Download.com Bundling Adware With Free Software

Zocalo writes "In a post to the Nmap Hackers list Nmap author Fyodor accuses Download.com of wrapping a trojan installer (as detected by various AV applications when submitted to VirusTotal) around software including Nmap and VLC Media Player. The C|Net installer bundles a toolbar, changes browser settings, and, potentially, performs other shenanigans — all under the logo of the application the user thought they might have been downloading. Apparently, this isn't the first time they have done this, either."

This is news?

Download.com have always done this... I thought this was how they funded the site.

Re:This is news?

[geekmux]

Download.com have always done this... I thought this was how they funded the site.

This may be true, but doesn't shadow the efforts of those irritated enough to stand up and say something. Hats off to Fyodor for bringing it to light in hopes that things change.

And as knowledgeable as the average user has (been forced to) become about spyware and malware, Download.com should listen, because it's obviously not just those uploading content that keeps them in business. Let's hope they don't react and generate that stench of arrogance around themselves, not unlike many large businesses today that think they're "too big to fail", and could care less what their customers think.

Re:This is news?

[sosume]

You can always choose not to offer your downloads through download.com.

Re:This is news?

Yes it is news for me.
I submitted something I wrote a while back and it used to offer the file the way I uploaded it. I just checked and sure enough my download is now wrapped in a Cnet installer. Now I need to dig out my account info and remove my software listing because this is fucking BULLSHIT!

Thanks Slashdot for pointing this out.

Re:This is news?

[Zocalo]

Yes, they have, or at least it seems like it. The difference this time is that in addition to an abuse of the registered Nmap trademark Fyodor also has them in a clear breach of the NMAP licensing Ts&Cs and it appears he's willing to try and pursue the matter through the courts. I did have a strapline on the original submission to the effect that he was looking for a good US based copyright lawyer, but it appears that the Slashdot editors decided that wasn't an important part of the story.

Re:This is news?

LOL, easier said then done. There is no removal link....

Re:This is news?

[hairyfeet]

Sorry but this is old new and why most of us builders have been avoiding CNet like the clap for awhile. I'd loved to see their before and after website visits stats because i wouldn't be surprised if many are doing like me and the instant they see the article is on CNet closing the tab.

For those that need that "80%" software, the stuff you pretty much install on every system? Let old Hairy introduce to a really nice place with a weird name...Ninite. it has all the latest versions of the software everyone installs, your flash, codec packs, VLC, LibreOffice, several AV and antimal to choose from, and NO TOOLBARS are allowed, no crapware, just the program you want pre-packaged as an unattended installer that's as simple as "clicky clicky" and let her run. great for not only new builds but when you need to help someone who lives a good distance away who is having trouble or doesn't know where to find the above basics.

I used to swing by CNet all the time back in the day but since i don't support spammers and spyware pushers they can go pound sand. With ninite all the basics are covered and if you can think of others you'd like just drop their name in the suggestion box and they'll add the most popular choices to the list. I suggested Klite with MPC and voila! There it is, and more popular apps are being added all the time. Enjoy folks!

Re:This is news?

If anybody else wants to remove their software as well then you need to contact support to delist from Download.com/Upload.com
They will respond with something like:

Thank you for contacting CNET Upload.com. There are several ways to opt-out:

- Premium subscription
- PPD

But if you insist they will remove your listing. Fucking scammers!

Re:This is news?

[xaxa]

You can always choose not to offer your downloads through download.com.

Can you? Even if it's under a copyleft license, or in the public domain?

Re:This is news?

[Robert+Zenz]

I also find it interesting to note that it seems to be sponsored by a certain company we know too well...you know, changing Startpages/Default Searchmachines to MSN/Bing...

Re:This is news?

[buchner.johannes]

If your logo or name is a trademark, yes. That's why no distribution can redistribute a modified Firefox with the same name & logo.

Re:This is news?

[InsightIn140Bytes]

It's even more stupid that Google has started offering Chrome just the same way like every other adware vendor - by offering freeware and shareware authors, and the likes of Download.com, money per install they get. This leads to software authors and download sites bundling it with unrelated software and pushing it to users since they get paid for it. They always used to do this with their toolbar, but of course now they switched it to Chrome. I've seen people using Chrome and when asked why they changed, they had no idea. Either it came with some other software or "Google said on internet that you need to download this to make your browsing better" and they thought fine. No wonder they gained that 25% market share so quickly...

Re:This is news?

Well it did make their browsing better; those people would have been on IE previously.

Re:This is news?

[Entropy98]

Cnet is only bundling their adware with programs uploaded since they started bundling.

I've got a program listed there, its not bundled.

If I upload a new version they are going to bundle it with their crapware.

So I'm not uploading a new version, ever.

They told uploaders what they were going to do with their program, they don't agree to your terms and conditions, you agree to theirs.

Remove your program from their site and go elsewhere.

Re:This is news?

[InsightIn140Bytes]

Just like Comic Central makes them IMing and emailing more fun by allowing to put funny smileys in them, and Bonzi Buddy helps you find stuff and does lots more!

Re:This is news?

[subreality]

Thank you for Ninite. It will unsuck my life considerably.

Re:This is news?

[zero.kalvin]

(I am not an expert on these things so bear with me): But what I understood is that when they created a new installer to install the unmodified software (let's say firefox) with another software ( the adware) this can't be thought as an infringement... Or the software can be only installed via it's original installer ?

Re:This is news?

[nstlgc]

I did not know about Ninite. Thank you very much for pointing it out, it looks pretty awesome.

Re:This is news?

[achenaar]

Thanks for that. Ninite.com looks like a cracking way to go.
Seriously, it looks like it would make populating a new build a snap.
Which is quite timely actually as the missus' machine is due a reinstall.

*Raises a glass*

Ach

Re:This is news?

[TheFakeMcCoy]

Agreed... although my life will still suck at least I will have more time to ponder why

Re:This is news?

[datapharmer]

yep. This is old news. UltraVNC has been warning about this for quite some time https://forum.ultravnc.net/viewtopic.php?f=9&t=28692

Re:This is news?

[kvvbassboy]

I like FileHippo more. It has a bigger collection than ninite, and it tracks both stable and beta versions of most free software and freeware on Windows. They also have a useful (and a completely optional download) update utility that checks if there are any updates available for software on your computer. If yes, you can let it update from their website. It's pretty awesome, all in all.

Re:This is news?

The new installer is a "derivative work", and you can specify that derivative works must not use the original trademarks. Mozilla and RedHat are both very strict about this: the source is open and free and all but you keep their name out of your modified stuff.

Re:This is news?

oldversion.com isn't a bad choice either, especially useful for the large library of older installations that are sometimes impossible to find

Re:This is news?

[Kadagan+AU]

Seems like we had this discussion already..

Re:This is news?

[i.r.id10t]

Of course, if they include the source code, and possibly rename the app, perfectly legal to do...

See points 1, 2 and 4 of the Open Source Definition http://www.opensource.org/osd.html

Re:This is news?

[Swarley]

Does ninite prevent developer included crapware? Specifically looking at uTorrent here which is notorius for giving you check boxes concerning crapware and then installing it anyway regardless of what you checked.

Re:This is news?

[Patchw0rk+F0g]

Actually, I thought my clickthroughs funded their site. I'll have to find another one now... so many buttons, so few worthy clicks... (sigh)

Re:This is news?

[zero.kalvin]

So this is my question: Is installing it via a different installer ( than the original one) is considered a derivative work? Even though the program is identical to the one installed with the default installer.

Re:This is news?

It has been considered so in the past. You would probably need a lawyer and a bunch of money to go after CNet; they're pretty big, and as a guy writing freeware in your basement they'll be able to outspend you, which is what most legal fights have turned into these days. If they piss off someone as big as them they'll lose, so they are probably being careful not to do that.

Re:This is news?

[Mike+Mentalist]

Ninite is brilliant. If you have a decent Internet connection you just watch the progress bar go along and marvel as the various desktop shortcuts of newly-installed apps just start appearing in front of you...

Re:This is news?

Yes, it is. If the installer package was not developed by Mozilla then it is a modified version. Another thing would be wrapping the official installer...

Re:This is news?

[webheaded]

New to some of us? No. Honestly though, does it hurt to spread the word as much as possible though? I think not. CNet can go to hell. It's bad enough when the program makers do it but now the place offering downloads is packing this shit in? Seriously? They don't think the program makers might be a little bit pissed off at this prospect?

Re:This is news?

I don't care a tiny bit. Do all the ads you want, C|Net... just reinstate music.download.com which was great...

