• const_void@lemmy.ml
    link
    fedilink
    arrow-up
    41
    ·
    1 year ago

    No idea why folks still use stuff like this when there are open source alternatives like 7zip and Nana Zip.

    • rhabarba@feddit.deOP
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      I use WinRAR (as a switch from 7-Zip) because it works well enough, is fast and stable and has good compression. For me, switching to another Windows archiver would have no merit.

        • TheMadnessKing@lemdro.id
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          Honestly, this is like the first time I heard WinRAR has this big security vulnerability. But I am still planning to stay on WinRAR given its easy to use UI and unlimited free trial.

          • dan@upvote.au
            link
            fedilink
            English
            arrow-up
            16
            ·
            edit-2
            1 year ago

            There’s barely any CVEs on that page. It’s likely a security researcher did some fuzzing of the executable and found a few issues at once.

            Have you looked at how many vulnerabilities there’s been in things like Windows, MacOS, Chrome, etc?

              • dan@upvote.au
                link
                fedilink
                English
                arrow-up
                11
                ·
                1 year ago

                The point is that there is no software without vulnerabilities.

                Definitely true, but that conflicts with this:

                Coincidentally, security was one of the reasons to uninstall 7-Zip.

                If you uninstalled software because of security, you wouldn’t have any software left :)

                • rhabarba@feddit.deOP
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  1 year ago

                  Also true. I was probably too impatient when I bought a WinRAR license over night. But now I have it and I use it. :-)

      • null@slrpnk.net
        link
        fedilink
        arrow-up
        6
        ·
        1 year ago

        Is WinRAR really faster, more stable, and has better compression than 7-Zip? I haven’t used WinRAR in probably over a decade at this point.

        • rhabarba@feddit.deOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          It depends. The RAR5 format used by newer WinRAR versions (the “old” one is still supported just well) can have smaller archives than 7z, but the opposite is also true. Still, yes, WinRAR is in my experience faster and more stable.

          (Note that “as small as possible” is not usually the most relevant point. The best compression is currently reached with the ZPAQ format, but using it with maximum compression settings is painfully slow.)

  • style99@kbin.social
    link
    fedilink
    arrow-up
    9
    ·
    1 year ago

    In a report released today, researchers from Group-IB said they discovered the WinRAR zero-day being used to target cryptocurrency and stock trading forums, where the hackers pretended to be other enthusiasts sharing their trading strategies.

    These forum posts contained links to specially crafted WinRAR ZIP or RAR archives that pretended to include the shared trading strategy, consisting of PDFs, text files, and images.

    I see an “invest in bitcoin” and I immediately think caveat emptor.

    • rhabarba@feddit.deOP
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Gee, I wonder whether it’s possible to have zero-day exploits on Linux and 7-Zip.

      • torafugu@artemis.camp
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        It is, but Linux has such a low desktop usage share that it wouldn’t really be considered as a target for hackers. I believe that hackers really only target Linux servers, not desktops.

        • rhabarba@feddit.deOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          How would a hacker even notice the difference between a Linux server and.a Linux desktop? Those are the same thing.

      • Kes
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Barely anyone uses Linux, and among those who do, distros vary wildly enough between each other to the point of breaking viruses that it’s just not worth the effort to make viruses for them compared to Windows or Mac