Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Comment Re:Perfect american corporate business practice (Score 4, Insightful) 231

by fv (#38311026) Attached to: Cnet Apologizes For Nmap Adware Mess

But they didn't do anything illegal. They're basically just using their own download application that comes with extra stuff.

Yes, but Download.com still assures users that they will never bundle that "extra stuff". Their Adware & Spyware Notice says:

In your letters, user reviews, and polls, you told us bundled adware was unacceptable--no matter how harmless it might be. We want you to know what you're getting when you download from CNET Download.com, and no other download site can promise that.

Also, they make it look like a download link for the real installer (which it used to be), and then the user gets this CNET crap. But they still used our name liberally in the trojan installer as if we were somehow responsible for or involved in this abomination. I've got screen shots on my Download.com fiasco page.

Also, this "apology" rings hollow because they aren't fixing the problem along with it. In particular:

1) He claims that bundling malware with Nmap was a “mistake on our part” and “we reviewed all open source files in our catalog to ensure none are being bundled.” Either that is a lie, or they are totally incompetent, because tons of open source software is still being bundled. You can read the comments below his post for many examples.

2) Even if they had removed the malware bundling from open source software, what about all of the other free (but not open source) Windows software out there? They shouldn't infect any 3rd party software with sketchy toolbars, search engine redirectors, etc.

3) At the same time that Sean sent the “apology” to users, he sent this very different note to developers. He says they are working on a new expanded version of the rogue installer and “initial feedback from developers on our new model has been very positive and we are excited to bring this to the broader community as soon as possible”. He tries to mollify developers by promising to give them a cut (“revenue share”) of the proceeds from infecting their users.

4) You no longer need to register and log in to get the small (non-trojan) “direct download” link, but the giant green download button still exposes users to malware.

5) The Download.Com Adware & Spyware Notice still says “every time you download software from Download.com, you can trust that we've tested it and found it to be adware-free.” How can they say that while they are still adding their own adware? At least they removed the statement from their trojan installer that it is “SAFE, TRUSTED, AND SPYWARE FREE”.

Submission + - Why Double-Spacing After Periods Isn't Wrong (heracliteanriver.com)

Submitted by Anonymous Coward
An anonymous reader writes: Over at Slate, Farhad Manjoo struck a nerve earlier this year with a vitriolic article attacking anyone who would dare to put two spaces after a period, a post with thousands of comments (and counting) and dozens of online responses. (http://www.slate.com/articles/technology/technology/2011/01/space_invaders.html) He blames the two-space rule on the history of typewriters and ignorance of a consensus among typographers that supposedly goes far back in history. But the recent linked blog post cites numerous sources showing that Manjoo and typographers don't know their own history. It turns out that single-spacing is the aberrant practice, only introduced because technology made people lazier, publishers wanted to save money, and typesetters became dumber. The creators of many historical typefaces still in use today are apparently rolling over in their graves over the current standard. (Note: Slashdot ran an Ask Slashdot story on the topic of spacing last year: http://ask.slashdot.org/story/10/08/04/161232/sentence-spacing-1-space-or-2)

Submission + - CNet / download.com trojaning OSS tools (seclists.org)

Submitted by Zocalo
Zocalo writes: In a post to the Nmap Hackers list Nmap author, Fyodor, accuses C|Net / download.com of wrapping a trojan installer (as detected by various AV applications when submitted to VirusTotal) around software including Nmap and VLC Media Player. The C|Net installer bundles a toolbar, changes browser settings and, potentially, performs other shenanigans — all under the logo of the application the user thought they might have been downloading. Apparently, this isn't the first time they have done this, either.

Fyodor's on the lookout for a good copyright lawyer, if anyone has one to spare.

Comment Re:Whos name is the internet account in? (Score 2) 346

by Sorthum (#37364760) Attached to: Ask Slashdot: P2P Liability On a Shared Connection?

I used to believe in loser-pays, but here's where it falls down.

Giant movie studio sues you. You're completely in the right, but perhaps due to a technicality, an idiot jury, or "the winds of fate," the decision goes against you.

Your legal fees were 5-10K or so. The movie studio points to its team of 85 lawyers all billing at $1K an hour for the last six months.

Kinda makes you long for simple student loan debt...

Comment Github? (Score 2) 442

by Sorthum (#36891082) Attached to: The Rise of Git

This may be due in part to the way github integrates social networking and coding-- I'm unaware of anything similar for SVN, Perforce, Bazaar, Mercurial, etc...

Comment Re:Encryption (Score 1) 364

by Sorthum (#35164206) Attached to: Insider-Trading Suspects Smash Hard Drive Evidence

This is very much what I want to know. Destroy your drives, shred your papers, I'm with you this far-- but then ADMITTING to having done it? This isn't like the situation of a thug bragging about a store he robbed for ego points; nobody's going to praise you for operating a shredder, so where's the value in yammering about it?
The Internet

Nmap Developers Release a Picture of the Web 125

Posted by Soulskill from the pretty-pictures dept.
iago-vL writes "The Nmap Project recently posted an awesome visualization of the top million site icons (favicons) on the Web, sized by relative popularity of sites. This project used the Nmap Scripting Engine, which is capable of performing discovery, vulnerability detection, and anything else you can imagine with lightning speed. We saw last month how an Nmap developer downloaded 170 million Facebook names, and this month it's a million favicons; I wonder what they'll do next?"
Government

Unique ID In India Causes 'Fear of the Beast' 725

Posted by timothy from the seems-fair-enough dept.
bhagwad writes "India's attempts to tag everyone with an ID number has run into a roadblock is some Christian villages. Apparently the villagers fear they will be associated with the devil since according to the Bible, everyone having the 'mark of the beast' will go to hell. These people are not afraid of punishment. They relish this opportunity to prove their faith because the Bible also proclaims that they will be persecuted."

Comment Re:Let me be the first (Score 1) 351

by Sorthum (#32752684) Attached to: Microsoft Kills the Kin

No, I truly get that-- it's not a hard concept.

My point is that that was their last product "hit." I don't think we can find another viable electronic manufacturer that hasn't come out with something droolworthy in half a decade?

Comment Re:Let me be the first (Score 1) 351

by Sorthum (#32752366) Attached to: Microsoft Kills the Kin

Sure, but look at the platform. It's five years old, and despite its new form factor it hasn't really been updated since release.

I realize they don't want to change things around on game developers, but I'd like to think that we can get better performance today than we could five years ago...

Slashdot Top Deals

To the systems programmer, users and applications serve only to provide a test load.

Close