I'm willing to watch ads while I browse/download costless legal music.

BTW, thanks for all good service in the past. It really made my life better -- not just because of the good music, but also for helping me avoid downloading unlicensed songs.

Re:This is news?

[datavirtue]

No, they have not always done this. It just started this year. As a software author who publishes on CNet in addition to many other sites and my own, I was horrified to be notified this year that this was going to take place. They completely repackage the software, wrapping it with their adware crap. I immediately fired off a vehement email telling them not to do this with my software, but CNet does what they want to do and getting them to do anything without giving them money is a process that usually takes about 6 to 12 months (they pissed me off years ago and it took FOREVER to get de-listed). They are essentially abusing their power they have over software authors who need to publish on CNet (by far the most high traffic DL site on the net). I don't really need to publish on CNet but it used to be a badge of honor and a sign of credibility to be published there. I don't consider it as such any more.

Re:This is news?

I dont think the issue of bundling a browser with software is the problem. The issue here is that download.com bundles it with other people's software, obviously without being very clear as to what it will be doing or what effect this will have (trademark issues, potential revenue that goes to download.com instead of the original developer etc). All this without considering the allegations that it ships malware along with the new installer.

Re:This is news?

[datavirtue]

Watch the licensing of the ninite installer. It is a paid service.

Re:This is news?

[datavirtue]

http://www.freewarefiles.com/ is also a solid site. I have had some exchanges with the site owners before and they seem to be reputable. They run ads, but other than that there is no funny business. The site has been around for quite a while.

Re:This is news?

[History's+Coming+To]

And/or you can insist on derivative works keeping to the original licence, so for example Download.com would be obliged to make the source code of whatever changes they made available. Doesn't stop them obfuscating it, but it does at least mean people can (with work, in theory) find out what the program does before they actually run it.

Re:This is news?

[PenquinCoder]

Yes it says 'no' to additional cruft. Read the info box on the main page of the link ninite.com

Re:This is news?

[MagusSlurpy]

I'm pretty sure Ninite is free for individual use, and paid for business users.

Re:This is news?

[Tarlus]

At the very least, you could choose to actively denounce the download.com distribution of your software.

Re:This is news?

come on Google. All it would take is for you to flick that little switch that says malicious website. ... which this is ...

*schwomp* download.com disappears into a black hole .

Re:This is news?

If its just the installer and the new installer does not make use of the original then the installer is not a derivative work. Which means they are free to bundle as they see fit.

Far too many people have completely lost sight of what free software is all about. For whatever reason they only remember half of what free software is supposed to provide. Free software is free but its specifically intended to allow others to make money via services and enhancement. That is EXACTLY what they are doing here. The fact that this is even a post on slashdot wonderfully shows how far the current /. tech community is from technology and the free software movement.

Honestly, the whole story is nonsense created an a very ignorant person. Free software was never intended to keep programmers from making a living. In fact, it was intended to allow programmers to make a better living and do so for themselves. The problem is, so many people only want to take and don't want to pay for additional services, features, enhancements, and bug fixes. Aside from a minority of cases, I guess in this regard free software is failing to live up to its potential and promise.

Honestly, if you're mad someone is making money off of free software, exactly as intended by most free software licenses, you don't understand the subject at all. Free software is about freedom to do what you want as well as freedom for developers to make a living. For whatever reason, far, far too many absolutely hate it when developers and artists make a living and will do anything to prevent it - which is largely the movement (intentional or otherwise) of pirates and others (who get angry someone might hope to make a living) like them.

Re:This is news?

[icebraining]

Just send them a DMCA takedown notice. If the system exists you might as well use it.

Re:This is news?

[Greyfox]

It's not likely to show up, then, when you Google on "Firefox."

I think I banned them from my Google searches a while back, since they seem to show up on pretty much any search.

Re:This is news?

[icebraining]

They need to include the source of their installer too, at least according to the interpretation of the GPL by the Nmap project (which I'm not sure if it would hold in court).

Re:This is news?

[SmurfButcher+Bob]

Say, if they're not authorized to distribute because they are in violation of the license... I wonder if Fyodor can toss a DMCA takedown on them, then pull a RIAA and say each illegally distributed copy "stole" $2,943,809.00 from him. Although the humor would no doubt be lost on some...

Re:This is news?

I could care less than what you think.

Re:This is news?

[NeutronCowboy]

[Citation Needed], Mr. Astroturfer. And please contrast this behavior with that of Microsoft.

Re:This is news?

[rilian4]

In the case of nmap, the license forbids such wrappers. It is *NOT* a GPL license that nmap is under, even though it *is* an open source license. Fyodor's letter explains the details...

Re:This is news?

[Cederic]

Honestly, the whole story is nonsense created an a very ignorant person. Free software was never intended to keep programmers from making a living

Sorry but no. The whole story is a very real warning to a user community that a large company is acting in an unethical and immoral manner by trading on the name and reputation of someone else.

Making money through advertising on the download site isn't causing any problem. Pretending to offer Fyodor's downloader while in fact seeking to install other software is a trojan attack and bad behaviour no matter how you look at it.

Calling this nonsense fails to understand the key issue and misrepresents both the complaint, and the complainant.

Re:This is news?

[RobertLTux]

the problem is folks now blaming the original software writer for
1 mucking about with browser settings
2 installing adware
3 installing who knows what else??

How would you like it if you wrote a program (lets say its a conversion calculator) and then hosted your downloads on download.com
and THEY WITHOUT TELLING YOU decided to bundle Diapered Dolls Slideshow 2012 (4-7 edition) and then made that the default screensaver (and locked the settings)???

Re:This is news?

[Sloppy]

The new installer is a "derivative work"

Whoa... does that mean apt-get, emerge, yum, etc are derivative works of .. um, everything?

Re:This is news?

So I'm not uploading a new version, ever.

I'm not sure if that will be enough. I've never explicitly listed my software with C|Net, but somehow it's all there and typically references the most recent release. I don't care enough to look into how it gets listed on their site... I assume users trying to be helpful do it...

Re:This is news?

Don't be ridiculous. Those are package managers. They are standalone pieces of software that handle other standalone files as data. A Windows installer is a single integrated executing package.

Re:This is news?

[ckaminski]

Free software says nothing about money. It's all about Freedom - freedom to do whatever you wish with YOUR data.

The GPL makes no mention whatsoever about programmers making a better living for themselves except as relates to the above point. Free software is as much about the users (if not more so) than about the developers.

Re:This is news?

[NicknameOne]

Parent poster is the latest in the long line of Microsoft shills (from ge7,tech4, techla, sharklaser) whose job seems to be to praise Microsoft and bash Google on interenet forums. Please disregard whatever he says.

Re:This is news?

How about I regard what's true and disregard what isn't?

Re:This is news?

[UnknownSoldier]

> Specifically looking at uTorrent here which is notorius for giving you check boxes concerning crapware and then installing it anyway regardless of what you checked.

What are you talking about? Do you mean eMule ??

Re:This is news?

[kodiaktau]

Seems to be a $9.99 yr fee.

Re:This is news?

[Kalriath]

If you're on Brothersoft as well, you'd best contact them to "unwrap" your software too - unlike download.com they won't charge you to do that though, and will do it for you.

Re:This is news?

[Kalriath]

Incorrect. I had software there that was uploaded prior to their bundling, and eventually they wrapped it anyway. I'd watch them if I were you.

Re:This is news?

[Unequivocal]

In fact, GPL v2 does make mention of making a living unrelated to "free as in speech": "You may charge a fee for the physical act of transferring a copy" (http://www.gnu.org/licenses/gpl-2.0.html paragraph 1).

Also it appears that GPL (at least) does not prevent someone from wrapping an installer around an installer and distributing that: "In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License." Notably this indicates that the wrapping installer (nor the toolbars or whatever inside it) do not become GPL'ed itself either (which would be a significant disincentive to the behavior).

IANAL

Re:This is news?

[subreality]

Their auto-update service is paid, but the basic installer-ball is free.

Re:This is news?

[MagusSlurpy]

That's for the update service. To just select software packages and install them is free (unless you are a business). Since most of those packages autoupdate anyway, getting a separate update app is a waste of system resources.

Re:This is news?

[hairyfeet]

And you sir, are an idiot. Where did I even fucking mention Microsoft? the article was about cnet bundling malware so i pointed out a place that offered unattended installers with no toolbars or other crap.

Maybe if you'd quit wasting everyone's time going "Wahhh he won't drink the RMS koolaid waaah!" and quit getting the sand jammed in your vagina because nobody wants to talk about your niche OS of the week then maybe you'd have something productive to say yes? Try making...and i know its a concept...an OS that PEOPLE WANT TO USE and then you'll gain share, how about that?

you know for a group that talks about "freedom" all the time you certainly come off as VERY communistic. Sure you'll allowed to be free....to use what we say and think like us. Otherwise you MUST be one of THEM, insert which group is not like you this week. Hey do you think you could accuse me of working for Oracle next week? I hear old Larry has assloads of cash and I could use some extra this Xmas!

Re:This is news?

[hairyfeet]

You are most welcome Achenaar and be sure to add to the suggestion box if there is a free app you like that isn't there as they add those that get submitted a lot. And despite what others have said here their autoupdate service may be pay for but their website installer is 100% free. just pick all the apps you want, start it and watch it go, really great for a new build.

BTW if you don't mind another suggestion, how would you like to never have to reinstall her PC again? Just use Paragon Backup Free which ironically if you click the download it goes to Cnet but if you'll type in the name of the software into major geeks you can get the 32 and 64 bit versions there. The nice thing about it is not only will it let you schedule backups, not only will it let you do differential as well as full, it'll let you make a hidden partition with it that will store your backup images and work similar to an OEM restore partition.

Once you get her PC just the way she like it just install Paragon and make a full backup. Then you can have a daily differential or if your lady is like mine and doesn't do a lot of installing or changing things just have it do a weekly. Since i have all her docs and other user folders on a D: drive she can just restore back with paragon and doesn't lose a single thing. If you DO use my little system with Paragon and a separate drive for her user files be sure to give her a browser that syncs like Comodo Dragon or Chrome. That way all her passwords and bookmarks will be synced to her gmail and if she needs to restore her browser will just resync on the next start. makes everything easy peasy and the PC as close to indestructible as you can get. I've got PCs out in the field that have been running for years using the above, no need for me with insta-restore. With the above the only time the little lady needs me to install a new OS is on a new PC for her, after that she is hassle free.

Anyway enjoy and i'm glad to help.

Re:This is news?

[Nethead]

Hairy,

They were talking about a post under yours.

Thanks for the ninite link, it will help me build my mom's box.

Now please take you meds.

-Joe

Re:This is news?

[hairyfeet]

Sorry about that friend and I'm glad i helped your mom but it has NOTHING to do with taking my meds and everything to do with a Linux loonie that followed me all over the net for over a month just so he could post as AC "die you fat fucker die". look up my posts from around a month ago, first he accused me of being APK, which i thought was funny because me and APK had a running argument for over a month and I STILL think a recursive DNS is a better design than the HOSTS file, and THEN I was accused of secretly living on the west coast and "tracking FOSS articles" as a paid M$ Ninja. which is extra funny as I've never been west of OKC and the only Linux article i post on is one where I was invited by the writer to be the "token Windows guy" to give the articles balance.

So its not paranoid if they really are out to get you. I heard the reason i'm not getting targeted ATM is the loonie is following APK around accusing him of being me and posting "die you fat fucker die" behind everything he posts. So don't blame me for not being able to tell if a guy is part of the FOSSie cult or just a normal user trying to argue with someone, not easy to tell here with all the nutsos anymore.

Re:This is news?

[fuzzywig]

But the handy thing about ninite is that you just tick the software you want, download the installer, and it will automagically download, and install all the software you want, without the cruft that usually gets installed. I only have to use ninite once every few months, but when I do, it saves me loads of time.

Re:This is news?

[nobodie]

yes, this is not news, even ten years ago when i used windows and needed to DL soething I never went to download.com, once burned twice never.

BTW, this does come up over and over, let's just stop caring that windows slut companies (like CNET) package stuff like this and assume that they do it. A better story would be about a company that doesn't. Or an AV company that has a good product that is not bloated and costs a reasonable yearly fee, or other USEFUL stuff (at least for the poor, sad, benighted windows users out there) I mean, since this isn't TYotLD (the year of the etc.) we ought to at least show mercy and compassion for others, there is no value in hassling people just because they are crack addicted right?

Re:This is news?

Put down your crack pipe. Making money specifically as intended and granted by various licenses absolutely is NOT unethical. If you bring home a paycheck, shut the fuck up you hypocritical moron.

Repeat after me. Making money is NOT unethical. If you seriously believe that, you are a moron; see above. If you don't believe this, you are a fucktard and very likely a hypocrite. Either way, aside from your uninformed and very biased stupidity, you bring absolutely nothing to the discussion.

Re:This is news?

[seantide]

True. Adobe does the same thing, putting crap into their installers and frequently it installs either because it did not ask me if it was OK, or it ignored my opt-opt preference (which should be default).

Apple does it too, though it is at least their own software. Its still very annoying.

Re:This is news?

[Cederic]

I'm sorry, you appear to have replied to the wrong post. You are refuting points that I didn't make. At no point did I suggest that making money is unethical; this renders your entire post futile.

Re:This is news?

[hairyfeet]

Oh Hai Swarley! I have been using ninite for nearly two years now and can tell you with 100% certainty that there is NO crapware, toolbars, or any BS, just the program itself installed with sane defaults and dropped onto your desktop just as pretty as you please.

But if you want to give it a spin, just to see for yourself, pick one of the easy single apps you don't have now, lets say Audacity or VLC. Run it, then check your machine, you'll find its clean. They make their money by hosting custom windows repos for corps and by selling an autoupdater service that will monitor and keep all the machines on an SMB updated for $10 a year per machine. Nice service BTW, i've had a couple of customers buy into it.

The regular ninite page though is 100% free and its clean as a whistle. just pick what you want, click the button, and away you go! it really is THAT simple friend, enjoy!

Downloading free software is theft

Can we all agree that downloading free software is stealing from poor programmers who have to live in their mother's basement because they're so poor they cannot even afford their own place? And that as we can read in TFA downloading free software supports criminal activities, and is therefore terrorism? And that this probably means you're a communist child-abusing terrorist?

-- Yes, this was a joke, and no, I don't have a good sense of humor.

Re:Downloading free software is theft

[phrostie]

but are they required now to gpl the virus and adware?

Re:Downloading free software is theft

[datapharmer]

haha wish I still had mod points. Yes, make them GPL it!

Nothing new.

[RoFLKOPTr]

Download.com has been funded by bullshit third-party software addons for as long as I can remember. AFAIK, they only recently started this practice of causing the user to download a downloader which would first go through the third-party addons before downloading the actual installer... but it's not like it's any different than before. Yeah, lots of people will just click through and accept everything and that's their fault for not reading things before agreeing to them. Don't blame a free service operated by a for-profit corporation for wanting to make money. Host the Nmap installer yourself if you think it's so easy.

Re:Nothing new.

Robbing people is not easy either. Do not walk the streets at night if you are concerned.

Right?

Re:Nothing new.

Terrorism can strike anywhere. Let's take away some more freedom, right?
FWIW, I learned download.com's practice the hard way because Google presented it as the first hit when I searched "VLC". Yeah, my fault for not paying attention, and a half hour's extra work deleting all that crap manually. How the hell is a software pusher able to install something and make it utterly impossible to uninstall it, in Windows? What a crock.

Re:Nothing new.

[WoodSmoke]

Fyodor actually *DOES* host the installer. He never gave them permission to repackage it. In fact, the software license prohibits this explicitly. From the article: "This is exactly why Nmap isn't under the plain GPL. Our license (http://nmap.org/book/man-legal.html) specifically adds a clause forbidding software which "integrates/includes/aggregates Nmap into a proprietary executable installer" unless that software itself conforms to various GPL requirements (this proprietary C|Net download.com software and the toolbar don't)." So yeah, I can blame them. If you read the fucking article you would know this. p.s. Yes, I said that the parent should have read the article. No, I am not new here, but that doesn't mean that I, or anyone else, should tolerate willfully uninformed bullshit spouting.

Re:Nothing new.

[Entropy98]

He never gave them permission to repackage it.

He gave them permission when he uploaded/submitted his program to cnet. Just because he didn't read what he was agreeing to doesn't change this.

Not that what they are doing isn't deplorable, but claiming cnet is violating his license is ridiculous when he agreed to their tos/license and they never agreed to his.

Re:Nothing new.

Learn to read idiot he never gave them permission

Re:Nothing new.

[GuldKalle]

How do you know he uploaded it, and not some anon schmuck?

Re:Nothing new.

If it is in CNET's TOS, and he checked the box/pressed the button/etc... then YES... HE AGREED! He took action with their TOS, and they didn't know about his terms at all. It look like your parent is spot on.

Now, whether or not TOS's are legal will be a completely new argument.

