Hi there

I would like to prevent to the best of my ability getting malware or virus when torrenting. I know there is never 100% certainty of not getting one, but i’d like to mitigate it. I’d like to ask your advice/expertise.

These are the practices I use. Please build on them if you think there is room for improvement and how.

  • First off, I use linux (transmission) and only download media (music, movies), no software. I know this already lowers the risks significantly since most malware are on .exe for Windows, however I am aware mp3/mp4 and mkv files can still embed malware to exploit VLC vulnerabilities and also Linux.

  • I use Proton VPN with kill switch in advanced settings - no internet (at all) allowed when the VPN is not connected.

  • I limit opening the downloaded media in the PC. After seeding for a few months, I usually transfer them into an external HDD and delete them from the PC. Media may be used in a TV/phone for viewing/listening.

  • I have downloaded torrent media going into a separate internal SSD which is encrypted (obviously unencrypted when torrenting). This probably doesn’t do much, but I get somewhat piece of mind when I am not torrenting and the ssd is locked.

  • I use normally pirate bay org and get the torrents with the higher number of seeds.

I understood joining some private tracker may help, but I found it difficult to join. Any advice and recommendations are welcome!

  • ui3bg4r@lemmy.orgEnglish
    1·
    1 day ago

    I understood they backport security updates, but is that also for apps in the software manager? For example: Currently I am using Mint. The VLC version there is 3.0.20 which is behind 2 years (current is 3.0.23). According to the releases of VLC, it indicated security fixes. Do these get fixes within the old number or are they neglected? What do you think? I concord by the wya on what you say related to rolling distro vs stable.

    • Seefra 1@lemmy.zipEnglish
      1·
      12 hours ago

      Do these get fixes within the old number or are they neglected?

      From what I understand (and I may be wrong) at least on debian the fixes get backported if it’s viable to backport, when that happen they increment the number after the dash ex. 1.2.3-1 to 1.2.3-2. If backporting the fixes isn’t viable they backport the package.

      I couldn’t find information relating to mint, it seems that packages.linuxmint.com website is broken atm. But ubuntu seems to have backported fixes on their VLC 3.0.21 package 11 times, the latest one in 29 Aug 2025 https://changelogs.ubuntu.com/changelogs/pool/universe/v/vlc/vlc_3.0.21-11/changelog

      • ui3bg4r@lemmy.orgEnglish
        1·
        10 hours ago

        Ah, interesting. So in principle they wouldn’t leave a VLC or Media player with a big bug out there for long. The VLC of Mint is actually older 3.0.20-3build6 and it also looks like backported 3 times. I thought they were the same as Ubuntu but apparently not.