this may be a dumb question but how secure is this? can a key-logger be hidden in a lua script for example? or some other kind of malware? with the posts about hacked accounts i may be a bit paranoid here but i'd feel better knowing more info on this.
March is national target forward healing month! do your part!
this may be a dumb question but how secure is this? can a key-logger be hidden in a lua script for example? or some other kind of malware? with the posts about hacked accounts i may be a bit paranoid here but i'd feel better knowing more info on this.
A pure Lua script (that is, those without a helper program) is completely safe. Those are executed in a sandbox that Turbine set up, in exactly a manner defined by Turbine, and cannot break out of their sandbox. The vast majority of plugins fall into this category.
Anytime you have a plugin that requires a helper program, that is, a plugin that requires another program to be running along side LotRO, are not necessarily safe. As far as I know, all of the helper programs are safe, but this is where the nasty stuff would be. Currently, this is the DPS charts and a few other plugins.
A general rule of thumb..... if all the plugin needs you to do is unzip it, and plop it in the plugins folder before you can use it, it's going to be a safe plugin. On the other hand, if a plugin requires you to drop it in the plugins folder AND run another program so it can function, then I'd be wary.
A pure Lua script (that is, those without a helper program) is completely safe.
The script itself is safe as long as it is pure Lua script. The acquisition of the script may compromise your system and account. The download file may have a infection source included in it. You get a Lua download that not a zip file - instead an installer. Or the zip contains other stuff like flash videos, Office documents or executable files be wary.
One of the common ways of compromising people's PC is to attack a web site. You can get infected during the page loading process.
Unless stated otherwise, all content in this post is My Personal Opinion.
The script itself is safe as long as it is pure Lua script. The acquisition of the script may compromise your system and account. The download file may have a infection source included in it. You get a Lua download that not a zip file - instead an installer. Or the zip contains other stuff like flash videos, Office documents or executable files be wary.
One of the common ways of compromising people's PC is to attack a web site. You can get infected during the page loading process.
Yeah, but if it's coming from somewhere like http://www.lotrointerface.com/, I would say safe enough not to give security a second thought, because each download is reviewed before it is published. Every plugin I've seen off of that site is a zip file.
Here what I am scared of. Player A Tell other Players You need So so Plug in with Application. Yet unknown to the Other Players. Players A set a Bug or Virus into a good application or Player A think a Safe website downloads it. Says you can download from So and so Site. (Not talking about http://www.lotrointerface.com/) but a unknown site. It Take your User info. Collect all your PW Nick and so on. Or like World of warcraft. Your sent a website. that Looks close to lotro Or the Famus email Your password need to be changed. Go to this Unknown link to change it. Player B go oh ok. Trys to change it. Then the next Day all his Stuff is gone.
There have been virus problems due to downloading plugins for other games. It's just a matter of time before lotro and lotrointerface get targetted, if they haven't already. It's safest to play the game without the plugins.
What did you download? What gave you the red flag?
There could be a possible user conflict if the author didn't flag user rights correctly (a very rare, but possible problem with Windows).
Here the url Combat Analysis http://www.lotrointerface.com/downlo...nfo.php?id=502. I wanted to see How much space the Program use on screen. For me being on Two differnt Laptops a Alienware M11x laptop and a gateway 15.6 laptop. It take alot of space. Little room from Viewing for real combat. Guessing by looking at a Raid it would be less space.
The one program I will be showing a friend becuse he a lotro nitwit is the Buffbar. At least you can adjust the size of the program. Basicly when to use heal pot and Moral pots lol.
Only once has Lotrinterface been attacked and infected other Authors skins with a trojon horse program but that was immediate taking care of and since then they have installed security measure's.
Since then there haven't been a compromise to the site or user plugins or skin mods since then.
The only site that I can think of that gets more attacks is their wowinterface section but this is only my opinion.
We have been running our sites for 8+ years now (since 2002) and have only once had a problem with a malicious upload becoming available to the public. This was in 2007. It was a complete fluke and we immediately informed the public as to the problem, as well as putting into place additional security measures beyond everything we had previously. The malicious files were removed from the site in less than 15 minutes from when we were first made aware of the problem, within 3 hours of them having gotten through our protections. Also, please note that the malicious files were ONLY on our WoWInterface site, nothing was actually compromised on any of our other sites, including LotROInterface.
Every file that is uploaded to our site, whether new or update of an existing file, is manually checked by myself or one of our staff to verify what types of files are in the upload, as well as running virus checks on it, before they are released for download by the public. As well, we have automatic virus scans that run on our complete database every night.
As mentioned by others, a pure addon can not hack your account. They are nothing more than text files, and potentially graphic files depending on the addon. In order for there to be something that can attack your account, it requires some form of an executable file. If all it has in it is .lua, .xml, .doc or .txt, .png or .tga files, they can't hurt your system. It would have to be .exe, .vbs, etc in order for it to put a malicious file on your system.
All of that said, you should always be careful when using addons. Make sure you only ever download from reputable sites. Run your own virus check on any files you download. Be extremely careful if you choose to use any form of executable files.
Senior Member Online status:
Reputation:
Grand Member Online status:
Originally Posted by Hetweith
Post Master Online status:
Reputation:
Senior Member Online status:
Counter of Stairs Online status:
Reply With Quote
Posting Permissions
