posted
My dad hates it when I download stuff from the internet. Actually, he forbids it in the first place.
But I just downloaded something (Introversion's DEFCON demo), and had a little discussion with him on it.
What I need help with is this--which is the danger: the process of downloading from the net, or the result of it?
Meaning, do hackers take the opportunity to raid computers while files are downloading, or do they plant viruses in the files that are downloading, allowing them to hack away while the computer is disconnected?
I need to understand this, so that I know where he's coming from. His logic generally comes down to this: DL--Bad. Don't do it. It's the family computer. Get your own.
Posts: 292 | Registered: Jun 2006
| IP: Logged |
posted
In general, the only problem I know of in regards to downloading files is actually running them. There are a ton of things out there that offer some kind of service, and then throw in a ton of extra crap on your computer. Also, there are a lot of trojans and viruses, which can be real bad. The biggest thing is to really make sure that you know what it is you are downloading. Other than that, I am not aware of any vulnerabilities in the downloader itself.
By the way, I've downloaded the DEFCON demo and haven't had any problems, nor have I heard of any. That said, it doesn't mean that there are no problems.
Posts: 2437 | Registered: Apr 2005
| IP: Logged |
quote:What I need help with is this--which is the danger: the process of downloading from the net, or the result of it?
Meaning, do hackers take the opportunity to raid computers while files are downloading, or do they plant viruses in the files that are downloading, allowing them to hack away while the computer is disconnected?
Errr....realistically neither. Probably the reason downloading gets such a bad rep is from spyware and adware laden software. Many people download cute little screensavers, or dancing dogs or whatever. They almost always have some spyware and adware involved. Viruses usually come from websites in the form of malicious scripts, especially edgier sights, such as software piracy oriented sites.
Every person just surfing the web should have at least two things: 1) Firewall. Both software and hardware preferably. If you have a router, then you automatically have a hardware firewall. Windows XP Service pack 2 includes a free software firewall that takes about 3 mouse clicks to set up. If you don't have Windows XP, then you can get something like Sygate Personal Firewall, (Zone Alarm is another option) but beware- it has so many options that you'll probably end up cutting off your own internet access if you start really messing with it
2) Good virus protection. I use McAfee, another very good company is Symantec. If you don't fancy paying much for it, then there are other options, but IMO it's just part of the maintenance cost of a computer. They not only can scan your hard drive for viruses, but are working all the time, scanning executable files as you run them, or web scripts for malicious code as you surf the web. I can't imagine being on the internet without some form of virus/security protection.
Get those to things and you should be fine, unless you go looking for trouble.
One thing your dad may not realize (as I've had this similar conversations with others about downloading) is that every time you view a webpage, you are in fact downloading it to your computer. In order to view a webpage, your computer sends a request for a page from a remote computer or server. Your web browser parses this page and goes out to get all the pictures, scripts, icons, etc needed to run the program and downloads them to your hard drive. This is what the cache for your web browser is. You're probably safer downloading a known game from a trusted website than you are randomly surfing the net. Just make sure you read the details of the site you're downloading from to make sure they aren't installing a bunch of extra crap on your computer.
Posts: 1412 | Registered: Oct 2005
| IP: Logged |
posted
One thing to ask yourself is where are you downloading the files from?
If you use P2P software, then there is a good chance the file has been compromised--assuming you download the right file. Many hackers will upload a song with malicious software embedded in it that silently executes. They do that through programs like kazaa lite, ares, and bit torrent.
If it is a trusted company and you are downloading from their site, then it is safe. Remember, like BaoQingTian said, screen savers, animations, et cetera are bad.
I have no qualms about downloading the guild wars client from their website, but I would be wary of trying out some obscure free game from a generic website.
You should be fine if you look at the company and the source of the download. Make sure the URL is really the company’s web address. Some hackers like to put up fake websites that look authentic to either get you to download crap or to phish for financial information.
Posts: 2445 | Registered: Oct 2004
| IP: Logged |
quote: Windows XP Service pack 2 includes a free software firewall that takes about 3 mouse clicks to set up.
One thing to remember is that a good firewall stops data from stealthly entering your computer AND to stop data from stealthly leaving your computer.
XP's firewall makes your computer invisible on the net so you shouldn't get hacked, but if you are compromised, then XP has no security from data leaving your computer.
It is for this reason that many people think XP's firewall is substandard and opt to use another firewall--like Sygate. XP's Firewall is better then nothing, but it is not that great.
If someone, for example through a p2p download, turns your computer into a zombie , then XP doesn't help much.
Posts: 2445 | Registered: Oct 2004
| IP: Logged |
posted
BQT and lem are correct. In addition, having a router also gives a considerable amount of protection from attacks over the internet, assuming there is no port forwarding enabled. Hackers attempting to use your IP address to access your computer will end up at the web interface for your router (which is why it's always important to change the administrative password for a router!).
There are tricks that can be used to attack a router and shut it down, but I don't know of any that will allow an attacker to take control of a computer (outside of scripting and irc tunnels) when it's behind a router unless the hacker can gain access to the router's settings.
That said, the vast majority of viruses can't install themselves without some action on the part of the user (opening an image, running a program, initiating an activex control). Just downloading something *usually* isn't enough to infect a computer.
Posts: 3003 | Registered: Oct 2004
| IP: Logged |
Printer-friendly view of this topic
![[Razz]](tongue.gif)
