stupid_asshole69 [none/use name]

Wipe before you leave and restore when you arrive. Carry a second, minimal device with limited smartphone features for when you need to contact someone between those times.

While in some place that worries you, audit and change your behavior and the way your software works in order to be more secure and less convenient. Limit computer use.

Figure out what method of storing data remotely works for you and use it, but don’t treat it as a backup.

Run the md5.

Of course that only tells you that you got what the author intended, not that what they intended is “safe”

I am some kind of troll.

Again, you’re making what reads like an incredibly stupid decision.

You have a computer with your name on it, the vps you set up, in a country where your actions are legal and another with your name on it in a country where you reside and your actions aren’t legal.

You connect to the vps using a protocol that authenticates your identity.

Let me just walk through the steps to prosecute you for piracy or a different crime with much more serious consequences:

Through leaky dns, a tipoff, some transformer or just the usual 24/7 isp traffic analysis someone realizes you’re doing a piracy.

They get logs from the isp and if your bad dns doesn’t give you up immediately then they see the outlier ip of the vps. ISPs always cooperate, often the special relationship between companies that are allowed to operate critical infrastructure and law enforcement is enshrined in law.

Whois points them at the vps company, whose policies may require them to get a warrant or equivalent in order to allow law enforcement into your actual running vps but will absolutely comply with kyc aligned requests and laws.

As an aside, you may think that the vps provider could stand up against the cops for you, but they’re not doing that. No one is keeping their mouth shut for $3/mo unless that’s their literal whole business model. They’ll just find new tenants.

Anyway so now they know it’s you on each end and have an airtight piracy case. If that seems like a lot of work to do through for someone whose downloading SpongeBob, it is! Piracy investigations are often not worthwhile as crimes in and of themselves.

The cops will have a strong incentive to get you on other charges, so when they search your house they’ll be looking not only for the computer with your name on it but for anything that could be misconstrued as illegal or prohibited. Hope you’re clean.

But assuming you don’t have an unregistered firearm and pile of illicit drugs next to your computer they’ll still take the computer in for a snoopin. Assuming again that nothing is found but wholesome episodes of SpongeBob on your computer they will without any doubt find your /etc/WireGuard folder with all the config files. Oh, they go to the vps you rented. Imagine that!

In America the crime of setting up a telecommunications system for the purpose of doing something illegal is prosecuted as wire fraud. It might be called different things in different countries but the basic conditions for the creation of law around those actions were about the same everywhere: big money stealin’ using new telegraph technology. The specific technology may have changed but the law inevitably didn’t, so they’ll pile the wire fraud equivalent charge onto you.

I don’t know your country but piracy is probably a low level crime there compared to wire fraud. So instead of facing a fine or a few months for downloading a soccer game now you’re facing a big monetary penalty and many years in jail for creating a system of wire fraud.

Even the often times not very smart police can figure out how to do this. You can check this out by looking in your own countries cop arrest records and see what they’re jamming people up for when it comes to computer crimes. It’s usually the local equivalent of wire fraud when they can get it because the newer, computer specific laws are harder to convict under or have more lenient penalties proscribed.

So anyway, instead of literally building an illegal crime tunnel which is a much worse crime than piracy, spend the money on air or one of the other piracy vpns. You’ll be saving yourself a lot of headache and protecting yourself much better than you did with a home built system.

I took the time to write this out much more explicitly after being told to fuck off because you’re making an incredibly stupid decision. I don’t want you to feel stupid, but I want you to recognize that you’re pursuing a more difficult path that opens you up to much more serious charges and which you are not even capable of getting up and running at the moment.

Just think on that for a second.

You can’t get your illegal crime tunnel working right and you’re asking for help with it on a public forum.

It’s good to try things for the sake of learning. I would strongly advise against trying to learn by doing illegal things and asking for help in public in the strongest possible terms.

Go get a piracy vpn service instead. It accomplishes your goals and keeps you safer than your home grown would if it were working.

That’s stupid.

You have a computer with your name on it in a country where what you’re doing is legal and you’re connecting to it using a process that authenticates with a shared secret from another computer that most likely has your name on it in a country where what you’re doing is illegal.

You’re not fooling anyone and by creating your own crime tunnel with your name on both ends of it and I’m gonna hesitate to use specific legal language to describe the new, more serious type of crime you are now committing because it’s different all over but there’s almost always a type of wire fraud that covers this because banks all tried to do it when different kinds of electronic transfers popped up.

Just use air like a normal person.

You mean the audio lessons? They’re on mya.

