VideoLAN @videolan App Stores were a mistake. Currently, we cannot update VLC on Windows Store, and we cannot update VLC on Android Play Store, without reducing security or dropping a lot of users… For now, iOS App Store still allows us to ship for iOS9, but until when?

  • @[email protected]
    link
    fedilink
    English
    08 months ago

    My guess is that their update won’t be approved unless they drop support for old OS versions

    • deweydecibel
      link
      fedilink
      English
      08 months ago

      Which is a problem given it’s a media player, and AndroidTVs still on Android 11 or earlier would be denied updates.

      • Em Adespoton
        link
        fedilink
        08 months ago

        Is it a problem though? Old versions of VLC still work fine; I have it on my iPad 2 but haven’t updated it in over 5 years.

        Old hardware doesn’t have to worry about security updates because it’s already insecure. So unless VLC stops working, I don’t need updates. And it’s not like my iPad is capable of playing HEVC 4k HDR video anyway, so new codec support isn’t a problem.

        • @[email protected]
          link
          fedilink
          0
          edit-2
          8 months ago

          One of the quickest ways to pivot into a corporate intranet is via an old insecure networked printer that Shannon from HR brought in.

          Sure, maybe you don’t have anything worth stealing or leaking, but I bet getting hit with ransomware that encrypts every drive on the network and charges you $2,000 per drive to decrypt will put a damper on your day, month, or year.

          Hope you’re one of the 0.1% of people that actually keep regular backups.

          • Em Adespoton
            link
            fedilink
            08 months ago

            My point though is that if you’re running the old device without appropriate lockdowns, it’s already leaking like a sieve. It’s been at least five years since the corporate perimeter has been considered more than a minor line of defense, specifically because there are so many pieces of equipment long out of security patch support (if they ever had it) that can’t be trusted.

            And ransomware actors don’t bother with the printer; they get in via phishing emails and misconfigured routers and remote access tools — because it’s too much work to target the printer when there are juicier targets.

            Although there’s been a recent push towards credential management compromise, and if you’ve got an iPad 2 connected to an Apple ID that also happens to include an iCloud keychain with your Exchange server credentials on it….

            • @[email protected]
              link
              fedilink
              08 months ago

              My thinking was more along the lines of old vulnerabilities in VLC (specifically codecs/implementation) exploiting a set of the most commonly sold TVs, and spreading via torrents. If your malware group can target 6 models of the best selling 5 year old TVs and spread via torrents and then infecting video files, which spread over Windows networks and keep infecting video files, it could be a good few million device strong botnet.

              Seems more like something an APT actor would focus on because the effort:reward ratio isn’t there for most groups, and it would take a lot more effort than the MicroTik botnet or other compromised router nets.

              I’m hesitant to run any outdated network-connected devices on my (read: the one my personal devices use) network. The only older model device we have running is a brother printer but it still receives firmware updates, and it’s segmented so printing is never done directly from anyone’s device, it’s hooked up to an old laptop running a simple custom web server that accepts files and puts them in the printer queue, and tunneling and DNS are configured on the router, if someone needs to print, they go to [thenameoftheprinter].com in their browser and upload the file(s) and it prints. Devices without access to the guest network can print with Bluetooth, it just requires opening the laptop and pairing and manually printing.

              But that was born out of issues of compatibility with the printer running on the guest/kids network, and not wanting to plug it directly into the router or use the Brother apps more than “This printer is older, must not have direct network access.”