art22gg Premium Member join:2005-02-16 Courtenay, BC
1 recommendation |
art22gg
Premium Member
2015-Feb-26 4:13 pm
Avoid Download.com like the plagueYou don,t want these/or need them... Quote: EMSI newsletter....» blog.emsisoft.com/2015/0 ··· er150226 |
|
Ian1 Premium Member join:2002-06-18 ON |
Ian1
Premium Member
2015-Feb-26 4:31 pm
said by art22gg: Avoid Download.com like the plague That's been true from a security standpoint for a long....long time now. |
|
BlackbirdBuilt for Speed Premium Member join:2005-01-14 Fort Wayne, IN
4 recommendations |
to art22gg
A HowToGeek page "Yes Every Freeware Download Site is Serving Crapware" lists other freeware download sites by name that they found often or always bundled crapware, including Cnet, TuCows, Filehippo, FeewareFiles, SnapFiles, MajorGeeks, Softpedia, SourceForge, and NoNags. Not all those sites were equal in terms of their obfuscation of the bundling nor the nature of the PuPs, but users need to realize they are all capable of loading trash onto a computer along with a desired freeware program. The best way to proceed is to download directly from a freeware maker's own site, if one exists. |
|
Kilroy MVM join:2002-11-21 Saint Paul, MN
2 recommendations |
to art22gg
I read Here's What Happens When You Install the Top 10 Download.com Apps. Short story you get an infected machine that is barely usable. For the longest time, back to last century, I've always recommended getting software straight from the source. Sure Download.com may be convenient, but the price of that convenience is high. Normally you can search the author and get a safer link to download. These days I pay for most of the software I have. The few free versions I use are directly from the author and installed using the up most caution to attempt to ensure I don't install any trash. |
|
Nanaki (banned)aka novaflare. pull punches? Na join:2002-01-24 Akron, OH
3 recommendations |
Nanaki (banned) to Ian1
Member
2015-Feb-26 4:46 pm
to Ian1
Yep pisses me off to. I have cds full of stuff i got from download.com back in the day. None ha any thing remotely malware or bundled in. When i say cds i mean as in 50+ filled up. Some had sources other than download.com but not many. All dled between 95 and 03 or 04.
Download.com went down hill some time after 05 or 06. Now they are one of if not the biggest source of bundled trash ware on the web.
Now they always had a ton of ad supported free ware. Much of it was well worth having. Back in the days of dialup their was a program called dialpad pro a must have for people on aol during their lets time out our users for not moving their mouse for 5 minutes. And flash get that leveraged servers resume downloads functions to create multiple connections to well saturate you bandwidth and get you a much faster download. BTW flashget still works and still does the same and still has it's ad banner. Im some one who has no problem with a ad supported product. But those ads needs to remain fully in the product not installing crap tool bars changing my home page search engines etc. Ill say it again i still have a email i sent my self filled with referal urls for some of my fave sites that link to the likes of new egg amazon and other sites i do use to buy from. I use those links to send a little love to the webmasters and owners of my fave sites. It pays their bills. But bundled crap ware etc like download.com does is well it should be illegal out right. |
|
TheMG Premium Member join:2007-09-04 Canada |
to art22gg
I used to downloads lots of stuff from download.com way back in the day, when the downloads didn't included PUPs.
Haven't touched that site for years now. They've gone way downhill. |
|
norwegian Premium Member join:2005-02-15 Outback |
to art22gg
Download.com and Sourceforge have been using PUP and even trojan wrappers for some years now.
The next advert bundle to help pay/sponsor free software.
|
|
Nanaki (banned)aka novaflare. pull punches? Na join:2002-01-24 Akron, OH
2 recommendations |
Nanaki (banned)
Member
2015-Feb-26 5:37 pm
Yeh i noticed that with sourceforge recently to. Astounding to think that even what was once the single largest opensource website on the net is not pushing this crap. |
|
norwegian Premium Member join:2005-02-15 Outback
2 recommendations |
If majorgeeks starts as well. We know they need to find funds to keep servers running and the money isn't there for them like it used to be. But to start being unethical isn't good business in anyone's book.
|
|
Nanaki (banned)aka novaflare. pull punches? Na join:2002-01-24 Akron, OH |
Nanaki (banned)
Member
2015-Feb-26 5:57 pm
Yeh it is just getting worse and worse. At least so far android apps that are legit on the play store keep their ads with in the app. But some of the permissions apps want yeesh. make calls and send texts should not be a permission in a downloaded game nor should accessing your contact list and modifying it i mean seriously? |
|
coldmoon Premium Member join:2002-02-04 Fulton, NY
1 recommendation |
to norwegian
said by norwegian:If majorgeeks starts as well. I am unaware of any plans to include wrappers on files they host nor have they asked us to do this. I know the owners personally and would be very surprised if they did; much less even contemplate doing that... |
|
norwegian Premium Member join:2005-02-15 Outback |
That is good to know and appreciate you clearing up that. I don't want to cause undue concerns for anyone doing the right thing.
|
|
Nanaki (banned)aka novaflare. pull punches? Na join:2002-01-24 Akron, OH
1 recommendation |
to coldmoon
eh majorgeeks is still a great site. and well it still looks like a 90s era throw back One of the reasons i still love the site the old school feel. Reminds me of the days i use to code html in sitepad pro hehe Infact i think i got the free sitepad from major geeks come to think of it. Almost forgot a staple program i have is 2xexplorer it always rides on mmy thumb drives heh. |
|
|
dave Premium Member join:2000-05-04 not in ohio
4 recommendations |
to art22gg
I propose two simple principles:
1) always get software from the originator's web site; never use an aggregator.
2) if the web site gives the slightest appearance of being tricky (deceptive buttons, for example) then you really don't want any of their products. |
|
BlackbirdBuilt for Speed Premium Member join:2005-01-14 Fort Wayne, IN |
to coldmoon
said by coldmoon:said by norwegian:If majorgeeks starts as well. I am unaware of any plans to include wrappers on files they host nor have they asked us to do this. I know the owners personally and would be very surprised if they did; much less even contemplate doing that... Sadly, from the 25 Jan 2015 HowToGeek article I referenced above: quote: We had more geeks write in defending MajorGeeks as a trusted source than any other site, so we were really hoping that they would be the one site that doesnt allow any bundled crapware. Sadly, thats not the case. The first thing we downloaded some stupid screensaver included four pieces of really terrible crapware, including two that had adware like ShopperPro and BoBrowser that just take over your system.
Its worth noting that if you know where to look, MajorGeeks does actually tell you which items contain bundled crapware, as they put the license as Bundleware for those terrible items. They also have a notice in red text in the description of the item that it contains adware, although just like Softpedia, its too far down on the page.
We actually talked to the owner of MajorGeeks about this, and he said that if he only listed freeware downloads that dont contain bundled crapware, hed have almost no downloads to list and would just have to close up shop. So he makes sure to mark things as containing bundled crapware, and theres a notice at the bottom. We wish the notice was bigger, and more prominent, but well have to give him credit for at least trying to do the right thing. And for testing every single thing that they put on the site before they put it up there.
So it appears the bundling occurs both in original freeware offered by their makers for listing, as well as what a download house may (or may not) add. |
|
dave Premium Member join:2000-05-04 not in ohio
3 recommendations |
dave
Premium Member
2015-Feb-26 7:29 pm
said by Blackbird:We actually talked to the owner of MajorGeeks about this, and he said that if he only listed freeware downloads that dont contain bundled crapware, hed have almost no downloads to list and would just have to close up shop. So the choice is: (a) turn a blind eye to those who would fuck people over, or (b) close up shop. And thus he chooses (a), because, well, business. Envious principles. Not. |
|
1 recommendation |
to norwegian
said by norwegian : If majorgeeks starts as well. We know they need to find funds to keep servers running and the money isn't there for them like it used to be.
Major Geeks is already offering up bundled software. This is noted in the How-To Geek article "Yes, Every Freeware Site is Serving Crapware (Here's the Proof)" previously linked. quote: We had more geeks write in defending MajorGeeks as a trusted source than any other site, so we were really hoping that they would be the one site that doesnt allow any bundled crapware. Sadly, thats not the case. The first thing we downloaded some stupid screensaver included four pieces of really terrible crapware, including two that had adware like ShopperPro and BoBrowser that just take over your system. ...
We actually talked to the owner of MajorGeeks about this, and he said that if he only listed freeware downloads that dont contain bundled crapware, hed have almost no downloads to list and would just have to close up shop. So he makes sure to mark things as containing bundled crapware, and theres a notice at the bottom. We wish the notice was bigger, and more prominent, but well have to give him credit for at least trying to do the right thing. And for testing every single thing that they put on the site before they put it up there.
There is no mention of Major Geeks adding its own install wrappers, so if you're careful to read everything, this may be one of the last sites left to download from. |
|
jupitermoon |
Oops... seem to have cross-posted with Blackbird! |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
to Blackbird
I'm so glad YOU posted this as when I posted it a day or so ago in this forum I was attacked and called crazy. No one will call you crazy. |
|
coldmoon Premium Member join:2002-02-04 Fulton, NY |
to Blackbird
said by Blackbird:So it appears the bundling occurs both in original freeware offered by their makers for listing, as well as what a download house may (or may not) add. Yes, they may have some software they host that does include advertising components, but they do not use a wrapper or require anyone to include advertising components. Apologies for being unclear... |
|
|
to Blackbird
said by Blackbird:"Yes Every Freeware Download Site is Serving Crapware" It's sad, I used to trust Sourceforge and now they install malware. It used to be safe to download Filezilla... not anymore. Imgburn started bundling malware with their latest version too. |
|
|
said by urbanriot:said by Blackbird:"Yes Every Freeware Download Site is Serving Crapware" It's sad, I used to trust Sourceforge and now they install malware. It used to be safe to download Filezilla... not anymore. Imgburn started bundling malware with their latest version too. ....now even Major Geeks unless you read the small print at the bottom and most wouldn't do. |
|
85160670 (banned)"If U know neither the enemy nor yoursel join:2013-09-17 Edmonton, AB |
85160670 (banned)
Member
2015-Feb-27 10:12 am
Right on "....now even Major Geeks unless you read the small print at the bottom and most wouldn't do." TNO { Trust No ONE } & most NO such free LUNCH |
|
OZO Premium Member join:2003-01-17 |
OZO to dave
Premium Member
2015-Feb-27 3:17 pm
to dave
said by dave:I propose two simple principles:
1) always get software from the originator's web site; never use an aggregator.
2) if the web site gives the slightest appearance of being tricky (deceptive buttons, for example) then you really don't want any of their products. Amen to both points above. Additionally I think the authors could help us by publishing on their web sites MD5's of their products. Then everyone can download the package from any site (even from download.com) without a risk of it being modified... |
|
1 edit
3 recommendations |
to dave
3) Avoid "stub installers" (small programs that download what you actually want). Try and get full offline installers directly instead.
4) If you can't avoid 3) download from with a VM and get the full installer that way. Discard the VM afterwards (it's probably full of crapware at that point). |
|
Nanaki (banned)aka novaflare. pull punches? Na join:2002-01-24 Akron, OH
1 recommendation |
Nanaki (banned) to OZO
Member
2015-Feb-27 3:30 pm
to OZO
Can't remember the post now but was one not to long ago about download wrappers passing md5 check sums etc. So even that is not enough. Software authors need to publish their downloads on their own servers so we can get clean copies. |
|
OZO Premium Member join:2003-01-17 |
OZO
Premium Member
2015-Feb-27 4:13 pm
Good luck with forging SHA1, MD5 or even CRC32:...
And second, one of the reasons, why authors allow (or sometimes even encourage) usage of third party download services, is the cost of download traffic, imposed on them personally and slowness of the download for the users (usually caused by slow upload speed in author's servers)... |
|
Nanaki (banned)aka novaflare. pull punches? Na join:2002-01-24 Akron, OH |
Nanaki (banned)
Member
2015-Feb-27 4:15 pm
It was already posted here in this very forum. I can not remember the post topic now. Though im sure dave or stuwart etc will remember the one i mean and post a link to it.
I do remember it was not a forging of the md5 etc but a way to basically not change it when it was put in a wrapper. |
|
Ian1 Premium Member join:2002-06-18 ON
1 recommendation |
Ian1 to OZO
Premium Member
2015-Feb-27 4:16 pm
to OZO
said by OZO:And second, one of the reasons, why authors allow (or sometimes even encourage) usage of third party download services, is the cost of download traffic, imposed on them personally and slowness of the download for the users (usually caused by slow upload speed in author's servers)... Torrents a good solution there, so long as you can get the right MD5 to check. Works well for big things like linux distros. For small things? Bandwidth is awfully cheap now. I think my VPS charges an extra $1 a month per terabyte. It simply isn't the issue that it once was. |
|
Nanaki (banned)aka novaflare. pull punches? Na join:2002-01-24 Akron, OH |
Nanaki (banned)
Member
2015-Feb-27 4:18 pm
Damn that is just stupid cheap. |
|