Slashdot Mirror
Download.com Bundling Adware With Free Software
Zocalo writes "In a post to the Nmap Hackers list Nmap author Fyodor accuses Download.com of wrapping a trojan installer (as detected by various AV applications when submitted to VirusTotal) around software including Nmap and VLC Media Player. The C|Net installer bundles a toolbar, changes browser settings, and, potentially, performs other shenanigans — all under the logo of the application the user thought they might have been downloading. Apparently, this isn't the first time they have done this, either."
add &dlm=0 to the end of the 'your download is starting' page url..
1 go to a program's page
2. click download now
3. do not download the file that starts cnet_ or cnet2_ (if it doesn't start with cnet it's ok)
4. add the &dlm=0 to the url in the address bar after the spi=whatever junk
enjoy the direct download.. and go to the source next time..or try filehippo or softpedia (either one with your adblocker running)
Yes, they have, or at least it seems like it. The difference this time is that in addition to an abuse of the registered Nmap trademark Fyodor also has them in a clear breach of the NMAP licensing Ts&Cs and it appears he's willing to try and pursue the matter through the courts. I did have a strapline on the original submission to the effect that he was looking for a good US based copyright lawyer, but it appears that the Slashdot editors decided that wasn't an important part of the story.
UNIX? They're not even circumcised! Savages!
Sorry but this is old new and why most of us builders have been avoiding CNet like the clap for awhile. I'd loved to see their before and after website visits stats because i wouldn't be surprised if many are doing like me and the instant they see the article is on CNet closing the tab.
For those that need that "80%" software, the stuff you pretty much install on every system? Let old Hairy introduce to a really nice place with a weird name...Ninite. it has all the latest versions of the software everyone installs, your flash, codec packs, VLC, LibreOffice, several AV and antimal to choose from, and NO TOOLBARS are allowed, no crapware, just the program you want pre-packaged as an unattended installer that's as simple as "clicky clicky" and let her run. great for not only new builds but when you need to help someone who lives a good distance away who is having trouble or doesn't know where to find the above basics.
I used to swing by CNet all the time back in the day but since i don't support spammers and spyware pushers they can go pound sand. With ninite all the basics are covered and if you can think of others you'd like just drop their name in the suggestion box and they'll add the most popular choices to the list. I suggested Klite with MPC and voila! There it is, and more popular apps are being added all the time. Enjoy folks!
ACs don't waste your time replying, your posts are never seen by me.
If anybody else wants to remove their software as well then you need to contact support to delist from Download.com/Upload.com
They will respond with something like:
Thank you for contacting CNET Upload.com. There are several ways to opt-out:
- Premium subscription
- PPD
But if you insist they will remove your listing. Fucking scammers!
If your logo or name is a trademark, yes. That's why no distribution can redistribute a modified Firefox with the same name & logo.
NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
Fyodor actually *DOES* host the installer. He never gave them permission to repackage it. In fact, the software license prohibits this explicitly. From the article: "This is exactly why Nmap isn't under the plain GPL. Our license (http://nmap.org/book/man-legal.html) specifically adds a clause forbidding software which "integrates/includes/aggregates Nmap into a proprietary executable installer" unless that software itself conforms to various GPL requirements (this proprietary C|Net download.com software and the toolbar don't)." So yeah, I can blame them. If you read the fucking article you would know this. p.s. Yes, I said that the parent should have read the article. No, I am not new here, but that doesn't mean that I, or anyone else, should tolerate willfully uninformed bullshit spouting.
Cnet is only bundling their adware with programs uploaded since they started bundling.
I've got a program listed there, its not bundled.
If I upload a new version they are going to bundle it with their crapware.
So I'm not uploading a new version, ever.
They told uploaders what they were going to do with their program, they don't agree to your terms and conditions, you agree to theirs.
Remove your program from their site and go elsewhere.
Thank you for Ninite. It will unsuck my life considerably.
I like FileHippo more. It has a bigger collection than ninite, and it tracks both stable and beta versions of most free software and freeware on Windows. They also have a useful (and a completely optional download) update utility that checks if there are any updates available for software on your computer. If yes, you can let it update from their website. It's pretty awesome, all in all.
The new installer is a "derivative work", and you can specify that derivative works must not use the original trademarks. Mozilla and RedHat are both very strict about this: the source is open and free and all but you keep their name out of your modified stuff.