A few weeks back I downloaded a couple of videos (wmv’s and flv’s) - one of which contained a virus, sending my whole (WinXP) system down. I was able to retain all my data, and still have the folder with the videos it, but (after running a viral scan with McAfee) I cannot tell which one it is.
It brings up a few questions for me. Numbered below for clarity and organization.
1 - How does infection via a video file work? Some preliminary searches only revealed it may have something to do with Data Management Rights (DMR) connecting to a host. Apparently, the DMR can somehow be turned off, so the file wouldn’t try to connect to the host server to download any virus. But, if this is true, then is it true the computer could be protected simply by disabling the internet connection? In such a case, the file would seem safe to run, so long as it couldn’t connect to anything else.
2 - Like how can one tell which one is the infected file? Shouldnt a viral scan identify an infected file?
3 - Assuming one couldnt tell one way or another - what about using an iPod to watch the videos? I’ve read iPods are not impossible to corrupt, but it’s highly unlikely a virus would target the Mac software inside it. Finally, my iPod is an age old 30GB drive, which wont connect to the internet. So it might be even less vulnerable to attack (assuming #1 above is true).
Anyway, I’m not sure if I have all this right, so please excuse if the questions sound in any way confusing. :spin:
It’s DRM (Digital Rights Management), and yes, that is indeed where Evil dwells (no, I won’t discuss the evils of regular DRM right now). If your media player automatically acts upon DRM requests, it will automatically activate anything described properly as DRM licenses. And someone figured out how to put a virus in that.
So check the settings of your media player, and turn off Automatic DRM (or turn on Manual DRM). The details vary from player to player, I don’t even remember how I did it for my WMP and VLC players. But once it is off, anything requiring a bogus license will ask you if you want to download it. Always answer NO.
Oh, and never install players that any media file asks for. They are ALL hacker software, with no exception (the legit ones are never asked for by name in any media, AFAIK).
Will do what I can to turn off DRM, but - in other cases - am still wondering about just disabling the internet connection or watching the vidoes on an iPod (with no internet connection).
If I understand it correctly, no internet connection would be at least a temporary fix to the problem.
The question that comes to my mind is, why are you so keen to watch these virus riddled videos? One can only guess what kind of video content they contain and what suspect place you got them from. Maybe you need to get in contact with MovieJerker, he seems to have some videos and he’s posting here a lot at the moment.
Actually, I would advise against using the videos at all. Whatever it is, it probably exists without virus (I am assuming it is content that, in itself, was legally produced. How it is distributed is none of my business). Most DRM vira are attached to fake videos, anyway. Having your player alert you to a DRM license is a way to spot the crap videos, not a way to play them anyhow.
Oh, and disconnecting just means the DRM license is not available, and the video won’t play. Otherwise, DRM would pretty much be a complete waste (“So I need to buy this movie to watch it? Nah, I’ll just unplug the net and it will be fine”, I doubt any technology would survive that easy a circumvention).
To any mods or admins - I’d like to request this thread be locked.
The question was intended to address a security issue - not incite a flame war, cast aspersions, or be derailed by hijackers. Some of the comments are violating acceptable usage policies.
