HOME

TheInfoList



Click Here for Items Related To - Download.com
OR:
Download.com on:   [Wikipedia]   [Google]   [Amazon]

CNET Download (originally Download.com) is an
Internet The Internet (or internet) is the Global network, global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a internetworking, network of networks ...
download In computer networks, download means to ''receive'' data from a remote system, typically a server such as a web server, an FTP server, an email server, or other similar systems. This contrasts with uploading, where data is ''sent to'' a remote ...
directory
website A website (also written as a web site) is any web page whose content is identified by a common domain name and is published on at least one web server. Websites are typically dedicated to a particular topic or purpose, such as news, educatio ...
launched in 1996 as a part of CNET. Initially it resided on the domain ''download.com'', and then ''download.com.com'' for a while, and is now ''download.cnet.com''. The domain ''download.com'' attracted at least 113 million visitors annually by 2008 according to a
Compete.com Compete.com was a web traffic analysis service. The company was founded in 2000, and ceased operations in December 2016. Services Compete.com provided two categories of information: *Site Analytics, a free service, where the user can enter a ...
study.


Overview

The offered content is available in four major categories: ''software'' (including Windows, Mac and mobile), ''music'', ''games'', and ''videos'', offered for download via
FTP The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and dat ...
from Download.com's servers or third-party servers. Videos are streams (at present) and music was all free
MP3 MP3 (formally MPEG-1 Audio Layer III or MPEG-2 Audio Layer III) is a coding format for digital audio developed largely by the Fraunhofer Society in Germany under the lead of Karlheinz Brandenburg. It was designed to greatly reduce the amount ...
downloads, or occasionally rights-managed WMAs or streams until it was replaced with last.fm. The Software section includes over 100,000
freeware Freeware is software, often proprietary, that is distributed at no monetary cost to the end user. There is no agreed-upon set of rights, license, or EULA that defines ''freeware'' unambiguously; every publisher defines its own rules for the free ...
,
shareware Shareware is a type of proprietary software that is initially shared by the owner for trial use at little or no cost. Often the software has limited functionality or incomplete documentation until the user sends payment to the software developer. ...
, and try-first downloads. Downloads are often rated and reviewed by editors and contain a summary of the file from the software publisher. Registered users may also write reviews and rate the product. Software publishers are permitted to distribute their titles via CNET's Upload.com site for free, or for a fee structure that offers enhancements. Up until 2015 CNet used Spigot Inc to monetize the traffic to download.com. According to Sean Murphy, then a General Manager at CNet, "Spigot continues to be a great partner to Download.com, sharing our desire to balance customer experience with revenue."


Malware distribution

In August 2011, Download.com introduced an installation manager called CNET TechTracker for delivering many of the software titles from its catalog. This installer included trojans and
bloatware Software bloat is a process whereby successive versions of a computer program become perceptibly slower, use more memory, Computer data storage, disk space or processing power, or have higher hardware requirements than the previous version, whi ...
, such as toolbars. CNET admitted in their download FAQ that "a small number of security publishers have flagged the Installer as
adware Adware, often called advertising-supported software by its developers, is software that generates revenue by automatically displaying Online advertising, online advertisements in the user interface or on a screen presented during the installatio ...
or a potentially unwanted application". In December 2011,
Gordon Lyon Gordon Lyon (also known by his pseudonym Fyodor Vaskovich) is an American network security expert, creator of Nmap and author of books, websites, and technical papers about network security. He is a founding member of the Honeynet Project and ...
, writing under his pseudonym ''Fyodor'' wrote of his strong dislike of the installation manager and the bundled software. His post was very popular on social networks, and was reported by a few dozen media. The main problem is the confusion between the content offered on Download.com and the software offered by the original authors; the accusations included deception as well as copyright and trademark violation. In 2014,
The Register ''The Register'' (often also called El Reg) is a British Technology journalism, technology news website co-founded in 1994 by Mike Magee (journalist), Mike Magee and John Lettice. The online newspaper's Nameplate_(publishing), masthead Logo, s ...
and
US-CERT The United States Computer Emergency Readiness Team (US-CERT) was a team under the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security. On February 24, 2023, the Cybersecurity and Infrastructure Security Age ...
warned that via download.com's " foistware", an "attacker may be able to download and execute arbitrary code". In 2015, research by :Emsisoft suggested that all free download portals bundled their downloads with potentially unwanted software, and that Download.com was the worst offender. A study done by How-To Geek in 2015 revealed that Download.com was packaging malware inside their installers. The test was done in a
virtual machine In computing, a virtual machine (VM) is the virtualization or emulator, emulation of a computer system. Virtual machines are based on computer architectures and provide the functionality of a physical computer. Their implementations may involve ...
where the testers downloaded the Top 10 apps. These all contained crapware/malware; one example was the KMPlayer installer, which installed a rogue antivirus named 'Pro PC Cleaner' and attempted to execute WajamPage.exe. Some downloads, specifically YTD, were completely blocked by Avast. Another study done by How-To Geek in 2015 revealed that Download.com was installing fake SSL certificates inside their installers, similar to the
Lenovo Lenovo Group Limited, trading as Lenovo ( , zh, c=联想, p=Liánxiǎng), is a Chinese multinational technology company specializing in designing, manufacturing, and marketing consumer electronics, personal computers, software, servers, conv ...
Superfish certificate. These fake certificates can completely compromise SSL encryption and allow
man-in-the-middle attack In cryptography and computer security, a man-in-the-middle (MITM) attack, or on-path attack, is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communi ...
s. However, in July 2016, How-To Geek discovered that Download.com no longer included adware/malware in its downloads and that its Installer program had been discontinued.


References

{{Red Ventures CNET Adware American music websites Download websites File hosting Free music download websites Internet properties established in 1996