nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [fyodor () insecure org: C|Net Download.Com is now bundling Nmap with malware!]

From: nanog-bounces () nanog org
Date: Thu, 08 Dec 2011 13:44:23 -0600
Fyodor wrote:

switched their Nmap downloads back to our real installer.  At least
for now.  But that isn't enough--they are still infecting the
installers for thousands of other packages!  


I am sorry about these problems, it is unacceptable.

Sourceforge, at least a year or 2 ago, did something that was only slightly less unacceptable. They had (or still 
have?) ads that would display when you click a donwload link at some site, say 
http://www.clamwin.com/content/view/18/46/

In this example (and clamwin had no part in that) the redirect of the download link would show an add for another virus 
scanner (but in fact it was malware, or, so broken it'd behave like malware). I know of actual cases where someone 
accidentally downloaded the software from the add, and messed up their computer.

So much for pointing them to a free virus scanner...

-- 
Earthquake Magnitude: 3.1
Date: Wednesday, December  7, 2011 15:57:44 UTC
Location: northern Alaska
Latitude: 65.9462; Longitude: -148.7381
Depth: 30.90 km
Previous By Date Next
Previous By Thread Next

Current thread: