October 22, 20214 yr 9 hours ago, Ray Proudfoot said: But if you look at the allowed extensions in the AvSim “Insert other media” there is nothing dangerous in any of them. No exe for example. Spot on. Exactly why I asked for the contents of the link to be posted here @Ray Proudfoot opposed to having to go directly to the users Google Drive Link which exposes me to an unknown destination. Further, some spyware and malicious code is embedded and by the time the link has been clicked you are done and, if it is in an encrypted packet you are screwed unless you have something doing ETA (Encrypted Traffic Analytics) as I happen to have on my network. Notice the https: That is an encrypted link. You aren't going to see what's happening over 443. I have seen some of the largest corporations in the world crippled by a simple link in an email. To say it's not an .exe so it's safe is incorrect and to limit yourself from clicking unknown links to a shared drive from a user you don't know is generally a best practice. Have a Wonderful Day -Paul Solk
October 22, 20214 yr Moderator Paul, If you have AIG then there's a fair chance you have Ai Companion. Avast does not like that exe and each time I run a new version it suspects it and insists on a check. I have no idea what triggers that check but as long as you know and trust the author I'm happy to bypass the check. My weather website gets regular visits from members in China and Russia but despite its http address has never been subject to any attack as far as I know. I'm sure my hosting company would tell me if it was. Weather is pretty benign as well as intersting and I run no adverts. Ray (Cheshire, England). System: P3D v5.3HF2, Intel i9-13900K, MSI 4090 GAMING X TRIO 24G, Crucial T700 4Tb M.2 SSD, Asus ROG Maximus Z790 Hero, 32Gb Corsair Vengeance DDR5 6000Mhz RAM, Win 11 Pro 64-bit, BenQ PD3200U 32” UHD monitor, Fulcrum One yoke, Fulcrum Throttle Quadrant. Cheadle Hulme Weather website.
October 22, 20214 yr 1 hour ago, Ray Proudfoot said: Paul, If you have AIG then there's a fair chance you have Ai Companion. Avast does not like that exe and each time I run a new version it suspects it and insists on a check. I have no idea what triggers that check but as long as you know and trust the author I'm happy to bypass the check. My weather website gets regular visits from members in China and Russia but despite its http address has never been subject to any attack as far as I know. I'm sure my hosting company would tell me if it was. Weather is pretty benign as well as intersting and I run no adverts. I do not have AI companion and don't use AVAST Ray. I use some of the top non consumer security tools in the world as a result of being in this industry for 30 years and working for a company that provides security services and products to Governments, Militaries and virtually all of the Fortune100. Not sure what weather updates have to do clicking an unknown link, especially an encrypted one? Furthermore my FS machine is airgapped from my network anyway. So are all my IOT devices. I think you are missing my point on what I said about HTTPS Ray. I did not say http would be subject to attack although it is certainly more susceptible in practical terms. Also not sure what visitors to a weather website from users in China and Russia indicate? Not every packet and user from those countries is malicious. My point was that the link above is HTTPS hence it is encrypted, hence you will not see the traffic, AVAST can not decrypt it and the packets will not be privy to normal security checks as they are encrypted. I run an ETA to actually monitor the behavior of encrypted traffic because you can't decrypt, inspect and encrypt again. No disrespect but I am not sure what your two examples were supposed to point out or why you would question someone preferring a user to paste the contents of a link directly to Avsim opposed to asking Avsim users to click an encrypted link directing them to another site. Edited October 22, 20214 yr by psolk Have a Wonderful Day -Paul Solk
October 22, 20214 yr I use Flickr for hosting free screenshots. https://www.flickr.com/photos/154944674@N05/51021768068/in/dateposted-public/ Then I klick only show link not the picture as it`s 4K to save Avsim bandwidth. Raymond Fry.
October 22, 20214 yr Moderator 23 minutes ago, psolk said: Not sure what weather updates have to do clicking an unknown link, especially an encrypted one? I only mentioned it as there’s a link in my signature to a non-encrypted site. 25 minutes ago, psolk said: Also not sure what visitors to a weather website from users in China and Russia indicate? Not every packet and user from those countries is malicious. Of course not. I doubt any subversive elements would even be aware of it. 29 minutes ago, psolk said: No disrespect but I am not sure what your two examples were supposed to point out or why you would question someone preferring a user to paste the contents of a link directly to Avsim opposed to asking Avsim users to click an encrypted link directing them to another site. I certainly wouldn’t advise anyone to supply a link to an unknown source. That’s why I suggested he use the option AvSim have made available. Not sure how you came to that conclusion. I only mentioned my weather site as I have a link to it in my signature which is not something many members do. I mentioned Ai Companion simply because it’s unusual for an exe to be classed as suspect by mainstream AV software. I’ll leave it at that as the discussion has drifted off topic. Ray (Cheshire, England). System: P3D v5.3HF2, Intel i9-13900K, MSI 4090 GAMING X TRIO 24G, Crucial T700 4Tb M.2 SSD, Asus ROG Maximus Z790 Hero, 32Gb Corsair Vengeance DDR5 6000Mhz RAM, Win 11 Pro 64-bit, BenQ PD3200U 32” UHD monitor, Fulcrum One yoke, Fulcrum Throttle Quadrant. Cheadle Hulme Weather website.
Archived
This topic is now archived and is closed to further replies.