SitePoint Sponsor

User Tag List

Results 1 to 14 of 14

Thread: Safe Videos?

  1. #1
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,764
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)

    Safe Videos?

    I am under the impression that watching videos online is a sure way to get hacked.

    Is this true?

    Would hate to jeopardize my new MacBook Pro by watching videos on Vimeo and YouTube. (Ironically I want to watch some videos on *security*...)

    Thoughts?

    Sincerely,


    Debbie

  2. #2
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    24,165
    Mentioned
    453 Post(s)
    Tagged
    8 Thread(s)
    I think it very unlikely that this is a problem. Videos are heavily processed upon upload to those services anyway, so I doubt they can contain anything nasty.

  3. #3
    Barefoot on the Moon! silver trophy Force Flow's Avatar
    Join Date
    Jul 2003
    Location
    Northeastern USA
    Posts
    4,606
    Mentioned
    56 Post(s)
    Tagged
    1 Thread(s)
    No, the videos themselves will not infect your computer.

    However, if the website itself has malicious code or malicious ads being displayed, you could possibly be infected by that.
    Visit The Blog | Follow On Twitter
    301tool 1.1.5 - URL redirector & shortener (PHP/MySQL)
    Can be hosted on and utilize your own domain

  4. #4
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,764
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Force Flow View Post
    No, the videos themselves will not infect your computer.

    However, if the website itself has malicious code or malicious ads being displayed, you could possibly be infected by that.
    I thought one of the leading sources of malware was when people download Porn Photos and Porn Videos?

    And I was certain that there can be a nefarious "payload" in videos, just like there can be in Flash files...

    Sincerely,


    Debbie

  5. #5
    SitePoint Wizard silver trophy Crazybanana's Avatar
    Join Date
    Mar 2003
    Location
    In tha fruit cellar
    Posts
    1,379
    Mentioned
    32 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by DoubleDee View Post
    I thought one of the leading sources of malware was when people download Porn Photos and Porn Videos?
    stop downloading these files and you should be ok

    No seriously, you can embed malicious code to a video, but it will most likely only work if you play the video in the media player it is crafted to exploit.

    What you can do is disguise a virus as a mediafile etc and make people download it and run it - this has been a popular thing to do for a long long time.

    The videos from vimeo and youtube are processed after you upload it, so there is no problems with these videos if you watch them on youtube or vimeo - if you watch them on other webpages there can of course be a problem, as the webpage can have various malicious scripts running - this is also a popular way to infect people.
    Who's to doom when the judge himself is dragged before the bar


  6. #6
    Life is not a malfunction gold trophysilver trophybronze trophy
    TechnoBear's Avatar
    Join Date
    Jun 2011
    Location
    Argyll, Scotland
    Posts
    6,150
    Mentioned
    262 Post(s)
    Tagged
    5 Thread(s)
    Quote Originally Posted by DoubleDee View Post
    I thought one of the leading sources of malware was when people download Porn Photos and Porn Videos?
    Well, I've never had the least interest in either of those things, so I can't speak from experience, but I think that's the same issue Force Flow was mentioning. The sites from which such stuff may be downloaded are not necessarily as scrupulous as YouTube and Vimeo when it comes to protecting their visitors. It's likely to be the site, rather than the content type, which is the problem.

    I think you're confusing two issues here. Watching security videos is not the same thing as downloading porn videos.

  7. #7
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,764
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Crazybanana View Post
    stop downloading these files and you should be ok
    I have a life-sized pin-up poster of our very own "Ralph" on my bedroom wall, so who needs porn?!


    Quote Originally Posted by Crazybanana View Post
    No seriously, you can embed malicious code to a video, but it will most likely only work if you play the video in the media player it is crafted to exploit.
    Okay.


    Quote Originally Posted by Crazybanana View Post
    What you can do is disguise a virus as a mediafile etc and make people download it and run it - this has been a popular thing to do for a long long time.
    Do you mean that someone would trick me into thinking a file was an .mpeg when it was instead a .exe??


    Quote Originally Posted by Crazybanana View Post
    The videos from vimeo and youtube are processed after you upload it, so there is no problems with these videos if you watch them on youtube or vimeo
    I didn't know that.

