Slashdot Mirror

← Back to Stories (view on slashdot.org)

Invisible Malware Install 65MB Large

Posted by Zonk on from the it-came-from-marketing dept.

Paperghost writes "Words fail me with this one - don't have the .NET framework on your PC to utilise the adware maker's technology? No problem, they'll download it for you without you knowing. The problem is that it's a sixty-five megabyte install." From the article: "...the size of the .NET framework to download can vary drastically depending on what extras you have - don't forget the service packs, SP1 is an extra 10 or so MB in size. But I'm actually understating the amount of space used when installed, as .NET can total up to 100MB."

6 of 381 comments (clear)

  1. NewDotNet by Zorilla · · Score: 4, Interesting

    This reminds me of a couple years ago when many piece of software came bundled with spyware called NewDotNet that claimed to be "needed for next generation internet applications" - just around the same time MS started pushing .NET

    I remember uninstalling it from a bunch of machines because people asked, "Do I need this?" Yes....

    --

    It would be cool if it didn't suck.
  2. Good! by mwa · · Score: 5, Interesting

    Now I know how to install it without clicking "I agree". So we'll be seeing some benchmark results on .NET real soon now, right?

  3. 65MB is nothing! by kaleco · · Score: 4, Interesting

    BT Internet recently doubled the downstream rate on most of their broadband accounts, and after looking at the spyware penetration on some friends' Windows machines, 65MB malware seems completely plausible.

    --
    Prosperity is only an instrument to be used, not a deity to be worshipped. Calvin Coolidge
  4. Re:zerg by defishguy · · Score: 3, Interesting

    The long and short of it is probably yes. The Windows Installer runs in the system context and not the user context when the client is a part of an AD domain.

    Running the Windows Installer in the system context is the only way that the directory can manage software on the client.

    Kudos to MS for another brilliant design!

  5. Re:awesome by spektr · · Score: 3, Interesting

    OMG, y0 n00b, just include affiliates.microsoft.com in sources.list and do aptitude update && yes y to hell with it|aptitude distupgrade.

  6. Not necessarily by jesterzog · · Score: 3, Interesting

    Now I know how to install it without clicking "I agree". So we'll be seeing some benchmark results on .NET real soon now, right?

    Just make sure you read every line of the agreement for whatever application installs the spyware. If they're being cautious, they probably have a line similar to "We might install the .NET framework on your behalf, and therefore you must read and agree with all of the Microsoft .NET framework terms of service outlined at [url]", right next to the statement about how they're going to install spyware on your PC.

    This isn't to say that any of it would necessarily hold up if tested in court, and it doesn't mean that Microsoft wouldn't have "issues" with the spyware distributor for bypassing the display of their license to the user installing the software. But if you're the sort of person who cares about clicking 'I agree' at all, then you should probably consider this, too.