Warning! Stacer is Malware!
Warning! Stacer is Malware!
I hope I am posting this in the correct section. If not please move to where it belongs. I just came across watching a video on Invidious of Stacer. Looks like an interesting cool application. I installed it from Souceforge since it wasn't available in any of the MX Linux or Debian or Flatpaks repositories. Looks like a good application to add to the repository if the MX Linux developers see fit to do so. https://sourceforge.net/projects/stacer/
Last edited by Mauser on Wed May 22, 2019 9:05 pm, edited 2 times in total.
I am command line illiterate. I copy & paste to the terminal. Liars, Wiseguys, Trolls, and those without manners will be added to my ignore list.
Re: Stacer
this is an older post about stacer viewtopic.php?f=108&t=42228
Re: Stacer
By the way. I made a mistake suggesting that Stacer be added to the MX Linux repos. Don't add it because Stacer will break the volume selector for your keyboard. Thanks to Stacer my volume control on my keyboard no longer works. I can only adjust the volume with the mouse. I also found out that Stacer removed the keyboard shortcuts and changed file permissions on me which makes Stacer Malware. I got my shortcuts back and file permissions straightened out. Still no volume control from the keyboard.
I am command line illiterate. I copy & paste to the terminal. Liars, Wiseguys, Trolls, and those without manners will be added to my ignore list.
Re: Warning! Stacer is Malware!
The AppImage version of Stacer works just fine. But as I don't have a laptop and my desktop computer's keyboard doesn't have volume control keys on it, I can't tell you anything about how Stacer affects that. I don't think it's very nice to label it malware because it may have caused a problem on one computer though, especially without filing a bug report with the Stacer dev first. Just because it may have broken your volume control doesn't necessarily mean that it breaks it for everyone.
Please read the Forum Rules, How To Ask For Help, How to Break Your System and Don't Break Debian. Always include your full Quick System Info (QSI) with each and every new help request.
- spanizdogs
- Posts: 44
- Joined: Sun Oct 15, 2017 5:51 am
Re: Warning! Stacer is Malware!
I did just a test with Appimage of Stacer on a labtop Toshiba Satellite Pro .
All media buttons/key's working (clementine). No remapping by Stacer of the keyboard.
I did't try the repo version.
All media buttons/key's working (clementine). No remapping by Stacer of the keyboard.
I did't try the repo version.
Arcolinuxb I3 xfce.
Re: Warning! Stacer is Malware!
I had Stacer running a while back and to be honest I had no problem with it at all, and it uninstalled cleanly for me. If I discover something that gets my curiosity and it's not in the repo's, I'll always go to Github and download from there if I decide I trust it. At least that way, you have the option to review the code or/and read the comments of the users and the dev(s) rather than relying on a 3rd party download site, although in this case, Skidoo showed in his post on another thread that the sourceforge download was legitimate. I think in this case Mauser, you were unlucky that the program wiped-out some settings. Other than that, it's a nice slick utility with a pretty interface, but technically it doesn't really do anything extra that can't be done through the terminal, but it does put it all in one place for convenience I suppose.
Re: Warning! Stacer is Malware!
another day, another same ol' same...
Malware?
methinks you're wrongfully defaming sourceforge.
Congrats on solving, but this smells like a too-typical example of the consequences
from engaging in instantgrabification, didntreadthefinemanual behavior.
Hurr Durr, iwannapony an' sourceforge ain't zackly a PPA, so eveething should be fine, right...
Really?Keyboard volume control got broken by Stacer [Solved]
Post by Mauser » Wed May 22, 2019
http://forum.mxlinux.org/viewtopic.php?f=104&t=50456
I got that Malware from Sourceforge
Malware?
methinks you're wrongfully defaming sourceforge.
Congrats on solving, but this smells like a too-typical example of the consequences
from engaging in instantgrabification, didntreadthefinemanual behavior.
Hurr Durr, iwannapony an' sourceforge ain't zackly a PPA, so eveething should be fine, right...
