
  4. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    After reading bigC's stepson's experience and having my personal experience with P2P software very long ago and reading the basic preventive rules of security forums/websites, I won't use P2P softwares or recommend them, not even the so called safe ones.
    Downloading files from an unknown source is always a bad and dangerous habit.
     
  5. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Ehm... you actually asked whether if you rename an .exe in .mp3 it gets executed. No, it doesn't. So you don't have to have mp3 on your disk, just copy notepad.exe on your desktop and rename it to notepad.mp3 :rolleyes:
    Sorry, I don't really see how downloading something like a text file, even from an unknown source, is bad and dangerous habit.
     
  6. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    That's why I removed the line. I'm always so occupied by translations, that I make more mistakes in English, than in Dutch.
    Txt-files, I don't know, but certainly not a MS Word file, which can contain macros as far as I know.
     
  7. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Yes, a MS Word file can contain macros, but they won't work if you rename it to .avi instead of .doc, as the file won't be loaded in Word. The point I'm trying to make here, is that there are no "dangerous" or "safe" files, the difference is all in the way they get handled by the OS and its programs; if you download an .exe file, it could be the most dangerous trojan on Earth, but it will be incapable of doing damage if you just rename it to .txt. So if you download files that are not allowed to be executed by the OS by default, it's hard to see how they can infect your system, unless they are handled by a badly-programmed application that has bugs in it and thereby can be instructed to do what it was NOT programmed for.
     
  8. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    You are right, but I have ALWAYS the less-knowledgeable user in mind, when I recommend something or not.
    Knowledgeable users and experts don't need my recommendations.
    How many users have that knowledge to do what you just wrote, they just open the file and than it's too late.
    That's why I play safe and don't recommend any downloading from an unknown source, including P2P networks.
     
  9. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Well, I think that a user should always know what kind of files MUST be always handled with suspicion if he wants to use the Internet. If one doesn't care it's just irresponsible behavior, because I think we all know that a malware on a computer can damage other people (think of distributed denial-of-service, for instance). That's why I personally think that the default setting of hiding the extension in XP was one of the dumbest ideas ever; my recommendation to anyone who wants to use p2p wouldn't be to avoid it, but to learn about what are the risks of downloading what. Just my opinion.
     
  10. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    In theory you are very right, but the users I know at work, including my own sister, wouldn't even listen to you.
    They would say "All that stuff is too difficult for me and I don't have the time for this. Leave me alone please."
    Any security software is ballast for these users. My sister got angry, when I tried to install the 3th scanner. :D
    These users want only one thing : work and/or play with their computer. You won't find these users at Wilders.

    You are right about hiding the extensions as default. I'm surprised that this is still true in winXP.
    Well, I will have winXP very soon, when I have my new computer case.
    I hope MS improved the default security settings of MSIE.
     
  11. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,215
    Hi,
    I think people confuse things.
    P2P is a legitimate way of sharing and transferring files. The problem is:
    Which p2p software to use?
    What file to download from p2p?
    If you use p2p bundled with thrid-party software, you should not be surprised if you get infected. If you download cracks for your illegal copy of this and that, you should not be surprised if you get infected.
    By itself, p2p is no more dangerous than surfing or listening to music or playing a game. It all comes down to the little double-click with yer mouse. Or single click.
    Mrk
     
  12. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    In my newbie time and very first contact with the internet, I didn't ask myself all these questions, like :
    Which p2p software to use? I used them all, from A to Z.
    What file to download from p2p? I downloaded any kind of file.
    And of course I double-clicked or clicked on each downloaded file, because I was way too curious.

    No need to tell you, that my computer was seriously infected in those days.
    For awhile I thought my computer was broke, not infected.
    I didn't even have the knowledge to re-install my harddisk from scratch.

    I'm smarter now, but my newbie time was the very best time, I ever had on the internet, unaware of any threat.
    That's why I'm so fascinated by ShadowUser to get my happy time back on the internet. :)
     
  13. Cscampxp

    Cscampxp Registered Member

    Joined:
    Oct 25, 2005
    Posts:
    34
    are there any non expensive ($100 to $300) hardware firewall that work in the "application layer" for P2P apps like Limewire and Kazaa?
     
    Last edited: Dec 6, 2005
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.