Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

FAQ: CNET's "Trojan" installer

CNET is under fire for downloading more than just open source software with the open source software that it makes available on its Web site.

It wraps the software in an installer that also alters the browsers on the computers that pull down the open source code, and this has angered many in the open source community as well as others who just don't like having their browsers messed with when they're downloading something for free.

ALSO UNDER THE GUN: Carrier IQ again asserts no user data is logged or sent 

What is CNET up to?

CNET's download site offers a range of open source tools including anti-virus software, anti-malware, Flash players and Nmap, the open source security scanner. The creator of Nmap, Gordon Lyon, wrote a blog post Monday ripping CNET for wrapping its download of Nmap in an installer that also changes the default search engine to Bing, makes Microsoft MSN the homepage and installs a StartNow toolbar with buttons for Facebook, multimedia search and local weather. It also floats an ad for third-party software in the middle of the install process.

What's wrong with that?

According to Lyon, it's a bad thing. He writes: "Then the next time the user opens their browser, they find that their computer is hosed with crappy toolbars, Bing searches, Microsoft as their home page, and whatever other shenanigans the software performs! The worst thing is that users will think we (Nmap Project) did this to them!"

Anything else?

Lyon again: "In addition to the deception and trademark violation, and potential violation of the Computer Fraud and Abuse Act, this clearly violates Nmap's copyright."

What bad things does this do to your computer?

Nothing destructive has been reported.

But there's talk of malware and Trojans. Isn't that bad?

The Web site Virus Total says that 22,524 of its members describe the CNET-wrapped Nmap as malware. Malware scans by security companies including F-Secure, McAfee and Panda identify the installer as a Trojan.

How long has this been going on?

CNET started using the installer in July.

Why is it getting all this attention now?

Mainly because Lyon's bluntly worded blog post caught a lot of attention. "F**k them!" he writes. "If anyone knows a great copyright attorney in the U.S., please send me the details or ask them to get in touch with me."

What can I do to avoid it?

There's an opt-out button on the download page. Part of Lyon's beef is that many people trust CNET's download page and skip right over the opt-out notification.

Why would CNET do this?

On its FAQ page, CNET says: "By downloading with the Download.com Installer the user is guaranteed that the file they install on their system came directly from Download.com. Only software that is tested spyware-free and hosted on Download.com's secure servers may be delivered via the Installer.

"In addition, thanks to the clear steps provided by the Installer, the percentage of users who are able to complete the download process increases significantly when using the Installer for their downloads.

"Finally, Download.com is supported primarily by advertising, and we include offers for additional downloads from advertisers as part of our Installer process. Unlike other download sites that employ similar ad-supported technologies, however, our Installer is limited to a single offer that is carefully screened to ensure compliance with the Download.com Software Policies."

Read more about wide area network in Network World's Wide Area Network section.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Carrier, CNET, Facebook, F-Secure, LAN, McAfee, Microsoft, MSN, Panda, Virus Total
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: anti-malware, Carrier IQ, CNET, Facebook, malware, Microsoft, open source, security, software, trojans
Latest Blog Posts
Whitepapers
  • Botnets: The dark side of cloud computing
    Botnets pose a serious threat to your network, your business, your partners and customers. Botnets rival the power of today’s most powerful cloud computing platforms. These “dark” clouds, controlled by cybercriminals, are designed to silently infect your network. Left undetected, botnets borrow your network to serve malicious business interests. This paper details how you can protect against the risk of botnet infection using security gateways that offer comprehensive unified threat management (UTM).
    Learn more »
  • Workshifting: How IT is Changing the Way Business is Done
    While workshifting delivers powerful benefits, from increased productivity and improved cost-efficiency for both business and IT, to improved recruitment and retention, to business continuity and security, it also poses significant challenges for IT. The following discussion examines the forces driving the rapid rise of workshifting, the forms it can take, the IT challenges that must be addressed to enable it, the technologies now available to unlock its full value and the resulting benefits for the business.
    Learn more »
  • Lost USB keys have 66% chance of malware
    Sophos studied 50 USB keys bought at RailCorp's 2011 Lost Property auction in Sydney. The study revealed that two-thirds were infected by malware, and quickly uncovered information about many of the former owners of the devices, their family, friends and colleagues. Disturbingly, none of the owners had used any sort of encryption to secure their files against unauthorised snoopers.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.