Your IP:

Our Forums Have Moved!

Visit our new forums at https://community.opendns.com/forums/ to post on topics and read the latest content. These forums are now read-only archives.

K-12 Forums

Talk with other K-12 network administrators in your state.

Or see all states.

Categories

Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.

This discussion has been inactive for longer than 30 days, and is thus closed.
    • CommentAuthorsaleawy
    • CommentTimeDec 15th 2011
     permalink
    download.cnet.com has been tagged as adware by a moderator. It looks like this happened before http://forums.opendns.com/comments.php?DiscussionID=11163&page=1#Item_7
    Thankful People: maintenance
  1.  permalink
    Did you flag it?
    • CommentAuthoropendnsjp
    • CommentTimeDec 15th 2011
     permalink
    This is subject to some opinion, as CNET has in-fact started to re-bundle downloads with malware, see...

    http://insecure.org/news/download-com-fiasco.html
    http://www.networkworld.com/community/blog/cnet-accused-wrapping-malware-windows-installer-nmap-security-tool

    With DNS based blocking there is no way to block just some of CNET, or specific downloads. Better to send a message to CNET and just stop using the site all together :)
    • CommentAuthormaintenance
    • CommentTimeDec 15th 2011 edited
     permalink
    CBS Interactive, improving the CNET group of sites yet again.

    edit: Oh, it's the CNET download/update tool. You can whitelist the site, but I wouldn't use the CNET installer even if it were not malware. I beta-tested it.
    • CommentAuthorpooterman
    • CommentTimeDec 15th 2011
     permalink
    Whats really funny there is that Wikipedia shows:
    In July 2006, OpenDNS was launched by computer scientist and entrepreneur David Ulevitch. It received venture capital funding from Minor Ventures, which is led by CNET founder Halsey Minor.

    Isn't that like biting the hand that feeds you?
    Though I have to say I'm somewhat in agreement, download.cnet.com has really turned into a prostitute. rebundling stuff with additives, making finding the right real "download" link more like a game of smack the weasel.
    • CommentAuthoropendnsjp
    • CommentTimeDec 15th 2011 edited
     permalink
    @pooterman, I like the way you think!

    Will be interesting to see how this plays out :-) but hard to prove the reason...
    Will the blacklisting of download.cnet.com be lifted because of user complaints, or because of back door politics, or because it's not entirely fair as there are plenty of downloads which don't fall into the malware category?

    Apparently, nobody thought to install the malware in a VM, sniff-out everywhere it tries to contact via DNS queries, and blacklist those domains - seems like a whack-a-mole band-aid to just block all of download.cnet.com

    The real tragedy here is that most of these California tech companies believe the dot-com bubble era is indefinite, and with ridiculous amounts of $$ from all these VC's they can continue to do whatever the hell they want; regardless of morals, corporate responsibility, or regard for stepping on each others toes - because at the end of the day people are talking about it (free press) and people are still using it (cause they don't have the self-control or education not to) and thus the "distributor" is still making $$ - seems like a win-win :-/
    • CommentAuthoropendnsjp
    • CommentTimeDec 15th 2011 edited
     permalink
    I'd like to add a new perspective, based on some conversations I've had internally with my staff, and see what others think...

    If you go to google.com right now, and search simply "vlc" you'll see the top result is a sponsored result for getting VLC from downloadster.org - this is a blatant re-bundling of the free and open source VLC software, and they even say so: "Downloadster.org distributes Open source software via a download manager install system. This software may be available free elsewhere. Additional software may be offered in opt-in ads, Learn More."

    So, with that example in mind, which is basically identical to what CNET is (was?) doing...

    Should we be blocking google.com for "providing" this?
    - My thought is this would be met with great frustration, along the lines of SOPA is a great idea, or Net Neutrality isn't important.

    Should we be blocking downloadster.org for "providing" this?
    - My thought is this "company" doesn't seem to offer anything BUT this crap-ware bundle, so they should be blocked.

    So, should we be blocking download.cnet.com for "providing" such similar things?
    - My thought is they do provide other things malware free, and are basically like a search engine for software, so if the consensus is we block them, then why are we not also blocking google?

    I'm not saying CNET shouldn't be shamed out of existence - but should they really by blocked as part of a bigger, global category, or should it be left up to individual admins to go in and blacklist this specific domain?

    Consider - nobody is forcing you to download from the first link you find on Google, and nobody is forcing you to download from CNET - you could simply treat those sites as a resource for finding the manufacture/owner's site and then downloading it crap-ware free from the source.

    I've also submitted my other example: downloadster.org
    here: http://domain.opendns.com/downloadster.org
    So you can register your vote on that one.
  2.  permalink
    "Isn't that like biting the hand that feeds you?"

    Well, no, because he isn't involved with CNET in that capacity any more, and if he has any sense, he would be sad to see what CBSi has done with all the CNET-related sites. I'm not even sure he was around when CNET merged with ZDNet, TechRepublic, and others. CNET is godawful old in terms of the Web. Just look at the domain names they own - download.com, news.com, com.com.

    CNET and friends have had their troubles on and off, but things have really gone downhill in a directed manner since they were acquired by CBSi, and especially this year.

    "Consider - nobody is forcing you to download from the first link you find on Google, and nobody is forcing you to download from CNET - you could simply treat those sites as a resource for finding the manufacture/owner's site and then downloading it crap-ware free from the source."

    Adware is adware whether you allow it to install or not. But you may notice that the site is no longer blocked. http://download.cnet.com/ I guess the mods responded to our flagging. But to be honest, I rather think download.com deserves it, despite my initial reaction. I just never install such dreck anyway - toolbars, app or driver update trackers, and other junk. So I hadn't noticed what they were doing.
  3.  permalink
    Good grief, downloadster.org is teh stoopid. It's a small series of not-well-linked pages (probably gets traffic via redirects from other sites which share this "business model"). Why would I want an idiotic little downloader when I can get the goods from the source? Especially VLC. Not so I'd want any of the others.
    • CommentAuthorzelus
    • CommentTimeDec 17th 2011 edited
     permalink
    >>"If you go to google.com right now, and search simply "vlc" you'll see the top result is a sponsored result for getting VLC from downloadster.org - this is a blatant re-bundling of the free and open source VLC software, and they even say so: "Downloadster.org distributes Open source software via a download manager install system. This software may be available free elsewhere. Additional software may be offered in opt-in ads, Learn More.""

    @jpelectron, approved tag: http://domain.opendns.com/downloadster.org

    Giving VLC downloaders a bad deal ain't cool. ;)

    >>"Should we be blocking google.com for "providing" this?"

    No, it's not Google's content and it's simply their job to provide search results here. Absolutely no reason why Google would be blocked for this.

    >>"Should we be blocking downloadster.org for "providing" this?"

    Yes; approved the adware tag on it.

    >>"This is subject to some opinion, as CNET has in-fact started to re-bundle downloads with malware, see...
    . . .
    With DNS based blocking there is no way to block just some of CNET, or specific downloads..."

    As long as the bundling of adware remains, we'll keep the tag on it. I spoke with our lead Domain Tagging staff about it, and the tag will stay until the situation changes for the better.
    Thankful People: opendnsjp, maintenance
    • CommentAuthoranitah
    • CommentTimeDec 17th 2011
     permalink
    This is frustrating. I had to unblock adware as a category a few days ago because we regularly use cnet especially for product reviews. Argh. How do you flag a tagged site for review ?
    • CommentAuthorrotblitz
    • CommentTimeDec 17th 2011
     permalink
    @anitah
    Normally while clicking the link with the same name.

    @zelus
    What's wrong with http://domain.opendns.com/downloadster.org and http://domain.opendns.com/cnet.com ?
    Although it is approved for categories, it displays "Be the first to tag this domain" and therefore also the "Flag for review" link doesn't appear...
  4.  permalink
    "This is frustrating. I had to unblock adware as a category a few days ago because we regularly use cnet especially for product reviews."

    No you didn't. You have a Never Block list available to you.

    But cnet.com is not approved as adware, download.cnet.com is. Reviews.cnet.com is not.
    Oddly, downloads.cnet.com is not.
    • CommentAuthorzelus
    • CommentTimeDec 17th 2011 edited
     permalink
    >>"Although it is approved for categories, it displays "Be the first to tag this domain" and therefore also the "Flag for review" link doesn't appear... "

    Looking into this right now.
    Thankful People: rotblitz, maintenance
  5.  permalink
    Blocking downloads.cnet.com is doing irreperable harm to those legitimate sites that use it to get their products to the masses.
    Case in point, Avast free cannot be downloaded from downloads.cnet.com due to the block
    Whomever tagged this as adware was not thinking very clearly.
    And whomever this person or persons is, if they do not know how to scan a download with their AV product do not deserve to operate a computer.

    UNBLOCK http://downloads.cnet.com
    Thank you.
    • CommentAuthoropendnsjp
    • CommentTimeDec 18th 2011
     permalink
    I was going to tell you to just get Avast free from the source and stop giving CNET your business...

    http://www.avast.com/free-antivirus-download
    ...but I now see that there site is broken :-(

    Perhaps you can try here...
    http://majorgeeks.com/download.php?det=1968
  6.  permalink
    Or you could just, you know, whitelist the domain. Or not block the Adware category. Or make a case that the cnet downloader isn't adware rather than an argument from consequences.
    Thankful People: zelus
    • CommentAuthorrotblitz
    • CommentTimeDec 18th 2011
     permalink
    @transitman5
    "UNBLOCK http://downloads.cnet.com "

    It seems you didn't get it. Nobody blocks this site, it's just you, really.
    • CommentAuthormrbidou
    • CommentTimeDec 19th 2011
     permalink
    Anybody can whitelist any site they want.
    • CommentAuthorddtrent
    • CommentTimeDec 19th 2011
     permalink
    So, why doesn't OpenDNS just unblock it? It doesn't say much for them (opendns). It is stupid to block CNET, yet, tucows is not blocked.

    It also doesn't seem to do any good to comment here or send an email to these folks.
  7.  permalink
    ddtrent

    CNET is not blocked - or don't you get this? It says plenty for a service that offers to block adware when it ... actually blocks adware. You unblock it. You are in charge of your own settings.

    Tucows isn't serving up adware.

    "It also doesn't seem to do any good to comment here or send an email to these folks. "

    It has been explained. Because you send an email or comment somewhere doesn't mean your request rules the world. It apparently doesn't do any good for people to post anything for you to read, either.
    • CommentAuthorgeeknik
    • CommentTimeDec 22nd 2011
     permalink
    Sorry it took me so long to make an appearance here, however, I did my research before I approved the Adware tag on CNET. Even the EFF has weighed in on this issue:

    https://www.eff.org/deeplinks/2011/12/downloadcom-debacle-what-cnet-needs-do-make-it-right

    "This practice is not only deceptive, it directly contradicts Download.com’s stated policy (http://www.cnet.com/2723-13403_1-461-16.html), which promises users that it has “zero tolerance” for bundled adware and that “when it comes to fighting unwanted adware . . . Download.com has always been in your corner.” Indeed, that promise was one reason users and developers had come to trust Download.com as a reliable source."
    • CommentAuthorhemingray
    • CommentTimeDec 23rd 2011
     permalink
    Unfortunately, you pooched on this one. This little block you created prevented me from obtaining the latest copy of Malwarebytes Anti-Malware (which the MBAM page links you to download.cnet.com). May want to just let others use their best judgement, rather than blocking it from those of us who know what we're doing. I had to create a whitelist entry for this.
    • CommentAuthorhemingray
    • CommentTimeDec 23rd 2011
     permalink
    PS: I didn't get slipped any malware/adware from CNET getting this program..
  8.  permalink
    For the people that are complaining, just add it to your white-list or talk to your admin if you have a reason for downloading. OpenDNS is not forcing you not to use the CNET download page, you have the ultimate control.
  9.  permalink
    "PS: I didn't get slipped any malware/adware from CNET getting this program.."

    Did you read anything? http://insecure.org/news/download-com-fiasco.html for example.

    They are counting on people to click through rather than to decline. This is not an ethical practice, and many people end up with the adware. It was fine back when it was a separate offer from CNET, or when clearly demarcated as an option. This is no longer the case.

    As it is, too may people end up with toolbars, BHOs, and other junk because they click through anything when downloading or installing. In this case, the entire domain is the problem, and OpenDNS is obligated to tag it as Adware.
    • CommentAuthormagic_jack
    • CommentTimeDec 24th 2011 edited
     permalink
    SO NEED TO BLOCK OPENDNS BLOCKED DOMAIN SITE ?

    As of right now, the top of OpenDNS http://www.blocked-website.com contains Dating links which is marked in my profile to be blocked. Using the the same basic logic, that people may not watch their clicks, it should be blocked as well.
  10.  permalink
    Or you could, you know, open a support ticket. OpenDNS would want to know if the advertiser was putting inappropriate sponsored links in the Guide pages. (Not the Block pages - there is no such thing on the Block pages.)

    Plus, you can't block the Block pages. Even if you could, you'd just get a Block page anyway.
  11.  permalink
    Babylon toolbar (amongst others) is being shipped with applications from Cnet and people are having a bad time getting rid of the included pests. Frankly I see this as a malware site now and block access to it on my home network.
    • CommentAuthorgeeknik
    • CommentTimeDec 26th 2011
     permalink
    @jbmjr01 I've passed your comment along to the appropriate person.

    @maintenance Blocking the block page would result in a division by zero error and the universe would collapse in upon itself. ;)
  12.  permalink
    :bigsmile:
  13.  permalink
    > May want to just let others use their best judgement, rather than blocking it from those of us who know what we're doing.

    The whole point of the service is to protect people who don't know what they're doing. The rest of us can easily whitelist the site.

    > I had to create a whitelist entry for this.

    Well, most of us can easily whitelist the site. For others, apparently, it's something of an ordeal.
    • CommentAuthorslimdan22
    • CommentTimeJan 2nd 2012
     permalink
    I really don't think download.cnet.com should be considered Ad-Ware.

    I like reading the download.cent.com Blog and noticed it was blocked.



    In my opinion any site that is designated Adware should be installing the mention adware without the users knowledge. Bundled software installers i think are the last thing people should be worrying about.Its annoying but it is the users discretion on what they download.
    • CommentAuthordoyling
    • CommentTimeJan 7th 2012 edited
     permalink
    This is driving me nuts as I can't update my Roborom. The Roboform installer is hosted on download.cnet.com. Found the white list, guess I have to go that way. Still, this is not good.
    • CommentAuthorjjlink
    • CommentTimeJan 7th 2012
     permalink
    I agree 100%:

    This is driving me nuts as I can't update my Roborom. The Roboform installer is hosted on download.cnet.com. Found the white list, guess I have to go that way. Still, this is not good.
    • CommentAuthorjjlink
    • CommentTimeJan 7th 2012 edited
     permalink
    If you want us to abandon OpenDNS keep blocking sites like download.cnet.com.

    Agree 100%

    In my opinion any site that is designated Adware should be installing the mention adware without the users knowledge. Bundled software installers i think are the last thing people should be worrying about.Its annoying but it is the users discretion on what they download.
    • CommentAuthorrotblitz
    • CommentTimeJan 7th 2012
     permalink
    @slimdan22 & @doyling & @jjlink
    Not sure what you're complaining about.

    1. You're willingly using OpenDNS as your DNS resolver - fine, but...
    2. You're willingly blocking the Adware category. Nobody forces you doing this. OpenDNS does *not* block it, you decided to have this blocked. And as usual with *any* site in *any* category, domain tagging is a kind of "common sense" voting process, so the (interested) majority or OpenDNS staff will always decide how and what to tag.
    3. You know that *you* willingly block Adware and that download.cnet.com is tagged as such, so you know you *must* whitelist it to be able to reach it, but you fail to accept doing it. Weird...

    Therefore you need to explain your concerns to me, again and again.
    After all, don't block download.cnet.com the one or other way, so you'll have no problem reaching it. So easy and simple! It is your decision, just yours!
    • CommentAuthorletnet
    • CommentTimeJan 12th 2012
     permalink
    Any one getting any response from cnet? This, as all have mentioned, is very frustrating as so many other sites use CNet to download their software. Categorizing Cnet as adware isn't good. I hear you all, use you can whitelist, but those of us on limited plan can only whitelist so many.

    Is there a category that Adware can be split into, potential Adware for example?
  14.  permalink
    all of the optional programs included with the installer have a box to un-select to not install the toolbar's etc..
  15.  permalink
    If whitelisting is the answer then Opendns needs to increase it from 50 to deal with silly blocks like this.. unless a website is forcing adware to be installed upon visiting that site, I don't see why it should be in adware category.. and even the cnet installer is not forcing you to install the toolbars
    • CommentAuthorreport99
    • CommentTimeJan 13th 2012
     permalink
    Totally childish and unacceptable behaviour. Yes they bundle some downloader and it suggests some toolbars. Guess what? Just updated Java from Oracle giant and they suggested Ask.com toolbar too. Lets add them to adware too?
    • CommentAuthorslundberg
    • CommentTimeJan 26th 2012
     permalink
    download.cnet.com should not be blocked as adware. It is mainly a software site and quite frankly is used by a lot of legitimate business, ours included.
    my .02c
  16.  permalink
    I think those that do not like it being blocked is missing the point or has not read the link
    What CNET is doing is deceptive! read this link before complaining.

    https://www.eff.org/deeplinks/2011/12/downloadcom-debacle-what-cnet-needs-do-make-it-right

    OPenDNS Adware option protects all submitted and voted domains by default to protect the average Joe, if you want to allow the site, create a White-List.

    Until Cnet makes thanks right, I am sure OpenDns Admins and Mods will continue to make sure it is blocked.
    • CommentAuthorcantonweb
    • CommentTimeJan 30th 2012 edited
     permalink
    I saw download.cnet.com was blocked when I went to download a legit software package. Unfortunately, it was the SOFTWARE VENDOR'S OWN SITE that sent me to CNet. And, they offered me no other choice of download location.

    Normally I'd complain about this. As someone stated earlier, many companies rely on CNet to distribute their software. And it is even worse when said company doesn't even host it on their own site or a known good mirror.

    However...I do have to agree that CNet needs to be blocked. I haven't liked them for the past decade, as they have been at the forefront of "spammy" sites crammed full of advertising. And, the last thing I had downloaded from them was telling me to install a browser toolbar. Even though I could opt out of the malware toolbar, I chose to abort the installation. I do not support companies that bundle malware with their product...and a browser toolbar (from a company I've never heard of) is malware in my experience.

    I do have to whitelist them for now, but I am extremely careful now with everything I download from them. If this generates bad publicity for them, that's perfect! Maybe it will get their attention to clean up their act, or more sites and even "internet security" software packages will start flagging their download site similarly.
    • CommentAuthorHill
    • CommentTimeFeb 2nd 2012
     permalink
    I came here to find out what was going on myself about this.

    It appears opendns is in the right and I thank them for doing it even though it inconveniences me. I for one will not be adding it to exclusions.

    That said, good security isn't always easy, it's often hard. You ask opendns (no one is forcing you to use the service) to protect you based on universal standards of what these types of software are.

    What we have here is a "Because it is popular to do and use it should be exempt" argument. The same logic behind thinking a celebrity should get a much lesser sentence for a crime than you or me on the street; it is a dangerous path. And one that endangers good, blind neutrality; abandons it for personal ease and throws open the door for favoritism.

    Innocence by association is garbage; this is not a karma game where good deeds, or good people benefiting from bad people outweigh the fact that what the bad person is doing is bad irregardless of those they help along the way or as a consequence. Sentencing takes into account good deeds, but it doesn't absolve the person of the definition of their crime (adware here); you are the governor in this case, you may pardon the offender for your own reasons within your own jurisdiction. Just don't mind us when we don't do the same and go on calling a murderer a murderer and basing our relations with them on that fact.

    Don't like it? I'd say get out, find someone, some company who will pander to the ever-changing whims of the masses. You cannot please everybody, all you can hope to do is do what you stated you would with good effort toward neutrality.


    As an afterthought if you are a company who benefits from them, why not tell them you don't like what this is doing to you? They are empowered by companies and individuals who agree (or don't disagree) with their hosting and distribution of their software. Remember it is they who set this in motion, don't blame the police for coming because they were selling things out the back door they shouldn't have. "Don't shoot the messenger."
    • CommentAuthorslimdan22
    • CommentTimeFeb 3rd 2012
     permalink
    I haven't been to download.com in a while (I use filehippo) and checked it out today.

    I downloaded random downloads from there top downloads page. CCleaner, MBAM, VLC, Flash Player, Google Chrome, TeamViewer, Adobe Reader, Skype, and about 10 other downloads.

    Non of them had to be downloaded through the CNET download manager, i actually have yet to find any downloads that have it.

    I think the category of Adware should be reviewed for this domain.
    • CommentAuthorMark
    • CommentTimeFeb 9th 2012
     permalink
    Please review this classification.

    I often download things without the CNET downloader and have never added any adware onto my system as a result of using CNET. As I like following download links from the website of the software provider, for safety's sake, and as many use CNET (avast for example) I am by default blocked from using method if I select the adware category in OpenDNS. And to those of you saying "just whitelist it", I have reached my limit of 50 to fine tune things.

    So I am left with no choice but to unblock the whole category, which leaves the protection much compromised, particularly as I use OpenDNS to stop my children downloading something they shouldn't onto our computers.
    • CommentAuthorguidmorrow
    • CommentTimeFeb 12th 2012
     permalink
    This may tie in to the big P2P file-sharing scandal that JeepersMedia on YouTube uncovered recently, and the whole push for legislation to block sites linking to copyright-infringing materials.

    Sure, they test for spyware themselves, but they don't run it through Virustotal, they don't check sites to see if the mirrors are still up, and for all it's worth, I can't even get my Facebook logged in there for more than 5 seconds without getting bumped off. So something must be up.

    I'd go find another free downloads site if you still want to get MBAM, Avast, Spybot S&D, etc...
    • CommentAuthorsjm
    • CommentTimeFeb 14th 2012
     permalink
    I need to download legitimate software from CNET at various times. Others do too. Whitelist isn't an option for the family members that don't want to be domain administrators and just use the .123 "family" option.

    It shouldn't be blocked, IMO. It's like using a flamethrower to kill a gnat.
    • CommentAuthorrotblitz
    • CommentTimeFeb 14th 2012
     permalink
    "just use the .123 "family" option. It shouldn't be blocked, IMO."

    Ah yeah, that's fine then. download.cnet.com isn't tagged in any categories used by FamilyShield (*.123 addresses). Is this what you wanted to express?
    http://domain.opendns.com/download.cnet.com

    "that don't want to be domain administrators"

    What's this to do with OpenDNS? You can't administer domains here.

    "I need to download legitimate software from CNET at various times."

    Fine. What are you waiting for? Go ahead!

This discussion has been inactive for longer than 30 days, and is thus closed.