Reject 2025

Router is my own and up to date.

that does not say its dns settings are as you set them. if you use a default or weak password for your routers config page, an attacker could change its setting from the outside via dns rebinding, then scanning your net, finding your router, trying passwords and when succesfull changing firewall rules or change dns settings to make your programs check the attackers repository proxies instead of their vendor ones.

dns rebind: https://www.packetlabs.net/posts/what-are-dns-rebinding-attacks/

so better check its dns settings, that it likely is pushing to dhcp clients, too.

Thanks to flatpak it also doesn’t have the ability to see anything else from my system. it at least seems to asks for seeing way more…

jdownloader could theoretically also got hacked by a site you were downloading from. maybe having a complete list of what you downloaded and check those again but using source provided (and signed?) hashes could reveal something fishy.

maybe (if thats possible there) make a memory/debug dump from the process in that condition and ask the vendor to look at it.

maybe check your downloaders binary hashes and compare it to the vendors signed ones.

the jackass addition was a joke from my side as it fits the j in front and the situation presented perfectly, no matter if the original app did so or if it was hijacked somehow.

however i used to use a separate downloader a very long time ago, when downloading i.e. an iso image for a new foss os took just too long, could be interrupted by time-togo-to-bed or anything else.

one day i learned about another downloader to be spying. at that time the downloaders in good browsers did what i needed and i turned completely away from separate downloaders as using more products always increase the attack surface and i didnt need such any longer.

for crawling i guess there are better tools than a downloader that needs to be fed by clipboard.

for downloading a lot of files in parallel from a list, i would personally use a quickly coded script (download link from parameters using wget or on failure append the link to a failed-list) and then use something like:

cat list | xargs --some-parameters ./dl-script.sh

so that i could set limits of parallel downloads using the xargs parameters while not needing any extra software and beeing able to redownload the failed ones by just renaming the lists filename and run the command again.

wget seems to support resume too, so i’ld try it that way but i never needed to.

if you need the resume feature or download a lot on a daily basis, want adjustable speed limits by few clicks etc. a specialized downloader application is probably a better way to go and usually has a gui if you need that, but i have no need for downloaders and thus cannot recommend any except for quick use of wget and xargs maybe ;-)

in general however i have ‘learned’ to try to prevent the use of products of specific programming languages which i had often more problems with than with others. its perl, ruby and java programs i try to prevent to use whenever possible. but that is based on personal experience like with ruby programs often basics (like turn on logging to find the problem didnt even log a single line not even in its debug mode) that are needed to at least administrate such programs were missing, bad or unhandy like java’s log4js default log rotation was horrible to use when forwarding logs and log4j was another thing by itself. However thats personal preferece to not use programs coded in these languages. same as with not using that one os vendors programs that are always in the news since decades with every week or so yet another 100% preventable security issue ;-) i just don’t like such.

you … installed the JackassDownloader !!!

maybe check your routers and pc’s dns settings, if you have a router from your provider, maybe its outdated as hell and jdownloaders updater got redirected by someone who hijacked it?