this post was submitted on 07 Jun 2024
71 points (92.8% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54746 readers
253 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
 |
 |
|---|---|
| Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
In general media files can be formed in a way to trigger some bug in the media player, sometimes in ways that allow to overflow buffers and start ROP chaining.
About 8 years ago there was this media file going around crashing any iPhones that tried to play it with the integrated player.
Of course crashing is way easier than code execution. So overall your scenario is unlikely. VLC also does not yet know of any issues with 3.0.20: https://www.videolan.org/security/
When was the last time VLC paid $50K USD for a proper security audit?
Probably never?
Next you're gonna be judging cars on their ability to float.
Open source follows an entirely different risk model (and arguably much more effective than throwing money at greedy companies)