Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book Software > Calibre

Notices

Reply
 
Thread Tools Search this Thread
Old 04-06-2019, 12:09 PM   #16
stumped
Wizard
stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.
 
Posts: 1,283
Karma: 1553800
Join Date: May 2016
Device: Samsung tab s , fire HDX 8.9, fire hd 8
Quote:
Originally Posted by FrustratedReader View Post
...

How does malware get on a computer? Either via the Web Browser or plugged in storage..
and via gullibility / social engineering. clicking on free porn links or other clickbait - opening strange emails.....
stumped is offline   Reply With Quote
Old 04-06-2019, 04:00 PM   #17
BetterRed
null operator
BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.
 
Posts: 12,798
Karma: 10793226
Join Date: Mar 2012
Location: Sydney Australia
Device: none
↑ ↑ ↑ ✔️

@FrustratedReader - I'm a volunteer for a community service provider that targets the disabled and elderly. As such, I have probably eradicated at least a 100 malware infestations on various computers. I'd say 70% came from email attachments, and 20% from software downloads - I can't recall ever tracing one to a USB stick or direct intrusion.

BR
BetterRed is online now   Reply With Quote
Old 04-06-2019, 04:22 PM   #18
theducks
Well trained by Cats
theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.theducks ought to be getting tired of karma fortunes by now.
 
theducks's Avatar
 
Posts: 22,959
Karma: 24012240
Join Date: Aug 2009
Location: (The original) Silicon Valley, USA
Device: K4NT, Galaxy Tab A, Kobo Aura2
Quote:
Originally Posted by BetterRed View Post
↑ ↑ ↑ ✔️

@FrustratedReader - I'm a volunteer for a community service provider that targets the disabled and elderly. As such, I have probably eradicated at least a 100 malware infestations on various computers. I'd say 70% came from email attachments, and 20% from software downloads - I can't recall ever tracing one to a USB stick or direct intrusion.

BR
Remember the days of boot viruses passed by infecting the boot block on floppies.?
The only on not mentioned is 'drive by' type (no click or open needed). Most modern browsers do stop these, but there are folk running W9x that might be vulnerable as their browser is so out dated (no basic support).
theducks is offline   Reply With Quote
Old 04-08-2019, 05:50 AM   #19
FrustratedReader
Busy elsewhere
FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.
 
FrustratedReader's Avatar
 
Posts: 372
Karma: 2152942
Join Date: Jun 2017
Device: Various
" Most modern browsers do stop these,"
No they don't unless you have a script blocking plugin such as noScript or uMatrix.

Indeed Never open any email attachment without being 100% sure who sent it. The From address doesn't count. Make sure file endings are enabled (Windows) and you know which files are safe to open.

Infected SD cards USB sticks are a common corporate attack vector. Make sure no autorun repartition any recycled or new one. They are not a likely source of malware for people not in the work force and not in youth culture. Unprotected browsers are the problem.
All the many PCs I've removed viruses, trojans and root kits from had working AV software. All were used with unprotected browsers and by people that had never been told about spoofed From in Emails, turning off remote content in emails and assuming you can click on email attachments. Many fooled by filename.txt<loads of spaces>.exe etc.
Some of the PCs had vital system files "quarantined" by AV software by mistake and thus would not reboot or would crash.
Education, a script blocker, no remote content in email viewer (don't use Web mail), no autorun is FAR better than any AV and won't break Calibre or other programs.
FrustratedReader is offline   Reply With Quote
Old 04-12-2019, 01:36 AM   #20
Miss Chief
Junior Member
Miss Chief began at the beginning.
 
Miss Chief's Avatar
 
Posts: 5
Karma: 10
Join Date: Dec 2017
Location: Wales
Device: Android - Google Play Books
Quote:
Originally Posted by stumped View Post
protected from what exactly?

there is no way that using calibre's add books to library will import ransomware !
I am not worried about Calibre importing ransomware. I'm not sure why you would think that?

Frankly, I'm not particularly worried at all but if I am going to have ransomware protection on my system... my ebook library of 2893 books is pretty high up my list of directories I would like protected.

Quote:
Originally Posted by stumped View Post
AFAIK, it is impossible to plant dangerous malware inside of an epub or AZW book,
Well I am sorry to have to tell you that you are mistaken, as Symantec point out here.

In fact this very topic was a source of another issue I had with Windows Defender, you see I am a Unix Admin and I work with security so a good portion of the aforementioned ebooks are about Programming, Shell Scrips, Pen Testing, Blockchain that kind of thing and it seems that books about computer security triggers Defender and it gets, well... defensive, I fixed that issue although I didn't bother posting it here as it wasn't an issue with Calibre per se, but if you're curious here is my post.

