All password files are bad?
I saw this “interesting” tweet today. It did go into a mini thread but I’ll just sum it up here
As someone who pirates and uploads these files there’s a lot to break down here
But TL;DR this is like throwing the baby out with the bath water.
Not all passworded archives are bad, and there are a lot of legitimate reasons
to upload a passworded file so let’s go over a few of them.
First up though yeah, caution and due diligence is still needed on your part with
anything internet related, if some random just DM's you a link unsolicited with a
password then it might be bad, more so if they don't want to give you the password
right away. But the chances of you, also a random, running into this is rare.
The OP of this tweet was worried about me legitimizing scammers using passworded
files, but again if some random DMs you well yeah use "common sense". I use quotes as common sense is dead, so I guess use your internet street smarts then kids. If it’s too good to be true, then it is. Why is this person DMing me with this at this time? Like no really why. Question everything.
I can't and don't want to speak for scammers but uploaded files in bulk
now days isn’t as hard as you think. if the file is under a few GB then there
are hundreds of free hosts out there, some of them don't even need accounts.
And making an account with a generated email is easy too.
Sure, you can report the link to the file host. But these hosts get thousands
of reports a day, they either already know about it or the bad actor has
already re-uploaded it 50 times to 12 different hosts.
So reporting it will only make you feel better, it won’t do much.
Thoughts and prayers and all.
What was I getting at?.. Right, legitimate pirate reasons.
So why would a pirate put a password on their archive? Well there are a bunch of reasons.
The most common and easiest to explain is link stealing.
Uploaders go through a lot of work to obtain these files, testing and cracking them, package them, upload them, and then maintaining these links, as they will commonly go down within 6~12
months depending on the traffic they are receiving.
All of this is uploaded for free to a forum or other site for you to download for free.
So it sucks when someone comes along, copys your link, sticks it on their site,
there site gets wayyy more hits than yours, the link gets flagged and taken down by the
host. And your sitting there like, hay my link only got 12 hits, why is it down already.
So if someone steals your password link, they would also have to steal your
MobCat@nextgenroms.com
password as well, hopefully giving credit to the uploader
and driving people back to where the link was stolen from.
On the flip side of this, if you steal someone else’s link and upload it to somewhere else,
you have absolutely no control over that link, you have no idea what's in it,
you didn’t pack it, if the link goes down, you’re not going to re-upload it. Nor can you.
You just dumped a link on another forum for quick cloute, and that's a dick move.
I feel like I have rambled a little to much so let’s wrap this up.
Last few reasons would be it's fairly common for windows and even chrome to scan
and auto flag bad files, This is somewhat common with windows game cracks but even then
you need to unpack it to play the game so its not going to stop someone infecting your computer
if they really want to.
Another reason would be the really shit hosts out there that will automatically run scans inside
archives to check for things that violate their ToS, but if this is the case then they will
probably already ban you for other reasons. Legitimate or not. Thankfully these types of hosts are rare and we don’t have to deal with them too much.
and as I alluded to above, uploading your file 50 times to 12 different hosts isn’t that hard now days either.
Passwording an archive isn’t the answer or solution to all problems, it’s just another tool.
This would be like saying that anyone that sends you a base64 encoded link is automatically a virus.
Tools can always be used and abused by stupid people. That’s there right as stupid people.
20221121