I mean not many apps need to modify millions of files on all drives including network drives and dongles... It should be fairly easy to spot, something like:
1. If xxx wants to modify more than 50 files in 24 hours go to 2.
2. If some of the files were modified more than a week ago or if the files are in directories across multiple drives go to 3.
3. If some of the files are images/documents it's a no go, prompt user to accept and list the affected files.
I'd love something like this for my Synology, it's connected to my Macbook as a network drive and I store my backups there, if anything modifies these files without my knowledge I'm doomed. I need to access some of my backups on daily basis so it's kinda hard to disconnect te drive all the time :/
Of course, bad guys still can 1) create encrypted copy and delete originals instead of modifying files in place; 2) disable protection alongside with A/V and proceed as usual; and my favorite 3) rely on built-in disk encryption mechanisms and simply overwrite encryption keys & salts.
How would the malware do that? I've looked into this and with Windows 10 1903 onward, Tamper Protection is enabled by default. 
I have yet to find a programmatic method to disable Tamper Protection (which is a prerequisite to disable Defender). I've tried regedit (permission denied), GPO, and all other manner of PowerShell thuggery, but I have not succeeded. In the end, I scripted extracting and editing the registry hive offline (outside the VM) to disable Tamper Protection.
Unless the malware has a way to open the Settings app and toggle Tamper Protection in the UI as if they were a user, I can't think of any way they could disable it unless they exploit a known weakness in Defender or a third-party anti-virus program (entirely possible).
But if you thought the app was good and granted it access and it then goes wild...
I've looked into this, but it feels limited to me. It's all or nothing. I can't have App1 only access Documents and App2 only access Pictures. Once I give any one app access to the "protected folders", it has access to all the protected folders.
All applications run inside a VM, and you set up different VMs for different tasks. The windows are all composited onto one seamless desktop environment, with the colour of the window decorations telling you which VM it's in. You can copy and paste between the VMs with a special keyboard shortcut, and you can manually copy files between them as well, but otherwise they have no access to each other.
If you open some ransomware in one VM, it can't touch (or read, or know of the existence of) any of the data in other VMs.
XEN Virtualization with their custom X-passthrough driver is super fast as well. No hardware acceleration of course, but it didn't feel choppy at all. As long as you have enough RAM (I'd say 16GB at least), it works pretty much like bare metal (even though there are several VMs running in background at all times for network, fw, usb, etc), way faster than Spice, VNC, RDP or Virtualbox (talking about UI not number crunching).
In practice though, if you're a power user you probably won't run shady binaries, and if you do - nothing will protect you from them as your user is likely a member of administrative group / wheel and you use sudo/su/doas somewhat regularly. While if you're worried about protecting your employees/family members, just making sure they are not part of the same admin groups and enforcing basic Software Restriction Policy / AppLocker / SELinux / RBAC will be enough to protect against 99% threats out there.
However, the issue I see with this approach is that the default location for saving pretty much everything on Windows is the Documents folder. So I think most people would just blindly agree to give access to this folder.
Most malware comes from apps people wilfully install, so they would probably grant them access to the folders because they would want to use them.
The approach I like best is what MacOS does, where you have to approve access to a specific folder. The drawback of the MacOS implementation is that I cannot define specific folders I want protected (say .ssh).
However, there is also a question of properly enforcing granular per-process restrictions (without breaking backwards compatibility). It's not a trivial task, there are plenty of corner cases: race conditions, symlinks, alternate data streams, process hollowing... I don't expect any implementation to be full-proof in the first decade.
Not a good first impression, and I don't really want to learn the file access patterns of all the things I use.
I think it'd be easier to isolate applications and data like Cubes OS instead of trying to create a universal rule set.
I guess that's one reason why if you don't try restoring from you backups it's as good as not having any...
I have a vague memory of ransomware that waited for one to mount external disks yes, but not as advanced as they ones you mentioned
- External drive with a bootable backup (Carbon Copy Cloner)
- Network drive with automagical Time Machine backups
- Offsite versioned backups (for example Backblaze)
"Pride goes before destruction, and a haughty spirit before a fall", but I'd be surprised if I ever will lose a file like this.
Don’t let apps access “files on external volumes” or “files on removable media” or whatever it calls it on the popup when an app first tries to access those.
And one flips a hardware switch to start overwriting from the beginning, if disk full
This is the acronym I saw on HN somewhere though, WORM.
Edit: Upon further research its kind of annoying that this isn't more common for NAS / cloud storage solutions. I think some like Dropbox do keep revisions on the other hand.
Lots of config options
No -- that only writes to sub dirs
It's a program that warns me whenever programs are locking files. In practice it's a minor annoyance when using brew or pip. Similarly, Oversight tells me when my camera and mic are being used.
It's a minor annoyance whenever I have a video call and plug in a microphone. But it's "for my protection", and sometimes can be useful to know whether it's really my sound settings that are the problem, or that my headphones are unplugged. These two also seem more trustworthy than anti-virus for Mac, because they don't claim to keep me safe, just warn me when there's a problem.
Pirate sites have reputations the same as anybody. The more reputable ones actively remove spam and malware.
So it's kind of like saying, I don't understand how people dare to run executables downloaded through the internet. Depends a lot on where on the internet you downloaded it.
I have no idea what the landscape looks like today, and I’d be reluctant to run anything outside a vm, since I no longer know where the reputable sources are, but I’m sure there are still private trackers and discord servers where you could trust every link.
They happily ban users for sharing the wrong links, and have banned entire instances for discussing anticheating technology.
Or use Vagrant if you want better security.
Do you have an alternative to trusting them?
The unpaid WinZip still works great though.
Free, open-source, and much faster.
This is just one example of a basic feature, used on a regular basis, which has obviously been tested thoroughly by the Office 97 developers, but has seemingly barely received any attention from LibreOffice.
I use a very basic laptop, and through the wonders of virtualization have a Windows ME VM with Office 97 on it, and it runs just as fast as LibreOffice does natively, if not faster. In a VM, being used for an hour or two at a time, Win ME has no stability issues.
Win ME came with IE 5.5, and I eventually upgraded it to 6.0. Because I built my site to be compatible with both, I can easily copy and paste what I wrote into my blog. Office 97 and IE 6.0 support Unicode well enough that I can do all this in two different character sets.
I rarely print anything, and I'd probably still use LibreOffice for that. But if I really wanted to, I could probably figure out how to print, too.
The Win 9x series is remembered for being unstable and crashy, but I think it's also a marvel of engineering and UI design. And when you take away malware, random utilities, registry decay, hardware malfunctions, and so on, it's a comfortable, almost typewriter-like experience.
About the Ctrl-s thing, maybe it's specific to windows, I use libre office on linux and have for years and Ctrl-s on a new document has always brought up the save-as dialog for me.
Either way, I'd rather use an older version of word or libreoffice over new versions of office.
I grew up using older windows, I don't really remember it being overly good or bad, it just kind of was. I remember lots of crashes, but used to do a lot of things I probably shouldn't have been and I do remember it working for everything I tried to do so I don't really have any complaints really. I don't really have any fond nostalgia either though to be honest.
I stopped using windows entirely outside work over a decade ago so none of it really matters all that much to me.
I'm using LibreOffice on Fedora, and I've used it on Mac and Windows too.
Yes, it brings up the Save As dialog, but the name is not pre-filled with an intelligent choice.
In Office 97, it typically pre-fills the suggested file name with the first line of the file. If that's not available, it tries to think of something else.
But never does it ever suggest a file name that is either invalid or would overwrite an existing file.
It ensures that the suggested filename is not too long, and doesn't contain unacceptable characters.
If there's already a file with the first name it thinks of, it appends a number, so that you don't accidentally overwrite an existing file.
In case you don't care about the filename, and just want to save the document, you are never forced to change the default, and it always works.
Many of my files begin with "I'm ..." and sometimes the best that Word 97 can come up with is "I7.doc".
Well, that "I7.doc" is a whole lot better than LibreOffice's "Untitled 1", which will overwrite the last "Untitled 1" it already had me save.
After how many years of development is LibreOffice still not smart enough to do any of these things?
Surely, LibreOffice today has been in development longer and by more people than Office 97 had been in '97?
What is the cause of this unfortunate circumstance?
No, but it's usually helpfully preselected so a single keystroke, changes the name.
>Many of my files begin with "I'm ..." and sometimes the best that Word 97 can come up with is "I7.doc".
>Well, that "I7.doc" is a whole lot better than LibreOffice's "Untitled 1", which will overwrite the last "Untitled 1" it already had me save.
Personally, I dislike that feature of word because typically I do not want my files saved by the first thing i've written and yes I care about file names and take the time to name things sensibly and even put them in related folders.
Also, it should automatically detect an untitled1 and enumerate to untitled2 if untitled1 exists, again this is how it's always worked for me. So your file overwriting example seems a tad dubious to me.
I have to be honest, of all the gripes i've heard, this one's just a bit ridiculous. The save feature works exactly as it should. A program should allow me to choose a name for a file or choose a reasonable generic default, not decide what it thinks I want.
If I see an untitled1.doc around, I know I forgot to rename a file and I investigate, if I see I7.doc or a my name is.doc, I dunno what the hell it is. Maybe it's something I forgot to rename, maybe it's something I wrote before and forgot about, who knows?
Then you can rename it?
>Also, it should automatically detect an untitled1 and enumerate to untitled2 if untitled1 exists, again this is how it's always worked for me. So your file overwriting example seems a tad dubious to me.
But it doesn't! That's what my complaint is about! Do you think I'm just making it up?
>I have to be honest, of all the gripes i've heard, this one's just a bit ridiculous. The save feature works exactly as it should. A program should allow me to choose a name for a file or choose a reasonable generic default, not decide what it thinks I want.
To me, this reads as, "I read your text, but I don't think your problem is real, because I think it should work differently."
I think you should do a deep examination into how you relate and communicate with people, because you spent this whole thread invalidating what I'm saying and telling me the problems I'm describing in detail are not real problems.
You've given me the impression of being an insensitive and careless person.
I mean just look at these instructions
I can't make heads or tails of this...first I gotta switch layouts?? Then I gotta go to view and turn notebook bar mode on? Then i've gotta choose between tabbed, contextual groups or contextual single bar...nope no siree this is why piracy's just not for me.
These knockoffs are always so complicated, why can't they be simple like the official certified word? And shiny and jazzy lookin'? I know ya get what ya pay for, but how hard would it be to slap some bezels and rounded edges on there? Maybe some 3d transitions?
Ah well: play stupid games, win stupid prizes.
Online proprietary software sells you to advertisers for money, or locks you into an ecosystem so they can sell you to other third parties, and they use some of that money to fund development.
With free software you either have to improve it yourself (the source code is on the internet) or give them money so they can hire someone to do it (they all have donation links). If you're dissatisfied with the user interface, have you tried doing the things that cause it to be improved?
Rome wasn't built in a day, as they say.
Great looking software existed long before the rise of everything being always online.
Only if by "nothing to do with" you ignore that it is the method by which development is funded.
> Great looking software existed long before the rise of everything being always online.
At which time you had to pay a lot of money for it. If everybody gave the same money to free software developers, they'd have plenty of resources to build interfaces that are more to your satisfaction.
>If everybody gave the same money to free software developers, they'd have plenty of resources to build interfaces that are more to your satisfaction.
You're just arguing to pay for software, but in a more roundabout way. And again, great looking software existed far before the popularity rise in always-online.