However, I am also not worried about getting ransomware from any of my ebooks. Again not sure why you would think that? In the event I do get ransomware on my system though... it would be nice if my ebook library wasn't the only directory that is actually vulnerable to attack.

Obviously I backup my system frequently so even if I was foolish enough to run something I shouldn't (and I never have been so far), it wouldn't really be an issue... that is not the point. The point is a built in part of system is not working as it should. I am familiar with the third party options... I have third party options, I am happy with my setup, it is just bugging me that this isn't working as it should. I'm pretty sure I mentioned I had a workaround sorted already in my initial post. I only posted here to see if anyone had a regedit, shell command or even a group policy edit that might remedy the situation. Not because I'm worried... just because it isn't working and it should be and that is annoying!

As I said I am not particularly concerned, I was just curious if anyone here had a solution, you know since this is the main Calibre forum, I thought it was worth posting here as well as the Microsoft forums, don't worry though I won't make that mistake again

Quote:
Originally Posted by stumped View Post
PS criticizing those who try to help is a good way to get yourself ignored.
To be honest I sincerely doubt I will ever bother posting another thread here. You're such a lovely, welcoming group... the snarky, patronising comments, telling me to do the things I explained in my first post, it's given me such a warm fuzzy feeling, definitely not in a good way.
Miss Chief is offline   Reply With Quote
Old 04-12-2019, 04:13 AM   #21
BetterRed
null operator
BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.
 
Posts: 12,798
Karma: 10793226
Join Date: Mar 2012
Location: Sydney Australia
Device: none
MS seemed to have changed the message

With the Ransomware feature enabled, if I try to switch to a folder in Documents, I get this as a right bottom corner notify message,

Click image for larger version

Name:	Annotation 2019-04-12 171945.jpg
Views:	27
Size:	22.8 KB
ID:	170677

I don't know what calibre-file-dialog.exe is or where it is, so I can't add it to the exclusions list.

I also noticed this in the CFA settings

Quote:
Most of your apps will be allowed by controlled folder access, without adding them here. Apps determined by Microsoft as friendly are always allowed.
With Ransomware checks enabled I can open an EPUB in Documents with Sigil.exe, calibre's ebook-edit and ebook-viewer without having to exclude them from CFA. I can also open a text file in Documents with the installed version of Bowpad.exe, but I can't open the same file with the portable version of Bowpad.

BR

Last edited by BetterRed; 04-12-2019 at 04:27 AM.
BetterRed is online now   Reply With Quote
Old 04-12-2019, 05:33 AM   #22
Sarmat89
Groupie
Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.
 
Posts: 166
Karma: 2100000
Join Date: Nov 2015
Device: none
Quote:
Originally Posted by FrustratedReader View Post
Why they EVER thought "Autorun", ActiveX in Web browser, remote content on by default in Outlook, VBA on by default in Office or hiding file endings was a good idea is a mystery.
Because people don't like to browse the CD to install the software they've just bought.
Because people like to do more in their browser than reading and sending forms.
Because people like automation in their routine office tasks.
Because file extensions are confusing for most people, and they will delete them inadvertently when renaming their files.

What do you propose looks like a certain 'secure' OS enjoying <2% of the market share.
Sarmat89 is offline   Reply With Quote
Old 04-12-2019, 01:10 PM   #23
DNSB
Bibliophagist
DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.
 
DNSB's Avatar
 
Posts: 5,640
Karma: 25499999
Join Date: Jul 2010
Location: Vancouver
Device: Kobo Aura One, Aura H2O, Aura HD, Nexus 7 HD, iPad Air, Tolino epos
Quote:
Originally Posted by Miss Chief View Post
Quote:
Originally Posted by stumped View Post
protected from what exactly?

there is no way that using calibre's add books to library will import ransomware !
Well I am sorry to have to tell you that you are mistaken, as Symantec point out here.

In fact this very topic was a source of another issue I had with Windows Defender, you see I am a Unix Admin and I work with security so a good portion of the aforementioned ebooks are about Programming, Shell Scrips, Pen Testing, Blockchain that kind of thing and it seems that books about computer security triggers Defender and it gets, well... defensive, I fixed that issue although I didn't bother posting it here as it wasn't an issue with Calibre per se, but if you're curious here is my post.

