And then call it “critically important for everyone” when it only affects the users of one particular tool (which used to be popular 20 years ago, but is one a decline ever since).
First of all, this was already posted in Lemmy several times in several places. Just because it’s a critical vulnerability doesn’t mean you keep reposting it every month - just how long will you keep reposting it?
Also, hardly anyone uses WinRAR these days, so this isn’t really as important as you make of it. Your post may have been relevant when the zero-day came out, but a month later - no one cares.
I never reposted it. I have only posted for the first time, and there are far too many users that still say their WinRAR version is 5.x to this day. I do not think you understand how popular WinRAR is, and how many users exactly use it. Even on Linux via WINE it works perfectly, so the userbase is massive. RAR format is also popular enough, and the exploit for RAR 3.x archives is common enough because a lot of the stuff on internet is packaged in the RAR 2/3/4 format.
You didn’t, but it was posted by others. Posting about a critical vulnerability a whole month later is pointless. If this was acceptable then we’d see people constantly posting outdated news stories for critical vulnerabilities in other apps weeks or months after it’s been published, which doesn’t make sense. Admit it, you made a mistake in posting this - you didn’t check the date and thought it was a new article, right? Otherwise why would you post about this a month later?
Because WinRAR is popular and I have not seen it posted as much? My motive was to spread awareness, because of its sheer popularity. I see no harm in this.
This CVE being a month old does not mean its an outdated thing, because the potential of users getting affected is massive. Too many RAR 3.x and older packaged archives circulate around the world, and WinRAR does not automatically update for people, unless you are a techie that uses winget or choco.
I remain on top of such news usually, and if I missed it, there is a very good chance many have. Yes, I see myself as a benchmark of sorts, considering how seriously I treat and advocate privacy and security. If you want to just look good for calling me as a mod out, it is very unnecessary, unless there is some malicious intent or a low effort post being made.
Edit: you say it was posted “a lot” on Lemmy. But I only see one post each on Beehaw and Lemmy.world, which, for a CVE of this potential is… very bad? This news should have been plastered all over in relevant tech subs for maximum awareness.
because the potential of users getting affected is massive.
Except, it’s not actually popular these days, and therefore, it doesn’t really warrant reposting such old and irrelevant news. And my earlier point still stands - what you posted is basically a repost. Just because you missed it doesn’t mean others have, nor does it justify it.
You probably won’t believe me that WinRAR isn’t popular, so I made a poll just for this - you can see for yourself that not many people here actually use WinRAR.
Do you realise WinRAR has over half a billion users? Your personal poll, assuming 20-30 votes, will not change that fact. 7-Zip has lesser users because WinRAR has been a full featured archiver since over a decade with a pretty GUI.
The average user that uses Windows installs and uses software in this order -> Chrome/Firefox, VLC, WinRAR, MS Office, Zoom/Discord/Teams, then rest of the stuff. No matter what large software downloading website you check (Softpedia, Majorgeeks, Techspot, Filehorse, Filehippo), the most popular downloaded software will have these at the top. Photoshop, IDM and Avast are also similarly popular.
You have no idea about general user security and popular software demographics.
Do you realise WinRAR has over half a billion users
Citation needed. But regardless, these users are clearly not on Lemmy. This is about relevance to Lemmy users, and the poll reflects how relevant WinRAR is for them.
No matter what large software downloading website you check (Softpedia, Majorgeeks, Techspot, Filehorse, Filehippo), the most popular downloaded software will have these at the top.
That’s not really a valid metric, because these sites only show the total downloads, and don’t display recent numbers. WinRAR may have been popular 10 years ago, but they don’t show how many users downloaded it in the last year or whatever, so those numbers are meaningless.
You have no idea about general user security and popular software demographics.
I’ve been a Windows sysadmin for 11+ years and used computers since the days of MSDOS, so don’t tell me I don’t know software demographics. It’s you who is out of touch. Besides pirates, I’ve haven’t seen anyone still actually use WinRAR in the wild. The average user just doesn’t have a need for WinRAR - Windows already creates and opens zip files, and that’s all they need, because everyone else uses mainly zip files these days. And in offices, where they may need to transfer password protected files, they may ocassionaly use 7zip (due to its more secure encryption). But that’s all. Excluding Linux and Mac users, Windows users mainly only use .zip and .7zip these days (once again, excluding pirates).