    (Of course, that is not to say that the hackers couldn't find a way around that...)


    Quote Originally Posted by Crazybanana View Post
    if you watch them on other webpages there can of course be a problem, as the webpage can have various malicious scripts running - this is also a popular way to infect people.
    I don't watch much video, however I am increasingly interested in videos about Security and China.

    Sources would likely be things like the Washington Post, NY Times, CNET, Ars Technica, YouTube or Vimeo.

    Sincerely,


    Debbie

  8. #8
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,764
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by TechnoBear View Post
    Well, I've never had the least interest in either of those things, so I can't speak from experience,
    Nor have I ever implied that I do...


    Quote Originally Posted by TechnoBear View Post
    I think you're confusing two issues here. Watching security videos is not the same thing as downloading porn videos.
    Yes, but...

    1.) I believe a lot of the Streaming Videos you'd find on a website like YouTube are actually Flash Videos. And Flash has long been a target for attackers.

    2.) If there is a way to insert malware in a Porn Video, then what is to stop someone from installing malware in a video of a Squirrel Waterskiing?! (Or even a mundane video on "Writing Secure PHP Apps"?!)

    Sincerely,


    Debbie

  9. #9
    Barefoot on the Moon! silver trophy Force Flow's Avatar
    Join Date
    Jul 2003
    Location
    Northeastern USA
    Posts
    4,606
    Mentioned
    56 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by DoubleDee View Post
    1.) I believe a lot of the Streaming Videos you'd find on a website like YouTube are actually Flash Videos. And Flash has long been a target for attackers.
    Nope. The videos are actual video files these days. It's the players that are made with flash or HTML5.

    If there is a way to insert malware in a Porn Video, then what is to stop someone from installing malware in a video of a Squirrel Waterskiing?! (Or even a mundane video on "Writing Secure PHP Apps"?!)
    That's the risk you take when connecting to the Internet. Anything that you download can potentially contain malicious software or cause harm.

    All you can do is practice safe email and browsing habits, keep software up-to-date, have a firewall up, have anti-malware measures in place, and have AV software running and up-to-date, and be careful about what you install (and when you do install something, always do a custom install and prevent bundled software/toolbars from installing).
    Visit The Blog | Follow On Twitter
    301tool 1.1.5 - URL redirector & shortener (PHP/MySQL)
    Can be hosted on and utilize your own domain

  10. #10
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,764
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Force Flow View Post
    Nope. The videos are actual video files these days. It's the players that are made with flash or HTML5.
    So nearly any video I'd see on YouTube is something like .mpeg or .avi or whatever?


    Quote Originally Posted by Force Flow View Post
    That's the risk you take when connecting to the Internet. Anything that you download can potentially contain malicious software or cause harm.
    But how risky on a scale of 1 to 10 - 10 being extremely risky - would you consider watching videos on YouTube, Vimeo, etc?


    Quote Originally Posted by Force Flow View Post
    All you can do is practice safe email and browsing habits, keep software up-to-date, have a firewall up, have anti-malware measures in place, and have AV software running and up-to-date, and be careful about what you install (and when you do install something, always do a custom install and prevent bundled software/toolbars from installing).
    If I didn't say, I am on a MacBook Pro with Mountain Lion. (Most of what I've seen says do NOT install anti-virus software as it can do more harm than good at this point.)

    Not sure what other "anti-malware measures" I could take on my Mac.


    BTW, what happens to the "risk factor" when you...

    1.) Watch Streaming Videos

    vs

    2.) Download Video Files

    vs

    3.) Capture Playing Videos using something like SnagIt or Camtasia?


    FWIW, my interest in video is to watch, take notes, and maybe capture them as part of research for the business I am building. For example, maybe there is some documentary or news clip about a start-up company that captures my fancy...

    Or, I must confess, maybe I want to capture a music video I like.

    Other than those two examples, I am NOT interested in stupid Cat Videos, Justin Bieber, Miley Cyrus Twerking or Porn!!!!

    Anything I'd watch would likely come from a website like SitePoint, CNET, Ars Technica, the NY TImes, PBS, or maybe YouTube or Vimeo.