However, I am also not worried about getting ransomware from any of my ebooks. Again not sure why you would think that? In the event I do get ransomware on my system though... it would be nice if my ebook library wasn't the only directory that is actually vulnerable to attack.
Sadly, the item you reference from the Symantec site does not make it very clear that the hazards from downloading pirated ebooks lies more in the files that are supplied as .pdf, .zip, .rar or .exe and not the ebooks in epub, azw3, mobi or whatever format themselves.

In theory, you could embed malicious javascript in an epub3 ebook. After seeing one item titled "Security Diligence Required to Prevent ePub or Mobi Javascript Hacks", I did some playing with the idea. I could not find an ebook renderer that would execute those malicious code snippets on my ereaders. Blasted programmers who limit the functionality of their code. As for the mobi format ebooks? Given the age of that format, embedding javascript is not a viable option.

Last edited by DNSB; 04-12-2019 at 01:17 PM.
DNSB is offline   Reply With Quote
Old 04-12-2019, 03:30 PM   #24
stumped
Wizard
stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.
 
Posts: 1,283
Karma: 1553800
Join Date: May 2016
Device: Samsung tab s , fire HDX 8.9, fire hd 8
The threat to book libraries from ransomware really is miniscule. 99% of all book libraries will backup to on a cheap removable usb stick or we card, which cannot be infected and held for ransom if stored offline. 64 Or 128gb storage probably costs less than single years subscription to a paid for anti ransomware solution and an offline backup is easy to update.

flipping it around, having your my documents folder protected from ransomware is little comfort if the rest of your machine gets encrypted.. you would probably have to wipe the hard drives and rebuild it all anyway if that happened.

Anyway multiple solutions and workarounds have been offered. The OP seems to have thrown her toys out of the pram and moved on. Maybe we should all do the same - move on that is , not throw toys
stumped is offline   Reply With Quote
Old 04-12-2019, 06:12 PM   #25
BetterRed
null operator
BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.BetterRed ought to be getting tired of karma fortunes by now.
 
Posts: 12,798
Karma: 10793226
Join Date: Mar 2012
Location: Sydney Australia
Device: none
Quote:
Originally Posted by BetterRed View Post
<snip>
I don't know what calibre-file-dialog.exe is or where it is, so I can't add it to the exclusions list.
Found - it is in C:\Program Files\Calibre2\app\DLLs

So, I'll try to figure out why I don't need to exclude C:\Program Files\Calibre2\ebook-viewer.exe from CFA checks to view epubs in Documents; but -- assuming it gets rid of the CFA message -- I do have to exclude C:\Program Files\Calibre2\app\DLLs\calibre-file-dialog.exe to use calibre to manage libraries in Documents.

I do not have CALIBRE_NO_NATIVE_FILEDIALOGS set, so .... ?

BR

Moderator Notice
Just a gentle reminder - this thread is about Defender's protection against ransomware via its Controlled Foider Access mechanism, and its affects on calibre. We might have lost sight of that. The fact that the OP has departed doesn't mean there not issues to be discussed.

Last edited by BetterRed; 04-12-2019 at 06:15 PM. Reason: clarity
BetterRed is online now   Reply With Quote
Old 04-12-2019, 10:38 PM   #26
kovidgoyal
creator of calibre
kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.
 
kovidgoyal's Avatar
 
Posts: 34,252
Karma: 10323932
Join Date: Oct 2006
Location: Mumbai, India
Device: Various
calibre-file-dialog.exe is a helper program calibre uses to show file dialogs -- it was needed because there are idiot applications like spideroak that write explorer extensions in python and you cannot have multiple python interpreters in a single process. Therefore to work around them I had to write a dedicated helper program in C just for selecting files.
kovidgoyal is offline   Reply With Quote
Old 04-14-2019, 05:57 AM   #27
Miss Chief
Junior Member
Miss Chief began at the beginning.
 
Miss Chief's Avatar
 
Posts: 5
Karma: 10
Join Date: Dec 2017
Location: Wales
Device: Android - Google Play Books
Quote:
Originally Posted by DNSB View Post
Sadly, the item you reference from the Symantec site does not make it very clear that the hazards from downloading pirated ebooks lies more in the files that are supplied as .pdf, .zip, .rar or .exe and not the ebooks in epub, azw3, mobi or whatever format themselves.

In theory, you could embed malicious javascript in an epub3 ebook. After seeing one item titled "Security Diligence Required to Prevent ePub or Mobi Javascript Hacks", I did some playing with the idea. I could not find an ebook renderer that would execute those malicious code snippets on my ereaders. Blasted programmers who limit the functionality of their code. As for the mobi format ebooks? Given the age of that format, embedding javascript is not a viable option.
I think the issue is that EPUB's in particular can be opened and read in a browser these days (not sure about other formats since I tend to buy/edit books as EPUB then convert them to what I need, which largely depends on where I plan on reading them). I was quite miffed that Edge made itself the default app for opening EPUB's after an update some time ago, it kind of makes sense though, EPUBs are written in HTML they even use CSS.

