[fyodor at insecure.org: C|Net Download.Com is now bundling Nmap with malware!]
owen at delong.com
Wed Dec 7 01:47:41 CST 2011
<Amused thought, may have no basis in law>
Could he send their hosting company a take-down order for the download.com site?
On Dec 6, 2011, at 8:53 PM, Michael Painter wrote:
> Fyodor wrote:
>> On Mon, Dec 05, 2011 at 10:14:48PM -0800, andrew.wallace wrote:
>>> Using fruitful language and acting like a child isn't going to see
>>> you taken seriously.
>> I'm sorry that my language offended you. But if you ever spend more
>> than 14 years creating free software as a gift to the community, only
>> to have it used as bait by a giant corporation to infect your users
>> with malware, then you may understand my rage.
>> The good news is that many users are sick and tired of having their
>> machines hijacked by malware. Especially by CNET Download.Com, which
>> still says on their own adware policy page:
>> "In your letters, user reviews, and polls, you told us bundled
>> adware was unacceptable--no matter how harmless it might be. We want
>> you to know what you're getting when you download from CNET
>> Download.com, and no other download site can promise that."
>> Um, what people WANT when they download Nmap is Nmap itself. Not to
>> have their searches redirected to Bing and their home page changed to
>> Microsoft's MSN.
>> Speaking of which, Microsoft emailed me today. They said that they
>> didn't know they were sponsoring CNET to trojan open source software,
>> and that they have stopped doing it. But the trojan installer uses
>> your Internet connection to obtain more "special offers" from CNET,
>> and they immediately switched to installing a "Babylon toolbar" and
>> search engine redirect instead. Then CNET removed that and are now
>> promoting their own "techtracker" tool. Apparently the heat is so
>> high that even malware vendors are refusing to have any more part in
>> CNET's antics! But if CNET isn't stopped, the malware vendors will
>> come crawling back eventually and CNET will be there to receive them.
>> There have been dozens of news articles in the last day and hundreds
>> of outraged comments on blogs, Twitter, Facebook, etc. In the midst
>> of all this terrible PR, Download.com went in last night and quietly
>> switched their Nmap downloads back to our real installer. At least
>> for now. But that isn't enough--they are still infecting the
>> installers for thousands of other packages! For example, they have
>> currently infected the installer for a children's coloring book app:
>> Have they no shame at all??!
>> I've created a page with the situation background, links to the news
>> articles, and the latest updates:
>> Feel free to share it. Together, I hope we can get Download.Com to
>> apologize and cease this reprehensible behavior!
> No, there's no shame when money's involved.
> Do Unto Others as they would do unto you...sue the fsck out of them.
More information about the NANOG