Re:Nothing new.

[phorm]

Or that they didn't download it from his site and re-post?

Re:Nothing new.

Firstly the license he explicitly provides with the software forbids such wrapping he never suggests anywhere in the article that he EVER submitted nmap to download.com. If he did so Implying that a TOS negates his rights is disingenuous at best. The fact that is license explicitly forbids such acts indicates that he had no intention of granting such permission in the first place. The concept that they could acquire this permission against his express wishes retroactively to create a derivative work based on his work by changing the text on a website after the fact where the submitter, if he even ever submitted his software, may never have the opportunity to view it is ridiculous.

Re:Nothing new.

[datavirtue]

My website stats have always revealed that a lot of people find software on sites lke CNet and then google the software name to find the author's site. Lots of people are already turned off by these antics and know to save time by going to the source.

Go to the software producer's site

[mirix]

It's rather mindboggling that a decade into the 21st century, people are still going to third party download outfits like this.

Maybe someone wants to enlighten me as to why... I'm not coming up with much.

Re:Go to the software producer's site

[fsckmnky]

There are a few reasons software repositories are popular that I can think of off the top of my head.

Much like an "app store" for smart phone apps, its convenient to have 1 place to go to look for an app, when you have general requirements or a specific type of app in mind, and not so much a specific app.

People are creatures of habit, and once they learn how to use the download.com ( or some other site like freshmeat.net ) interface, they just return to it out of habit, and the fact that they already know how to search and navigate the site.

As for why developers use sites like this, the visibility factor comes into play. Since the repositories have a returning user base, the app becomes that much more visible, as opposed to getting lost in search engine results.

Another incentive for small developers, is the bandwidth. They dont have to manage the large amount of bandwidth required to deliver apps, the repository does this. They also don't have to pay for a commercial ISP account that allows them to run servers, as most residential account agreements forbid the operation of servers ( although only in agreement, not necessarily technically prevented. )

Re:Go to the software producer's site

[Neil+Boekend]

I liked it years ago. They made it easy to search for a function and get a list of windows software that did it. Back then I usually couldn't find who made software that did what I needed done. I coudn't go to the software producer's site, because I didn't know who he was. Now I just google around a bit, search some forums and hope for the best.
In my eyes they already screwed up when they allowed sw developers to promote the features of the full (paid) version in the description of the free version without any indication the free version didn't include the feature.

Re:Go to the software producer's site

[Yvanhoe]

Free bandwidth.

Re:Go to the software producer's site

avast anti-virus redirects you to download.com

Re:Go to the software producer's site

Some software distributors cannot afford by themselves to have high bandwidth distribution for their files, so they benefit from download.com having significant ability to store the files and also to attract thousands of viewers.

Re:Go to the software producer's site

There are some big software companies (like Google and Microsoft) that like to make it extremely difficult to find and download their products, and even if you found it you have to use some shitty downloader which either works or not. Now download.com does the same so it's not an option but there are some other sites that work. Also, some software doesn't have enough mirrors/bandwith so using these services is faster. Although if I can find a torrent I use that instead as it's more comfortable and reliable.

Re:Go to the software producer's site

[Luckyo]

Not much of advantage anymore. You can just host on rapidshare/megaupload/similar site.

Re:Go to the software producer's site

[Twinbee]

To have all software in one place, compare them, see how highly they're rated, and see all the user reviews is very valuable to me. But to download it? Just use Softpedia.com instead (which is almost as popular as Download.com, and avoids all the spamware).

Re:Go to the software producer's site

[SuricouRaven]

The standard nontechies approach to getting software is as follows:
1. Enter name of software into browser search box*
2. Go to first link
3. Click 'download.' Repeat until a download starts.
4. Click 'next' until installation complete.

They go to download.com because for some programs, it actually comes higher in the listings than the program's main site. Espicially if they add 'download' to the search query, as many do.

*They don't quite get the concept of a search engine yet, so they'll go with the default. Theres a one-in-two chance they'll just type it in the address bar.

Re:Go to the software producer's site

[sdnoob]

avast hosts the download off their site too but you have to know where to look....
http://www.avast.com/en-us/free-antivirus-download#tab4

avg is the same way.. their offline installer is here...
http://free.avg.com/ww-en/download.prd-afh

(these are links for en-us)

Re:Go to the software producer's site

[Swarley]

I also used to really like the site many years ago. It was the only segment of Cnet that was worth going to. Ironically it seems that Cnet's technology news has gotten marginally better. Although that's probably more a function of their losing one of the two dumbest technology writers on the internet (Brian X. Chen). Wired's news took a similar hit for hiring him and has also improved since losing him.

Re:Go to the software producer's site

[BenoitRen]

But hosting on "rapidshare/megaupload/similar site" makes it a pain for the user to download the software ("wait 60 seconds before you can download at a low speed!"), so it's not a good alternative.

Re:Go to the software producer's site

[BenoitRen]

Sometimes it's easier to find a third-party download site than the author's site. Finding older versions is sometimes easier on the third-party download site too.

Re:Go to the software producer's site

[Luckyo]

Pick mediafire then. Zero wait, over 1MB/sec download speed.

Megaupload usually saturates my 2.2MB/sec download bandwidth, but it has wait time.

Re:Go to the software producer's site

[Bert64]

Because people would rather trust a single central location (eg download.com) than a multitude of different websites, any of which could be pushing malware or owned.

This is of course primarily a windows problem, linux users can get the majority of the software they want through the built in repositories while mac users now have the app store...

Re:Go to the software producer's site

Bandwidth is the biggie for me - lots of developers who self-host also specifically request that you download from one of these sites instead to save their costs. If I'm getting something for free the least I can do is shave a few fractions of a penny off their hosting. The reason you go to the well known sites is because there's (you'd hope) less chance of them containing malware/trojans/etc.

Re:Go to the software producer's site

Softpedia? Which is based in (IIRC) Romania? And "guarantees all software is 100% spyware free"?

You seriously trust that shit?

Because I don't.

Re:Go to the software producer's site

[arielCo]

Out of habit (some users come from Ye Olde Tucows Tymes). Also, some small developers don't have the packages in their own website (hassle / bw cost).

Re:Go to the software producer's site

[fsckmnky]

The reason you go to the well known sites is because there's (you'd hope) less chance of them containing malware/trojans/etc.

Definitely. I would think download.com is going to suffer some degree of backlash and lost users from this. I know I wouldn't use a site that wrapped downloads, altered my local settings, etc.

Re:Go to the software producer's site

[Twinbee]

Obviously a few bad apples will it through any software portal you care to mention, but Softpedia does not include the spamware 'installer' that Download.com is infamous for. For the record, my own software is on there, and Softpedia supply exactly the same file (as expected).

Re:Go to the software producer's site

then you're not the kind of user they want - you will just cost them bandwidth without helping them make money from bundled crap.

Re:Go to the software producer's site

[fsckmnky]

then you're not the kind of user they want - you will just cost them bandwidth without helping them make money from bundled crap.

This could indeed be the case. The issue I have with wrapping the download, is that its somewhat of a below the table tactic. I, the user, want a file. I don't want spyware or adware installed, even if I'm being made aware of it, which I suspect most users aren't being made aware of it. ( Sure, its probably buried somewhere in fine print legalize, but thats not awareness, thats legal liability dismissal / transfer.)

What I wouldn't mind, is if download.com showed advertisements, and used the revenue to pay for the service. Also, I wouldn't mind some small delay, or lower transfer cap, unless I pay $10 ( or some nominal reasonable fee ) for a year of enhanced access.

The 2 options I mentioned, because, as a consumer, I am aware of them, and they aren't making changes to my system. I have the opportunity to make an informed decision and choice, as opposed to, wrapping the downloads without making me aware of them, thereby, preventing me from making an informed choice.

Commerce and transactions can be mutually beneficial and efficient, if the parties involved are able to make informed choices about their costs and benefits. When parties are denied informed choice, or tactics are used that disguise the complete nature of the transaction, I feel the result is counter productive for society as a whole, as now I have the headache and wasted time of trying to remove the changes the wrapper made.

Re:Go to the software producer's site

[mcmonkey]

Not much of advantage anymore. You can just host on rapidshare/megaupload/similar site.

And that's why people (used to) go to Download.com.

If I'm looking for warez I might go to rapidshare/megaupload/similar site. And I'll assume anything I get from those sites has a trojan/virus/bot until I can prove otherwise.

If I know what app or utility I need, I'll go directly to that site. If I don't have a particular name in mind, I used to go to Download.com. For example, I recently needed to get some updated codecs, but didn't know the exact package or provider I needed.

