Open Source Software Hijacked To Push Malware 147
jfruhlinger writes "VLC Media Player is a popular, useful, and free-as-in-beer piece of software. Unfortunately, its open source nature makes it easier for people with bad intentions to repackage it in nefarious ways. Not only do some of these folks claim that they're the originator of the software (a violation of trademark law and the license), but they often bundle it up with crapware and malware, which is a real dilemma for open source developers who play by the rules."
Re:No It doesn't (Score:5, Informative)
Re:Linux was literally used for this purpose as we (Score:2, Informative)
Goatse alert!
Re:No It doesn't (Score:4, Informative)
Package manager, anyone? (Score:4, Informative)
sudo apt-get install vlc is not gonna get you anything but a legit version of VLC, unless you setup JOez BaDazzz REPO by following directions on the 5th page of Google's search results.
Defend your trademark! (Score:3, Informative)
This happened to Mixxx DJ Software (http://mixxx.org), there was a web site that was shipping a Windows installer which installed crapware and Mixxx. The best part about it is their crapware would come up in the ads when you searched for Mixxx on Sourceforge!
The site that was promoting this crapware installer used the Mixxx name (trademark), several screenshots featuring the Mixxx logo and included a footer that indicated the contents of the page were copyright of their company 2008...
So we tracked them down and sent them a cease-and-desist email for violating our trademark (misrepresenting themselves as authors and using screenshots which feature the Mixxx brand without our consent)... Simply put we told them they could NOT use our trademark at all, this mean no screens with our logo, no mention of the projects name -> this means to comply with trademark law they will have to alter artwork (covered under the GPLv2) and in doing so will be required rebuild the app and redistribute all of the code also. As far as we are aware they complied and now they are substantially less relavent from a branding perspective and no longer really much of a threat to our user community...
You may not be able to enforce copyright if they comply with the terms of the license the software is distributed under (in this case GPLv2), but you can sure as hell stick it to people who attempt to tarnish your brand with trademark law and certainly make it far less convenient for these scum-balls to do this and still be on the right side of the law.
-G
Re:No It doesn't (Score:3, Informative)
To do so only download from your operating systems repository or app store. If you OS doesn't have one, find one that does.
...because there has never been malware on [computerworld.com] the [engadget.com] Android [zdnet.com] Market [zdnet.com].
and the Amazon App Store has an inherent [wired.com] risk [androidostablets.com]