An OPSEC community would probably say no, so I probably don't need to ask in those communities. But I'm curious about a (digital) pirate's perspective on this issue...

I mean, the sources listed here are supposedly "safe" right? But honestly, how much would you trust these "safe" sources?

When doing sensitive tasks like banking or filing taxes, do you:

Use a different OS on the same machine? (Dualboot)
Or put the pirated content inside a virtual machine?
Or just use a completely separate computer?

And since PC is much different than a Smartphone:

Would the extra sandboxing on Smartphones make pirating games on a Smartphone much safer compared to on a PC? (Not that there are much mobile games worth playing, just curious)

(PC in this context referring to all personal computers, regardless of OS)

And last question:

Non-installed/non-executable files such as .mp4 .mkv .mp3 .pdf .epub, are mostly safe right? I mean, you are using another program to opening it, not executing a file, there aren't much attack vectors as long as the video player / ebook viewer is up to date right? (Or am I understanding it wrong?)

you are viewing a single comment's thread
view the rest of the comments

[–] ReversalHatchery@beehaw.org 8 points 5 days ago

pdf files can contain javascript code that can run when it is opened. but when using complex formats (I think almost all video files, pdfs), it can happen that the software that understands it makes mistakes when reading it and making sense of it, and an attacker tries to make use of this to trick your software into doing something that wasn't intended by its creator. this is how it can happen that an mp4 file (or mkv, others, ...) cannot contain executable code (according to specification), and yet it can

in the case of pdf files, bundled fonts may be another source of problems