[fyodor at insecure.org: C|Net Download.Com is now bundling Nmap with malware!]
Michael Painter
tvhawaii at shaka.com
Wed Dec 7 04:53:08 UTC 2011
Fyodor wrote:
> On Mon, Dec 05, 2011 at 10:14:48PM -0800, andrew.wallace wrote:
>>
>> Using fruitful language and acting like a child isn't going to see
>> you taken seriously.
>
> I'm sorry that my language offended you. But if you ever spend more
> than 14 years creating free software as a gift to the community, only
> to have it used as bait by a giant corporation to infect your users
> with malware, then you may understand my rage.
>
> The good news is that many users are sick and tired of having their
> machines hijacked by malware. Especially by CNET Download.Com, which
> still says on their own adware policy page:
>
> "In your letters, user reviews, and polls, you told us bundled
> adware was unacceptable--no matter how harmless it might be. We want
> you to know what you're getting when you download from CNET
> Download.com, and no other download site can promise that."
> --http://www.cnet.com/2723-13403_1-461-16.html
>
> Um, what people WANT when they download Nmap is Nmap itself. Not to
> have their searches redirected to Bing and their home page changed to
> Microsoft's MSN.
>
> Speaking of which, Microsoft emailed me today. They said that they
> didn't know they were sponsoring CNET to trojan open source software,
> and that they have stopped doing it. But the trojan installer uses
> your Internet connection to obtain more "special offers" from CNET,
> and they immediately switched to installing a "Babylon toolbar" and
> search engine redirect instead. Then CNET removed that and are now
> promoting their own "techtracker" tool. Apparently the heat is so
> high that even malware vendors are refusing to have any more part in
> CNET's antics! But if CNET isn't stopped, the malware vendors will
> come crawling back eventually and CNET will be there to receive them.
>
> There have been dozens of news articles in the last day and hundreds
> of outraged comments on blogs, Twitter, Facebook, etc. In the midst
> of all this terrible PR, Download.com went in last night and quietly
> switched their Nmap downloads back to our real installer. At least
> for now. But that isn't enough--they are still infecting the
> installers for thousands of other packages! For example, they have
> currently infected the installer for a children's coloring book app:
>
> http://download.cnet.com/Kea-Coloring-Book/3000-2102_4-10360620.html
>
> Have they no shame at all??!
>
> I've created a page with the situation background, links to the news
> articles, and the latest updates:
>
> http://insecure.org/news/download-com-fiasco.html
>
> Feel free to share it. Together, I hope we can get Download.Com to
> apologize and cease this reprehensible behavior!
>
> Cheers,
> Fyodor
No, there's no shame when money's involved.
Do Unto Others as they would do unto you...sue the fsck out of them.
--Michael
More information about the NANOG
mailing list