Hi there

I would like to prevent to the best of my ability getting malware or virus when torrenting. I know there is never 100% certainty of not getting one, but i’d like to mitigate it. I’d like to ask your advice/expertise.

These are the practices I use. Please build on them if you think there is room for improvement and how.

  • First off, I use linux (transmission) and only download media (music, movies), no software. I know this already lowers the risks significantly since most malware are on .exe for Windows, however I am aware mp3/mp4 and mkv files can still embed malware to exploit VLC vulnerabilities and also Linux.

  • I use Proton VPN with kill switch in advanced settings - no internet (at all) allowed when the VPN is not connected.

  • I limit opening the downloaded media in the PC. After seeding for a few months, I usually transfer them into an external HDD and delete them from the PC. Media may be used in a TV/phone for viewing/listening.

  • I have downloaded torrent media going into a separate internal SSD which is encrypted (obviously unencrypted when torrenting). This probably doesn’t do much, but I get somewhat piece of mind when I am not torrenting and the ssd is locked.

  • I use normally pirate bay org and get the torrents with the higher number of seeds.

I understood joining some private tracker may help, but I found it difficult to join. Any advice and recommendations are welcome!

  • Seefra 1@lemmy.zipEnglish
    1·
    6 hours ago

    I’m probably the most security paranoid person you may find here on Lemmy, I’m the kind of person who actually checks the gpg signatures of software I download, and refuses to use anything like AUR.

    And I never worried one time in my life about exploits in media files, it’s just extremely unlikely that between the time a 0day is discovered, and your system is updated (you do update frequently, right?), that torrent is going to exploit some player or media library.

    Last time I heard of something like that, it was like 10 years ago, a gstreamer 0day that got quickly patched.

    Executable files aren’t going to execute themselves. If you don’t chmod +x them they shouldn’t execute at all even if you click them. I guess it can depend on your system.

    I am much more concerned about internet facing applications like a web browser or torrent client.