Some day you will want to install a software to do a single task. So, you go to the store and find that the cheapest software is $150. You go back home and search the internet for something like "free photo editor" or "free mp3 converter." Voila! you find what you are looking for. Especially great, it comes at that low...low price of free. Or does it...?
I have a question for you. If a website is free to visit and they distribute free software, where do they make their money? The answer is in two places. First, there are the advertisers. These companies pay to have their information in the side bar of a site, as well as pay for each click on the ad. Second, through attaching software to your download that you may not want.
The latter is what we are going to focus on today. These pieces of software are called "Potentially Unwanted Programs" PUPs. Although they are not necessarily a big issue here is a list of some of the things I have seen attached to them.
The best thing you can do for yourself when downloading free software is read each page of the installer carefully I will take some screenshots from some of these popular free software provider sites to show you what to watch for. I briefly touched on this during the java update tutorial when I had you uncheck the Ask.com or McAfee box. Also, try going to the software manufacturers website, eg. Mozilla Firefox (mozilla.org) OpenOffice.org (right in its name).
Downloads.com
These guys are probably the most friendly when it comes to add-ons. Many downloads are offered without any extra software, but you still have to be careful. I attempted to download a free piece of software from Downloads.com. Below is what I found.
The latter is what we are going to focus on today. These pieces of software are called "Potentially Unwanted Programs" PUPs. Although they are not necessarily a big issue here is a list of some of the things I have seen attached to them.
- Opening security vulnerabilities on your computer
- key-loggers (keep track of what buttons you press on your computer)
- Loading at Startup (makes your computer take longer to boot up and uses resources while your computer is running)
- Layering over buttons you need to use
- Viruses & Malware
- Adware, crapware, and Bloatware
The best thing you can do for yourself when downloading free software is read each page of the installer carefully I will take some screenshots from some of these popular free software provider sites to show you what to watch for. I briefly touched on this during the java update tutorial when I had you uncheck the Ask.com or McAfee box. Also, try going to the software manufacturers website, eg. Mozilla Firefox (mozilla.org) OpenOffice.org (right in its name).
Downloads.com
These guys are probably the most friendly when it comes to add-ons. Many downloads are offered without any extra software, but you still have to be careful. I attempted to download a free piece of software from Downloads.com. Below is what I found.
1. Note: I use Google Chrome. There will be another post on this site regarding browsers and which ones you should use. When I downloaded this file the first thing I noticed was the dlm in the file name. This means "DownLoad Manager." It raises an immediate red-flag in my mind.
2. Not everyone uses Google Chrome, so I did not want to go into too much detail there. Here, I circled a few things. As you can see the Program name is "CNET Download.com." This is not what I downloaded. You can also see the green icon to the left. This is the same as Download.com's logo. I point this out because I want you to be able to identify a download manager from a straight download. Generally, a direct installer will have the program name match the name of the software you are installing.
3. There is a lot of information on this screen. Look at the top. See where it says "Welcome to the Download.com Installer"? This is important. This tells you that they are trying to download additional software. Down in the lower right is a rough approximation of how many additional software will be attempted to be installed. Take the total number of steps and subtract 3. In this case, there will be 5.
4. These are the 5 steps in the middle. They all have a few things in common. I will go over these top to bottom. At the top, you see the line "SPECIAL OFFER." This means that this is not a necessary download. I circled what the product is in the description, things like Conduit Search are known to cause viruses. Step 2 of 8 gives you an approximation of how many more of these you have to go through. Click "Decline."
5. The last two steps (7 & 8 in this case) are one step. It will perform the actual download of your software. When the last step is reached, click Install Now. The real installer for your software will then open.
sourceforge
Sourceforge.net is another popular provider of free software. They are perhaps a little more reputable than downloads.com, but you still have to be careful. There are many similarities between the two download managers. Sourceforge specializes in open-source software applications. For more information on open-source click here. I will write a future article about this with a simplified version.
sourceforge
Sourceforge.net is another popular provider of free software. They are perhaps a little more reputable than downloads.com, but you still have to be careful. There are many similarities between the two download managers. Sourceforge specializes in open-source software applications. For more information on open-source click here. I will write a future article about this with a simplified version.
1. My first attempt to download the software lead my Anti-Virus software to block it. I had to disable my Anti-Virus software to get a successful download. I checked the reason for the decline, and my AV software said that it is because of a Potentially Unwanted Program installer. Note the SF logo to the left of the download. This means that this download will use sourceforge's download manager.
2. When Windows does not recognize the publisher of software, this popup will appear. As long as you trust the provider it is safe to click Run. A quick search of the publisher Max Setup shows that this publisher "is a known Adware distributor."
3. This User Account Control (UAC) has the same features as the one in the downloads.com section. Note the repeated note of the publisher "Max Setup" and the sf logo. If either of these things change, it can be a sign of malicious software.
4. Same as with the Download.com manager, this has great information. See the note of SourceForge Download Manager at the top. This means that, once again, you will have to slog through attempts to install software you do not want to get to what you do.
5. These are screenshots from the two additional pieces of software sourceforge attempted to install. Click decline. Sourceforge's manager is particularly sneaky in that if you do not read carefully, you will get some PUP's.
6. Between the last PUP page and the installation page, there may be a pause. This is while it downloads the actual installer files. Click Install Now. Proceed through normal installation process.
What it all Means
The real key to preventing sneaky malicious software and PUP's is to slow down, especially when you are downloading free software. I hope I have taught you a few things to look out for when installing free software.
What it all Means
The real key to preventing sneaky malicious software and PUP's is to slow down, especially when you are downloading free software. I hope I have taught you a few things to look out for when installing free software.