Mods and Security
Posted 12 June 2008 - 09:28 PM
My question boils down to this.
Are there security issues with mods? I have been assuming the most common mods such as Recount, Omen, Pitbull, Xperl, etc are safe.
But people are constantly developing new and interesting mods. I just want to know
1) do they as a rule pose a security risk
2) are there ways to minimize that risk when trying out mods?
Posted 12 June 2008 - 09:54 PM
There are no security problems with mods, you can't get a trojan without running some executable, within the addon, and if you downloaded it from a known source, the chances of having a harmful executable are about 0.01%
AVG is possibly one of the worst anti virus products out there, I recommend eset's nod32
To conclude: The chances are your friends somehow got a virus/trojan during daily computer use, and had nothing to do with downloading mods, that, or they shared their password with other users. You might trust other people, NEVER trust their pcs.
Posted 12 June 2008 - 10:26 PM
forum password: wowlife
WoW passward: wow4lif2e
Bank password: wow4li20f2e
Make sure to do something trickier than just combining 2 short words with a number in the middle of the words as most password crackers will break that quickly.
The most likely cause in recent months of password hacking though is the adobe flash vulnerbility. If they arent running the latest version, they probably got hacked that way.
Posted 13 June 2008 - 12:11 AM
2) A typical mod installation generally involves downloading a zip'd folder with the addon's files in it. Zip files can contain malicious code, but unless it's a self-extracting zip file (.exe or other executable extension) there's no way for this code to be executed without you manually triggering it. So quite simply, don't trust any addon that says it requires you to manually run some file - the ONLY thing you should have to do to install an addon is copy/extract the files out of the zip archive into your WoW\Interface\Addons folder. Everything else should be done inside of WoW.
3) Don't use the same login for addon websites and WoW. If you do so, you're essentially making your security for all of them equal to the weakest link among them, which probably isn't the WoW auth servers.
Posted 13 June 2008 - 12:21 AM
As said above, the mods are all text files which are interpreted by WoW using the LUA language in a sandbox.
There are only two kinds of MMOs: the ones people complain about and the ones nobody plays. (inspired by Bjarne Stroustrup)
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users