Had a look at chip.de, that's even worse (used to be an alright site). The installer tries to offer installs of Opera, Avast and Avira - ridiculous as you shouldn't have multiple AV's installed. Albeit if you just click through nothing does actually get installed but the product you want. And then Avast tries to install Google Chrome also.
I find it very interesting that there is a business around creating download sites for free/opensource apps. SEO optimization there has to be cut-throat.
Trivia: notepad++ is open source but with a clause that you are not allowed to bundle it with spywhare. So while most sites that make money off bundling open source software with spywhare are in the twilight zone - anyone bundling notepad++ with spywhare are clearly in the wrong territory
Citation needed. It looks to me like it's just GPL, which has no such clause. I'm also skeptical that any license with such a clause would qualify as open source.
1. Apply the license restriction to the official binary. The distributor would have to recompile from source to get a binary they can redistribute without restriction. That might stop some low effort redistributors.
2. Trademark the name of the software. The distributor would have to rebrand. That should be a bit more effective.
I worked for a company once where IT Desktop Support had to install all software, even for teams who worked in Technology. I was tasked with starting a whole new program and needed a bunch of new tools installed, and needed to supply them with a list of all these applications we'd ever need.
Out of curiosity, after they didn't provide the right software a few times, I asked the guy how he was validating they were securely sourced, etc. His reply was "Oh I just googled it and grabbed the first one." After that, I at least sent him the links of where to download it from, but I couldn't convince any of the IT executives that this policy is pretty useless if they're just grabbing and installing.
at this moment, if anyone pays google enough they will serve the result on top no matter what they serve. So if you want to survive malware, please enable an adblocker.
Install Pihole and set your home's wifi AP to use it as the default DNS. It's the only way to get universal adblocking in all browsers (until DNS-over-HTTPS ruins everything) and more importantly in phone apps. Fortunately most phone apps are just wrappers around the native browser, so it works great in most of the ones I use (e.g. BBC News). It's a great way to help everyone in your home without having to install stuff on all their devices.
heads up for pihole. I cannot,for the sake of my sanity, run internet without ublock and pihole. I teach all my friends and family how to install ublock origin.
If not for gorhill and pihole the internet is an absolute abomination of fb/google/media sites where everywhere u go, someone is holding a big billboard in your face. And god forbid if u block ads they guilt u to feel u are stealing from them.
Some months ago when the Paramount+ streaming service launched in Latin America the top Google Result in Argentina was for a fake site that imitated the original and stole credit card numbers. The domain seemed 100% legit except that it wasn’t the real one.
One of my kids likes to draw and play Minecraft. They’ll read about a program, Google it and try to install. 90% of the time that the software is legit, there’s some malware/adware wrapper they click on and try to install.
Yeah. Similarly German Goo Girls is higher ranking than Girls Go Games as my 9 year old found out by accident by typing ggg in Google search. Man that took some explaining.
It’s an interesting question - I (an ex-sysadmin) would always go to official sites.
My parents on the other hand, retired and not good with computers, would just search in google and click whatever’s at the top. Their generation are completely clueless with computers and the internet. Any time I teach them something they forget it…
The bait is that Don Ho, Notepad++'s creator, is very political, and while I use it daily, it's always in the back of my mind that he (or his detractors) could use the huge installation base to make a point.
I think his tribute update to Charlie Hebdo (2015) did more bad than good for his reputation.
Yeah, but it’s not as if the official site was infected. A random .exe from a completely unrelated site seems to be the vector for the trojan, which brings it back to "very much not interesting" to me.
