LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   Is frei0r a harmful dependency to ffmpeg? (https://www.linuxquestions.org/questions/slackware-14/is-frei0r-a-harmful-dependency-to-ffmpeg-4175431194/)

slac-in-the-box 10-08-2012 02:45 PM
Is frei0r a harmful dependency to ffmpeg?
 
Howdy Slackers:

Thought I would bring the following to your attention:

On slackbuilds.org, frei0r is an optional dependency of ffmpeg, and when clicking on the source download: frei0r-plugins-1.3.tar.gz at http://slackbuilds.org/repository/14...raries/frei0r/, I am directed to http://www.piksel.no/frei0r/releases...ins-1.3.tar.gz, where firefox gives me the following warning:
Quote:
Reported Attack Page!

This web page at www.piksel.no has been reported as an attack page and has been blocked based on your security preferences.

Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.
hmmm... guess I'll skip this dependency for now...

slac-in-the-box 10-08-2012 02:53 PM
but frei0r is mandatory dependency for openshot
 
But uh-oh... I like openshot, and frei0r is a mandatory dependency of openshot, so does anybody know whether frei0r really is harmful, or is firefox just being too paranoid, and I should add an exception and proceed...

ponce 10-08-2012 03:15 PM
here clicking on the link under firefox shows no warning (downloads the frior sources)...

slac-in-the-box 10-08-2012 03:17 PM
i guess I'll live dangerously (nothing new), and download it anyways, because I like openshot, and most likely, any malware there would hopefully be directed towards windows...

dugan 10-08-2012 03:19 PM
I looked up Frei0r on Freshmeat, and it gave me the following safe mirror:

http://ftp.dyne.org/.index/index.php...i0r%2Freleases

slac-in-the-box 10-08-2012 03:22 PM
I'm using the 15.0.1 version of firefox that came with slackware64-14.0, and noticed in the "security" pane of its preferences a checkbox for "block reported attack sites"... maybe yours is unchecked, ponce? thanks dugan, I'll try that one, and compare it to the one I dangerously downloaded...

XGizzmo 10-08-2012 03:23 PM
frei0r is not harmful. The website that host frei0r's source code seems to have been blacklisted.
If you are worried about using the site download the source code via wget.

ponce 10-08-2012 03:27 PM
the md5sum of the file is the same of the one on Jaromil's site (I verified the signature too).

Quote:
Originally Posted by slac-in-the-box (Post 4800619)
I'm using the 15.0.1 version of firefox that came with slackware64-14.0, and noticed in the "security" pane of its preferences a checkbox for "block reported attack sites"... maybe yours is unchecked, ponce? thanks
I just tried with it checked, but still no probs.

slac-in-the-box 10-08-2012 03:32 PM
Quote:
the md5sum of the file is the same of the one on Jaromil's site (I verified the signature too).
just verified the same thing :)

I clicked a link that said "why is this site blocked" and this was the report:

Quote:
Safe Browsing
Diagnostic page for piksel.no

What is the current listing status for piksel.no?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 10 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-10-08, and the last time suspicious content was found on this site was on 2012-10-06.

Malicious software is hosted on 2 domain(s), including rrhyiomkc.ns02.info/, qfwjrs.3-a.net/.

This site was hosted on 2 network(s) including AS224 (UNINETT), AS15169 (Google Internet Backbone).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, piksel.no did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

Return to the previous page.
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.

slac-in-the-box 10-08-2012 03:37 PM
Thanks everybody... I guess it's just trivial, and nothing to worry about! I'm moving on.

dc_eros 10-08-2012 05:55 PM
I just installed ffmpeg two days ago with all dependencies installed. Never noticed the warning since I'm using sbopkg :D

But when I visit the download page, I do get the security warning.

ReaperX7 10-08-2012 08:41 PM
I normally never install optional dependencies. Often you can get away with the default dependencies without penalty.


All times are GMT -5. The time now is 08:50 AM.