Myst Online: URU Live Forums :: View topic - Download.Com Caught Adding Malware to Software

JWPlatt

Creative Kingdoms

Joined: 09 May 2006

Posts: 5760

Location: Everywhere, all at once

The activist in me demands I post this. To those who use Download.com, I recommend you be wary, or just avoid it completely. It's not really like they've been suddenly "caught." It's been going on for some time. It's just that now it's rising to the consciousness of a movement and it's time to call them out.

See this article:

http://insecure.org/news/download-com-fiasco.html

_________________
OpenUru.org: An Uru Project Resource Site : Twitter : Perfect Speed Is Being There.

PaladinOfKaos

Joined: 03 Aug 2006

Posts: 625

What download.com has is a custom installer that includes an option to install their toolbar. You aren't forced to install this toolbar if you download a program from them, and they don't install it without warning.

Yes, bundling a modified installer with an app is kind of scummy. Yes, they could make it more obvious how to opt-out of their toolbar. But really, as long as you're paying attention you won't end up installing their crap. Many installers for Windows programs come with revenue-generation adons like toolbars anyway, so you should be on the alert for that sort of stuff to begin with.

With the rise of things like adblock, and pressure from changing corporate overlords to make money, they've tried to find a way to put a revenue-generator in front of more eyeballs. Is saying "no thanks" to a crapware offer really that high a price to pay for their bandwidth?

This isn't a great thing, but it's not the pinnacle of evil that site tries to make it out to be.

_________________
MOULagain KI #: 66990

When I was your age, we rocket-jumped up hill both ways in boiling lava.

JWPlatt

Creative Kingdoms

Joined: 09 May 2006

Posts: 5760

Location: Everywhere, all at once

You and I are coming from a place of being skilled in the industry where paying attention has long been learned. Assuming others have that knowledge is projecting something they don't have upon them. Nor should folks be expected to devote their time and energy to acquire expert level knowledge. Also, the decline button has not always been there - it has at times been accept or cancel the download. Obscuring the facts and choices from the ignorant via a misleading interface is a cynical and unfair trade practice of taking advantage of the uninformed - even otherwise intelligent people whose only interest in a computer is as a tool like a wrench - even under caveat emptor.

It's not a great thing, and the people, and those who knowingly and willingly follow them, who make the decision to be deceitful and take advantage of others are unethical at best and need to be exposed and know they won't be tolerated. There are times when people are tired of hearing "learn to live with it."

_________________
OpenUru.org: An Uru Project Resource Site : Twitter : Perfect Speed Is Being There.

Joey Zoonishii

Joined: 10 May 2006

Posts: 954

Yeah, although people should browse safely... err... geez, I don't even understand why Download.com would do something that low. I assume there's some licensing deal for stupid browser bars. I'm not sure why people just can't go into business programming something useful.

...although isn't that whole Download.com branded install relatively new?

~Joey Cronchnewsey

_________________
"What you still don't understand you have failed to hear or don't need to know..."~Yeesha

Mac_Fife

Uru Live Moderator

Joined: 10 Nov 2006

Posts: 3153

Location: Scotland

I think one of the big concerns raised with that download.com installer was that the "bonus payload" isn't fixed: At runtime the installer uses an online component to "phone home" and ask what the bloatware of the day is. Today you may be offered the StartNow Toolbar, tomorrow it could be something else entirely, and I understand the the bundled software has indeed changed a couple of times in recent weeks.

The other issue highlighted in the article that JWPlatt linked was that the download.com installer was masquerading as nMap's installer, presenting the same file size, etc., and therefore misleading users.

Whether these things are optional or not, there are a lot of niaive computer users out there. Modern PCs and software are sold on the basis that they're easy to use and you don't need to be a computer geek to use them anymore. And by and large that's true. So this kind of activity is exploiting people's trust. The fact is, many people have become so used to clicking "Accept" for license agreements that they think that accepting these "offers" is a requirement for installing the application they requested. A little while back, my daughter brought me a friend's laptop to sort out: When I opened the web browser, it had so many toolbars installed (all of which did much the same things, and usually including a web search box) that the usable screen space on the browser was maybe only a quarter of what it could have been Rolling Eyes

.

_________________
Mac - MOULagain KI#00004826
In the interests of the environment, this post has been constructed entirely from recycled electrons.

Topic

You can…