I thought there was yet another WinRAR vulnerability, but turns out this is old news - why did you repost an article from last month?
And then call it “critically important for everyone” when it only affects the users of one particular tool (which used to be popular 20 years ago, but is one a decline ever since).
Many people still do not know, and it is the only vulnerability in recent years.
First of all, this was already posted in Lemmy several times in several places. Just because it’s a critical vulnerability doesn’t mean you keep reposting it every month - just how long will you keep reposting it?
Also, hardly anyone uses WinRAR these days, so this isn’t really as important as you make of it. Your post may have been relevant when the zero-day came out, but a month later - no one cares.
I never reposted it. I have only posted for the first time, and there are far too many users that still say their WinRAR version is 5.x to this day. I do not think you understand how popular WinRAR is, and how many users exactly use it. Even on Linux via WINE it works perfectly, so the userbase is massive. RAR format is also popular enough, and the exploit for RAR 3.x archives is common enough because a lot of the stuff on internet is packaged in the RAR 2/3/4 format.
You didn’t, but it was posted by others. Posting about a critical vulnerability a whole month later is pointless. If this was acceptable then we’d see people constantly posting outdated news stories for critical vulnerabilities in other apps weeks or months after it’s been published, which doesn’t make sense. Admit it, you made a mistake in posting this - you didn’t check the date and thought it was a new article, right? Otherwise why would you post about this a month later?
Because WinRAR is popular and I have not seen it posted as much? My motive was to spread awareness, because of its sheer popularity. I see no harm in this.
This CVE being a month old does not mean its an outdated thing, because the potential of users getting affected is massive. Too many RAR 3.x and older packaged archives circulate around the world, and WinRAR does not automatically update for people, unless you are a techie that uses winget or choco.
I remain on top of such news usually, and if I missed it, there is a very good chance many have. Yes, I see myself as a benchmark of sorts, considering how seriously I treat and advocate privacy and security. If you want to just look good for calling me as a mod out, it is very unnecessary, unless there is some malicious intent or a low effort post being made.
Edit: you say it was posted “a lot” on Lemmy. But I only see one post each on Beehaw and Lemmy.world, which, for a CVE of this potential is… very bad? This news should have been plastered all over in relevant tech subs for maximum awareness.
Except, it’s not actually popular these days, and therefore, it doesn’t really warrant reposting such old and irrelevant news. And my earlier point still stands - what you posted is basically a repost. Just because you missed it doesn’t mean others have, nor does it justify it.
You probably won’t believe me that WinRAR isn’t popular, so I made a poll just for this - you can see for yourself that not many people here actually use WinRAR.
Do you realise WinRAR has over half a billion users? Your personal poll, assuming 20-30 votes, will not change that fact. 7-Zip has lesser users because WinRAR has been a full featured archiver since over a decade with a pretty GUI.
The average user that uses Windows installs and uses software in this order -> Chrome/Firefox, VLC, WinRAR, MS Office, Zoom/Discord/Teams, then rest of the stuff. No matter what large software downloading website you check (Softpedia, Majorgeeks, Techspot, Filehorse, Filehippo), the most popular downloaded software will have these at the top. Photoshop, IDM and Avast are also similarly popular.
You have no idea about general user security and popular software demographics.
Also, go figure. I have a whole guide on Linux/Windows computing that covers users of all skill levels. https://lemmy.ml/post/511377?scrollToComments=true
Citation needed. But regardless, these users are clearly not on Lemmy. This is about relevance to Lemmy users, and the poll reflects how relevant WinRAR is for them.
That’s not really a valid metric, because these sites only show the total downloads, and don’t display recent numbers. WinRAR may have been popular 10 years ago, but they don’t show how many users downloaded it in the last year or whatever, so those numbers are meaningless.
I’ve been a Windows sysadmin for 11+ years and used computers since the days of MSDOS, so don’t tell me I don’t know software demographics. It’s you who is out of touch. Besides pirates, I’ve haven’t seen anyone still actually use WinRAR in the wild. The average user just doesn’t have a need for WinRAR - Windows already creates and opens zip files, and that’s all they need, because everyone else uses mainly zip files these days. And in offices, where they may need to transfer password protected files, they may ocassionaly use 7zip (due to its more secure encryption). But that’s all. Excluding Linux and Mac users, Windows users mainly only use .zip and .7zip these days (once again, excluding pirates).