this post was submitted on 15 Dec 2024
377 points (98.7% liked)
196
16732 readers
2616 users here now
Be sure to follow the rule before you head out.
Rule: You must post before you leave.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Do they actually check for viruses, though? I never even thought about it. I always do a VirusTotal run on anything I download from anywhere.
Antivirus checking isnt really a thing. It protects only against known, old and basic malware. How would you test for something that isnt known....
Pretty sure unknown new vulnerabilities would be used to exploit things like banks and industry, not little timmy's first porngame, but I guess it's all a statistical outcome.
You don't need any special vulnerabilities to encrypt all of the user's files or to use their computer as cloud storage for your kiddie porn or to use their computer for a DDOS or to use it as a VPN endpoint or to mine shitcoins or a thousand other things I'm too tired to think of. Little Timmy just has to get creative.
I was implying Little Timmy was downloading porn not creating porn.
I believe in Little Timmy. He can do anything he sets his mind to. He shall create the most depraved porn game the world has ever seen and in turn wield the mightiest botnet to ever conquer the web!
I'm mentally trying to process how that would work.
I'm pretty sure you can literally upload anything. Like I bet I can make a quick game called "I'll erase your hard drive" and the first thing you do is allow me to get admin/sudo access.
And that might live in itch until it's manually removed. (As opposed to automatically)
Technically it is not a malicious program if it asks for permission (and for added security add a nonliability statement the users agree to).
How it would work is if somebody uploads something the server does a virus check with any kind of antimalware and then any known worms or trojans do not get visibility or just explicitly do not get published at all.
Likely they do testing for known stuff, you can even get premade malware to attach to your exe files. The main problem is the more custom stuff, which is hard to test for, especially with code obfuscation.