nanog mailing list archives

Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!]

From: Jeroen van Aart <jeroen () mompl net>
Date: Wed, 07 Dec 2011 14:32:32 -0800

Fyodor wrote:

switched their Nmap downloads back to our real installer.  At least
for now.  But that isn't enough--they are still infecting the

installers for thousands of other packages!


I am sorry about these problems, it is unacceptable.

Sourceforge, at least a year or 2 ago, did something that was only
slightly less unacceptable. They had (or still have?) ads that would
display when you click a donwload link at some site, say
http://www.clamwin.com/content/view/18/46/

In this example (and clamwin had no part in that) the redirect of the
download link would show an add for another virus scanner (but in fact
it was malware, or, so broken it'd behave like malware). I know of
actual cases where someone accidentally downloaded the software from the
add, and messed up their computer.

So much for pointing them to a free virus scanner...

--
Earthquake Magnitude: 3.1
Date: Wednesday, December  7, 2011 15:57:44 UTC
Location: northern Alaska
Latitude: 65.9462; Longitude: -148.7381
Depth: 30.90 km

Current thread:

Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!], (continued)
- - - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Owen DeLong (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Valdis . Kletnieks (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Owen DeLong (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Valdis . Kletnieks (Dec 07)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Owen DeLong (Dec 07)
  - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Fyodor (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Michael Painter (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Owen DeLong (Dec 06)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Jared Mauch (Dec 06)
    - RE: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Smith, C. Aaron (Dec 07)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Jeroen van Aart (Dec 07)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Jeroen van Aart (Dec 07)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Jeroen van Aart (Dec 08)
- RE: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Scott Weeks (Dec 06)
- Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] nanog-bounces (Dec 08)
- Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Kyle Duren (Dec 08)
  - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Michael Painter (Dec 08)
    - Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!] Jimmy Hess (Dec 08)