One of the primary points of using a site like CNet’s Download.com to download little freeware programs is that they are a trustworthy company that has established a solid reputation for ensuring that all the software is virus-free. They even include a little blurb “Tested spyware free” with every download. Their Software Policies page says the following:
We test all software products submitted to us against a comprehensive set of criteria. In addition to screening for common viruses and spyware, we also look for other threats that might interfere with our users’ security, privacy, and control. [...]
We will not list software that contains viruses, Trojan horses, malicious adware, spyware, or other potentially harmful components.
Now I realize that it’s very difficult–nearly impossible in fact–to detect a custom-written virus made to be distributed in a certain program, especially if the virus/program writers are smart enough to time-delay payload delivery/internet communication.
However, detecting a standard-issue, in-the-wild, generic virus like Win32/Funlove which was first discovered in 1999 is beyond easy for a company like CNet.
Therefore it is inexcusable that they are hosting a program (Wave To Text 5.5890.9831) that is a delivery tool for this virus. It puts their entire inventory of files into doubt and shows that their testing procedures are not adequate.
Beyond the aspersions it casts on their testing procedures, they apparently don’t even do rudimentary monitoring of the user-ratings of the software. This piece of software (which CNet editors rate as five star) has a 1.5-star user rating with most of the ratings screaming “Virus!”
4 Responses
July 29th, 2010 at 3:05 pm
Can’t believe it, good work man
July 29th, 2010 at 3:16 pm
This is certainly alarming especially due to the reputation CNET has earned now. People trust them and download stuff blindly without knowing that the file being downloaded is malicious or not.
August 2nd, 2010 at 1:23 pm
Hi, Hans. Thanks for the note about Wave to Text.
We determined that the virus detection from certain security vendors was a false positive for that older version of Wave to Text, and we updated its listing to the current 7.0 version.
However, the trial of the current 7.0 version of Wave to Text unfortunately does not allow any functionality without registration/activation, so we have removed the product from our catalog on those grounds (lack of functionality).
Thanks again for the notice. I can reiterate that every file we host on Download.com is scanned for malware by multiple security services, but you make a good point about better monitoring of our user reviews. We have a very large library, but you are correct in that we should notice when any program gets a disproportionate number of 1-star ratings.
Cheers,
Peter
—–
Peter Butler
Senior Content Manager
CNET Download.com
http://download.cnet.com/
August 2nd, 2010 at 2:02 pm
I certainly allow the possibility of a false positive. I am curious how you determined that was the case? And how was it that multiple DLL files in the same program would all have the same false positive? That doesn’t really make sense.
Leave a Comment