The supposed gnome workflow is for keyboard users to go fuck themselves.

Don’t waste time learning the gnome way of doing things, it’s not gonna remain consistent long enough to let you reap any benefits from that knowledge.

Choose a db you’re comfortable with, create structures in it that represent your files and their location in your filesystems, add more structures that represent metadata and then query it when you need to find things.

It’s what phones do.

The client saves them.

If you have a lot of crap in small files it might be time to stop depending on the directory structure to navigate and switch to a database.

Oh fuck I didn’t actually answer your question! Sorry!

You want the two major private trackers for music. They both have active communities and all kinds of groupings of releases.

You have to have the cookie for squid dot wtf first. Go there.

You have two problems, curation and piracy.

Piracy is easy, get into a few good private trackers or download from YouTube or use soulseek (carefully!).

Curation is harder and if you don’t want to do it yourself you have to make friends with people who are into the same music as you or use the tools of feed based services like Spotify to dump into your piracy rube-Goldberg contraption.

It’s worth not doing the latter because you will end up failing the Dow Jones and the Industrials test if you just stick to only what the machine gives you because it’s what you like.

Go make friends with people and enjoy music, a collaborative hallucination unique to humanity, with them.

No (*actually yes).

It’s your round trip ping, how quickly your seeding device responds to some leeching devices request that determines weather or not you end up sending a chunk out to them.

Of course, aside from people on satellite every high bandwidth connection (measured in millions or billions of bits transferred per second) will also have lower latency (measured in increasingly small fractions of a second).

Users of the automated arr torrent and usenet stack have been complaining about malicious fake releases on public trackers which hit before the content street date and contain esoteric archive files that can run a program upon unpacking for maybe the last month or so.

The files are automatically downloaded by the users software because they match the users profile for that movie or series.

The users are mad that the devs told them to stop using trackers that distribute malware rather than the devs agreeing to implement filtering.

The only reason old archive formats are being deployed in that attack is because most antimalware doesn’t pay attention to them. Almost every modern archive format can at least open a link when processed but even the software that the users os calls to perform the operation has some kind of interlink built in to prevent that from happening without user awareness.

So there are currently malware crews actively and successfully targeting piracy networks and software.

Many years ago, one vector for mp3s other than extension-fu was embedding clickable links in the id3 data so that when displayed in Winamps playlist a user would accidentally or inquisitively make contact with some server. I first encountered this on soulseek.

There are also circumstances where extension-fu isn’t required. You can test this out on your own system by making a copy of some standalone program and renaming it with a wrong extension (say, .mp3 for instance!) then trying to open it.

Yt-dlp is the usual answer. There’s a script for when people have song chapters someone linked as well as the surprisingly decent mp3split-gtk, also already referenced.

Speaking as a soulseek user, be careful. You are now manually deciding what users you will accept data from with only the validation and security your computer or you yourself provide. It is incredibly easy to look up desirable rare recordings and create believable dummy files with a payload.

Imdl

Run the os off the m2. Don’t trust sd cards for anything other than bulk transient storage, simple data structures and filesystems that will be quickly moved to other systems.

Everyone hasnt had this issue until recently.

Because it’s new vector for spreading malware that preys upon people running automated systems like the arr stack or just clicking stuff willy nilly.

The solution is to stop using public trackers that allow randos to upload malware.

I already made a top level reply, but I’m with the devs on this one. If you are using a tracker that allows release spam with malware, it would be counterproductive and honestly irresponsible to start playing whack a mole with it. Your software, development process and people aren’t prepared to do anti malware. Just tell your users that they’re using bad trackers and they need to switch.

Because that’s what’s happening. The arj files are malware. If someone asked me to install a water filtering system on their cars gas lines so they could use fuel from the cheap gas station I’d tell them the same thing: don’t use that gas station, they put water in the gas. Go across the street to the market rate one.

Furthermore, providing a way to filter those files just means that bad trackers that allow release spam malware will not be abandoned and the problem of that malware will get worse.

Literally get on better trackers for the sake of your own privacy, security and cpu cycles.

It sucks to say this but you need to ditch that tracker.

Those files are malware. Yes it would be great if there were some mechanism to block that specific malware (there is, use your computers anti malware) but the long term fix is to go away from where they’re distributing malware.

The whole point of distributing files like that is that people like you have automated systems that go to public trackers and grab the first thing they see that matches and extract it. .arj files can have a link in them to some payload and suddenly your wonderful home server has infected itself with malware.

Time to switch to private trackers.