I don't feel a Google search on "codecs" tells me the software I'm downloading is going to do what it says it does (and nothing else). Maybe my trust was misplaced, but that's what I expected Download.com to do.

So in my recent search, I found a codec on Download.com and noticed what I got was a remote installer and not the codec package. Of course, that is just the sort of thing I was using Download.com to avoid. So I'm done using and recommending that site.

Of course I can't get too upset. "Hey! That thing that cost me nothing and that I did nothing to support is no longer being spoon fed to me!"

Re:Go to the software producer's site

There's a XML schema out there that defines software upgrades. You can add it to your rss to check for upgrades or some software on your computer can check all your software in batch.

This is the solution, Google can index this easier, and eventually people wont need to go to the browser to upgrade software.

Unfortunately, adoption is low because sites like sf.net, freshmeat, and the like never promoted it., and for some reason independent developers didn't either.

If you can remind me what this is called, I'll use it with my software.

Re:Go to the software producer's site

[esocid]

Isn't sourceforge also 3rd party?

Re:Go to the software producer's site

[Luckyo]

If you're "looking for warez", those are the last stop, not first one. They host whatever it is that you want them to host. They only offer downloads of material that other people chose to to upload to them. The main reason why anti-piracy outlets like to paint them as "omg warez" is because they are free to use, fast, and you can only get the download if you have the proper link - there is no directory.

You sound like your typical ignorant person who just swallows whatever media tells him at face value, and then moves on to preach about it. Personally I've used megaupload to share videos among my close circle of friends for a long time now. Good speeds, and I get to actually control access to the files. I guess I'm a nasty pirate, terrorist and a gay child molester in your eyes.

Re:Go to the software producer's site

[Luckyo]

And by "videos", I do mean "stuff I shot with my phone". I.e. stuff that I have copyright on.

Re:Go to the software producer's site

[WWWWolf]

People are creatures of habit, and once they learn how to use the download.com ( or some other site like freshmeat.net ) interface, they just return to it out of habit, and the fact that they already know how to search and navigate the site.

Thought here's a small but crucial difference between download.com and freshmeat/whatevertheheckit'snowadays: Download.com hosts stuff, while freshmeat just listed and categorised software, linking to developers. The details on where to get the software are posted by the developer on freshmeat. You get the software exactly where the developer wants you to get the software. A choosy user can then download the source or official binaries or just say "hey, it looks like it's already packaged in my distro".

In open source world, you can see that there's a chain of trust going on: You can be pretty sure that if the developers say that the source or binaries that are hosted somewhere are kosher, then you can trust them. You can be pretty sure that if you go to a major Linux distro and look at the packaged binaries, they were built and vetted by the distro people and in most cases the developer is very much aware that the packages exists in these distros. You trust the developer, you trust the people the developer chooses to trust.

In similar vein, it wouldn't be bad if I knew that the developers had vetted the distribution site. If I see an open source project sticking files in SourceForge, I kind of trust that they trust on SourceForge to do their job properly. You can fully expect VLC folks to come out and say "oops, well, VLC was also listed on Download.com, but we didn't check what they do to the binaries. We didn't even link to them, so in the future, take all unofficial builds with a grain of salt."

It boggles my mind that people keep looking for software from sites that don't necessarily have the developer's trust. I just tried to find Windows 7 drivers for a piece of older hardware, and I was assaulted by a bunch of random megadownload links. Yeah. Right. Manufacturer has changed name, has apparently ended support for the old model, and I'm supposed to download kernel mode stuff from some random megadownload posting which isn't even mentioned by the manufacturer anywhere. Sounds totally legit to me! ...I'd follow the same pattern on Windows as I do on Linux: I'd go looking for the drivers from the manufacturer's site, and if they link to download.com, maybe I'd get it from there (while protesting).

It's like Wikipedia: People just trusted everything they read online, and now they're slowly waking up to the realisation that other people just might be posting bullshit and that they need to actually check the sources - and not just in Wikipedia, they need to do that everywhere. People need to be taught to be more critical and not believe everything they see.

Re:Go to the software producer's site

[TheRaven64]

If you're charging for your software, the bandwidth cost is trivial. If it's open source, then there are places like GNA (not to be confused with GNAA), SourceForge, GitHub and so on that will give you free download space. There are also places like mirror.ac.uk that will mirror your download site for anything that's freely redistributable and you can just point people at their version.

Re:Go to the software producer's site

[datavirtue]

Bandwidth used to be an issue, but last month alone (on my HostGator $86 per year account) I generated 24 Terrabytes of traffic on one file alone.

Re:Go to the software producer's site

[datavirtue]

They make soooo much money off of accidental ad clicks that it is not going to make a bit of difference if 100k users leave.

Re:Go to the software producer's site

[datavirtue]

Another issue I didn't like, as a software author, is that they make money when people install my software via their download and I get fucking ZERO from it when I was the one adding ALL the value to the transaction.

Re:Go to the software producer's site

[datavirtue]

Whoa! AVG?! Talk about a suck fest. 185mb download, several toobars, and a system scan nag from hell!

Re:Go to the software producer's site

[flimflammer]

I -still- go to download.com occasionally. I used to use that site religiously back in the 90s, and even a bit into the 2000s.

I don't download from there anymore; I go to the website of the developer for their copy. However you can't underestimate a large list of software when you're considering alternatives or want to do something new. Just browsing the popular programs can yield you tools you never knew existed.

Re:Go to the software producer's site

[datavirtue]

It's not as bad as Brothersoft. Now that is a shite hole.

Re:Go to the software producer's site

Or build your own site and ...

RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} !^CoralWebPrx
RewriteRule ^(.*)$ http://www.site.com.nyud.net:8080/downloads/$1 [R,L]

Re:Go to the software producer's site

Do you really trust the ratings and the reviews there?

Re:Go to the software producer's site

Look up any software title at Google. CNet will probably be in the top 10 returns. I have people click a bad link at a download site, then come to my site to make sure the software exists...and then they return to the download site to try the bad link again! It looks more official to them.

At one time anyone who wanted to sell shareware had to list with CNet. They're still the biggest. But the business model didn't work. Listing sites, with software titles as content, turned into something more like the Yellow Pages: Pay if you want to list. Pay more if you want your software reviewed this month. Pay more still if you want a good review. CNet is trying to find more ways to "monetize" their resource. Unfortunately, most people will never know what hit them.

Re:Go to the software producer's site

[Kalriath]

Not if you pay them. I'm not talking about Rapidshare Premium or anything, I mean you can actually legitimately pay them for distribution of your legitimate files. No wait screens, no slow downloads, it's like everyone who downloads your file is premium from their perspective. You just pay for hosting.

Re:Go to the software producer's site

[Kalriath]

PAD. It's actually required by Tucows.

Re:Go to the software producer's site

[mcmonkey]

Apple, I have this orange I'd like you to meet.

Sharing files with friends is one thing. I assume for your friends you are a trusted source. So when you say, download these files, they don't have much to worry about.

When I'm looking for software, I will usually go to friends and family who I trust to have good judgement on which sources of software to trust. When I don't get a recommendation by that route, I'd go to download.com before rapidshare.

Re:Go to the software producer's site

[Luckyo]

Except that this is apples vs apples. You're arguing that using download.com over, say, megaupload.com somehow grants you extra layer of safety from malware. Fact: if you use a decent virus scanner, it does not, because all it does is virus scan the file for you. In fact, it's exact opposite in some cases, as there have been many instances of download.com software carrying various elements of malware inside legitimate downloads because it's such a popular (and spoofable as it's a directory) choice for downloaders. Something you can do just as well on your own machine after downloading the file.

Reality is, every time you install software, you implicitly trust the software vendor that he is not there to fuck you over. You can (and should) get additional layer of safety in virus scanner, but it makes absolutely no difference if the virus scanner is on download.com or your own machine. There is no grand difference between download.com and say, megaupload.com - in both cases software is uploaded by the maker/publisher, and so long as you scan the installer before installing, you've done all that download.com could have done.

And of course, now that it's bundling crap and making you jump through hoops, you're significantly WORSE off using download.com.

Re:Go to the software producer's site

[kesuki]

did you read the ToS that came with the phone? those images may well belong to your phone provider.

Re:Go to the software producer's site

[Luckyo]

1. I live in a country where such arrangement would be illegal and therefore unenforceable afaik.
2. I bought my phone. Not rented it from my operator.

P.S. I don't recall ever even hearing of such a problem. Where did you get that? That sounds... insane.