I doubt anyone is targeting ebook readers themselves (the hardware I mean) as there isn't much to be gained from doing so (possibly your Amazon login from Kindles) but people who read on their computers or tablets using a browser, or even using a ereader program that supports scripts could be vulnerable. Browsers themselves have a lot of personal info about people from the autofill alone and if they can get at the saved passwords well that would be the kind of thing they might want to target, without considering anything outside of the browser. Browsers can often access your filesystem too. I will add that Chrome and Firefox don't seem to be willing to open them so perhaps it's just Edge that is vulnerable. Perhaps when it switches to Chromium it will no longer work.

Just to be clear I don't think anyone is suggesting ransomware is being embedded in an ebook but some malicious scripts could be and if opened using a program that supports scripts (Adobe Acrobat for PDF, Edge for EPUB, as two examples) then you could be vulnerable to attack.

Like I said I am not concerned about my ebooks containing anything untoward, I was just responding to someone who seemed to think I was... but your post was interesting so I thought I would respond
Miss Chief is offline   Reply With Quote
Old 04-14-2019, 07:06 AM   #28
stumped
Wizard
stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.stumped ought to be getting tired of karma fortunes by now.
 
Posts: 1,283
Karma: 1553800
Join Date: May 2016
Device: Samsung tab s , fire HDX 8.9, fire hd 8
Quote:
Originally Posted by Miss Chief View Post

Like I said I am not concerned about my ebooks containing anything untoward, I was just responding to someone who seemed to think I was... but your post was interesting so I thought I would respond
I think we are all on the same page here: the only people at risk from e-books are those who get them from very dubious sources. I for one have little sympathy if they suffer unexpected consequences.
stumped is offline   Reply With Quote
Old 04-15-2019, 10:16 AM   #29
FrustratedReader
Busy elsewhere
FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.FrustratedReader ought to be getting tired of karma fortunes by now.
 
FrustratedReader's Avatar
 
Posts: 372
Karma: 2152942
Join Date: Jun 2017
Device: Various
Quote:
Originally Posted by Miss Chief View Post
I think the issue is that EPUB's in particular can be opened and read in a browser these days (not sure about other formats since I tend to buy/edit books as EPUB then convert them to what I need, which largely depends on where I plan on reading them). I was quite miffed that Edge made itself the default app for opening EPUB's after an update some time ago, it kind of makes sense though, EPUBs are written in HTML they even use CSS.

I doubt anyone is targeting ebook readers themselves (the hardware I mean) as there isn't much to be gained from doing so (possibly your Amazon login from Kindles) but people who read on their computers or tablets using a browser, or even using a ereader program that supports scripts could be vulnerable. Browsers themselves have a lot of personal info about people from the autofill alone and if they can get at the saved passwords well that would be the kind of thing they might want to target, without considering anything outside of the browser. )
Even PDFs in a Browser are stupid. Or that's especially stupid. I've been getting people to disable that for YEARS. Used to be standard thing on IT setup maybe 15 years ago to disable everything except basic necessities in a Browser.
Go to Browser "Applications". Set anything not a "Web Page" to be prompting to Save.
Install a real PDF reader (Summatra, Foxit, PDF express, even Ghostview). Linux comes WITH two real PDF readers as default.
Install Calibre and use its ePub & Mobi ebook reader standalone.
Add a script blocking plugin such as uMatrix or NoScript.
Don't use Edge or Internet Explorer unless mandated by your company as MS has lost the Plot on Browser and Windows design.
Use Safari, Firefox, Waterfox etc. Chrome is Google Spyware.
FrustratedReader is offline   Reply With Quote
Reply

Tags
error, windows defender

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Windows Defender flags 2.71 calibre-file-dialog.exe Bookee Calibre 4 11-03-2016 09:02 PM
Calibre 2x Blocked on Windows XP Enigmaesq Calibre 5 09-26-2014 07:08 PM
Windows Defender crashing Calibre! Help! clearlakeoakie Devices 8 07-09-2011 11:22 AM
v0.6.34 Calibre keeps prompting Windows Defender scub Calibre 5 01-20-2010 02:28 AM


All times are GMT -4. The time now is 05:57 AM.


MobileRead.com is a privately owned, operated and funded community.