• finitebanjo@lemmy.world
    link
    fedilink
    arrow-up
    51
    ·
    7 days ago

    Do they actually check for viruses, though? I never even thought about it. I always do a VirusTotal run on anything I download from anywhere.

    • unexposedhazard@discuss.tchncs.de
      link
      fedilink
      arrow-up
      35
      arrow-down
      7
      ·
      edit-2
      7 days ago

      Antivirus checking isnt really a thing. It protects only against known, old and basic malware. How would you test for something that isnt known…

      • finitebanjo@lemmy.world
        link
        fedilink
        arrow-up
        56
        ·
        7 days ago

        Pretty sure unknown new vulnerabilities would be used to exploit things like banks and industry, not little timmy’s first porngame, but I guess it’s all a statistical outcome.

        • Björn Tantau@swg-empire.de
          link
          fedilink
          arrow-up
          23
          ·
          7 days ago

          You don’t need any special vulnerabilities to encrypt all of the user’s files or to use their computer as cloud storage for your kiddie porn or to use their computer for a DDOS or to use it as a VPN endpoint or to mine shitcoins or a thousand other things I’m too tired to think of. Little Timmy just has to get creative.

            • Björn Tantau@swg-empire.de
              link
              fedilink
              arrow-up
              14
              ·
              6 days ago

              I believe in Little Timmy. He can do anything he sets his mind to. He shall create the most depraved porn game the world has ever seen and in turn wield the mightiest botnet to ever conquer the web!

    • ZILtoid1991@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      5 days ago

      Likely they do testing for known stuff, you can even get premade malware to attach to your exe files. The main problem is the more custom stuff, which is hard to test for, especially with code obfuscation.

    • ByteOnBikes@slrpnk.net
      link
      fedilink
      arrow-up
      2
      ·
      6 days ago

      I’m mentally trying to process how that would work.

      I’m pretty sure you can literally upload anything. Like I bet I can make a quick game called “I’ll erase your hard drive” and the first thing you do is allow me to get admin/sudo access.

      And that might live in itch until it’s manually removed. (As opposed to automatically)

      • finitebanjo@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        5 days ago

        Technically it is not a malicious program if it asks for permission (and for added security add a nonliability statement the users agree to).

        How it would work is if somebody uploads something the server does a virus check with any kind of antimalware and then any known worms or trojans do not get visibility or just explicitly do not get published at all.