There has been a lot written recently about the despicable practice that C/Net’s Download.com has adopted of wrapping all of the software downloaded via Download.com in wrappers which install 3rd party toolbars and software. It is even more loathsome to include these 3rd party potential security threats when people are downloading security software. But that is exactly what is happening at Download.com.
Many in the security industry have raised the alarms about this practice. Everyone from HD Moore of Metasploit to Fyodor of NMap and more. InfoWorld and other main stream media outlets have blown the whistle as well.
It has certainly come to the attention of C/Net and they have responded:
“On Wednesday, Cnet issued a statement saying it had mistakenly made NMap — and other open-source software — part of its program, but planned to continue the bundling of third-party software, with some changes.
“All third-party offers are clearly identified as such, and there is no requirement for the user to download and install the offer; rather, a user has the option to Accept or Decline,” Sean Murphy, CBS Interactive’s vice president and general manager
So it was one thing to not know you are making a mistake, it is quite another to know what you are doing is wrong and still do it. If this is going to be the position of C/Net the position of the tech community should be clear. Stop going to C/Net, stop downloading anything from Download.com and if you are a developer don’t give them permission to list your software.
Until this wrapping of 3rd party software stops, boycott Cnet and Download.com!
Related articles
- Cnet slammed for wrapping Nmap downloads with cruddy toolbar (go.theregister.com)
- Security pros slam Cnet Download.com’s bundling (infoworld.com)
- Download.com sorry for bundling Nmap with crapware (go.theregister.com)
- Nmap warns Download.com bundles malware with its software (geek.com)
- Download.com Bundling Toolbars, Trojans? (krebsonsecurity.com)
- The Download.com Debacle: What CNET Needs to Do to Make it Right (eff.org)
- A note from Sean regarding the Download.com Installer (download.cnet.com)
- CNet’s Download.com now bundling Nmap with malware (seclists.org)
Comments on this entry are closed.