Re:Go to the software producer's site

[kesuki]

i thought it up for myself. there are websites that do so, and i was figuring it's only a matter of time before cell carriers decide they own the content produced with their 'hardware'

and i do suffer from mental illness, tyvm.

Download.com?? Really??

[rodrigoandrade]

1999 just called. It wants its flagship shareware download repository back.

Seriously, today there are so many better sources to get free stuff (legal or otherwise) than Download.com

Why even bother?

Re:Download.com?? Really??

[eharvill]

Citation needed?

Re:Download.com?? Really??

1999 called??? Did you warn them about September 11? No? YOU BASTARD!!!

http://xkcd.com/875/

Re:Download.com?? Really??

[Calydor]

The interesting question becomes this:

If we warn the past about an event like 9/11, and they actually DO something about it, what happens then? Would the American government spin it even further out of proportion, claiming the attacks would have used nukes and biological weapons? There's no way of knowing for certain.

We know what we have: A world that is worse off than before, yes, but not on the brink of having the planet destroyed. With the possibility that we could make things a lot worse and start World War III, is is really sensible to send messages back in time?

Re:Download.com?? Really??

[gl4ss]

if someone had went back in time and removed the stupid wrapper from downloads downloads, would this article be here?
problem with trying to decide if you should send a message back in time is that if you did send the message, you already sent it.
time travel stories are for books and games like crono trigger and day of the tentacle.

honestly, the wrapper wouldn't be such a bad thing if download just checked that the sw they're offering at least worked.

Re:Download.com?? Really??

[wierd_w]

1) if they actually do something, it means the many worlds hypothesis is true, and the divergent timeline occurs in a different quantum universe.

2) if the get the message, and do nothing, then you could have created a closed timelike curve, and doomed your own universe to experience the exact timeline you are reporting on. This closed timelike curve would be an indelible part of that universe's history, both present, past and future. (The time after the event creates the preceeding event, which causes the event to happen. Rinse, repeate until dizzy.) (It could also simply be another instance of the many worlds hypothesis being true though.)

3) attempts at bidirectional communication would be systematically prevented by quantum collapse. All attempts to talk to 1999 on the other end of the call would mysteriously fail 100% of the time, even if the theory behind such a transmission seems sound.

4) 1999 calls us using a one way temporal transmission device. (Like an ordinary metal time capsule.) Communication is received, but no reply can be sent.

Of these 4 options, 4 and 3 are the most likely scenarios for "1999 called, they want...." happening. #4 being the most likely.

Causality, it's a bitch.

Re:Download.com?? Really??

[chill]

Not in this case. The warning would simply be "these planes are going to be hijacked on this day". Don't include "and they're going to fly them into buildings". They would simply assume what everyone on the planes assumed, that the hijackers want to either be flown somewhere or want to use the plane and passengers as leverage in bargaining. The same thing plane hijackings had been used for for the prior couple of decades.

That is why they hijackers succeeded. Their real weapon was surprise and unpredictability, not box cutters.

Re:Download.com?? Really??

[gmuslera]

P.K.Dick added blue butterflies to the dangers of knowing the future and acting to avoid it. Guess or predict is ok, but knowing, well, hell is just a step in that direction.

Re:Download.com?? Really??

If you really need a citation for this, you must not be spending a lot of time on the Internet these days.

Re:Download.com?? Really??

[flimflammer]

Wow. That's +1 Informative if I ever saw it.

Re:Download.com?? Really??

[Myopic]

And by "these days" you mean "During the Bush2 administration".

Re:Download.com?? Really??

[keith_nt4]

You winfiles.com I assume...? Why do I still remember that site??

Re:Download.com?? Really??

I used to use versiontracker.com for Mac software, but that's somehow been acquired by cnet and now redirects to download.cnet.com.

easy way to bypass

[sdnoob]

add &dlm=0 to the end of the 'your download is starting' page url..

1 go to a program's page
2. click download now
3. do not download the file that starts cnet_ or cnet2_ (if it doesn't start with cnet it's ok)
4. add the &dlm=0 to the url in the address bar after the spi=whatever junk

enjoy the direct download.. and go to the source next time..or try filehippo or softpedia (either one with your adblocker running)

Re:easy way to bypass

[wjsteele]

Actually, if you're logged in you can simply click the "Download Directly" link right below the "Download Now" button.

Re:easy way to bypass

[arielCo]

Shouldn't have to edit URLs to bypass their crap; either offer me both download methods or gtfo.

As for the ad blocker, I'm making a habit of turning it off for sites that prove useful and not annoying; denying them the revenue makes me more of a leech.

Re:easy way to bypass

[jimicus]

I can't quite believe I'm pasting a Dilbert strip here, but it's entirely appropriate:

http://dilbert.com/strips/comic/1994-02-01/

Re:easy way to bypass

who the fuck wants to login just to download something.

Re:easy way to bypass

how about - they offer you whatever the hell they want, and you choose not to use it if you don't want to.

Re:easy way to bypass

[trawg]

I would argue that if you're going to recommend another site that you prefer because it is better, you do so in a way that doesn't encourage people to strip them of the revenue stream that they presumably count on to stay better.

That is exactly the sort of thing that will lead to more and more desperate advertising tricks to attempt to make more money - for example, the sort of bundling described here!

Ads are sometimes irritating but instead of just looking at them as an irritant, try looking at them as a way to support a service that you like - put up with a bit of a slowdown and maybe even clicking on them will directly support those sites and help ensure they can stay running.

(Disclaimer: I work on a website that is funded by advertising. I know that we will shut down before we resort to doing things like bundleware. But I think we provide a valuable service to users - who get to visit our site and download stuff for free - and I would like to keep being able to do that, and think the "cost" users have to pay of losing some attention space to ads is pretty fair.)

It's a shame

[crash123]

It's a shame, cnet and download.com used to be moderately safe ways of downloading new trial and freeware software. In my opinion shareware is now an outdated practice, with it now possible to find an open source equivalent for just commercial piece of software.

Re:It's a shame

[gl4ss]

open source is the new shareware. buying expertise for configuring is the "registered" version.

Re:It's a shame

[BenoitRen]

Where is the open-source Windows version of the JPEG recovery software I've been looking for weeks back?

Re:It's a shame

Trials of software have never been safe considering all the junk they dump on the system, I'll take your run of the mill spyware over kernel driver DRM that doesn't get reinstalled.

What about FileHippo?

Is the Hippo safe?

Go to the repositories or PPA

It's rather mindboggling that a decade into the 21st century, people are still going to the software producer's site like this.

Maybe someone wants to enlighten me as to why... I'm not coming up with much.

Re:Go to the repositories or PPA

1. you're sure you're getting the latest version
2. higher probability the installer hasn't been messed with.

Rapidshare

[sakdoctor]

Rapidshare, for that authentic 90s warez feel.

Not hosting your own files, or torrents for larger stuff, looks about as professional as a hotmail address on a business card.

Re:Rapidshare

Not hosting your own files, or torrents for larger stuff, looks about as professional as a hotmail address on a business card.

... or twitter... or facebook....

Re:Rapidshare

[Luckyo]

I'm pretty sure that we didn't have such nice download sites in the 90s. Which is why we had p2p for most of the copyright infringement back then.

Not to mention that pretty much no one "hosts their own files" anymore, except for really big companies. Outsourcing to professional hosting makes a whole lot more sense nowadays.

Re:Rapidshare

>I'm pretty sure that we didn't have such nice download sites in the 90s.
Tucows?

Re:Rapidshare

[Luckyo]

As someone who had to use it a few times, CRINGE.

Re:Rapidshare

[datavirtue]

Wrong. I hosted over 24 TB last month and paid a whopping $7.16 for it. It makes LESS sense these days.

Re:Rapidshare

[datavirtue]

Tucows is a ghost now.

Re:Rapidshare

Aw, man. You used to be able to only know ONE thing, and that was ftp.cdrom.com...

Re:Rapidshare

Wrong. I hosted over 24 TB last month and paid a whopping $7.16 for it. It makes LESS sense these days.

Where? My ISP charges $5 per GB. The other ISP in the area charges $30 per GB. Both charge $20+ baseline for a virtual host, more for colo. Do you have physical access to your box?

Re:Rapidshare

[Jibekn]

Why? Hotmail is used by legitimate ISP's now.

@hotmail.com is the same as @isp.com on a business card imo.

Re:Rapidshare

[kesuki]

www.cdrom.com is still there albeit not like back in 1993 when they claim to have started.

and they now seem to be sharing only payware, some with free trial, and almost no mention of foss

Do not call

[sakdoctor]

Can I put the 90s on my 'do not call' list?

huh? downloads not wrapped for me

[teridon]

I just downloaded nmap and vlc.  Both files were identical to what I got from the source.

