Download Software Selectively

Usenet is a useful place to get advice for your technical issues. But accepting advice (which is validated by the other helpers in an open forum, constantly), and downloading software (which can't be easily validated by anybody, at all) are separate issues.

Bad advice, given in any trustable forum, does not remain undisputed very long. The experienced helpers in serious forums know the consequences of allowing bad advice to be given, and not contested. All regular helpers, in any forum, both actively and passively validate the advice given by the others. Software, from an unknown server, can't be validated by the helpers so easily.

Don't see where this is going? Checkout the DSLR Forums discussion Is your PC a drug mule?. In it, one of the posters, who signs himself as B, points out


I've always thought one would have to be a little crazy to trust executable software obtained via those channels. Movies and sounds, sure, but binary code? I don't think so. For all anyone knows those warez Photoshop installations have some nifty sleeping trojans.

This is a valid concern. If I were a bad guy, and wanted to spread my code to thousands of computers easily, I'd get some popular software, patch it with my bad code, and stick it on my server. Then, I'd log in to a help forum somewhere, and when a pigeon asked for help, I'd tell him to download my software. Quite likely, more than the pigeon would read my post, and hundreds of folks would download, and install, my bad software.

This is a lot easier than finding, and exploiting a weakness in network software. Get the pigeons to do the work for you. It's essentially the same strategy which leads to the devlopment of botnets.

So if I tell you to download some free software, like Filemon, Regmon, and Process Explorer (as an example), why should you trust me?

Whenever anybody tells you to download binary code (ie, software) from an unknown web address, do some research first.

  • Checkout the forum where you see the recommendation for the software in question. Don't accept advice only given in dodgy forums.
  • Checkout the link to the software. Google or Yahoo for previous references to the title. See if there are any complaints, or mentions in malware forums, about the link. See if any complimentary comments about that website were made by anybody. NEVER download software, even if it has a good reputation, from a dodgy or unknown website.
  • Checkout the person recommending the software. Checkout prior posts, and coorelate them. See if there are any other posts by the same person, where that person was busted for giving bad advice. Make sure there ARE prior posts by that person - and check prior posts for a match in style and content. See if any complimentary comments about that person were made by others. Don't download software that's only recommended by dodgy or unknown persons.
  • Checkout the software itself, by title. Again, Google or Yahoo. See if there are any complaints, or mentions in malware forums, about the title. See if any complimentary comments about that product were made by anybody. Don't download dodgy software.

My theory is that serious recommendations, by trusted helpers, in serious forums, probably points to safe software. If I see something mentioned in alt.comp.freeware, on the other hand, I consider the software itself, but I research before downloading.

In some cases, an AntiTrojan and AntiVirus scan of anything downloaded, before installing, is a good idea too. Since you'd be doing a one-time scan of an individual file, even an online multi vendor scan would not be a needless precaution. Better an hour wasted researching, before installing software, than a couple days wasted diagnosing a damaged system or network.

0 comments: