Download.com Bundling Adware With Free Software

Zocalo writes "In a post to the Nmap Hackers list Nmap author Fyodor accuses Download.com of wrapping a trojan installer (as detected by various AV applications when submitted to VirusTotal) around software including Nmap and VLC Media Player. The C|Net installer bundles a toolbar, changes browser settings, and, potentially, performs other shenanigans — all under the logo of the application the user thought they might have been downloading. Apparently, this isn't the first time they have done this, either."

This is news?

Download.com have always done this... I thought this was how they funded the site.

Re:This is news?

[xaxa]

You can always choose not to offer your downloads through download.com.

Can you? Even if it's under a copyleft license, or in the public domain?

Re:This is news?

[InsightIn140Bytes]

It's even more stupid that Google has started offering Chrome just the same way like every other adware vendor - by offering freeware and shareware authors, and the likes of Download.com, money per install they get. This leads to software authors and download sites bundling it with unrelated software and pushing it to users since they get paid for it. They always used to do this with their toolbar, but of course now they switched it to Chrome. I've seen people using Chrome and when asked why they changed, they had no idea. Either it came with some other software or "Google said on internet that you need to download this to make your browsing better" and they thought fine. No wonder they gained that 25% market share so quickly...

Re:This is news?

[Cederic]

Honestly, the whole story is nonsense created an a very ignorant person. Free software was never intended to keep programmers from making a living

Sorry but no. The whole story is a very real warning to a user community that a large company is acting in an unethical and immoral manner by trading on the name and reputation of someone else.

Making money through advertising on the download site isn't causing any problem. Pretending to offer Fyodor's downloader while in fact seeking to install other software is a trojan attack and bad behaviour no matter how you look at it.

Calling this nonsense fails to understand the key issue and misrepresents both the complaint, and the complainant.

Re:This is news?

[RobertLTux]

the problem is folks now blaming the original software writer for
1 mucking about with browser settings
2 installing adware
3 installing who knows what else??

How would you like it if you wrote a program (lets say its a conversion calculator) and then hosted your downloads on download.com
and THEY WITHOUT TELLING YOU decided to bundle Diapered Dolls Slideshow 2012 (4-7 edition) and then made that the default screensaver (and locked the settings)???

Go to the software producer's site

[mirix]

It's rather mindboggling that a decade into the 21st century, people are still going to third party download outfits like this.

Maybe someone wants to enlighten me as to why... I'm not coming up with much.

Re:Go to the software producer's site

[fsckmnky]

There are a few reasons software repositories are popular that I can think of off the top of my head.

Much like an "app store" for smart phone apps, its convenient to have 1 place to go to look for an app, when you have general requirements or a specific type of app in mind, and not so much a specific app.

People are creatures of habit, and once they learn how to use the download.com ( or some other site like freshmeat.net ) interface, they just return to it out of habit, and the fact that they already know how to search and navigate the site.

As for why developers use sites like this, the visibility factor comes into play. Since the repositories have a returning user base, the app becomes that much more visible, as opposed to getting lost in search engine results.

Another incentive for small developers, is the bandwidth. They dont have to manage the large amount of bandwidth required to deliver apps, the repository does this. They also don't have to pay for a commercial ISP account that allows them to run servers, as most residential account agreements forbid the operation of servers ( although only in agreement, not necessarily technically prevented. )

Re:Go to the software producer's site

[SuricouRaven]

The standard nontechies approach to getting software is as follows:
1. Enter name of software into browser search box*
2. Go to first link
3. Click 'download.' Repeat until a download starts.
4. Click 'next' until installation complete.

They go to download.com because for some programs, it actually comes higher in the listings than the program's main site. Espicially if they add 'download' to the search query, as many do.

*They don't quite get the concept of a search engine yet, so they'll go with the default. Theres a one-in-two chance they'll just type it in the address bar.

Download.com?? Really??

[rodrigoandrade]

1999 just called. It wants its flagship shareware download repository back.

Seriously, today there are so many better sources to get free stuff (legal or otherwise) than Download.com

Why even bother?

It's a shame

[crash123]

It's a shame, cnet and download.com used to be moderately safe ways of downloading new trial and freeware software. In my opinion shareware is now an outdated practice, with it now possible to find an open source equivalent for just commercial piece of software.

Re:Nothing new.

[GuldKalle]

How do you know he uploaded it, and not some anon schmuck?