Open sauce developers are getting hit by an alarming trend amongst malware makers to take their code and counterfeit it, or place malware under the bonnet.
Writing in his bog , VideoLAN developer Ludovic Fauvet he has seen his code being redistributed by various organizations' websites, some of which claim that VLC is theirs. They lure users with paid Google AdWords ads,
To make matters worse, some of them are installing malware and spyware in the installers.
Fauvet said that many of them are bundling VLC with various crapware to make cash. The result is a poor product that doesn't work as intended, that can't be uninstalled and that clearly abuses its users and their privacy.
He has named and shamed the following sites. We do not recommend you go there, but if you have black lists just cut and paste in the addresses.
pinballcorp.com
- eorezo.com / tuto4pc.com
Http://vlc.us.com - http://www.eorezo.com/cgi-bin/download/direct/index?c_software=vlc
- http://www.vlcdownload.org
- http://www.softwaredownload.cc/?gclid=CMyGhoHrwJ8CFcpb4wodNHnJzg
- http://www.iogiciel.com/l/index.php?option=com_content&view=article&id=53&Itemid=61
- http://vlcplayer.2010-fr.com
- http://www.mediaplayers-gratuits.com
- http://www.durable.com/telecharger/telecharger_vlc-media-player_11341?gclid=CJ6j9eyqiKACFVRm4wodoUL6MQ
http://www.downloadvlcplayer.net - http://vlc-media-player-blog.com
- http://www.softesdown.com/fr/vlcmediaplayer/
- http://www.getyoursoft.com/download/name/vlc-media-player/id_soft/18
- http://supertelech.info
- http://www.descargarvclmediaplayergratis.com
- http://www.oficial-es.org/es
- http://todotusoft.com/Video/Reproductor-Multimedia/1158/VLC-Media-Player.html
- http://galleries.secure-softwaremanager.com/804e9dc7b4/854190c2bc1e
- http://www.clickdownloadsoftware.com/player/
While all this is violating trademarks, we guess that the malware writers will not care that much. It also violates the GPL which forbids you changing the code without sending it back to the original project.
VLC is not the only software that is getting turned over and it seems that the only way that any one is able to be sure is going directly to the project team itself.
Fauvet has tried to ask Google to stop selling adwords on the knockoff adverts but has not got anywhere. Of course they are making money on the adverts, but at the same time it might be difficult for them to work out who made the real software. After all it is having a few problems with that itself over its Android software.
.jpg){kind=icon}
This is incorrect. GPL allows modification of the code to any degree one wants. If one does not distribute the modified code, that is the end. Even if one does distribute it, however, the major restriction in the GPL is called "copyleft", which states that any modified (or unmodified) copies of the software must be placed under the same licensing terms (i.e., GPL) as the unmodified software. There is no requirement to send modifications, distributed on undistributed, back to the project.
Were the GPL to require a licensee to send modifications back to the project, any fork of GPL software, such as the Android fork of the Linux kernel, would be in violation of the license.
Cheers,
Patrick Niedzielski
This is absolute nonsense... have you ever read the GPL? The GPL forbids you to distribute the software without making the source code available or putting additional restrictions. But one doesn't have any legal obligation to contribute back to the original project. Or, if one uses the software only internally, without distributing it to others, than he may sit on the modified or unmodified sources as much as he wants.
Looked at another way - who would be using a so-called user-friendly distro (y'know Gentoo... :) ) and getting this stuff from anywhere else?
Who is the target group here? MS Windows users?
Is it black propaganda? (tinfoil hat etc.)