Forgot your password?
typodupeerror
Security Software Your Rights Online

Adobe Download Manager Installing Software Without Consent 98

Posted by timothy
from the plus-one-invitation dept.
"Not all is worth cheering about as Adobe turns 20," writes reader adeelarshad82, who excerpts from a story at PC Magazine's Security Watch: "Researcher Aviv Raff has found a problem in ADM (Adobe Download Manager) and the method through which it is delivered from adobe.com. The net effect of the problem is that a user can be tricked into downloading and installing software using ADM without actual consent. Tonight Adobe acknowledged the report and said they were working on the issue with Raff and NOS Microsystems, the company that wrote ADM."
This discussion has been archived. No new comments can be posted.

Adobe Download Manager Installing Software Without Consent

Comments Filter:
  • by Corporate Troll (537873) on Friday February 19, 2010 @06:41PM (#31205406) Homepage Journal
    I inherently distrust download managers. You don't need them. Just give me an http, ftp or (in some cases) torrent download and that's all I need. Download managers are not needed, they are additional fluff for nothing. It gets on my nerves they usually get forced down your throat and you need to jump through hoops on fire to get to a normal download.
  • Re:Bonjour (Score:5, Insightful)

    by Itninja (937614) on Friday February 19, 2010 @06:44PM (#31205428) Homepage
    I also dislike the opt-out Safari install that I have to remember every time I upgrade iTunes.
  • by MightyMartian (840721) on Friday February 19, 2010 @06:57PM (#31205536) Journal

    I not only distrust download managers, I don't see the fucking point. To my mind, the only reason any of these guys make them is so they can make back doors to stuff what you don't want with what you do. Naturally these download managers have the potential of being abused either by the company or by some third party exploiting them.

    If I can't download the thing through FTP, HTTP or bittorrent, I'm not interested, period. There's no technical reason for download managers, and thus any company that uses them has some nefarious goal in mind.

  • by MonTemplar (174120) <slashdot@alanralph.co.uk> on Friday February 19, 2010 @07:28PM (#31205880) Homepage Journal

    Ironically, the first time I tried DLM, it didn't work. So now I know to bypass that and hit the direct download link instead for what I can there for.

    -MT.

  • by Hurricane78 (562437) <deleted@s l a s h dot.org> on Friday February 19, 2010 @07:54PM (#31206158)

    I can explain the point to you:

    See, Linux/BSD systems have this nice thing called a ‘package manager”. And since all software is free, you essentially have a nice “app store”-like interface, where you can install everything (out of currently over 13,000 packages here on Gentoo) you like.

    Then when you want to update things, you can just call one global update program, and be done with it. Everything that has an update available, will be updated. With tons of options on what you want to block, what you want to allow despite it being marked as unstable, etc, etc, etc.

    After a while, when your rule set is stabilizing, and you routinely do those updates, you start to feel the natural need to automate it. (Unfortunately, most Windows users lack that need, since they are trained to use a PC like an appliance.) So you automate it.

    Now of course, big companies get all wet or stiff down there, when they see such a system. But since there is no such thing for Windows, they try to imitate it with such a download manager. Badly.

    But since everyone rolls his own thing, does not give you any control, and they don’t understand all aspects of package management anyway, you get a mess of tons of stupid background processes doing stupid (and sometimes useful) things without asking you.

    This is a opportunity that Microsoft clearly missed. Sure, they have Windows Update, which is not that bad and does the job for Windows itself, plus some drivers. But they should have offered a real package manager, and allow others to integrate into it. That would have given them big plus points from companies and users.

    And now we’re in the mess.
    But hey: You can still make some room and install a beginner-friendly Linux distribution, to go to, when you start pulling hairs again. :)

  • by westlake (615356) on Friday February 19, 2010 @09:22PM (#31206766)

    If I can't download the thing through FTP, HTTP or bittorrent, I'm not interested, period.

    You aren't the market. The non technical end user is the market. The user who isn't even aware that his PC has an FTP client - and won't install one short of being forced to do so at gun point. The geek lost this battle along about AOL 3.0 for Windows.

  • by cvtan (752695) on Friday February 19, 2010 @09:49PM (#31206900)
    There is a folder sitting on my desktop called Adobe Reader 9 Installer (>100meg). Can I get rid of this? I don't know what is going on with Adobe. The pdf reader used to be a lean secure program and now it's turned into some huge hideous beast that tries to sing and dance. Sigh.
  • by Bagels (676159) on Friday February 19, 2010 @11:29PM (#31207450)
    Just wanted to note that Microsoft does actually have a 'Microsoft Update' system that will update other Microsoft products (Office, Visual Studio, etc) installed on the system. I don't think it's available for pre-Vista systems, and it's a far cry from apt-get and the like, but it's a step in the right direction.
  • by spage (73271) <spage@sk[ ]page.com ['ier' in gap]> on Saturday February 20, 2010 @01:44AM (#31208116)

    When I tried Google Pack I found it didn't bundle the latest versions of the software it installs, so several immediately had to download additional updates!

    At one point my Windows PC had 7 different update programs running [skierpage.com]: Adobe Acrobat updater, Apple Updater, Flash updater, GoogleUpdate.exe and GoogleUpdaterService.exe, Java update (jusched.exe?), LavaSoft Ad-Aware updater, Symantec LiveUpdate (AluSchedulerSvc.exe?), ThinkVantage updater, Windows update. And that's after I turned off several others in MSCONFIG and Services.

    Firefox/Thunderbird/Mozilla's Help > Check for Updates... is the best Windows updater. It only runs when the application runs, it downloads a minimal diff, it prompts you to restart the application and self-updates (unlike some updaters that make you re-run a ^%$#$@! full-blown uninstall/installation program and ask you stupid questions that make no sense in an update), and it doesn't leave megabytes of crap lying around (I had five 70MB Java versions in C:\Program Files\Java and more crap in C:\Program Files\Common Files\Java\Update\Base Images).

    (I'm now on Kubuntu and KPackageKit, not perfect but an improvement in many ways.)

  • Re:Bonjour (Score:5, Insightful)

    by Toonol (1057698) on Saturday February 20, 2010 @02:55AM (#31208364)
    I occasionally post a negative comment about Apple. Worse, I sometimes post a politically conservative comment. And, yet, my Karma has been excellent for years.

    It may have something to do with (1) sometimes posting worthwhile comments and (2) not being a vulgar idiot.

    Please consider doing either or both in the future.
  • Re:Bonjour (Score:2, Insightful)

    by Kagetsuki (1620613) on Saturday February 20, 2010 @07:24AM (#31209162)
    OK, let's just get this straight here: some people do not like Apple (myself included) and in general negative Apple comments on Slashdot do get modded down regardless of how true they are. Apple is very much a company with a very strong brand image; and their fans seem to feel it's their responsibility to protect that image like a religious belief. So now that you'll understand my viewpoint better when I say I understand twoDigitlw's frustration in his comment and I find your comment to be arrogant. The fact you were modded 5 Insightful is also an expression in the truth of twoDigitlw's post, though it is true his post was Offtopic.

"A mind is a terrible thing to have leaking out your ears." -- The League of Sadistic Telepaths

Working...