    Sincerely,


    Debbie

  11. #11
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    24,165
    Mentioned
    453 Post(s)
    Tagged
    8 Thread(s)
    Quote Originally Posted by DoubleDee View Post
    how risky on a scale of 1 to 10 - 10 being extremely risky - would you consider watching videos on YouTube, Vimeo, etc?
    Zero. As mentioned above, videos on those sites are heavily processed by the system itself before being presented for watching. There's no way they'd have viruses in them after that process.

    Not sure what other "anti-malware measures" I could take on my Mac.
    There are tons of anti-virus programs out there for Mac. You just haven't looked. I use Intego products.

  12. #12
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,764
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    First off, Ralph, let me say that I am disappointed that you didn't even nibble on Post #7...


    Quote Originally Posted by ralph.m View Post
    Zero. As mentioned above, videos on those sites are heavily processed by the system itself before being presented for watching. There's no way they'd have viruses in them after that process.
    Well, I have had a few people mention that, so maybe it is true. (I have no way of verifying it, but it seems reasonable.)

    And I guess there is a distinction between downing a pirated blockbuster movie or porn as a file from some unknown source, versus watching a streaming video on a site like YouTube that supposedly checks it for safety first. (For the record, though, I BET that wasn't the case 2, 3, or 5 years ago...)


    Quote Originally Posted by ralph.m View Post
    There are tons of anti-virus programs out there for Mac. You just haven't looked. I use Intego products.
    That isn't what I was saying.

    Yes I know that. (I also know that most Mac people recommend to NOT use Antivirus software as it can cause more issues than help. In fact, I believe that is Apple's official response...)

    I thought whoever said "take extra malware precautions" was implying that there are other things I can do to "harden" my Mac (e.g. disable Java)...

    Sincerely,


    Debbie

  13. #13
    SitePoint Wizard bronze trophy bluedreamer's Avatar
    Join Date
    Jul 2005
    Location
    Middle England
    Posts
    3,357
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by DoubleDee View Post
    First off, Ralph, let me say that I am disappointed that you didn't even nibble on Post #7...
    He's probably too full of christmas pudding for any extra nibbling

    And I guess there is a distinction between downing a pirated blockbuster movie or porn as a file from some unknown source, versus watching a streaming video on a site like YouTube that supposedly checks it for safety first. (For the record, though, I BET that wasn't the case 2, 3, or 5 years ago...)
    Absolutely! Watching videos on say Youtube/Vimeo or a trusted site like the NY Times is a totally different thing to downloading a pirated video from something like a "torrent" site (which is how most pirated stuff gets shared). Typically with pirated content you never actually know what you are downloading so there's always an inherant risk there.

  14. #14
    Barefoot on the Moon! silver trophy Force Flow's Avatar
    Join Date
    Jul 2003
    Location
    Northeastern USA
    Posts
    4,606
    Mentioned
    56 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by DoubleDee View Post
    Yes I know that. (I also know that most Mac people recommend to NOT use Antivirus software as it can cause more issues than help. In fact, I believe that is Apple's official response...)
    That's completely false, and it is not Apple's official response. There are viruses, trojans, and malware that target the mac platform. OS X in not impenetrable, and it wrought with security flaws just like any other platform. Years ago, this wasn't a huge issue because the overall market share of the mac platform was pretty small (making the development of viruses/malware impractical because of the low rate of infection because of the small number devices/computers). Today, the market share is a bit larger that it once was, and it a more lucrative target for malware developers.

    Up until recently, the OS X page on apple's site included this:
    The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection.
    Clam is a free AV solution available. There are a number of paid options as well, such as ESET. However, it might be that you heard things about Norton antivirus, which is a bloated piece of junk these days on both the windows and mac platforms.

    Quote Originally Posted by DoubleDee View Post
    I thought whoever said "take extra malware precautions" was implying that there are other things I can do to "harden" my Mac (e.g. disable Java)...
    I was mainly referring to the windows platform. Since I'm not a regular mac user, I'm not entirely sure what other measures you can implement, since the tools I work with aren't available for OS X.
    Visit The Blog | Follow On Twitter
    301tool 1.1.5 - URL redirector & shortener (PHP/MySQL)
    Can be hosted on and utilize your own domain


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •