Harmful code in demos?
category: general [glöplog]
Quote:
Oh good, so you didn't discover the hungarocoin miner tsr in there yet? :D
Guess why it is called "for (int ....)"!
THEIR USING UR CPU CASH
Keops is working for the french baguette mafia anyways ...
1. create 4k procedural gfx
2. hide GPU crypto miner in the loader (that will be anomaly long)
3. make it popular
????
PROFIT!!!!
2. hide GPU crypto miner in the loader (that will be anomaly long)
3. make it popular
????
PROFIT!!!!
Just like any software release, malware (née viruses) can creep into release files due to the nature of any upload. As in: the uploader may have malware infecting his upload without him knowing about it..
Antiviruses complaining that e.g. a PC intro is suspicious though, is only due to silly generic virus software by people who have no clue and don't scan binaries for actual suspicious code. It goes by other generic things, such as extensions, file size, etc.
It would take too long to for any antivirus to scan a binary *properly*, so antiviruses don't do it.
A much better scan is downloading a demo from a demoscene website. If it's too big, if something was appended, this will be remarked on for intros and quickly resolved. For demos, the only source of a virus injection is if it runs on a *very* popular public engine or compiler library of some sort.
Antiviruses complaining that e.g. a PC intro is suspicious though, is only due to silly generic virus software by people who have no clue and don't scan binaries for actual suspicious code. It goes by other generic things, such as extensions, file size, etc.
It would take too long to for any antivirus to scan a binary *properly*, so antiviruses don't do it.
A much better scan is downloading a demo from a demoscene website. If it's too big, if something was appended, this will be remarked on for intros and quickly resolved. For demos, the only source of a virus injection is if it runs on a *very* popular public engine or compiler library of some sort.
Well, when I started this thread back in the prehistoric days of humankind I was thinking more in the lines of malicious code inserted in the prod by the authors of said prod and not some unrelated virus infecting the file. Perhaps demo makers should start supplying checksums or digital signing or something? :) Then you'll know if you'll get the original malware or not.
Checksums won't help if a virus infected your compiler ;)
