Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Downloaded files on outdated Safari. Problem?


  • Please log in to reply
5 replies to this topic

#1 bigbrown411

bigbrown411

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 29 December 2014 - 02:08 AM

As the title reads, I have about 40gb of files that I downloaded on an outdated version of Safari and I intend to back them up on one of the hard drives. I'm paranoid that because I downloaded these files on an outdated version of Safari, they might corrupt all the other files on my external hard drive or something. I've done virus scans and the files appear to be fine, but I'm still paranoid. To my knowledge, having an outdated browser does is increase the risk of you getting hacked or something. It has nothing to do with whatever you do on the internet, correct? Is there any problem with my backing up these files on my external hard drive even though I downloaded them on an outdated version of Safari. By the way, these are video, picture, and music files.

Edited by Orange Blossom, 29 December 2014 - 02:45 AM.
Moved to more appropriate forum. ~ OB


BC AdBot (Login to Remove)

 


#2 bigbrown411

bigbrown411
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 29 December 2014 - 02:13 AM

Title was: Downloaded files on wi-fi in apartment. Problem.
 
I want to backup some files I downloaded on a wi-fi connection while I was in an apartment with 6 other tenants, but I'm concerned about the possibility that these files might be hacked or corrupted in some sort of way and they might corrupt the files I have on my external hard drive. Is this a real concern/issue or am I just crazy? Also, does it matter if you downloaded on a wi-fi or ethernet connection while in an apartment? Are the levels of safety the same?

Edited by Orange Blossom, 29 December 2014 - 02:43 AM.
Merged topics. ~ OB


#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:08:02 AM

Posted 29 December 2014 - 02:34 AM

I want to backup some files I downloaded on a wi-fi connection while I was in an apartment with 6 other tenants, but I'm concerned about the possibility that these files might be hacked or corrupted in some sort of way and they might corrupt the files I have on my external hard drive. Is this a real concern/issue or am I just crazy? Also, does it matter if you downloaded on a wi-fi or ethernet connection while in an apartment? Are the levels of safety the same?


Does your Internet connection (be it WiFi or ethernet) have WPA2 encryption and strong password? If it does, your downloads should be fine.

And no, I don't think you're crazy. Security issues are a very real thing  :spider:

Edit: Ooops typo

Edited by Alexstrasza, 29 December 2014 - 02:34 AM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,467 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:02 AM

Posted 29 December 2014 - 07:07 AM

...Is there any problem with my backing up these files on my external hard drive even though I downloaded them on an outdated version of Safari. By the way, these are video, picture, and music files.

The safest practice is not to backup any executable files (*.exe), screensavers (*.scr), (*.pdf), dynamic link library (*.dll), .ini, .bat, .com, .cmd, .msi, .pif, or script files (.php, .asp, .htm, .html, .xml) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executables inside them as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may even disguise itself by hiding a file extension or by adding double file extensions and/or space(s) in the file's name to hide the real extension as shown here (click Figure 1 to enlarge) so be sure you look closely at the full file name. If you cannot see the file extension, you may need to reconfigure Windows to show file name extensions. Then make sure you scan the backed up data with your anti-virus prior to to copying it back to your hard drive.

If your CD/DVD drive is unusable or there isn't one installed, another word of caution if you are considering backing up to an external usb hard drive as your only alternative. External drives are more susceptible to infection and can become compromised in the process of backing up data. I'm not saying you should not try using such devices but I want to make you aware of all your options and associated risks so you can make an informed decision if its worth that risk. Again, do not back up any files with the following file extensions with your personal data files: .exe, .scr, .pdf, .bat, .com, .cmd, .msi, .pif, .ini, .htm, .html, .hta, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:02 AM

Posted 29 December 2014 - 01:46 PM

What kind of WiFi network was this, what encryption was used?

 

When you initially connected to that Wifi network, what network location did you give it? Home, Work, Public?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#6 rp88

rp88

  • Members
  • 3,014 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:02 AM

Posted 30 December 2014 - 12:29 PM

Personally i can't foresee a problem with this. An outdated browser will make you more vulnerable to drive-by and exploit type attacks, but unless you got attacked and exploited at some point while using it then you should be fine. When you are downloading files the risk of files you deliberately save onto your hard-drive being infected ones is the same whatever browser you are using. I would suggest you go ahead and backup the files, but if you are concerned back them up to a new dxternal drive just-in-case so you don't have to take any risks (however small) with the old drive full of existing backups. You should howver update your browser at the first opportunity to give yourslef better defences against exploit based attacks.


As far as the risk of these files having been harmed/corrupted/infected because you were working on a shared wi-fi connection at the time, that is also unlikely but probably possible. Attacks done over wi-fi would usually either be attempts to snoop on passwords you were sending out to the internet when you logged into websites, rather than attempts to infect files you were downloading.

As these files are images, audio and video files thye should NOT BE ABLE to contain any dangerous viral code BUT there is a chance that they might be files specifically crafted to exploit vulnerabilities that exist in the software used to open the files, for example a jpg image usually cannot execute any code, but if an attacker spent months reverse engineering the programming of (for example) microsoft paint to see it's underlying code, and then months more looking through it for bugs in the code and some months after that to craft a jpeg which could exploit those bugs, then he could develop an image file with an executable viral code hidden inside. And in this case when you opened the jpg in paint the file would run it's nasty code and infect you. These type of attacks are fairly rare but have happened. The same could be done to design a specially crafted avi file than might exploit something in VLC media player, or a wav file that might exploit a bug in windows media player, or a pdf file that could exploit a bug in adobe reader, or in chrome's pdf viewer.

Usually though viruses are exe, scr, bat, com, msi or pif files. Unless you deliberatly went to download a program from a source you trust and can be sure the file you wanted was the one you downloaded (and that you weren't tricked by fake download buttons) and you can be sure that the exe file you are now noticing in a folder somewhere is exactly the one you downloaded to the folder you wanted it in then exe files should be treated as suspicious and not backed up, certainly not opened. You should set windows to display full file extensions for known file types, because attackers often use a double extension to disguise exe files as safe® image, video or audio formats.

My advice in this situation would be:
1.check through all the files you downloaded for exe, scr, com, bat, or pif files and delete them.
2.scan everything with your main antivirus and then with a second opinion scanner
3.back the files up to a new external drive so your old one full of exisitng backups is not put at any risk
4.when you plug the external drive into other computers of your in future make sure that the computer has autorun and autoplay turned OFF.
5.if you ever copy files from the drive to another machine make sure to scan it all first, preferably with a different antivirus to the one's it has previosuly been scanned with.

I would suggest it is usually safe to back up compressed archive formats (zip, rar, 7z) but you should check there is nothing saved in them which shouldn't be (basically any of the executable file types, if one of those is in there then delete the arhcive immediately. If an archive does become infected then (i would assume) it is only a risk if you unzip the arhcive and then run one of the exe files which was smuggled into it, merely having the archive file is not particularly dangerous as the stuff inside can't harm you unless you open it and then run an executable file type from inside.

Edited by rp88, 30 December 2014 - 12:31 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users