Re: Warning! Stacer is Malware!
https://github.com/oguzhaninan/Stacer/issues
zero reports of malware / adware / badware
anyhow, let's compare the served-by-github debfile vs the project's served-by-AWS debfile:
https://sourceforge.net/projects/stacer/files/v1.1.0/stacer_1.1.0_amd64.deb/download
$ sha512sum stacer_1.1.0_amd64.deb
19bcb87f3d99ce090ab1fb917f65f7dd74f0b1e4fc19272eae0ad8d5c66d3dbe53cbdb50841bbd9a0e16f03201cd6cc5f0bc1a57eda41fd096ed275cf762d84a stacer_1.1.0_amd64.deb
---------------------------------------------------------
https://github.com/oguzhaninan/Stacer/releases
https://github.com/oguzhaninan/Stacer/releases/download/v1.1.0/stacer_1.1.0_amd64.deb
^--- redirect ---v
https://github-production-release-asset-2e65be.s3.amazonaws.com/72979287/49435c80-7522-11e9-921b-a9445444247a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20190523%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20190523T195057Z&X-Amz-Expires=300&X-Amz-Signature=67753ea03f6d3ea25a149e4e409c224b688f0b52ce9d5f7639d50d1c8940317f&X-Amz-SignedHeaders=host&actor_id=11653911&response-content-disposition=attachment%3B%20filename%3Dstacer_1.1.0_amd64.deb&response-content-type=application%2Foctet-stream
$ sha512sum stacer_1.1.0_amd64.deb
19bcb87f3d99ce090ab1fb917f65f7dd74f0b1e4fc19272eae0ad8d5c66d3dbe53cbdb50841bbd9a0e16f03201cd6cc5f0bc1a57eda41fd096ed275cf762d84a stacer_1.1.0_amd64.deb
zero reports of malware / adware / badware
anyhow, let's compare the served-by-github debfile vs the project's served-by-AWS debfile:
https://sourceforge.net/projects/stacer/files/v1.1.0/stacer_1.1.0_amd64.deb/download
$ sha512sum stacer_1.1.0_amd64.deb
19bcb87f3d99ce090ab1fb917f65f7dd74f0b1e4fc19272eae0ad8d5c66d3dbe53cbdb50841bbd9a0e16f03201cd6cc5f0bc1a57eda41fd096ed275cf762d84a stacer_1.1.0_amd64.deb
---------------------------------------------------------
https://github.com/oguzhaninan/Stacer/releases
https://github.com/oguzhaninan/Stacer/releases/download/v1.1.0/stacer_1.1.0_amd64.deb
^--- redirect ---v
https://github-production-release-asset-2e65be.s3.amazonaws.com/72979287/49435c80-7522-11e9-921b-a9445444247a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20190523%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20190523T195057Z&X-Amz-Expires=300&X-Amz-Signature=67753ea03f6d3ea25a149e4e409c224b688f0b52ce9d5f7639d50d1c8940317f&X-Amz-SignedHeaders=host&actor_id=11653911&response-content-disposition=attachment%3B%20filename%3Dstacer_1.1.0_amd64.deb&response-content-type=application%2Foctet-stream
$ sha512sum stacer_1.1.0_amd64.deb
19bcb87f3d99ce090ab1fb917f65f7dd74f0b1e4fc19272eae0ad8d5c66d3dbe53cbdb50841bbd9a0e16f03201cd6cc5f0bc1a57eda41fd096ed275cf762d84a stacer_1.1.0_amd64.deb
- Head_on_a_Stick
- Posts: 919
- Joined: Sun Mar 17, 2019 3:37 pm
Re: Warning! Stacer is Malware!
I've just tried the github .deb in my buster system, it seemed to work fine and didn't cause me any problems.
Nice application, if you like that sort of thing.
Nice application, if you like that sort of thing.
mod note: Signature removed, please read the forum rules
Re: Warning! Stacer is Malware!
FYI, and to clarify: no, I don't favor these bloatware applications & absolutely would not recommend stacer.Nice application, if you like that sort of thing.
What tripped muh trigger here was the wrongful defamation of sourceforge.
The site, under new ownership these past few years, has really tried to cleanup its act & the CEO has participated in the various linux-related subreddits, fielding in-the-trenches questions, and (empathisizing with but) refuting recent allegations, and defending against historical FUD dregded up by donttrytoconfusemewiththefacts detractors.
Considering that google.code threw in the towel due to that hassle of _attempting_ to screen for malware (and stubbed inject-it-later installers), along with the curl|sudo c'est la vie attitude among the growing horde of iwannapony users (and devs pushing warez via golang//pip//etc sudo-permissioned "module" install+ auto-updates)... it's unreasonable to expect that any freehosting site can successfully remain entirely malware-free.