Slashdot Mirror
Cnet Apologizes For Nmap Adware Mess
Trailrunner7 writes "Officials at Cnet's Download.com site have issued a statement apologizing for bundling the popular open source Nmap security audit application with adware that installed a toolbar and changed users' search engine to Microsoft properties. Fyodor, the author of Nmap, raised the issue earlier this week, saying that his app was being wrapped in malware on Download.com. It's not unusual for download sites to bundle free applications with some kind of adware or toolbar, but the creators of open-source applications take a dim view of this practice, given the nature and ethic of open source projects. Nmap is a venerable and widely used tool for mapping networks and performing security audits and Fyodor wrote in a message to an Nmap mailing list earlier this week that Download.com, which is part of Cnet, a subsidiary of CBS Interactive, was bundling the application with its installer, which, if a user agreed, would install a search toolbar and change the user's search engine to Bing."
Do some shady/shitty dealing and make big money. Then apologize for the mess you have caused. IF thats not enough and you get sued, pay some reparations which is ridiculously low compared to your profits.
This cycle is what is driving the society down under. What BP did, what Lockheed did, what intel did. im sure you know about what bp did last year - killed an entire ecosystem. you may also know about intel's bribery case with pc manufacturers. but you probably dont know what lockheed did - they have bribed nato country defense ministers to buy f104s over more capable aircraft. as a result numerous things happened, including, approx 600 nato pilots dying due to design deficiencies (it had a tendency to maul its tail on landing and take off - hence nicknamed flying coffin) over the years, british and other european aerospace industries died.
what happened ? lockheed was sued, then admitted to bribery, apologized, paid pathetic sums.
unless people running corporations AND their shareholders start being held responsible for their doings, these will continue.
Read radical news here
It is entirely within the license terms of any OSI-approved Open Source license to aggregate any software, regardless of its nature, on the same medium as Open Source software and to install it with the same installer that installs the Open Source. Even software that is harmful. Only if the software is a derivative work of the Open Source will the license apply to it.
Sure, CNet shouldn't do this, and if they keep doing it we'll eventually start using new licenses that make them copyright infringers. But right now it's legal.
Bruce Perens.
Who would download a tool like nmap from download.com? What sort of person does this? How is this a thing that happens?
It takes years to earn trust. It takes only one event like this to destroy said trust for good. Up to a year ago, I used download.com where they always proclaimed "Spyware free" etc... That trust has been erased and I will never go back to that site. But really, after they began doing the indirect download using their own downloader, that turned me off right then and there and I stopped about a year ago.
Too late.
They should not have done it in the first place, and I will be looking elsewhere for my downloads.
If I were God, wouldn't I protect my churches from acts of me?
Waiting for their tagline to change to "Safe, Trusted, and We Apologize For Spyware"
Should you be using Nmap if you can't pay enough attention to opt out of installing a toolbar?
"If any question why we died, Tell them because our fathers lied."
Or if PIPA or SPA were law, he could have tried to seize the domain "download.com"
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
This is where he should sue CNet for slander of trademark, and tortious interference with business relations.
They're not sorry about the bundled *extras*, they're sorry they *got caught*...
I've got better things to do tonight than die.
Your position is not reasonable.
It's like holding the landlord responsible if the tenant murders somebody on the property. Is it reasonable to assume that the landlord would have known about the murder to take place, assuming it is premeditated? Is it reasonable to assume responsibility for crimes of passion?
No small unaccredited investor purchases stock in a company expecting it to perform fraud, and you cannot reasonably hold them accountable for actions that are essentially unknowable.
Your solution raises the barrier to entry for stock ownership so high that only accredited investors and investment gateways (Wall Street investment firms) could meet them.
It will kill capitalism, which is your intent.
Either provide a reasonable solution, like holding the executives and board members personally and criminally liable for fraud, or just admit you want to replace capitalism and the stock market entirely.
Sorry, your position is just not reasonable in any way, shape, or form. Your analogies are false. There is a difference between personal responsibility with a hot coffee cup and indirect fraudulent actions that you have no way of knowing. If the average person did, then so would the authorities, and it would be stopped.
nmap on Windows?
remember that scene in Scanners?
.
.
.
"We're gonna need a bigger boat"
It's like holding the landlord responsible if the tenant murders somebody on the property. Is it reasonable to assume that the landlord would have known about the murder to take place, assuming it is premeditated? Is it reasonable to assume responsibility for crimes of passion?
landlord is responsible with whom he leases the land to. definition of being a landlord includes performing landlord duties and shouldering its responsibilities. this includes assessing, getting to know, and following up with tenants.
otherwise, there would be nothing barring landlords from continually leasing their land to murderers who would pay higher. just like how shareholders do with corporations.
Read radical news here
yes they are not. i didnt say they WERE. i say, they SHOULD BE.
