Right on. Gotcha.
programmer / hacker / phreak / pirate / retrogamer / irc idler / stoner
Right on. Gotcha.
Hi bilb, this is blab. I just wanted to say thank you for your approach. You run a wonderful server.
Hahaha. Yea. Been there too.
Totally agree.
I think we should all strive to do better. Unit tests, mock-ups, UX design, 2 week sprints with actual working deliverables, well documented use cases, every thing neatly stacked in Jira, dev,test,staging,prod environments, continuous integration and every thing else we are told to do.
Then reality sets in……
With all that said, 25 years as a dev, this utopian environment is almost impossible to find unless forced by regulatory compliance. Medical devices, life critical systems, etc. or if you have big piles of money.
Yep. I’ve been there.
This is very true.
Unfortunately most product managers SUCK at designing or making software.
Agile tries to fix this be supporting frequent iteration.
Unfortunately most programmers SUCK at writing good code.
TDD tries to fix this by forcing the consideration of end results (testing) at the beginning. It forces programmers and product teams to actually think and work. Make clear design decisions earlier on, but not to the point of waterfall.
It’s just a giant cesspool of failure due to human laziness that usually falls on the shoulders of QA.
Bottom line, making good software is hard. It takes time. But the market won’t support slow development. The business and sales teams remind me of Veruca Salt in Willy Wonka.
Fair point. Malware can tunnel through existing comms, thus firewalling the exe would do little to protect you.
That’s why I recommended a multilayered defense and practicing good opsec.
An exe that installs a service, modifies unrelated executables, and sends comms through an unrelated application would be a catastrophic failure in any good defense.
If your system is this wide open then you’ll be likely to have all sorts of problems from non pirated software. Such as freeware that installs adware.
I have tried to find these in the wild to no avail.
Can you provide some examples of what you are looking for? There are a handful of private edu trackers that may have the content you desire.
I sorta agree with @darcy. The quality of FOSS (nowadays) is pretty damn good. If I need something I look at FOSS first, dig in github, and then finally look around for a paid program.
Edit to say “paid” program.
This is one of the single most important pieces of advice. Unless you have access to topsites, then this is about as close to the source as you are going to get, except for FitGirl repacks that can be DDLd from her site.
Yep. The approach that Denuvo utilizes has been discussed forever, but games didn’t really have the extra CPU cycles to run around and validate the integrity of each and every function. Most games are balls to the wall and using every CPU cycle it can. Point is, games that require heavy performance suffer under Denuvo unless your system is bleeding edge. This means the vast majority of their customer base suffer. There are all sorts of ways to prevent piracy for games… but most companies can’t utilize these approaches due to the very nature of disorganized game development.
I don’t really use Windows except for playing games, so someone else may have a better answer.
For me, I want 3 types of protection, priority order.
Rootkit and ransomware protection. Lock down and protect system files.
Firewall. Stop software from calling home (and possibly invalidating my forged license) and to stop malware from reaching out to command and control systems.
Malware scanning and suspect execution detection. Most antivirus software detections will be in only one of a couple categories: keygen, generic trojan, or obfuscated executable. If I encounter this, I go to VirusTotal.com and drop the offending file(s) for it to scan. If I’m still concerned I will use an online sandbox execution recorder that tells you what the exe does such as outbound comms, file modifications, registry read/writes, etc.
Windows Defender accomplishes these requirements. Although it is a bit clunky and other mainstream antivirus (paid or free) accomplish the same in a much cleaner interface.
I cannot stress enough the importance of downloading pirated software from a trusted source.
Many do provide some form of checksum.
Ohhh. My day is done. GitHub’s list of Awesome. So much great stuff. Thanks for the topic and sharing.
It does have a needless booby shot.
I don’t.
But I take many precautions.
I’ve been pirating software since the C64. About 40 years. Never stopped. Never will.
I buy the good software I encounter. As a developer, i know it’s important to keep funding further development. Unfortunately most is overpriced garbage.
Long story short.
Basically the same stuff you should be doing with all software.
Edit for firewall clarification.
The report is very light on comparative data. It does look cherry picked. I’d be much more interested in a real piece of research. I do see the point of CCDHs claims. But it’s pretty weak. Free speech has some uncomfortable aspects that the general populace doesn’t want to see. Blocking and filters can help tune the fire hose to your individual preferences. For example on X, I filter all the political out of my feed. It’s not that hard, people are just lazy.
The prices are going up for every provider. It’s across the board. Porkbun.com too.