[fyodor at insecure.org: C|Net Download.Com is now bundling Nmap with malware!]

Owen DeLong owen at delong.com
Wed Dec 7 07:47:41 UTC 2011

<Amused thought, may have no basis in law>

Could he send their hosting company a take-down order for the download.com site?

</Amused thought>

On Dec 6, 2011, at 8:53 PM, Michael Painter wrote:

> Fyodor wrote:
>> On Mon, Dec 05, 2011 at 10:14:48PM -0800, andrew.wallace wrote:
>>> Using fruitful language and acting like a child isn't going to see
>>> you taken seriously.
>> I'm sorry that my language offended you. But if you ever spend more
>> than 14 years creating free software as a gift to the community, only
>> to have it used as bait by a giant corporation to infect your users
>> with malware, then you may understand my rage.
>> The good news is that many users are sick and tired of having their
>> machines hijacked by malware.  Especially by CNET Download.Com, which
>> still says on their own adware policy page:
>> "In your letters, user reviews, and polls, you told us bundled
>>  adware was unacceptable--no matter how harmless it might be. We want
>>  you to know what you're getting when you download from CNET
>>  Download.com, and no other download site can promise that."
>>  --http://www.cnet.com/2723-13403_1-461-16.html
>> Um, what people WANT when they download Nmap is Nmap itself.  Not to
>> have their searches redirected to Bing and their home page changed to
>> Microsoft's MSN.
>> Speaking of which, Microsoft emailed me today.  They said that they
>> didn't know they were sponsoring CNET to trojan open source software,
>> and that they have stopped doing it.  But the trojan installer uses
>> your Internet connection to obtain more "special offers" from CNET,
>> and they immediately switched to installing a "Babylon toolbar" and
>> search engine redirect instead.  Then CNET removed that and are now
>> promoting their own "techtracker" tool.  Apparently the heat is so
>> high that even malware vendors are refusing to have any more part in
>> CNET's antics!  But if CNET isn't stopped, the malware vendors will
>> come crawling back eventually and CNET will be there to receive them.
>> There have been dozens of news articles in the last day and hundreds
>> of outraged comments on blogs, Twitter, Facebook, etc.  In the midst
>> of all this terrible PR, Download.com went in last night and quietly
>> switched their Nmap downloads back to our real installer.  At least
>> for now.  But that isn't enough--they are still infecting the
>> installers for thousands of other packages!  For example, they have
>> currently infected the installer for a children's coloring book app:
>> http://download.cnet.com/Kea-Coloring-Book/3000-2102_4-10360620.html
>> Have they no shame at all??!
>> I've created a page with the situation background, links to the news
>> articles, and the latest updates:
>> http://insecure.org/news/download-com-fiasco.html
>> Feel free to share it.  Together, I hope we can get Download.Com to
>> apologize and cease this reprehensible behavior!
>> Cheers,
>> Fyodor
> No, there's no shame when money's involved.
> Do Unto Others as they would do unto you...sue the fsck out of them.
> --Michael

More information about the NANOG mailing list