Home page logo
/

nanog logo nanog mailing list archives

Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!]
From: "Michael Painter" <tvhawaii () shaka com>
Date: Tue, 6 Dec 2011 18:53:08 -1000

Fyodor wrote:
On Mon, Dec 05, 2011 at 10:14:48PM -0800, andrew.wallace wrote:

Using fruitful language and acting like a child isn't going to see
you taken seriously.

I'm sorry that my language offended you. But if you ever spend more
than 14 years creating free software as a gift to the community, only
to have it used as bait by a giant corporation to infect your users
with malware, then you may understand my rage.

The good news is that many users are sick and tired of having their
machines hijacked by malware.  Especially by CNET Download.Com, which
still says on their own adware policy page:

 "In your letters, user reviews, and polls, you told us bundled
  adware was unacceptable--no matter how harmless it might be. We want
  you to know what you're getting when you download from CNET
  Download.com, and no other download site can promise that."
  --http://www.cnet.com/2723-13403_1-461-16.html

Um, what people WANT when they download Nmap is Nmap itself.  Not to
have their searches redirected to Bing and their home page changed to
Microsoft's MSN.

Speaking of which, Microsoft emailed me today.  They said that they
didn't know they were sponsoring CNET to trojan open source software,
and that they have stopped doing it.  But the trojan installer uses
your Internet connection to obtain more "special offers" from CNET,
and they immediately switched to installing a "Babylon toolbar" and
search engine redirect instead.  Then CNET removed that and are now
promoting their own "techtracker" tool.  Apparently the heat is so
high that even malware vendors are refusing to have any more part in
CNET's antics!  But if CNET isn't stopped, the malware vendors will
come crawling back eventually and CNET will be there to receive them.

There have been dozens of news articles in the last day and hundreds
of outraged comments on blogs, Twitter, Facebook, etc.  In the midst
of all this terrible PR, Download.com went in last night and quietly
switched their Nmap downloads back to our real installer.  At least
for now.  But that isn't enough--they are still infecting the
installers for thousands of other packages!  For example, they have
currently infected the installer for a children's coloring book app:

http://download.cnet.com/Kea-Coloring-Book/3000-2102_4-10360620.html

Have they no shame at all??!

I've created a page with the situation background, links to the news
articles, and the latest updates:

http://insecure.org/news/download-com-fiasco.html

Feel free to share it.  Together, I hope we can get Download.Com to
apologize and cease this reprehensible behavior!

Cheers,
Fyodor

No, there's no shame when money's involved.
Do Unto Others as they would do unto you...sue the fsck out of them.
--Michael



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault