@piracy How do i check if a crack is safe or not?

I’m trying to install a cracked version of davinci resolve on my pc, but I don’t know if it’s safe. is there a way to check easily?

#linux #help

    • themelm@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      10 months ago

      And don’t use alone, pretty tricky to narcan yourself. Also gotta watch out lots of non-fentanyl tranqs getting mixed in with shit these days and narcan only works on opiods

  • thorbot@lemmy.world
    link
    fedilink
    English
    arrow-up
    33
    ·
    10 months ago

    Short answer: no, there’s not a way to check easily.

    Long answer: don’t download form untrusted sources, if the crack is fully published on GitHub you can trust it more easily if the code is freely available and vetted by people who know what to look for.

    • Fracture@lemmy.ml
      link
      fedilink
      English
      arrow-up
      19
      ·
      10 months ago

      This is a good idea and a good practice in my opinion. Some malicious code detects when it’s being sandboxed and hides itself until it’s running somewhere it can do damage though.

      • 7Sea_Sailor@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        2
        ·
        10 months ago

        Once malware is VM aware it can also get outside a VM. Furthermore, malware can be written to seat itself comfortably in your PC and lay low for hours, days, weeks before becoming active. Installing in a VM and waiting for shit to hit the fan is not always reliable.

        • bamboo@lemm.ee
          link
          fedilink
          English
          arrow-up
          10
          ·
          10 months ago

          Getting out of a VM reliably is not usually trivial, and VM escapes are usually designed to target specific configurations rather than an arbitrary deployment. A VM with a minimum amount of shared resources is usually a reasonable security boundary unless you think the malware you’re analyzing has hypervisor-specific 0 days.

        • sir_reginald@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          10 months ago

          the malware has to be very advanced and specifically target your hypervisor version to escape a VM.

          in the context of cracked software, it is highly improbable that you’ll find malware with this capabilities.

  • Billegh@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    3
    ·
    10 months ago

    You can’t. They’re never safe. But you aren’t downloading a crack to be safe, are you? Use a sandbox to examine what it does, trust that it’s safe, or don’t use it.

    Statistically though, cracks are safer than the software they’re for though. Hope that helps.

  • BrownianMotion@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    7
    ·
    10 months ago
    1. Scan it with AV. This might still product false positives, so understand the difference between viruses and PUPs.
    2. Go with keygens if at all possible. Run them in a sandbox, like sandboxie-plus.
    3. Only download cracks from trusted sites, and from trusted scene groups.
    4. Preferably check the crack with a MD5 or CRC, so you know its not been tampered with.
    • sqgl@beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      10 months ago

      If someone malicious can tamper with a crack, surely it is trivial to tamper with the NFO. So how do I know the MD5 sum is the original one?

      • Appoxo@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        10 months ago

        My take would be to check multiple sources and still be suspicious with the files even if they match.

    • s38b35M5@lemmy.world
      link
      fedilink
      English
      arrow-up
      20
      ·
      10 months ago

      They pay wall hardware encoding, and possibly other features, like high resolution formats.

      • 7Sea_Sailor@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        5
        ·
        edit-2
        10 months ago

        On windows, the only features locked behind the paywall are required by professionals in film. This includes, but isn’t limited to, larger than 4K timelines, 10 bit footage, advanced fusion filters and effects, niche export quality settings. As long as you’re not working in the media industry, you won’t need these.

        Try the free version first, before jumping into a crack. See if you even like it.

      • Kernal64@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        4
        ·
        10 months ago

        You’ve heard incorrectly, as I use the free version to make videos of my terrible gameplay and I usually export to MP4 using H264.

  • kusivittula@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    10 months ago

    first visual inspection: is there any rash or poop or anything nasty in there? then sniff.

  • Pringles@lemm.ee
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    10 months ago

    Well, if your AV tells you there is a backdoor in it, don’t open it, I would say. There can be valid reasons for cracks to be flagged, but you can usually check what it does by uploading it to a sandbox or checking the hash on virustotal.

  • ColdWater@lemmy.ca
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    10 months ago

    I never used Linux before, is virus still a problem for cracked software on Linux?

    • themelm@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      7
      ·
      10 months ago

      It’ll always be a problem for cracked software. But on Linux I find a good Free and open source alternative more readily than windows. I personally keep a good windows 10 VM around with snapshots for running software of dubious origins.

    • TheOSINTguy@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      edit-2
      10 months ago

      Typically, malware is harder to run on linux due the system asking for a sudo password for anything that requires administrator privlages. There are also plenty of other factors that i dont feel like getting into

      Not to also mention most malicous applications are designed for windows, not linux.

      • themelm@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        6
        ·
        10 months ago

        Its mainly the market share thing really. Using good default policies on windows or Linux would kill a lot of malware but typical Linux users still just copy paste shit into the command line and add random repositories etc anyways. And a program running with my privileges in my home directory would be 99% as bad as it running as root since my machines are really just me using them.

      • KillingTimeItself@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        10 months ago

        your main concern would be files. If you run something as your usual suspect user, that software can do pretty much whatever it feels like with files under those permissions, unless sandboxed.

        Not quite malware, but if someone wanted to troll you a goof rm -rf isn’t hard.