Jump to content

How safe is Vortex and Skyrim/other mods in general?


satanicsmoothie

Recommended Posts

NexusMods does a virus scan on most mods uploaded to the site, using a procedure involving multiple AV scanners. Look on the files page for the scan results. I've been a member of this site since 2007 and have downloaded thousands of mods. I have never had a virus issue with downloaded mods.

 

As for Vortex, I've been using it for a year and a half. Norton and Malwarebytes tell me that it's safe.

Link to comment
Share on other sites

I have been here for quite a while, and have never gotten any kind of malware from Nexus.

 

Also, it would be flat out idiotic of them to include malware in Vortex....... that is not a secret that could be kept for long, and Nexus actually WANTS folks to use it. (they did, after all, spend a fair bit of money developing it.) If someone found malware in it, it would instantly become very unpopular, and no one would use it. Since it has been downloaded literally thousands of times already, and so far, not even a hint of it being malware..... I can say, with absolute certainty, that it is indeed safe.

Link to comment
Share on other sites

Well, many factors play into safety.

Vortex is open-source so anyone can review what we're doing - but does anyone?

Virus scanners give Vortex their ok - but that only detects known malware or stuff that looks similar, it doesn't really verify the software doesn't do anything bad

 

Also, security isn't only about whether we, the developers of Vortex, do something bad intentionally, it's also a question of our competence. Mod managers by their nature deals a lot with creating, copying and deleting files, that's more dangerous if it's bugged than, say, a software for creating presentations.

Plus: No software today is built from the ground up, any developer uses external software (libraries) which may also have issues.

 

Whether a company is big or not doesn't say much about how secure it is. I mean, AV vendors have been found to publish "browser security addons" that actually make you less secure: https://bugs.chromium.org/p/project-zero/issues/detail?id=675&redir=1

 

My point is: Don't trust software, small or big. Always assume that it could be malicious or broken.

You should be suspicious of Vortex as much as any other software.

 

The way you live with that is that you limit the damage software can have. e.g.: Have a backup of anything you don't want to lose.

And follow the windows defaults unless you really really know what you're doing. E.g. if you leave UAC (User Access Control) enabled, your software installed to "c:\program files" and you don't run software as admin, it's practically impossible for a keylogger to insert itself system-wide without the system at the very least asking you whether you want to allow the change. And at that point you should be suspicious and question whether a system change is necessary for what you intended to do. That does more for your security than any Anti-Virus imho.

 

If you question our intend, consider this:

It is common practice among modding tools to tell you "run this as admin" and people usually do it without a second thought. Vortex actually warns you if you try to run it as admin.

If we didn't care about your security or actually wanted to do something malicious on your system, why would we go through that trouble if we could ask for the keys to the kingdom knowing that everyone would be willing to hand them to us?

We go out of our way to warn users about things that might put them in danger and we get quite a bit of crap for the inconvenience that causes (like - pressing a button once when you decide to run Vortex as admin)

Link to comment
Share on other sites

 

Well, many factors play into safety.

Vortex is open-source so anyone can review what we're doing - but does anyone?

Virus scanners give Vortex their ok - but that only detects known malware or stuff that looks similar, it doesn't really verify the software doesn't do anything bad

 

Also, security isn't only about whether we, the developers of Vortex, do something bad intentionally, it's also a question of our competence. Mod managers by their nature deals a lot with creating, copying and deleting files, that's more dangerous if it's bugged than, say, a software for creating presentations.

Plus: No software today is built from the ground up, any developer uses external software (libraries) which may also have issues.

 

Whether a company is big or not doesn't say much about how secure it is. I mean, AV vendors have been found to publish "browser security addons" that actually make you less secure: https://bugs.chromium.org/p/project-zero/issues/detail?id=675&redir=1

 

My point is: Don't trust software, small or big. Always assume that it could be malicious or broken.

You should be suspicious of Vortex as much as any other software.

 

The way you live with that is that you limit the damage software can have. e.g.: Have a backup of anything you don't want to lose.

And follow the windows defaults unless you really really know what you're doing. E.g. if you leave UAC (User Access Control) enabled, your software installed to "c:\program files" and you don't run software as admin, it's practically impossible for a keylogger to insert itself system-wide without the system at the very least asking you whether you want to allow the change. And at that point you should be suspicious and question whether a system change is necessary for what you intended to do. That does more for your security than any Anti-Virus imho.

 

If you question our intend, consider this:

It is common practice among modding tools to tell you "run this as admin" and people usually do it without a second thought. Vortex actually warns you if you try to run it as admin.

If we didn't care about your security or actually wanted to do something malicious on your system, why would we go through that trouble if we could ask for the keys to the kingdom knowing that everyone would be willing to hand them to us?

We go out of our way to warn users about things that might put them in danger and we get quite a bit of crap for the inconvenience that causes (like - pressing a button once when you decide to run Vortex as admin)

Does it have admin rights? The installer definitely does right? Can you even use this software without admin rights? I usually check what processes are running on my system to be sure that I didn't install any keyloggers and I never encountered one (assuming they are not hidden from the task manager).

Edited by satanicsmoothie
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...