Well you said...
landlord is responsible
You need to get together with President Clinton and have a lively discussion about the definition of the word "is".
In any case, your just nuts. Not trying to flame you, but you are just nuts. You're holding people responsible for actions they should not logically be held responsible for. Your analogies, which you strongly assert as reasonable, don't have anything to do with corporate responsibility.
Try saying those crazy things over a loud speaker in the park. I don't think I am the only one that will look at you strangely.
Up the dosage buddy.
To be fair, there's actually multiple levels of responsibilities the law can impose on a person.
From the strictest:
- Strict liability: whenever something goes wrong, you're liable, no matter your actions or intentions.
- Negligence: liable if you've failed to do enough to prevent it from happening
- Gross negligence: liable if you've fucked up badly and caused/allowed it to happen.
- Knowledge required: you're liable only if you knew it will happen
- Intentional: liable only if you intentionally did something to make it happen
Between these shades of responsibility, I do think a shift to a stricter one can be contemplated, I think we're currently only making them liable if knowledge of the wrongdoing can be proved, but I do think some forms of liability on the negligence level should be imposed.
Don't quote me on this.
Aptly put.
I never argued that there should be more liability and less protections for executives in corporations. Quit the contrary actually. The landlord analogy is insane because you are holding them strictly liable for all actions of the tenant. For a landlord to be truly negligent they would need to know. Murder is ridiculous, but crack house or meth lab.... might not be so much. Bimonthly inspections that just involve a cursory look through the property would not be unreasonable and are permissible in every rental/lease contract I have seen.
As for the executives and board members I absolutely agree that corporate person hood should not shield executives that meet your standards for negligence, gross negligence, knowledge required, and intentional. Treat them like everybody else. They still performed the act, only used the corporation as a vehicle for their actions. Ironically enough, we have laws for vehicular homicide and negligence for literal vehicles too.
My objection is providing strict liability to the investors. That is unreasonable period. Intentional and knowledge required indicates a conspiracy or aiding & abetting. No excuse for that. Gross negligence does not sound possible in an investor/stock holder context.
Negligence and Knowledge required are where it gets unreasonable to the investors because then it requires investors, even accredited investors, to perform ongoing audits that would be too resource intensive and impractical. It might not even be possible if the executives are actively attempting to hide their activities and falsifying records.
Especially so for somebody that owns a minuscule amount of stock in Exxon. Somebody needs to explain to me how Ma & Pa Johnson on a farm in Kansas could really know that the Valdez incident was about to happen or could have prevented it. Billing them for cleanup and reparations does not sound like a logical and reasoned position to take.
The purpose of the markets is to match people who have surplus capital with those (allowing for the dubious state of companies as people) who have need of it. The lower the barrier to market entry the more readily available capital becomes, allowing companies to access it and use it, hopefully productively. Now, the majority of investors are already likely to carry out some form of oversight before directly investing in a company, through the purchase of shares or what have you, and while most of this oversight is likely to be financially directed - is this a good investment, am I likely to financially profit from this exchange - many people also already include an ethical element to their investment decisions - are the company's business practices reputed to harm the environment, do they manufacture 'bad' (tm) things. Holding individual investors to a higher level of oversight and responsibilty than this is not only not practical it would directly damage the main advantage of a free market, namely the free flows of capital.
As a side note, there is a huge difference between the idea of the (free) market and capitalism per se. Conflating the two does not help in clarifying specific objections to one or the other.
One 'direct' example of the market in action is your bank. You put your savings in the bank, (originally) on the assumption that you will see a small return on that capital, in the form of interest, and the bank, acting as a middle man / broker, lends that money to someone that needs it. This is both a purer form of matching lender to borrower and a more remote one in the fact that you as the lender have no direct say as to the destination of your 'loan'. You are of course free to chose your bank, but, in this day and age the only sure way of ensuring your bank is ethical would be, amongst many other things, if they do not engage in any counter party trades, do not sell stocks and shares isa's, and own no share portfolio of their own. I'm not sure if that would make for a financially viable business as a bank, or merely make them a credit union with a severely restricted remit. Anyway, I get away from the point I was trying to make...
long story short - whomever invests in something should be responsible with their investment.
I'm going to assume you have a bank account. Are you claiming (partial) responsibility for the millions of people who lost their homes / livelihoods / sanity in the recent debacle with the selling, mis-selling, and reselling of sub-prime mortgages? After all, it was your money that was lent to these people that allowed them to buy their homes in the first place, even if they were mis-sold. If so, what penalty should be exacted on you for this crime (and as far as 'evil' acts go this was as large a crime against humanity as any other I can think of in western so called democracies in recent times)? And if not, why not...why are you not being held resposible and accountable for the evils done with your money?
Scroll down to the update section: http://insecure.org/news/download-com-fiasco.html
My karma is not a Chameleon.