On Thursday, July 15, 2010 15:18:58 Alan Cox wrote: > On Thu, 15 Jul 2010 14:57:16 +0100 Marko Vojinovic <vvmarko@xxxxxxxxx> > wrote: > > It's a hoax, coupled with propaganda. The very same thing happens even if > > you actually use Windows Media Player to play the file, on a Windows > > machine. [snip] > > I didn't try to scan it for viruses/trojans/worms/malware/etc., because I > > believe you cannot get infected by playing a movie in mplayer (unless > > mplayer has some serious security exploit that nobody is aware of). So > > just drop that file and go find a genuine one. > > There have been numerous exploits against video codecs, and fuzz testing > codecs is .. interesting. The players may well have the odd bug but the > codecs tend to parse extremely complex compressed data streams from an > untrusted source, have to do it at high speed and seem to be the main > source of holes. > > Whether a Windows exploit would work on a non Windows box who knows. It > may well be the message is because it contains a trojan that *only* works > in a specific player/codec combination. Right, so this is not propaganda, but rather instructions which player/codec combination is vulnerable to the trojan attack. The user sees the message, tries to play the file in the appropriate player with appropriate codec, and --- sees the same message yet again, but gets infected in the process. Nifty stuff! :-) So, as long as one *doesn't* follow the instructions on the screen, everything is ok. :-) Linux players like mplayer, vlc, and others are most probably immune to this, so no problem there. Luckily, the Windows machine I tried it on is a virtual one (ie. disposable). Best, :-) Marko -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
