Re: Problem playing an avi file

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



  On 07/15/2010 07:46 AM, Marko Vojinovic wrote:
> On Thursday, July 15, 2010 15:18:58 Alan Cox wrote:
>> On Thu, 15 Jul 2010 14:57:16 +0100 Marko Vojinovic<vvmarko@xxxxxxxxx>
>> wrote:
>>> It's a hoax, coupled with propaganda. The very same thing happens even if
>>> you actually use Windows Media Player to play the file, on a Windows
>>> machine.
> [snip]
>>> I didn't try to scan it for viruses/trojans/worms/malware/etc., because I
>>> believe you cannot get infected by playing a movie in mplayer (unless
>>> mplayer has some serious security exploit that nobody is aware of). So
>>> just drop that file and go find a genuine one.
>> There have been numerous exploits against video codecs, and fuzz testing
>> codecs is .. interesting. The players may well have the odd bug but the
>> codecs tend to parse extremely complex compressed data streams from an
>> untrusted source, have to do it at high speed and seem to be the main
>> source of holes.
>>
>> Whether a Windows exploit would work on a non Windows box who knows. It
>> may well be the message is because it contains a trojan that *only* works
>> in a specific player/codec combination.
> Right, so this is not propaganda, but rather instructions which player/codec
> combination is vulnerable to the trojan attack. The user sees the message,
> tries to play the file in the appropriate player with appropriate codec, and
> ---  sees the same message yet again, but gets infected in the process. Nifty
> stuff! :-)
>
> So, as long as one *doesn't* follow the instructions on the screen, everything
> is ok. :-) Linux players like mplayer, vlc, and others are most probably
> immune to this, so no problem there.
>
> Luckily, the Windows machine I tried it on is a virtual one (ie. disposable).
>
> Best, :-)
> Marko
>
On a similar windows machine, I tried it with windows media player.
Well the eplayer immediately popped up a banner saying that the avi
file does not conform to something (forgot what) and warned me of
a possible attack.
So I chose to cancel.

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux