Or, "How to tell if your downloaded software is legitimate or not."
Here is your chance to learn from my mistakes.
I needed to install the Foxit PDF Reader. One would think it would be easy to find the download, but Yahoo went out of its way to make this unsavory. Without scruples, they guided me to the third-most dishonest site on the web (I am sure there are worse places). Let me explain.
Searching for "Foxit Reader" brought this result:
This is an ad, which at first I did not notice.
More importantly, notice the site: DownloadDF.com, which opens to this legitimate-looking page. On the surface, I thought this was Foxit. They must be using a third party to host their downloads (www.downloaddf.com/foxitreader). In retrospect, this is an odd thought; Foxit is big enough to have their own site....
I clicked download....
The .exe name seems legitimate, "Foxit Reader Setup.exe". Notice the publisher -- "darwendlmtowerworld.com" -- not "Foxit." Like most people, I clicked "Save File" and continued on my way.
The Last Defense:
Running the executable produces this message in Windows 10 (another good reason to upgrade from Windows 7). The App is "Foxit Reader Setup.exe" by "Funnel Superb (Fried Cookie Ltd.)" Fried Cookie Limited? Are you kidding?
I won't bore you with the actual install.
It installs five other toolbars, spyware programs and "sharing" programs. By the time you are done, your machine will be so infested with crap,you will be lucky if the machine runs.
Technically, the install might be legal, but it is certainly immoral. For each of the 5 spyware programs being installed, you are being prompted to accept or decline -- that makes it legal. But each program used a different method to opt-out. Some used a radio-button with a popup-checkbox to un-click, others used a backwards-worded "do you want to decline this install", etc. It was confusing, and difficult. This does not pass the "Mom test".
Everything about this install was flaky. I bailed before the final "Ok" and I still feel dirty. I am now scanning for viruses.
Yahoo? Why???
Yahoo accepted money to make this the top result.
The next five results are similar. None of the top five results are legitimate.
Contrast this with Google's top 3 results, where the legitimate site was returned. Bing behaved similarly:
Yahoo is dishonest and disingenuous. This is disgraceful.
My internal alarm bells started ringing after the second or third hint, but I was well into the process before I understood what was happening. I did not realize my mistake until the final Windows 10 prompt. Most people would blow past these messages and it would be hell. You cannot trust people.
You wonder why Windows machines get a bad rap for getting viruses.... When you click "Yes," it is often self-inflicted.
What Should You Do?
Always download programs directly from the publisher's site,
Never from a third-party site, such as SourceForge or DownloadDF.
For example, Foxit Reader can be found at
https://www.foxitsoftware.com/products/pdf-reader/
Use Search to find the site, but once there, do a little poking around to see if the site you arrived at is actually the publisher's site. Watch the URL's. This can be tricky. Finding these sites can sometimes be a challenge, especially if you are using Yahoo.
Pay attention to the publisher's name.
When running the exe, look at the publisher's name. Be suspicious if different. In this example, the publisher was "darwendlmtowerworld.com" -- they are not your most honest citizen.
Hesitate when Windows displays the UAC nag
-- especially if it is Windows SmartScreen. Granted, Microsoft will almost always display this prompt when ever you run an executable. Stop and study the message. If it seems fishy, it is.
Pay attention to the options. Always choose the Advanced Install.
Options often include "optional" or "recommended" software, such as Search Toolbars (such as Ask.com), or virus scanning software, such as the evil Mcafee Security Scan Plus. Do not install the options. Ever.
Most importantly: Change your browser's default Search Provider.
I am biased. Make Google the default, or perhaps Bing. Remove Yahoo, Amazon, and all others. How to do this depends on your browser.
It is too bad Mozilla decided to use Yahoo; I guess they needed the money... You will have to go out-of-your-way to make this change. It is worth it.
Related Articles and Links
Foxit Reader can be found at
https://www.foxitsoftware.com/products/pdf-reader/
How to install Foxit Reader
http://keyliner.blogspot.com/2015/07/time-to-uninstall-acrobat-reader-and.html
Scanning for Viruses - Keyliner Recommended Steps:
http://keyliner.blogspot.com/2015/07/virus-cleanup-steps.html
No comments:
Post a Comment
Comments are moderated and published upon review. (As an aside, not a single spam has been allowed through; why bother?)