Login at Kodi Home

code-E · (This post was last modified: 2015-12-11, 20:50 by code-E.)

Hi=)

I am not a code guru like you, but, I think it would be good if we compile a list of addons/repos that harm our systems.

Please list known " bad addons/repos" and how/what kind of bad code/exploits they execute.

Lets pull together and take em out so to speak.

thanks, take care and stay safe=)

**zag** · 2015-12-11, 21:35

Anything on our official repo will have gone through our vetting process and is tightly managed.

For any other repo, your on your own I guess

code-E · (This post was last modified: 2015-12-11, 21:59 by code-E.)

hey Zag=)

yes, and instead of "being on our own" , we should band together and expose what needs exposing.
Your machine may not be infected, but what if you connect to a network that is?
I can list many reasons why we should disclose info on known "perpetrators" - but i am sure that you know your security too and about "weak links in a chain" and how they affect us all in some way or another...

anyway, just an idea.. Wink

stay strong=)

**PatK** · 2015-12-12, 17:57

Official:Forum rules/Banned add-ons (wiki) should be a good start, and then anything that isn't in the repository hasn't been vetted. Add-on's that overlay or replace Kodi code, and seem to operate on some machines and not others don't have to be virus infected etc to be just a bad add-on. Once you add code from unknown sources, it can literally do anything to your machine, malware, key-loggers, and web compromises, anything not open sourced in binary form is just asking for trouble.

There is a reason the add-on is not in the official repository, and this is usually because it does something that is not approved of by the team. There are exceptions, but so very few, it's hardly worth mentioning if they haven't been through the vetting process.

trogggy · 2015-12-12, 18:28

Sorry, I can't agree with the last part. There are plenty of totally legitimate add-ons that aren't in the official repo.
Many of which have threads in this forum.
Maybe 'If it's here (ie in this forum) it's almost certainly fine'? And even then there will be many more elsewhere.

**natethomas** · 2015-12-12, 21:15

(2015-12-12, 18:28)trogggy Wrote: Sorry, I can't agree with the last part. There are plenty of totally legitimate add-ons that aren't in the official repo.
Many of which have threads in this forum.
Maybe 'If it's here (ie in this forum) it's almost certainly fine'? And even then there will be many more elsewhere.

I'd say that's pretty reasonable. If it's here in the forum, it's at least been vetted to some degree. Using these addons is an exercise in trust, and if they can't even be discussed on this forum, I'm not sure where the trust could possibly be.

trogggy · 2015-12-12, 22:04

(2015-12-12, 21:15)natethomas Wrote:
(2015-12-12, 18:28)trogggy Wrote: Sorry, I can't agree with the last part. There are plenty of totally legitimate add-ons that aren't in the official repo.
Many of which have threads in this forum.
Maybe 'If it's here (ie in this forum) it's almost certainly fine'? And even then there will be many more elsewhere.

I'd say that's pretty reasonable. If it's here in the forum, it's at least been vetted to some degree. Using these addons is an exercise in trust, and if they can't even be discussed on this forum, I'm not sure where the trust could possibly be.

I don't see much discussion of non-english add-ons here Nate. The world is a big place, and if I'm looking for a French add-on I don't come here. Maybe you could extend 'discussed here' to 'plus if the repo's in the list of unofficial ones.'
In addition I'd just say that I could - but won't - name individual people who have coded add-ons that definitely wouldn't be allowed here whose work I would trust implicitly. I don't mean by that that I'd trust it to abide by copyright, but I would trust it not to be introducing malware / messing with my systems.

~~Ned Scott~~ · 2015-12-13, 00:26

(2015-12-11, 20:50)code-E Wrote: Hi=)

I am not a code guru like you, but, I think it would be good if we compile a list of addons/repos that harm our systems.

Please list known " bad addons/repos" and how/what kind of bad code/exploits they execute.

Lets pull together and take em out so to speak.

thanks, take care and stay safe=)

The "malware" or bad things add-on repos can do is normally the result of ignorance and not malice. They do exist, but only in minor examples that don't normally live long. So to answer your question, there is no list because there are no major examples of people intentionally trying to hurt systems. There are lots of examples of mistakes, disputes, and other negative things, but even those weren't really from "bad people". Stupid people, yes, but not evil.

DarkHelmet · 2015-12-13, 01:59

I'd advise not do to do anything in that direction. There will be too many who will interpret such a list in an opposite white-list. Meaning what is not on the list, is considered safe by the team, the users here or whatever "authority".