(2017-05-25, 08:26)Jeffers24 Wrote: (2017-05-24, 09:54)primaeval Wrote: (2017-05-24, 08:54)Jeffers24 Wrote: This option is no longer available in the Kodi 17.2 update
Thanks for the info. It looks we need to get this InputStream Adaptive dependency fixed as soon as possible.
If you ever use subtitles you really must upgrade to Kodi 17.2 as there is a hacking vulnerability.
Malicious Subtitles Threaten Kodi, VLC and Popcorn Time Users, Researchers Warn
Is it unsafe to be using any version of Kodi pre 17.2?
Some of us have TV boxes that are stuck on Android 4.x.x and cannot upgrade to Kodi 17.2.
Is there anyway to disable the subtitle option/s so the hackers cannot get in? I don't use subtitles, but concerned say Kodi 16 may still allow the hackers in.
The subtitles that come with iPlayer WWW are safe as they come straight from the BBC web site and are not in zip files.
If you are watching your own local content with subtitles files that are embedded in the video or in seperate text files (eg .srt) you are ok.
It is only if you use the subtitle addons that download content in zip files from the internet that there is a problem.
Some of the bigger subtitle providers have code to sanitize their subtitle zip files.
It is only safe to trust the subtitle providers if you use Kodi 17.2 or higher.
Kodi is inherently unsafe when you install addons.
The ones on the Kodi repo have been checked by humans but there is still no guarantee if a dev has gone rogue and hidden some malicious code.
Every addon has access to everything on your device or computer that Kodi has access to.
There is no sandboxing of addons.
Most of the devs are doing this as a hobby and can't dedicate the time to test everything that say Nasa does. Even then launches don't always go according to plan.
So you really need to be careful and treat every Kodi device as if it could be hacked.
Run Kodi as a limited system user.
Only install repos you can find some info about or just the Kodi repo.
Only connect to your local computers as a read-only user like Guest.
Don't store your bank password in a Kodi addon.
Occasionally addon devs add some malicious code to delete other addons when dev wars break out.
I haven't seen anything really dangerous happen so far but it is possible.