[important]This article was written by Bill Pytlovany and has been reposted here with his kind permission. Bill is the developer of the well known WinPatrol security program, he is among the original cyber-security researchers and one of the founding fathers of the Internet as we know it today.[/important]
Intro by Jim:
If you are a regular DCT reader you’ll already be well aware of my concerns regarding download sites and the traps they often present for unsuspecting users. The predilection for most download sites these days is to favor revenue over user safety/security, and it seems almost all download sites have decided to employ one sneaky method or another to help generate further income. CNET’s download .com is a prime example of a download site more concerned with furthering its own ends than the welfare of users.
Developers are now beginning to voice their disgruntlement with the trend and are adding their voices to the protest. What follows is a recent article published by legendary WinPatrol developer Bill Pytlovany on his Bits from Bill blog:
Occasionally I hear from folks who report problems that sound really bizarre. It often sounds as if they’re talking about an entirely different program. It turns out sometimes they are!
I always make the newest WinPatrol available on WinPatrol.com but it’s not unusual for people to find WinPatrol on one of the free software websites or find it when doing a search. Searching on Bing, Google or Yahoo can be very dangerous, especially if you click on one of the links they allow to advertise.
The major problem with free download sites is they try hard to trick you into downloading other software. Most of the time, the other software pays the site based on how often it’s downloaded and usually includes toolbars, advertising or uses scare tactics to make you to pay for a premium version.
Let me show you examples that appear on the first search page when looking for WinPatrol:
Both of the big buttons that say “Download” have no connection to WinPatrol. The blue one will download a modified version of a Zip program which includes so much crap they apologize ahead of time:
The green download button downloads an install manager that will attach to all future downloads. You’ll notice how they acknowledge users will want to remove the ”not required… additional software”. My guess is they must get a lot of complaints about this additional software:
Even some of best known and respected download sites have changed their policies in return for ad revenue. Now that CBS is in control I’m sure my friends at CNet are told if they want to keep their job they’ll generate profit:
CNet has been very supportive of WinPatrol even though I can’t afford to compete with advertisers who use more aggressive upgrade methods or include additional advertising toolbars.
The top download button on the WinPatrol review page will download a program called Aro 2012. I’m not familiar with this program but couldn’t help noticing the first user review wasn’t very positive but is a common theme:
The other “Start Download” button on the WinPatrol review page pointed to an ad sponsored Registry Cleaner program yesterday but I noticed today it also points to CNet favorite, Aro 2012.
I tried my best to find a download site, any download site which didn’t participate in methods obviously meant to trick users. I eventually gave up. I don’t know if the economy is that bad, people are just that greedy or if everyone thinks the Internet is a gold rush and they think these methods are acceptable.
Here’s my page on the once reputable FileHippo.com:
If you read the page you’ll see that FileHippo has been a friend to WinPatrol even providing links to older versions. Unfortunately, they still insist on including a large Download button that downloads a questionable audio converter program:
Doing a simple search of “Babylon Toolbar” and you’ll see one of the reasons I’ve never agreed to include a toolbar with my program. The entire first page on Google consists of advice on how to remove the toolbar which apparently isn’t something possible with the Add/remove applet.
I probably haven’t done myself any favors with this post since WinPatrol depends on good reviews. Like it or not, these sites are still popular. I’ve had a number of acquaintances tell me this is just normal Internet business practice and I should be making money too. I may not have a lot of Internet gold but I still have loyal WinPatrol fans. Even if they don’t use WinPatrol they know I’ll continue to help when I can and will tell it like it is.
Update: October 22nd, 2012
I was surprised to hear my friends at Malwarebytes shared my frustration and beat me by posting about their own experience.
For additional examples and dangers see.
Postscript from Jim:
Great article Bill, good on you and good on Malwarebytes too. With influential guys like you publicly registering your protests hopefully more will follow and, who knows, maybe even change the way these download sites think and operate.
**DCT recommends the FreewareBB download site. FreewareBB is one site which places user welfare above all… over financial gains and self interest. The site’s owner/administrator, Mark (Marko) Wiliamson, has dedicated 6 years hard work to providing the ultimate safe and secure freeware download source. Unfortunately, user habits are hard to break and maintaining FreewareBB is a struggle at times, yet Marko has always stuck true to his original vision and stellar principles. Anyone seeking a freeware download site which is 100% committed to honesty and integrity need look no further than FreewareBB.