Actually,it looks like cnet redirected me to the nmap.org download link (http://nmap.org/dist/nmap-5.51-setup.exe) using a 'META HTTP-EQUIV="Refresh" ...'.  VLC was still from cnet.com.

I'm not logged in; I wonder if I have a cookie that prevents the wrapper -- or if download.com changed something.

Also, I'm using NoScript and cnet/download.com is not allowed.  Perhaps this turns off the wrapper too.

remove download

[TheSHAD0W]

That's what I finally had to do, when some entity (might've been download.com, might've been someone else) offered an alternative download location for my software - which bundled some sort of malware installer onto my software. After one attempt to remove them as an alternate, I was told I could request my software be removed, and that's what I did. This occurred back in 2004.

Re:remove download

[kesuki]

this reminds me i was looking for ebook conversion tools and foolishly downloaded at download.com instead of sourceforge and the av software detected a virus when installing so i removed the tool, not realizing it was download.com's fault.

too much middlemen

[znrt]

Always wondered why in heaven sites like this even exist in the first place. If people is dumb/lazy enough to seek out original sources or google for themselves, and instead blindly accepts recommendations and even downloads sw from these cheap shopwindows, i guess they simply deserve all spyware in the world.

Bundling / wrapping is old news

[billcopc]

This extremely common practice of bundling garbage with every download is the cancer that is killing Windows freeware, and no, it's not limited to Download.com.

A while ago, when I was in-between jobs and looking for some freelance work, I stumbled upon an entire "community" of scammers known as PPI : Pay-Pay-Install. This forum was all about participating in these shady bundling practices, discussing the advertisers that were most tolerant to things like silent installs, home page swaps, BHO's that redirect your Google searches through a proxy (to hijack ad revenue), Vista sidebar widgets, toolbars, bookmarks, and start-up items, along with uploading deceptively named and heavily trojaned stuff via P2P. This is why, with every goddamned Windows utility you get these days, you get prompted to installt he Ask.com toolbar, BonziBuddy, free trials for McAfee's swiss cheese, and a laundry list of other standards.

CNet should indeed be made an example of, and burned to the ground, but they didn't start this gangbang, the advertisers did. Follow the money... There is no reason why users should tolerate this aberrant behaviour.

Re:Bundling / wrapping is old news

[Twinbee]

I like your "64-bit: facts and myths" article btw. I wish everyone would just switch to 64 bit and be done with for better compatibility like you say.

Re:Bundling / wrapping is old news

[TheThiefMaster]

It's full of errors. Especially the spiel about alignment. In 64-bit mode you don't have to align everything to 64-bits for best performance, only 64-bit-sized values (including memory pointers). The example 16-bit value actually only needs 16-bit alignment for best performance, which is no different to the 32-bit version of the program.

2: The increase in the memory use of pointers doesn't explain Windows x64's extra 300MB of memory use. My bet is on it loading both 64-bit and 32-bit versions of a bunch of libraries in order to support various components of Windows that are still 32-bit (as well as any 32-bit software you run).

3: Saying that a 64-bit version of a program won't be faster... Two things are actually in favour of it being faster: 64-bit mode exposes more and larger registers to use, and also guarantees certain instruction set enhancements exist (SSE2). The latter especially is a huge speedup if you take advantage of it.

Re:Bundling / wrapping is old news

Yes the only problem being compilers using 20% of the Instruction Set.

Re:Bundling / wrapping is old news

[Twinbee]

Are you familiar with .NET at all? For some weird reason, my C# program compiled with "platform target" set as 32bit (x86) version takes 750ms to boot up on my 64bit CPU desktop, but that grows to 1.5seconds when compiled with x64.

Re:Bundling / wrapping is old news

[TheThiefMaster]

I know some about .net, but not enough to explain that. I would question how accurate your measurements are though, because that's quite quick either way.

Re:Bundling / wrapping is old news

[Twinbee]

Almost a full second is *very* easy to tell, but yeah I do use a timer anyway and have run it on countless occasions...

Re:Bundling / wrapping is old news

[billcopc]

Okay then can you enlighten me a bit ? I haven't done any hardware design in quite a few years so my knowledge may well be outdated, but my understanding is that an x64 processor fetches everything in 64-bit chunks. If you're storing a 16-bit value, it will still grab the 64-bit "window" where it resides, and discard the excess. If you do this en-masse, it wastes a ton of memory bandwidth and dirties the cache. Am I wrong ?

For #2, you're absolutely right. Windows has to load a bunch of 32-bit libs for backward compatibility. I will edit my post accordingly :D

For #3, yes a 64-bit program has access to wider registers and more of them, but having the 8 extra registers is of little benefit if you don't need them in your busiest loops. I say this as someone who used to write game engines in assembler, back in the day. Mind you, it's been a while since I did any serious profiling of compiled code, so if GCC et al. can put those extra regs to good use, I stand corrected.

Re:Bundling / wrapping is old news

[TheThiefMaster]

For #1, RAM is always read / written in a multiple of a cache line, which I believe is 128 bits in most modern CPUs, and is independent of the native data size of the cpu (32 or 64 bits).

Re:Bundling / wrapping is old news

[TheThiefMaster]

Correction: The cpu cache line size of modern cpus is 64 bytes. This means that any random RAM access will load 64-bytes (as a single read). The CPU is then capable of extracting 1, 2, 4, 8 or even 16 byte (SSE2 vector load/stores) sections of that into registers, as a single operation if the data is aligned to its size, or as a few micro-instructions if not. This is no different between 32-bit and 64-bit CPUs.

Re:Bundling / wrapping is old news

[billcopc]

Christ that's a fat fetch. I had no idea... I always assumed with integrated memory controllers, that caching and fetching would use the same width as the core itself, as they were with the numerous SoC's I used.

Thanks for the update :D

Re:World War III

[TaoPhoenix]

"If we warn the past about an event like 9/11, and they actually DO something about it, what happens then? Would the American government spin it even further out of proportion, claiming the attacks would have used nukes and biological weapons? There's no way of knowing for certain.

We know what we have: A world that is worse off than before, yes, but not on the brink of having the planet destroyed. With the possibility that we could make things a lot worse and start World War III, is is really sensible to send messages back in time?"

Family Guy did that exact plot.

Here is the Hulu Link. Your Country May Vary.

http://www.hulu.com/watch/299685/family-guy-back-to-the-pilot#s-p1-so-i0

Extend open source licenses to prevent this?

[Qbertino]

While this has been normal practice for shady rippoff sites like the ones mentioned for almost a decade, I do wonder if appropriate extensions to FOSS licences such as the GPL could actually prevent this. Or at least make the culprits liable for damages, copyright infringement and/or fraud.

If I were to work on a large FOSS project I would like to know that the software im contributing to doesn't legally end up on one of these fraudulent DL sites.

My 2 cents.

Re:World War III

[Calydor]

And do you have something not United States Only?

This came up in the ScummVM group recently

[DreamMaster]

I'm part of the ScummVM group, a cross platform software for playing various classic adventure games, and the question of Download.com came up when we released the next version of our software. There were some arguments for including it on such sites, such as giving greater visibility to the project. However, the issue of the bundled 'crapware' was considered too big a downside. We weren't that desperate for wider coverage of our software, and we certainly didn't want people to adversely associate our software with malware.

These days I wouldn't touch download.com even if you paid me.

Re:This came up in the ScummVM group recently

[Hatta]

You chose well. Congratulations on 1.4 BTW!

Just Curious...

[MBC1977]

I understand the sentiments, but I'm curious as to why some (most it seems) feel that the repository should not add the wrapper software (which they don't charge the end-user, the ultimate customer I believe)?

Software creator is getting market exposure....This is good.
End User gets the software they want for little to no charge...This is good too.
CNet gets to make some money for hosting / providing a repository of software...Also good.

So if everybody wins, where is the downside, lol?

Re:Just Curious...

[Stumbles]

You did miss the analysis by Nmap else your stupid comment that everyone wins would not have been made.

Since your to lazy, here;

C|Net is adding trojans to the installer.

C|Net is in violation of the Nmap license.

So exactly who is winning here?

Re:Just Curious...

[Abstrackt]

The downside is that CNet is deliberately preying on users' ignorance and installing software they don't want as well.

I fully believe users should take responsibility for what they install on their systems by at least looking at what they're installing but that doesn't preclude companies from leaving that crap out in the first place.

Re:Just Curious...

