Love devs' attitude towards piracy, TruePianos v1.9.8 (audio VSTi plugin)
This message showed when I entered the serial specifically made for pirates. Right now feeling nothing but respect for plugin devs. Next month Imma buy this plugin 100% fixed, need it or don't need it doesn't matter anymore lol.
Although it's not very honorable for developers to intentially create a worse product for people who pay, just to try to prevent a small number of pirated copies to work (which likely won't actually prevent anything).
I meant it more as the company. I'm fully aware the individuals don't have any say. It's still often an internal decision though, but made by the suits, not the people actually creating the thing.
This is what I do with movies. I still, to this day, do not understand what possible purpose studios have for including 3 minutes of copyright warnings and other bullshit ahead of movies that people paid for. Pirates don’t see any of that shit, morons, and the people who are ripping these films already are ignoring the warnings. What the hell?
You would think that in 40+ years of being completely ineffective against pirates and only hurting paying customers they would have learned that that time and money could be better spent elsewhere, but I guess that would imply that the rich are rich because they make good decisions, instead of just being born with good options
Ooh, I usually say luck and timing is what the rich had, but I like "being born with good options" too. Makes more sense since even with luck and timing, still need the means.
I do this with games. A lot of games dont even really get a demo anymore. So its gambling to buy it...
I pirate the games and if i like it i buy it. Generally ill keep playing the pirated version unless it has a multiplayer i want to play as well.
Edit: Can any fellow infosec nerds chime in and say whether this is readable or not? I feel like I just wrote it incoherently because I was stoned. I hope that's what happened anyway, and people pirating software aren't actually this ignorant about network security.
tl;dr: Disgruntled employee wants to make a bunch of easy crypto from the company he hates. cracks contain viruses a non-minimal amount of the time. This turned into a story about an easier way this coworker could be doing it to introduce his own ransomware and get away with it, and then I went into how I would do it if that was the intention.
I have no idea if this is the reason or if OPs colleague really hated scrolling down and clicking Accept. Maybe he just wanted the legit version for himself.
====================
This sounds like a great way to introduce your 2-year-delay ransomware on the company without it being as risky of a charge if you're caught. Only fired for causing a ransomware infection out of neglect and stupidity if caught, just make sure you tell a few coworkers about it.
Although it'd be easier to plug in a USB drive you found in the parking lot with folder [company name blackmail] which contains "[hot male coworkers name] NUDES.zip.ws" and "[hot female coworkers name] NUDES.zip.ws"
Just make sure you buy a throwaway laptop and install a Russian or Chinese language pack and use that as the primary system language when opening the final source code before you add some CN/RU strings in the file and compile. Use Google Lens to translate in realtime from a burner smartphone /e/OS and location disabled. Make 3 drives and toss 2 of them from your car window in hard to find places a week before, with multiple days between. Then on the day you find yours, covertly chuck it from the roadway an hour before opening in the general area you park, and show up 5 minutes early in the spot you usually park. Make sure you always show up somewhat early. Then "notice it" and walk in and plug it in.
Ransomware starts after a 2 day delay, they being in LE and find the others that were dropped. Make sure to use neoprene gloves, as latex can pass fingerprints through.
Haha okay infosec engineer here.... I think this blurb is hard to read maybe a little because you wrote it high and maybe a little because you're overestimating what the average person knows about security.
Your first paragraph there makes sense but it would've definitely benefited from a little additional explanation. I don't think it was super clear you were referring to an insider threat scenario. People probably could've got that by breaking it down a little more, but naturally they jumped to the next part hoping for more context.
But you jumped into a hypothetical alternative means to introduce ransomware to a device. And it's not necessarily that people don't know plugging in strange thumb drives is bad, as you suggested in another comment. It's the jargon (maybe not really jargon but thats the best word that came to mind) you used. You talked about a lot of things a bad actor would do, but the average Joe does not know why you'd be doing most of those things. And even if they do it's still not going to make much sense if they didn't grasp what you were saying in the first paragraph.
But ultimately yes, what you said does make sense if you have some Security knowledge (at least a bit more than just basic awareness training) and break down what you're first paragraph is trying to say.
Seriously? 21 downvotes? Is everyone in the piracy Lemmy completely ignorant and unaware of USB drops? Do you guys not get information security training at work?
I was basically making a story about how OPs colleague could be using cracked programs so the ransomware he coded didn't get him charged, but instead only fired.
I watched Office Space recently and I was high when I wrote it so maybe it didn't come read as well as I thought it did.
P.S. .ws files can be as dangerous as .exe and .com/bat/PS1 if that's what's confusing people.
Well op said "colleague" rather than friend, which I point out only because that is presumably why they made the connection to work.They're referring to using pirated software at work, which could introduce ransomware without you knowing it. Ransomware can remain dormant for extended periods of time, giving it a better chance to evade security controls and spread to other machines.
Unless he cracked it himself, he wouldn't know for a long time if the cracks were malicious or not. When I found an uploader that had so much working software even the smaller more obscure and niche stuff, I tried to stay with him..Eventually I did malware analysis (hobby at the time) and found out he was binding his password manager stealer to the main program or some necessary .dll that was called my the main program.
That was on IPTorrents private tracker, and he was incredibly highly regarded.
I cum in my pants thinking about the number of different accounts he stole over all those years. I was able to access a similar dumb via ftp and hardcore username and password in the downloader, but that uploader has his bound file so crazy hidden.
The rest was high me writing a story about what your coworker could have been doing, Office Space style.