Posts: 122
Joined: Jan 2015
Reputation:
15
Hello Everyone.
Monero is forking to RandomX algo which is quite favoring cpu mining, this will definetely will trigger more crypto mining software in 3rd party kodi repos.
How about an addon actively removes those malware addons and blokcs those repos. It can be an addon in the official repo kind of like anti-virus like service. Just an idea. Whenever a new miner is detected the anti-miner will be updated to a new version.
Posts: 201
Joined: Mar 2019
Stop going to dodgy websites and stop using dodgy apps and you will not have any problems. If you are worried about viruses and so forth, simple solution, do not own a computer.
To give you a brief education, you have IN THE WILD VIRUSES, these are un detected viruses which could be sitting on your computer for 10 years or more. You could have one strain of virus, which then implants another virus which goes un noticed because it has never been seen before.
You have people whom run say norton anti virus and they get the all clear, and they think brilliant I am virus free. However, run another virus checker such as AVG and it reports a virus.
You really need two or more virus checkers if you are semi serious about stopping viruses or malware etc.
However, as I have said that they can replicate into different areas of your computer and reside without a virus detector picking them up, because they are not known to the virus databases that they use.
You can get rid of a virus in one of two ways 1) Do a deep dive on your computer, there is software which takes a day or longer to sort your system out, which is not recommended for newbies 2) Format the thing and start fresh
I always chose the second option when needed, which is next to never, but if I am sorting out a persons PC I always suggest a format.
Posts: 122
Joined: Jan 2015
Reputation:
15
Thanks for educating me, you can make sure that my life will be extreemely different after you replied. But you and I are talking different concepts.
Posts: 201
Joined: Mar 2019
A virus, malware all work the same way. Which is why Trojan viruses got their names from, after the battle of Trojan. You have literally thousands of viruses that are in the wild, you could have one on your computer now, that no anti virus has picked up, it could be working doing whatever it wants to do.
It could be a time activated virus. You are really not grasping the basics of what a virus is, and how clever the people whom write them actually are.
Ignore at your peril, but as I have said, if you are worried about a virus, malware etc. Do not own a computer.
Posts: 122
Joined: Jan 2015
Reputation:
15
OK, i am not talking about sandboxing or disabling executables this is what anti-viruses stand for, what I am talking about disabling/prventing the addons which installs the miners, which are based on python scripts and published over kodi repos.
Posts: 122
Joined: Jan 2015
Reputation:
15
yes, this is what I am talking about nice work on the auditor btw.
About the rules, I think with great power comes great responsibility, however only preventive way for such hijacked addons is to delegate the trust the some authority, this is the basic principle on security, but of course, afterwards it brings maintenence and updates and responsibilities etc. This is like calling a sheriff to wild west i think.
Posts: 10,519
Joined: Oct 2011
Reputation:
638
jjd-uk
Team-Kodi Member
Posts: 10,519
2019-12-06, 00:18
(This post was last modified: 2019-12-06, 13:44 by jjd-uk.)
The simple solution is to never install anything from outside the official repo. However if you must stray then make sure it's a trusted source, for an example an addon by an established author that has a support thread here, as any support for addons doing dodgy stuff will not be allowed on this forum.
Posts: 932
Joined: Sep 2013
Reputation:
33
The easy answer is not to run addons. I use a single addon, Youtube, and then it is only used as a cast receiver. If you are concerned about viruses as a whole then use a Unix like OS instead of Windows. I have been using Linux based OSes, full time, for nearly 15 years and I will never go back to Windows. I had to build a Windows 10 PC yesterday and you Windows users really are getting the thin edge of the wedge.
HTPCs: 2 x Chromecast with Google TV
Audio: Pioneer VSX-819HK & S-HS 100 5.1 Speakers
Server: HP Compaq Pro 6300, 4GB RAM, 8.75TB, Bodhi Linux 5.x, NFS, MySQL
Posts: 10,519
Joined: Oct 2011
Reputation:
638
jjd-uk
Team-Kodi Member
Posts: 10,519
Put like it this, you would not hand the keys to your house to just any random person, so why would you do something similar with your Kodi device?
Posts: 12,452
Joined: Oct 2014
Reputation:
600
The key point here is we believe in freedom, in that we don't try and dictate how our user base actually uses Kodi. All we ask is that however they use it, they do so with a knowledge of what they are doing and that they take responsibility for their actions in doing so.
Any addon from the official repo has been reviewed and checked by Team Kodi members, and we thus guarantee it to be "safe" and free of such malware and other dodgy scripting (amongst other things, like it also won't be using illegally sourced media from shady servers).
We make no such guarantee for any 3rd party repo, and there such checks and trust judgements are entirely down to the user. This is why 3rd party sources are disabled in Kodi by default, and the warning message is displayed when they are enabled, as already mentioned in the previous posts above.
Our "objection" to several 3rd party sources and especially several channels on YouTube and parasite "fan" websites is that they blur this distinction between stuff provided by us and stuff that is 3rd party, either accidentally or with depressing frequency deliberately.
The simple application of common sense should tell anyone that being able to watch for free movies and channels that you should be paying a premium for, or indeed movies that are still playing in theatres can't be legitimate. However as can be seen from the trash section here there are a significant amount of dumb users out there for whom common sense and taking responsibility for their own actions (and their own greed) is decidedly uncommon. And being "not tech savvie" seems to equate to them turning off their brains the moment they come into contact with an internet-connected device...
A couple of my blog posts are actually on this subject or this general area and are worth a read for people who want to know our stance in more details. See the link in my signature below for where to find them...