You're unlikely to get a direct answer because... Well you don't talk about fight club. But if you watch the subreddits a bit you'll get a much better idea of where to start, how to get invites to private trackers, etc.
I don't remember when PirateBay or other Warez sites first appeared, but they have been around for at least 20 years. I remember people were even using Blogspot to promote their wares/z with links to RG, FS, DF, etc.
I know and trust(?) the results of Virustotal, and I tell all my clients that when in doubt, drop that bad (?) boy in VT and let it scan it.
Way back when, we had usenet, telnet and gopher, and local BBS's would sometimes have a private stash of cough shareware.
Prior to usenet etc being easily accessible to people outside of educational institutions (the majority of the 80s), it was more common to share programs via "sneakernet" on floppy disk as well, these would often contain a text document that would say what other programs were available and some clues on how to obtain them, but usually it was just a viral spread among friends and acquaintances.
Cracked software would often include intro screens and trainers, the intros sometimes included animations and catchy music to showcase the elite skills of the cracking crew and build reputation, and often they improved the software so it would load more quickly, unlock hidden functionality, or give you infinite lives etc. This spawned the DemoScene, which still exists today unrelated to piracy but historically rooted in the 80s cracking scene.
Here's a compilation of crack intros from 86 to 89 - https://www.youtube.com/watch?v=SFqBkSJOYOQ (skip to 11:40 and you'll see an advert for "cleveland cracking service" with a phone number for an example of how stuff got around before internet was common)
Essentially even back in the 80s and 90s there were the serious crews trying to demonstrate their awesomeness and generate rep, and dumb kids like me naively sharing "free stuff" we were given on disks because we had no idea what things like copyright and licensing even were, let alone stopping to consider whether the stuff we were loading onto our machines had any malicious intentions.
So I'd say that the idea of building reputation and trust in regards to piracy "crews" has a long history going back even further than 20 years, well before the web was common in homes, and I'm at least aware of early to mid 80s cracktro / intro scene materials so perhaps ~35-40 years is a good guess?
Who are your clients? Are you aware that everything that's uploaded to VT becomes public? As in full file contents, not just metadata & scan results. There's no harm in uploading .exe's there, but you should at least warn them not to upload private documents.
Also, VT results are trash for anything new so "all green" doesn't necessarily mean you're safe to run stuff if it also happens to be the first time VT has seen the file. It's not even the VT's fault, AV's suck and everybody knows it. The value of VT is that once something gets detected people can go back in time and look for other incidents that had flown under the radar previously.
Not running pirate software is the only valid path for security.
...that aren't there own.
rutracker isn't some fly-by-night random tracker, it's a well established site in Russia, and the admins have been extremely communicative with users throughout virtually every governmental upset.
To add some context, try to imagine if the classic western trackers had prominent links like this, for example, what.cd.
Looking at the thread, the early posts correctly identified it as malware before the malwarebytes report, and even noted that the link itself violated the application post rules.
It's good for malwarebytes to report that this exists, but they're focusing on the wrong parts, imho.
The hash files to identify the affected file should have been the first part, then the explanation. A bit of google translate would have shown that already, rutracker users are calling to delete the thread.
AV/anti-"malware" has always meant "pro-corporations/pro-copyright/pro-establishment", ever since they started detecting completely clean keygens and cracks as well as "hacking tools" and demoscene productions.
There is sometimes truth, like this article, but there is also a lot of FUD --- IMHO to herd users into giving up personal discretion and instead adopting centralised trust.
AFAIK this is usually a side effect of self-unpacking compressed executables, as produced by EXE packers. They have a property that's been useful to malware authors: they obfuscate the code. To de-obfuscate, you have to unpack, which some anti-virus vendors actually do for executables produced by common compression tools like UPX. For certain types of demoscene productions, however, a popular tool like UPX won't do if you can shave another few bytes using a more obscure packer that AV software are unlikely to have unpackers for. Once malware authors start using those same packers you'll get false positives based on signatures that are likely common to all software using them.
Little angel gone too soon.
But do you understand people who dare to run executables from 'proper-company' site? It's closed source, you have no idea what you are running, isn't it? As long as it's not free software in terms of FSF there is not guarantee what so ever that it's not harmful or even worse intentionally harmful.
How about this one from SONY, that didn't even ask user to run?
or this one Amazon remotely deletes book from kindle:
For pirated software the incentive structures are also clear, and usually point towards "yeah if given the chance they'll take everything from my HDD and make a run for it."
I'm all for FOSS everything, but running a company-distributed binaries is very different from pirated ones, and I agree with GP that it baffles me someone would do the latter.
It also depends on what company means by "not screw everyone over" Right now many companies consider practices as 'OK' while I am coming from the times when most of those modern activities considered to be virus or malware. So for me it doesn't really matter whether you have malware installed by a virus or it's hidden deeply in EULA which you can't reject partially anyway.
Pirating and re-packaging software for torrent is also a non-negligible amount of work, and with no revenue stream besides bundling the apps with malware. So it's quite a different incentive structure still.
You'll have to trust somebody at some point.
Do you trust the company who designed your Ethernet chip? Do you trust the person who wrote the firmware for it? If not, go and design your own network chip. Otherwise, there's no guarantee it won't spy on you.
You'll also want to write your own compiler that you'll then use to build the operating system you intend to run. You won't just go download some Linux .iso to install, would you? After all, there's no guarantee it's not been manipulated by those who offer it on their website.
No, I do not have to. I can choose to, but I don't have to! That is the core of the issue.If I 'have to' then I don't. I prefer checking and facts, not delusions.
>Do you trust the company who designed your Ethernet chip?
No, I don't and we shouldn't. I evaluate chances and we should track network activity with diff. hardware on diff. chipsets from diff. manufacturers.
>Do you trust the person who wrote the firmware for it?
No, I don't and we shouldn't as it's insane to do so.
>If not, go and design your own network chip.
There are other means to overcome this: encryption.
But yes, you right, we should make open source network chip. Agree. I certainly plan to design it.
>Otherwise, there's no guarantee it won't spy on you.
That is correct, I agree with you.
>You'll also want to write your own compiler.
Yes, that is correct. I want and I am writing it right now. There is also an option of GNU c/c++ compiler available (GCC) https://gcc.gnu.org
>that you'll then use to build the operating system you intend to run.
This is how you build a proper GNU/Linux system worth some degree of your trust.
>You won't just go download some Linux .iso to install, would you? After all, there's no guarantee it's not been manipulated by those who offer it on their website.
Exactly. Or it can be modified on the way, while you download it. For the later you can check hash sums published by a site who respects user freedom and cares about own reputation.
>You'll have to trust somebody at some point.
Again I do not have to, but I can choose to trust with some degree to Richard Stallman and people sharing his views.
I have some trouble trusting FSF since he was removed from the position due to false accusations for saying (!) just saying things, which he actually didn't say if you read carefully. Speak about respect of freedom of speech.
To trust the system we should have trust worthy components with open sourced designs starting from CPU and every chip installed and ending with each software running. That is the only way!
The set of computer users who a) have the knowledge to do security code review and b) have the time to review the programs they run is, I would expect, fairly small.
Obligatory reference to Reflections on trusting trust 
Even a small number of those who understands can make a huge noise, because if comment is well grounded, it spreads exponentially by people who do not need to understand all the details.
And frankly how much those who understand you really need for each project? The thing is, if you are worried you can always look, which is not the case if you have nowhere to look.
Also expert is not always required just to see there is no brutal obvious harm intent, which covers a lot of cases
Then you have the fact that if it's deliberately malicious things can be hidden such that even experienced code reviewers (who are not plentiful) could be fooled. A good example of this is the underhanded C contest http://www.underhanded-c.org/_page_id_2.html .
Sure an open source user may catch malicious behaviour, but then security researchers find malicious behaviour in closed source software pretty regularly via reverse engineering or binary analysis.
This isn't an anti-open source thing, it's a reflection that open source often isn't much of a signal of safety, unless further work has been done and continues to be done on a regular basis.
I have also never seen anybody who made this argument verify their free software by looking at sources before compiling.
Let's take a File System for a second as example. If you wrote your personal data on some disk drive and then to read this drive you need let's say Mac/Win because it's a closed format. And Mac/Win cost money. How it differs from ransomware then? Sure you have more time to decide, usually more than 3 days and it costs a bit less, but is it much of a difference there? Probaly a choice to start using it, but is it really a choice? In many cases it's not really.
So back to your point, I understand it, but do you?
...and now you know why Adobe products are so easy to pirate. Young pirates turn into loyal product users and customers.
Check with your university. This shall includes hundreds of software, all editions of Windows both 32 bits and 64bits, as well as all editions of Visual Studio Ultimate, plus databases and other tools.
After that they really cracked down on piracy, and at the same time offer the CC subscription decently cheap (50$ a month) that honestly the risk of malware isn't worth it any more.
Adobe doesn't spend copyright enforcement time on individuals much.
Anyhow, I know that much of my early software license transgressions resulted in actual software licenses.
Yes, digital responsibility is ignored by those using cracked software, but really you can't ignore factual constraints and the economic situation, when talking about who's to blame.
It's a cost/benefit analysis... Billions of people in the developing world rely on pirated software, for one...
Heck, even in large parts of Europe, at some point there would be much fewer graphic designers today e.g. if they couldn't pirate Photoshop when they were young and non-pro (and no, Gimp wouldn't be of much use, they want to learn on the industry standard)...
And it shows in their systems. I know a few people with extensive travel experience in Africa and most of them, despite being decidedly non-technical, came back with essentially the same story: "if you absolutely have to bring a laptop, don't ever connect it to something that has a data line"
But for students Adobe was basically giving it away :) I remember getting a CD for 15 guilders at the time at the university. Which was around 5 euros.
To be honest, when I had to upgrade my Windows machine last year, I really regretted the fact that I've gone fully legit with VST plugins. It took me more than a week to deregister and reregister all the horrible proprietary DRM schemes those companies are using. That would have taken less than a day if I had used cracked versions.
Is there something like a "steam for VST"? Maybe it should exist, to ease the DRM pain for legitimate customers.
Nobody really cares if you use the same presets. There were countless top-10 hits with the same handful of DX7, M1, JV-1080, etc presets.
Nowadays, there are so many VSTs and they have so many presets, that nobody can keep track anyway, even if you do use their presets.
And of course you can always program your own patches on most VSTs, alter presets with layers of effects, etc...
Although there are a few larger DRM "alliances", for some reason manufacturers have not yet been able to agree on a common DRM and package management system. Currently every larger company and a number of smaller ones want to push their own plugin management system.
VSTs are a mess anyway, there are only few hosts who are able to scan all of them correctly without crashing (and these do it by separating the process that crashes from the rest of the host).
No one knows what they are doing. Unless you are decompiling and reverse engineering the whole thing you are mostly just blindly trusting its safe. Even on trusted sites people share stuff from other sites not knowing its infected.
Obviously those can be repacked and faked so you'd have to check multiple sources to ensure you get a genuine release, but yeah the scene groups are as usual way ahead of everyone else.
I think the scene groups are a traditional bunch that in some respects are years behind because of it. I remember in maybe 2005 I'd still download releases that were split into floppy sized RAR files. Possibly, this tradition carried on for so long because the scene was so keen to shame groups that didn't package like everyone else. I don't know how it is now but I'm hoping they got over splitting releases.
