the link you shared seems to stem from conversion, not the files itself that someone rips or installs (at their own discretion)
And honestly using to compress and convert files I’ve never honestly had Malware being put to them
Again stems back to the whole “Firefox Insecure” equivalent discussion.
Not only is this example not related to torrenting, but it is not even related to this topic at all?
There are clear benefits to making privacy-respecting behaviors more user-friendly too, UI/UX is a critical component of privacy actually.
They’re sites that let you convert file formats or rip from YouTube/Soundcloud etc. The end result is a local media file that you play in your media player which can be malicious. Again this is something people do all the time.
that is true but again it’s not something we can control with recommending media players outside of letting them know things like:
Basically we encourage the safe practices, but otherwise again this is beyond our control except this.
That is not what the article is discussing. The article is discussing media conversion executables that people download and run instead of using ffmpeg or Handbrake.
This article really highlights the need to promote this sort of much safer software, because otherwise people will download untrusted media players.
I would agree that the risk of downloading malware to play/convert media is far greater than the risk of downloading malware-laden media that exploits your otherwise trustworthy media player.
I just want Kodi to use the basic security features baked into the operating system, I’m not asking for much. If they did that I’d be fine with it. Part of our evaluation should be security no?
Let’s see
according to standard criteria:
Security: Tools should follow security best practices wherever applicable.
wherever applicable
Now this may be just the vague sounding to assumption but if I am correct on this, whenever applicable means that an application shouldn’t be inherently insecure, I don’t think PG wants to do full on security, there needs to be a balance and I feel that Kodi and VLC delivers this balance
unless I am wrong about the statement, feel free to chime in.
Best practices would be enabling the App Sandbox, not disabling other security features etc. It’s a pretty low bar to clear.
honestly it’s why as an author I do encourage people chime in, Most people would much rather have a safe alternative than not and if the votes on
Television and Projector Guide is anything to go by I think people are demanding this.
Now of course i could be wrong which is exactly why I encourage it.
They’re discussing both:
To conduct this scheme, cyber criminals across the globe are using any type of free document converter or downloader tool. This might be a website claiming to convert one type of file to another, such as a .doc file to a .pdf file. It might also claim to combine files, such as joining multiple .jpg files into one .pdf file. The suspect program might claim to be an MP3 or MP4 downloading tool.
https://www.fbi.gov/contact-us/field-offices/denver/news/fbi-denver-warns-of-online-file-converter-scam
Anyway you’re downloading and running code when you use a website anyway the difference is that a web browser has sandboxing.
I think that “part” is the key word, and this particular risk shouldn’t trump everything else about the application. With less likely risks like this we’ve historically just noted them on the page instead of completely rejecting the tools. It is a different situation if there are 1:1 alternatives that are safer.
Here is an interesting guide we could potentially update and publish to our blog to cover not just Kodi but other macOS apps generically:
There are probably similar methods on other operating systems. I think that noting how to do this on various platforms for the people who evaluate the risks you’ve brought up to be a part of their threat model would be worthwhile.
The reality is that the operating systems people use currently don’t require sandboxing, and this is an OS issue, not entirely an application issue. If we take this argument to its logical conclusion, you would be saying that we shouldn’t recommend running a computer at all, because operating systems leave open the possibility of running malware to the user.
The choice to run anything you want on your computer is the same choice you have to play any media you want on your media player. It’s not a choice we make for people, all we can really do is educate them on the risks and consequences of certain choices.
I seriously doubt that. Most people want Privacy Guides to uphold their rare integrity. The attitude has always been (from my perspective) that compromising for the sake of making a recommendation is unacceptable and, consequentially, that no recommendation is better than a bad one.
This is using sandbox-exec which is deprecated and shouldn’t be used.
The fact that it isn’t required is the whole reason we need to highlight apps that do use it. We don’t have to worry about it on iOS since apps are required to be sandboxed anyway. The argument that asking for some basic security measures from app developers means you can’t use a computer at all is an argument ad absurdum and makes no sense. I’m just doing some basic surface-level looks at the app to see some easy features we should expect from any app.
Yes, but in this case my overall point is that most people are not making a compromise by using Kodi in the first place.
Edit: And certainly not a compromise compared to other media playing apps like Netflix or other commonly used streaming services.
and personally I feel that with Open source builds being reproducible, I think it adds a layer of trust, abd as you shared in the article, It meams that you could actually implement the sandboxing if you genuinely want to by turning it on
that ia if savvy enough and for the rest they should have a relatively safe software to run their media on.
And as we said before, we can’t control about the files for the user, other than if fria wanta we can add suggestions towards safe measures of obtaining media which I mentioned a few examples.
Now if I sound like doubling down, that’s fine I totally get it but it’s not without merit and more importantly thete needs to be a balance, which again they do deliver but again it varies and maybe the best we can do is add warnings…
I ask you what compromise if it’s not rude, for security?
Remember we used to Recommend DivestOS as a harm reduction OS, not a Secure OS like Graphene, I don’t understand the double standard here honestly.
again by all means, express your thoughts, I appreciate it.
Noy to mention the whole Firefox security discussion, I think this is being similar now but I could be wrong but still.
Well, that isn’t entirely true. We here likely have a biased perspective with regard to how much we use desktop operating systems, but the vast majority of people use mobile devices most of the time. Both iOS and Android enforce strong app sandboxes, as do Android TV and tvOS, which are the next most popular platforms for media consumption.
It does feel like this conversation may be pushing the goal post towards a threat model that is seemingly much less common then what I would assume the target audience is for this section.
I think its going to scare away most users from the section if it seems like they need to follow a guide on how to sandbox their media player just to be safe enough to play their burned copy of Diehard on Kodi.
Yup very valid point.
Again we need to agree on some kind of compromise or otherwise
remember:
We recommended DivestOS, despite it being a harm reduction OS not a full on Secure and Privacy OS
We also recommend Firefox, despite many users expressing how “insecure” it is.
They don’t need to do anything, a secure media player will be sandboxed OOTB. That’s what I’m pushing for here, a 0 effort media player that’s secure without the user having to think about it.