Download.com Bundling Adware With Free Software 228
Zocalo writes "In a post to the Nmap Hackers list Nmap author Fyodor accuses Download.com of wrapping a trojan installer (as detected by various AV applications when submitted to VirusTotal) around software including Nmap and VLC Media Player. The C|Net installer bundles a toolbar, changes browser settings, and, potentially, performs other shenanigans — all under the logo of the application the user thought they might have been downloading. Apparently, this isn't the first time they have done this, either."
easy way to bypass (Score:5, Informative)
add &dlm=0 to the end of the 'your download is starting' page url..
1 go to a program's page
2. click download now
3. do not download the file that starts cnet_ or cnet2_ (if it doesn't start with cnet it's ok)
4. add the &dlm=0 to the url in the address bar after the spi=whatever junk
enjoy the direct download.. and go to the source next time..or try filehippo or softpedia (either one with your adblocker running)
Re:This is news? (Score:5, Informative)
You can always choose not to offer your downloads through download.com.
Re:This is news? (Score:5, Informative)
Comment removed (Score:5, Informative)
Re:This is news? (Score:5, Informative)
If anybody else wants to remove their software as well then you need to contact support to delist from Download.com/Upload.com
They will respond with something like:
Thank you for contacting CNET Upload.com. There are several ways to opt-out:
- Premium subscription
- PPD
But if you insist they will remove your listing. Fucking scammers!
Re:This is news? (Score:5, Informative)
If your logo or name is a trademark, yes. That's why no distribution can redistribute a modified Firefox with the same name & logo.
Re:Nothing new. (Score:5, Informative)
Re:Go to the software producer's site (Score:5, Informative)
Pick mediafire then. Zero wait, over 1MB/sec download speed.
Megaupload usually saturates my 2.2MB/sec download bandwidth, but it has wait time.
Re:This is news? (Score:5, Informative)
Cnet is only bundling their adware with programs uploaded since they started bundling.
I've got a program listed there, its not bundled.
If I upload a new version they are going to bundle it with their crapware.
So I'm not uploading a new version, ever.
They told uploaders what they were going to do with their program, they don't agree to your terms and conditions, you agree to theirs.
Remove your program from their site and go elsewhere.
Re:Download.com?? Really?? (Score:4, Informative)
1) if they actually do something, it means the many worlds hypothesis is true, and the divergent timeline occurs in a different quantum universe.
2) if the get the message, and do nothing, then you could have created a closed timelike curve, and doomed your own universe to experience the exact timeline you are reporting on. This closed timelike curve would be an indelible part of that universe's history, both present, past and future. (The time after the event creates the preceeding event, which causes the event to happen. Rinse, repeate until dizzy.) (It could also simply be another instance of the many worlds hypothesis being true though.)
3) attempts at bidirectional communication would be systematically prevented by quantum collapse. All attempts to talk to 1999 on the other end of the call would mysteriously fail 100% of the time, even if the theory behind such a transmission seems sound.
4) 1999 calls us using a one way temporal transmission device. (Like an ordinary metal time capsule.) Communication is received, but no reply can be sent.
Of these 4 options, 4 and 3 are the most likely scenarios for "1999 called, they want...." happening. #4 being the most likely.
Causality, it's a bitch.
Re:This is news? (Score:5, Informative)
Thank you for Ninite. It will unsuck my life considerably.
This came up in the ScummVM group recently (Score:5, Informative)
I'm part of the ScummVM group, a cross platform software for playing various classic adventure games, and the question of Download.com came up when we released the next version of our software. There were some arguments for including it on such sites, such as giving greater visibility to the project. However, the issue of the bundled 'crapware' was considered too big a downside. We weren't that desperate for wider coverage of our software, and we certainly didn't want people to adversely associate our software with malware.
These days I wouldn't touch download.com even if you paid me.
Re:This is news? (Score:5, Informative)
Re:This is news? (Score:5, Informative)
The new installer is a "derivative work", and you can specify that derivative works must not use the original trademarks. Mozilla and RedHat are both very strict about this: the source is open and free and all but you keep their name out of your modified stuff.
Happened to me with 7-zip (Score:4, Informative)
Re:This is news? (Score:5, Informative)
Comment removed (Score:5, Informative)
Re:This is news? (Score:4, Informative)
Re:Bundling / wrapping is old news (Score:4, Informative)
It's full of errors. Especially the spiel about alignment. In 64-bit mode you don't have to align everything to 64-bits for best performance, only 64-bit-sized values (including memory pointers). The example 16-bit value actually only needs 16-bit alignment for best performance, which is no different to the 32-bit version of the program.
2: The increase in the memory use of pointers doesn't explain Windows x64's extra 300MB of memory use. My bet is on it loading both 64-bit and 32-bit versions of a bunch of libraries in order to support various components of Windows that are still 32-bit (as well as any 32-bit software you run).
3: Saying that a 64-bit version of a program won't be faster... Two things are actually in favour of it being faster: 64-bit mode exposes more and larger registers to use, and also guarantees certain instruction set enhancements exist (SSE2). The latter especially is a huge speedup if you take advantage of it.
Re:This is news? (Score:4, Informative)
If you're on Brothersoft as well, you'd best contact them to "unwrap" your software too - unlike download.com they won't charge you to do that though, and will do it for you.