Download.com
   HOME

TheInfoList



Click Here for Items Related To - Download.com
OR:
Download.com on:   [Wikipedia]   [Google]   [Amazon]

CNET Download (originally Download.com) is an
Internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, p ...
download In computer networks, download means to ''receive'' data from a remote system, typically a server such as a web server, an FTP server, an email server, or other similar system. This contrasts with uploading, where data is ''sent to'' a remote ...
directory
website A website (also written as a web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server. Examples of notable websites are Google, Facebook, Amazon, and W ...
launched in 1996 as a part of
CNET ''CNET'' (short for "Computer Network") is an American media website that publishes reviews, news, articles, blogs, podcasts, and videos on technology and consumer electronics globally. ''CNET'' originally produced content for radio and televi ...
. Initially it resided on the domain ''download.com'', and then ''download.com.com'' for a while, and is now ''download.cnet.com''. The domain ''download.com'' attracted at least 113 million visitors annually by 2008 according to a
Compete.com Compete.com was a web traffic analysis service. The company was founded in 2000 and ceased operations in December 2016. Services Compete.com provided two categories of information: *Site Analytics : a free service, where the user can enter any ...
study.


Overview

The offered content is available in four major categories: ''software'' (including Windows, Mac and mobile), ''music'', ''games'', and ''videos'', offered for download via FTP from Download.com's servers or third-party servers. Videos are streams (at present) and music was all free
MP3 MP3 (formally MPEG-1 Audio Layer III or MPEG-2 Audio Layer III) is a coding format for digital audio developed largely by the Fraunhofer Society in Germany, with support from other digital scientists in the United States and elsewhere. Origin ...
downloads, or occasionally rights-managed WMAs or streams until it was replaced with
last.fm Last.fm is a music website founded in the United Kingdom in 2002. Using a music recommender system called "Audioscrobbler", Last.fm builds a detailed profile of each user's musical taste by recording details of the tracks the user listens to, e ...
. The Software section includes over 100,000
freeware Freeware is software, most often proprietary, that is distributed at no monetary cost to the end user. There is no agreed-upon set of rights, license, or EULA that defines ''freeware'' unambiguously; every publisher defines its own rules for the ...
,
shareware Shareware is a type of proprietary software that is initially shared by the owner for trial use at little or no cost. Often the software has limited functionality or incomplete documentation until the user sends payment to the software developer ...
, and try-first downloads. Downloads are often rated and reviewed by editors and contain a summary of the file from the software publisher. Registered users may also write reviews and rate the product. Software publishers are permitted to distribute their titles via CNET's Upload.com site for free, or for a fee structure that offers enhancements. Up until 2015 CNet used
Spigot Inc Spigot, Inc is a digital marketing company. Spigot, Inc was founded in Silicon Valley in 2008. The company's headquarters is located in Incline Village, Nevada Incline Village is a census-designated place (CDP) on the north shore of Lake Taho ...
to monetize the traffic to download.com. According to Sean Murphy, then a General Manager at CNet , "Spigot continues to be a great partner to Download.com, sharing our desire to balance customer experience with revenue."


Malware distribution

In August 2011, Download.com introduced an installation manager called CNET TechTracker for delivering many of the software titles from its catalog. This installer included trojans and
bloatware Software bloat is a process whereby successive versions of a computer program become perceptibly slower, use more memory, disk space or processing power, or have higher hardware requirements than the previous version, while making only dubious us ...
, such as toolbars. CNET admitted in their download FAQ that "a small number of security publishers have flagged the Installer as
adware Adware, often called advertising-supported software by its developers, is software that generates revenue for its developer by automatically generating online advertisements in the user interface of the software or on a screen presented to the ...
or a
potentially unwanted application A potentially unwanted program (PUP) or potentially unwanted application (PUA) is software that a user may perceive as unwanted or unnecessary. It is used as a subjective tagging criterion by security and parental control products. Such software ma ...
". In December 2011,
Gordon Lyon Gordon Lyon (also known by his pseudonym Fyodor Vaskovich) is an American network security expert, creator of Nmap and writer of books, websites, and technical papers about network security. He is a founding member of the Honeynet Project and ...
, writing under his pseudonym ''Fyodor'' wrote of his strong dislike of the installation manager and the bundled software. His post was very popular on social networks, and was reported by a few dozen media. The main problem is the confusion between the content offered on Download.com and the software offered by the original authors; the accusations included deception as well as copyright and trademark violation. In 2014,
The Register ''The Register'' is a British technology news website co-founded in 1994 by Mike Magee, John Lettice and Ross Alderson. The online newspaper's masthead sublogo is "''Biting the hand that feeds IT''." Their primary focus is information tec ...
and
US-CERT The United States Computer Emergency Readiness Team (US-CERT) is an organization within the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Specifically, US-CERT is a branch of the Office of ...
warned that via download.com's " foistware", an "attacker may be able to download and execute arbitrary code". In 2015, research by :Emsisoft suggested that all free download portals bundled their downloads with potentially unwanted software, and that Download.com was the worst offender. A study done by How-To Geek in 2015 revealed that Download.com was packaging malware inside their installers. The test was done in a
virtual machine In computing, a virtual machine (VM) is the virtualization/ emulation of a computer system. Virtual machines are based on computer architectures and provide functionality of a physical computer. Their implementations may involve specialized h ...
where the testers downloaded the Top 10 apps. These all contained crapware/malware; one example was the KMPlayer installer, which installed a rogue antivirus named 'Pro PC Cleaner' and attempted to execute WajamPage.exe. Some downloads, specifically YTD, were completely blocked by Avast. Another study done by How-To Geek in 2015 revealed that Download.com was installing fake SSL certificates inside their installers, similar to the
Lenovo Lenovo Group Limited, often shortened to Lenovo ( , ), is a Chinese multinational technology company specializing in designing, manufacturing, and marketing consumer electronics, personal computers, software, business solutions, and related se ...
Superfish Superfish was an advertising company that developed various advertising-supported software products based on a visual search engine. The company was based in Palo Alto, California. It was founded in Israel in 2006 and has been regarded as part ...
certificate. These fake certificates can completely compromise SSL encryption and allow
man-in-the-middle attack In cryptography and computer security, a man-in-the-middle, monster-in-the-middle, machine-in-the-middle, monkey-in-the-middle, meddler-in-the-middle, manipulator-in-the-middle (MITM), person-in-the-middle (PITM) or adversary-in-the-middle (AiTM) ...
s. However, in July 2016, How-To Geek discovered that Download.com no longer included adware/malware in its downloads and that its Installer program had been discontinued.


See also

*
Spigot Inc Spigot, Inc is a digital marketing company. Spigot, Inc was founded in Silicon Valley in 2008. The company's headquarters is located in Incline Village, Nevada Incline Village is a census-designated place (CDP) on the north shore of Lake Taho ...


References

{{Red Ventures CNET Adware American music websites Download websites File hosting Former CBS Interactive websites Free music download websites Internet properties established in 1996