Like the OP, back in the day I used to have plenty of pirated software (mostly games) and never had a problem with viruses (at least, not that I knew or had any noticeable effects). The threat complexity is probably way worse these days and I wouldn't risk it. Plus, of course, I support games by paying for them :)
I used to swear by Outpost Firewall as it was able to do things like detect applications adding to startup, injecting into other processes, gaining raw disk access, reading your browser profile for passwords, communicating with any unexpected hosts, etc. This is enough to rapidly identify most malware packaged with pirated software immediately. This isn't some advanced targeted attack, it's a script kiddie packing ransomware, password dumpers like iStealer, RATs like DarkComet, etc. The kind of thing these tools are designed to detect.
I’m on my phone so can’t search better, but couldn’t find it at rutracker from a quick search. Not sure if it will be available via some archive.
Sony has a root kit included, Zoom had a web server that could be exploited (at least) to then on your camera.
That’s just off the top of my head.
I don’t remember malware on Debian, Ubuntu, Fedora or Arch’s repository (put there by maintainers like the examples I gave above, or by a hack). And definitely not Gentoo.
But you are right. The bottom line is, you shouldn’t trust that which you cannot verify; but with open source, you have much more ability to verify (but it’s not a panacea - you run to many lines of code to verify yourself, it’s not clear anyone trustworthy verified it all, and there also the “reflections on trusting trust” argument)
Isn’t that why things like heartbleed took two years before being found out? I presume some people using the vulnerable OpenSSL versions felt similar to you.
The worst I have seen is xscreensaver embedding a message in the code to complain about the old version a year after release.
The damage malware can do now is so much deeper - encrypting all your files, which then gets synchronised out through the tool you were using for backups automatically, before holding them to ransom. Then it turns your light bulbs into DDoS nodes to spread that to people across the internet, and probably you won't notice because you're on a fast enough connection for that to fly under the radar.
There is a de-drm tool that I used to use which packages some other open source. For whatever reason, I always assume people who package up software are careful about what they're packaging up, but no, as it turned out this project is not careful at all. It shouldn't have been surprising but it was.
(I ended up writing my own tool. I de-drm on principle; I don't mind buying stuff, I am deeply offended when that stuff vanishes out from under me because of deliberate obsolescence and/or shutdown. Buying DRM-free is not always an option.)
edit: fix the autocorrect
Mac has the sandbox runner, with a configuration file. However it’s deprecated, and difficult to create.
Also, not even Facebook signs all their apps.
It’s funny, bc everybody is kicking and yelling against the AppStore, and the process. But it’s the only thing protecting everybody from misuse
It was and is a small number of people regardless. I’m not sure if that’s going to be the “reason” nothing happened. If so, it doesn’t seem like that can conclude protection from misuse.
Adobe and Microsoft are the most targeted by malware writers unsurprisingly.
Ive done similar on mac too.
In Big Sur, it might be.
> AFAIK it is always safe to open an app you download from the web (although the app may not respect your privacy).
Apps can still encrypt your disk this way.
I could be wrong, maybe it's only for certain kinds of apps.
This is separate from the older sandboxing feature that’s designed to fully isolate apps from the rest of the system, which is mandatory for Mac App Store apps but opt-in for other apps.
No its not various ways to break out of sandboxes exist.
Now everything is subscription based fully you have to replace the license system within most major software.
So I'm told.
If you cannot afford Little Snitch or don't want to pay for it or just prefer open source, install LuLu. It's a free and open source alternative to LS application firewall.  You can install it through Homebrew or download binaries manually .
I had the same experience with Visual Studio back in the day (aka Visual C++ 6.0; fond memories...), and of course photoshop.
It’s a stupid game, but quite a personal growth vector.
Since software dev isn't the domain of lifelong nerds anymore I don't think most folk are as understanding or knowledgeable about the positives of piracy (or related issues around software freedom or the economic properties of digital data), hence your unfortunate downvotes.
It's a shame... there are many of us who would not be where we are today, as productive, value-creating citizens, without having learned our trade with pirated software.
Piracy is a wonderful equalizer in that regard. Companies have every right to come down on piracy, but it often works against you if your software is a tool.
But, for example, Visual Studio 2003 Architect Edition was so expensive that I think it was a few thousand dollars at the time. Piracy enabled me to learn that, too. And surprise surprise, when I got into the gamedev industry, that was what they used.
Of course, that eventually led to discovering Emacs (or rather being forced to learn it due to a twist of fortune) and then evolving into my bearded open-source devil form... Now if only there were an Emacs equivalent for 3D modeling and music, I'd be happy as a clam. Blender is great, but it just can't compete with ZBrush.
EDIT: By the way, I was delighted to discover that Photopea (https://www.photopea.com/) is a completely free, browser-based alternative to Photoshop. It has almost an identical UI, and it does 100% of what I need out of photoshop. We've been paying the $35/mo creative suite license, but I imagine lots of people still pirate it.
The amount of subconscious automation that goes into making you really proficient at using some tool becomes very obvious when you try to use a different one.
A lot of my learning (game dev) was of course the demo scene, and x2ftp from Oulu in Finland.
Another huge step was me going to the bookstore, secretively reading game programming books, and copying code on a piece of paper.
Those books were unaffordable for me at the time, and the store guy told me to stop a few times.
Could you elaborate on that? I assume you're more on the 'dabbles in it for fun' side, but I can't think of any missing features for that kind of usage besides polypainting which is available as a WIP patch.
Note: I use Affinity instead of photoshop, and I've had an ableton license since v6, but I keep an occasional eye on the pirate scene. I owe many of my skills to pirated software, and could therefore afford to buy software when I became a professional.
Agreed. I learned to program with GW-BASIC which if I remember correctly was included in a (pirated) copy of MS-DOS. Then I graduated to pirated Turbo C and Borland C++, and (I think) only then to the genuinely free DJGPP (a port of GCC for DOS).
If it weren't for pirated software, I wouldn't be a programmer today.
I imagine Adobe has managed to keep a lot of mindshare for Photoshop simply by how widely it is pirated. If pirating Photoshop was absolutely impossible, there'd probably be a lot more Gimp users in this world.
It is similar to making a xerox copy of a book obtained from the library, recording a rented video on a new videocassette tape, making an unauthorized recording at a music concert, or typing code you found in Numerical Recipes into your own open source project.
It is not at all similar to boarding a ship and robbing the passengers.
I'm gradually realizing that this probably plays a larger effect in society than we think. Like the ancient parable of the prodigal son, whose faithful brother was jealous that the rebel was celebrated in the end. Maybe it also plays out in lifelong CS devotees vs. CS-for- the-money people -- the nerds might feel that they have "earned" CS more, and the dayjob folks might not appreciate the depth of understanding that comes from the dedication of the lifelong devotees?
For almost any other positions: it's murkier. If you take a berry off a bush on public property... what's the morality? Or growing from private property overhanging public that's just dropping fruit and the owners are either not present or clearly allowing fruit to drop? It's theirs, they absolutely could harvest it, but they're not and it's clearly implied that is not going to change. Now what?
Yes that's still further towards harmless than you can likely argue software piracy is (... ignoring the network effects of everyone knowing how to use X because everyone pirated it, or I could probably come up with others), but my point is that strict black and white separations have dividing lines and breaking points. Whether there is black or white somewhere isn't really useful to anyone, it's where you draw the line.
(I'm surprised you're getting beat up for this sentiment. $40 is definitely below the threshold of "purchase on a whim and try to learn it for a month." FL Studio was another great one at $99. Still, I'm sympathetic to people who simply can't afford it – children especially.)
It matters a lot what site binaries are downloaded from, and a lot of average users don’t really understand the difference.
I suppose as long as a human decision is involved there is room for error.
Wonder if this can be solved without going 100% down the app store path.
Let's say I already own and use Little Snitch for monitoring traffic, but I want to install RansomWhere to detect malware. Do I get rid of Little Snitch even though I prefer it, or do I deal with having duplicate software on my machine?