[Wyzard]

Software creator is getting market exposure....This is good.

Software creator's good name is tarnished because people installed their software and got malware as a result. Not good.

People get malware, period. Also not good.

Re:Just Curious...

[asdf7890]

Assuming you are seriously asking and don't have your toung in your cheek: the key downside is that people will associate the trojan with your product, if they don't like the changes it makes to their systems they might blame you not cnet.

Re:Just Curious...

[MBC1977]

Fair enough, I did not read the analysis by NMap, I admit that. :) Not understanding the stupid part or the seething hate but that's a different story.

Having read the analysis and then went perusing though CNet, I found this interesting bit on the vendor upload side: CNET DOWNLOAD.COM INSTALLER FREQUENTLY ASKED QUESTIONS.

See Stumbles, rather than just assume that CNet had an altruistic reason for providing a software repository, I assumed there would be a catch (in life there ALWAYS is a catch). In this case they clearly provide to both end-user and vendor the reason for the installer and the foreknowledge that they will be adding a piece of pre-screened software along with the install.

So in this case, the vendor, NMap, perhaps should have read the terms and conditions a bit more carefully. I know I certainly do before I enter any transaction.

I used to have 5/5 star rated wares there

"I used to swing by CNet all the time back in the day" - by hairyfeet (841228) on Tuesday December 06, @06:19AM (#38278056)

As did I, & per my subject-line above Hairyfeet!

In fact, I used to have 5/5 star rated wares I wrote there, in over 40 apps I did over time circa 1997-2002...

I quit using them partially because of "shenanigans" like this one (when I was "into" doing shareware/freeware early on in my career "for the resume" mostly + to "sharpen the saw" above & beyond what I have done MOSTLY in coding for work: MIS/IS/IT db programming style work), AND?

Because initially in the 'shareware/freeware world', which I am doubtless SURE you'll recall (& which evidences greed imo also)? Initially, ONLY "SMALLFRIES" WERE FEATURED up to around 1999 or thereabouts.

THEN?

Then, the "big software publication houses" (ala Norton, Microsoft, etc.) started showing up to 'compete' with us, ON "OUR TURF" (shareware/freeware sites)... I didn't like that, but, it's "how it is" (from around 1999 onwards).

Isn't it ENOUGH they have "P.R. firms" & the money to host full page ads in written publications in computing to "get their name around"? Apparently not.

It made me also realize that yes: Websites DO get news of programs around, & apparently, MORE than written publications in computing do!

* Besides - theres PLENTY of competition for them now in many other sites that host wares for youngsters (mostly)!

(Yes, it's usually the young in computing who are probably in that game, most likely for the reasons I was early on in my career in computing: To "get your name around" the field, to have something interviewers can try that you wrote to see the quality in your work, & to just "up their skills" in coding on more levels than they're likely to see usually on the job!)

APK

P.S.=> Oh, & by the way, Hairyfeet? This will give you another laugh today I strongly wager & you may wish to give him your usual "piece of mind" as only YOU can, lol (from our "buddy", the ac off topic illogical adhominem attack using troll who thinks you & I are the "same guy" as usual):

http://news.slashdot.org/comments.pl?sid=2559120&cid=38269230

Enjoy, I did, & see the post parent to that one there...

... apk

Click to Download

[amoeba1911]

It's bad enough without the malware. If you're trying to download a 40kB file, they make you download a MB of ads, and you have to navigate through half a dozen links to "Download" which just go to more advertising. Good luck finding that tiny link that actually goes to the file you want... but now even that doesn't go to the file you want. Greedy bastards.

Happened to me with 7-zip

[apcullen]

Needed to install 7-zip on a windows computer, and was in a hurry, so I went to the first Google result instead of sourceforge. I aborted the install when I saw the "install this great toolbar" button. Still, I almost messed up my friend's computer. Important safety tip #1: Google doesn't always produce the result you really want anymore. Important safety tip #2: when installing open source software, Sourceforge is probably where you want to look.

Re:Happened to me with 7-zip

[misexistentialist]

I've come across an Ask.com toolbar check-box when installing something from Sourceforge. Looks like it was reported as a "problem" rather than a "feature" which the developer eventually "fixed", but you still have to be careful.

Re:Happened to me with 7-zip

I've noticed even Sourceforge is getting a bit deceptive with their download page now. Where they used to place obvious ads while you wait for a few seconds they've started allowing ads that are simply "Download now" buttons without mentioning that you will be downloading something other that what you were expecting. Kinda sleazy.

We know. We know.

Haven't they been doing this since like 2005? I remember this site was around forever and always seemed to try to bundle their own stuff with the actual program which is why I never have used them since when they first started.

Windows culture

[drooling-dog]

You never see anything like this from Linux repositories simply because Linux users would never stand for it. Many (maybe most) of the Windows users I know accept malware and crapware as just the unavoidable cost of getting what they need or want in a convenient way.

So it's a cultural thing, and it will take a lot of user education to create a higher level of expectation. The trouble is that I don't see from where the incentive to provide that education is going to come, interests in the MS ecosystem being vested as they are.

This is different than before

The problem with the newer wrapper is that it is detected by a lot of AVs now causing the downloads to fail completely as long as the AV is working properly. And yes, there are still some times when download.com is the main or only download site for a program.

If you do manage to get it downloaded, read what options you are selecting, these are all opt OUT options, just like every other company that decided bundling shit is the best way to make money.

Venn Diagram

[shumacher]

I am shocked that the number of nmap users who are also download.com users would be significant.

Re:huh? downloads not wrapped for me

[Mashiki]

I've downloaded a bunch of things in the last 5mo, I've yet to see an installer. Maybe it's region based? Because when I'm in Canada I've never seen it, and I'll bet the majority that have are in the US.

Report them To google.

If enough people did it, users would get slapped with an "unsafe malware site" warning for any visit via google. Firefox and chrome would show a big red page of death before bringing the user there.

Fake download links

Is this different from the links you see on some of these sites with links in big fonts "Download Here!" that are for an unrelated piece of crap while the link for the software you actually want is hidden in smaller font lower in the page?

RIP VersionTracker.com

I used to work for VersionTracker, and it was such a disappointment when our small company was bought up by CNet. That place is a travesty.

Windows apps are dying

[Swamii]

Stuff like this is why people are scared to install native apps for Windows. On iOS, you install apps safely, and with about 2 or 3 taps. On Windows, you get apps via 30 clicks, and you get your browser configuration screwed up, unwanted toolbars, and bonus adware for good measure.

This is the sick, sad state of Windows apps.

The Windows 8 app store promises to address these concerns. We'll see how they deliver.

Re:Windows apps are dying

I would welcome a "Microsoft approved download center" but not an "app store". The latter implies to me that the platform is locked in such a way that ordinary users can only install from one location.

So if you've already been infected

[tkrotchko]

So if c/net download.com has infected your PC, how do you recover? Will normal anti-virus or anti-malware undo the damage?

Does it show up in the uninstaller?

Re:So if you've already been infected

[T+Murphy]

Yes, anti-virus software seems to work fine. I reccommend any of the ones listed here.

Re:So if you've already been infected

[kesuki]

i switched to linux stopped booting windows... and cleaned off my parents computers... i keep winding up here...

CBS

[slapout]

Didn't CBS recently buy CNet?

One of the reasons I stopped using windows

[bigtrike]

This has been going on for over 10 years. It became nearly impossible to find crapware free utilities, and that's one of the reasons I stopped using windows as an OS.

Just submitted a request to remove my products

So I'd missed this in CNet's little news and updates for our products. I'm removing our products from download.com. They only make up a small proportion of our downloads, and as far as I can see an even smaller proportion of conversions. I'd prefer to have our customers coming directly to us, where they get a clean installer with no bundled crap.

Guaranteed spyware free.

[jweller13]

They used to have a prominent banner when downloading which said something to the affect of "Guaranteed Spyware Free" I don't see that message anymore.

Disappointing but not surprising

[Paul1969]

Those of us who are long-time Mac users have a grudge against CNET for destroying VersionTracker.com. It used to be the best source for Mac software, before CNET bought it out.
Within a very short time, CNET had castrated VersionTracker.com. Now the decent but not quite as good MacUpdate.com is just about the only trustworthy site for Mac software that doesn't make it into the App Store (IOW, all the good stuff).

Re: not United States Only

[TaoPhoenix]

Nope. Not legally that I know of. But that's the problem of content today, right?

Tell ya what - anyone else who posts a legal example non-US service I'll add it to my notes. Otherwise that was all I could do.

Software licenses

Don't the software licenses forbid this?