this post was submitted on 09 Nov 2024
45 points (89.5% liked)

Humble Bundle

346 readers
1 users here now

Unofficial community for the Humble Bundle website!

Community logo taken from https://www.humblebundle.com/

founded 1 year ago
MODERATORS
 

I tried posting this on Reddit but the mods have to approve it and haven't yet. I'll warn you guys.

I just downloaded the HumbleBundle Programming MEGA Bundle 2024 by Packt via torrent and stored it in my NAS. That system ran a virus check and found the file pragmaticmicroserviceswithcandazure.zip had a virus Win.Packed.Pwsx-10034067-0 in it. Is this common on HumbleBundle? I would expect something like this on a cybersecurity bundle for studying viruses but not on one about microservices. This zip file is for the book Pragmatic Microservices with C# and Azure.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 18 points 1 week ago* (last edited 1 week ago) (1 children)

You're being pedantic. The file extension is .torrent. Lay people call those torrents.

You, yourself just used "tracker" wrong. The tracker is the server hosting the torrent peer list, etc. Not the .torrent file.

And then your followup comment is just you calling the original commenter ignorant. You're not helping at all.

Torrent files contain hashes that verify the contents of the associated files. They are not easy to fake by injecting malware. That would require finding a hash collision so your malware files (plus some padding) hash to the same value found in the legitimate torrent file. That not some easy task to do.

Downloading a torrent file from a legitimate site—and its associated data—is as secure as downloading any file from that same site.