CNET....Go Away!

You might. It's hit, and miss. Some software from CNET gets bundled with crapware, and other software does not.

 

It's good to see that we agree about something on Wilders..... that Cnet is not what it's used to be. The glory days are over

I don't use Cnet. And I do not recommend Cnet in anyway!

 

I checked the mailwasher download link you provided, thanks. I'm not suggesting that it is an ideal situation but on the download button it states, "CNET installer enabled". When you hover over the button it pops up a window which explains what will happen.

Anyway, I downloaded and installed it. Along the way I declined the other goodies except for the toolbar (which I could have declined also). When finished I didn't like the look of the toolbar so I got rid of it. It appeared to unistall without problem.

So I'm not really sure what all the fuss is about. I think it would be easier to install mailwasher from cnet without any additional software than to install iTunes without any additional software.

Just for the record, I did perform the above on a Deep freeze protected machine so no need to worry.

 

See, us here at Wilders know what a download contains and what procedures to take.

My only rant about it, is for the people who blindly don't know what they're doing. They go into it with their entire trust, but then complain about all the junk afterwards.

CNET should consider people such as that and not include the bundleware...it's not good practice.

People should have a nice, clean and trusting sense about the download provider they use, they shouldn't ever have to worry about bundled installers, such as what CNET provides.

I don't think I've met one human being that enjoys any of that junk on their computer to begin with.

Anyways, the link I provided isn't dangerous an any way, but more of an example of what the CNET Bundleware includes.

It has been known that some of CNET's downloads contain malicious content.

 

I use softpedia and majorgeeks most of the time. I haven't had issues with those sites, ever. Well, other than some software does ask to install toolbars/etc, but there is always an opt out.

I wonder, how one would find out which sites are truly safe. How does one verify this. What is the criteria even for such a thing.

I have always thought it odd there isn't a sticky on this security forum that has a list of "approved" sites to get software from. Lots of folks in here have thier favorite place, the "trusted source", but I think its mainly because over months/years of use, they found them to be trustworthy. But what does "trustworthy" really mean?

Anyone else think a list of "approved" sites a good idea? But who would determine the criteria I wonder.

Random thoughts of the day I guess

Sul.

 

That idea hasn't crossed my mind but one that has is auto-appending a "watchout for bundleware" type warning to anchor text when people post links to sites that are known to include those special presents in their downloads. It wouldn't be a specific approval or indictment, just a reminder to be on the lookout. I'm not sure the admins want or need that additional work though The poster could/should be the one to add those.

 

I appreciate your post - people should know about CNET. I've found downloads from there to be very difficult to escape the crap. Glad you are making this info available to unknowing users.

 

A lot of downloads especially free lead to downloads to CNET but there is usually alternatives like softpedia for example. If there was no alternative then I would pass and avoid CNET with a barge pole,regardless how good the prize is.I am not worried of getting infected, I just will not give them the satisfaction with a click of my browser.

 

I avoid downloading anything from CNET, unless I'm purposely trying to infect myself with a Rouge or Virus or some other crapware, for testing purposes of course.
For something I'm going to put on my real system I genuinely try to download from the developers/products website, when that is not feasible theres always Filehippo or Majorgeeks.

 

'With a catalog of more than 400,000 titles, the Downloads section of the website allows users to download popular software, generating approximately 3.5 million downloads per day.[citation needed] CNET download.com provides Windows, Macintosh and mobile software for download. CNET maintains that this software is free of spyware.' ~ Wikipedia

Quite a few WOT users would beg to differ about the spyware/malware.

 

I highly doubt that the virus came from CNET.

 

But to be fair, a lot of users on WOT are completely clueless and have no idea what they are talking about.

 

Yeah sure, not a problem

 

On download.com for downloads which are downloaded via download.com's installer are marked as such - the Download Now button says "CNET Installer Enabled"

However there is a Direct Download Link underneath the download button which just downloads the original installer with no extras.

 

Think of yourself as an average user for a moment, would you take your time to look for the direct download link, or would you simply click the big green button that say's "Download Now"?

Most users will go into this thinking they need to click that big green button.

That is my whole point of this CNET rant

We may know how to handle the links, but does the majority? No


This is why CNET shouldn't include it's bundleware.

 

Especially when download Now is a giant lime green and the alternatively Click here is a smaller blue link that easily could be overlooked.

 

CNET Download.com Installer FAQ:

-------------------------------------------

About the Download.com Installer

 

Instead of "Download Now CNET Installer Enabled" click on "Direct Download Link".

 

MBAM Free Download
->
http://www.malwarebytes.org/
"From Our Trusted Partner Sites"
->
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

It's a Direct Download Link.........

 

Yeah, if you got stuck with a CNET wrapper--better switch hobbies.

10 on-demand scanners

Extrapolated 99.99% rank on zero day malware

Default Deny Policy

An IPS designed by God herself


....but you guys don't even read the links you are downloading. Too funny.

 

The "average user" it's a "blind user" too?
Popup appears prior "you simply click" =>
http://i.imgur.com/jvuscsF.png

.

 

https://www.wilderssecurity.com/showpost.php?p=2197872&postcount=40

Us guys know how to handle these links just fine.

If you read my previous posts, you'll clearly see that I am talking about the average user that goes to CNET, the people that don't know any better.

 

Fair enough, Radeon. But based on your original post, the following replies, and the fact it took until page two to mention it: even "most" Wilders members were not aware of the clean DL--even when a screen shot containing it was shown.

People see CNET or their SSL glowing in the URL bar...all that training at fight club as a Jedi knight goes down the drain. All that gear clogging your CPU becomes, perhaps, a waste.

Me, you and the rest will one day be socially engineered by another's business model. It's not us. It's US--as in being human.

I mean why else would you/others hate CNET so much unless burned once, twice shy--amiright?? Or is this one of those principle/moral issue thingies.

 

It's a moral thing for me

As for others, I can't speak for them.

I shouldn't have used the word average, since that is considered labeling someone, my intentions are not to do that...Just FYI

 

IMHO, it's better to focus on something else:
Installers Hall of Shame