Back in September of 2012, I discussed online bait & switch with software downloads and how unwanted add-on’s – such as memory and cycle sucking toolbars – can find their way on to your system without your knowing it. I’ve coined a new term for this sort of stuff: Sneakware. In other words, crapware that sneaks its way on to your system when you’re trying to install a legitimate product.
I’ve observed a fine example of this in the wild and thought I’d show you what to watch out for. I’ve also run across an article that backs up what I’ve been saying even though they don’t call it “sneakware”. I’ll endeavour to keep all this brief and to the point.
For a number of years, I’ve used an add-on called File Menu Tools by a Spanish development house known as Lopesoft. It has come in quite handy for folks like Dr. Data who do a lot of different things with individual files and I’ve recommended it as a “must-have” more than once. The other day, it was time to install the latest version and I discovered – much to my dismay – that the developer has succumbed to the siren call of sneakware.
There’s a heck of a lot of free stuff on the web and developers will often seek to augment their income of donations by grateful users by including add-on’s with their installation package. Legitimate – and sometimes not so legitimate – entities will pay developers a certain amount to simply include this entity’s product in the developer’s installation package and then will pay the developer a specified amount of money for each actual installation of the entity’s product. Usually, both payments are a trivial amount but if your software is downloaded & installed 3 million times, this trivial amount can really start to add up.
In the case of Lopesoft, here’s what I saw:
|In this first screen-shot, the user is asked to install the Babylon Toolbar which supposedly gives you access to freebies, discounts, etc. You’ll notice that not only is the option to install the toolbar checked & greyed-out, but so are the options for making Babylon the default search engine and making Babylon search you homepage. Your eye is drawn to the usual mumbo-jumbo of the licence agreement and clicking “Agree” has become motor memory. You have no doubt learned over time that clicking the “Decline” button will cancel the installation of the whole thing and thus you are led to believe that you have to click “Agree” here in order to get the software you originally wanted.
The simple answer is “No, you can “Decline and still get the original product“ but how many users will see through all this? Also notice that the “Agree” button has focus so all you have to do is press the “Enter” key. To “Decline”, you’ll need to move your mouse to that button & click it.
|This is the next window that will be shown to you whether you “Accept” or “Decline”. Here, the verbage mentions Chrome, Google, etc. It also throws in “Amazon”. Add in the mumbo-jumbo and the average user will think they have to agree in order to get the software to work with Google, Chrome & Amazon.
As before, the “Agree” button has focus. Declining takes an extra effort.
There you have a perfect example of how the user thinks they’re getting a useful utility and are really getting a lot more than they asked for. Do this five or six times and you’ll wonder why your system isn’t as fast as it was.
While the mechanics and payment schemes may vary, this article from ZDNET explains it all very nicely. The price of a clean machine is eternal vigilance.
I’m having another go at learning Visual Basic not that I’ve had any problems with it in the past. It’s just that every time I get ready to try my hand, my employer has said “Never Mind” and everything on the subject that I’ve managed to stuff into my wee sma’ brain escapes. My current part-time gig uses VB & ASP.NET extensively so I’ve signed up for a course and am getting ready to do it one more time.
Anyway, I’m reading a book called Learning Visual Basic . NET and I can tell that the author is somewhat younger than I am. I found the following footnote:
Remember, the Y2K problem was caused by programmers who couldn’t imagine needing to reference a year later than 1999.
A fine example of youth and inexperience that is. The Y2K problem really began in the early days of computing when memory was tight. The machine I worked on after graduating from Wesleyan had only 16 K of memory. There was a mainframe on site that had an incredible 256 K of memory! In the early days of computing, machines had a very limited amount of memory so the coding for an application had to be tight and every byte of storage had to be conserved. Why waste a byte for “1984” when “84” would work just as well. The Y2K mess was due to the fact that there was no remediation of data and applications when hardware began sporting larger amounts of memory, well before the turn of the century.
I saw the problem coming back in 1981. The general assumption was that these older applications would be superseded with ones using more modern programming techniques as time went by and thus the problem would simply go away. Trouble is, it didn’t. While it became standard to use “1984” instead of “84” in an application, a lot of the old data – and the systems that depended on it was still using the old method for designating a year. Add to that the fact that significant amounts of code were still in use a quarter century after it was first written and you have Y2K. Q.E.D.
The year 2000 dawned and there was – overall – very little disruption due to the world’s odometer ticking over. There followed a hue and cry from the general public that the whole Y2K problem had been overblown and was essentially a case of crying “Wolf”. Rest assured that the problem and threat was very real. Things went smoothly because a bunch of software engineers – including yours truly – spent a lot of time remediating both code and data to ensure that disruptions would be kept to a bare minimum.
And now you know the rest of the story.
Back in early September of this year, I wrote a short series of posts about the danger one faces if they are not careful about downloading; one of which was called Online “Bait and Switch. The Malwarebytes.org blog posted an article called Pick a Download, Any Download on Oct 19th. This article goes into additional detail and covers some ground that I didn’t. It is well worth your time to read it.
One of the most disturbing trends – at least for someone who helps folks with their PC problems – in recent years has been the intentional misdirection, a.k.a. “Bait and Switch”, that has become prevalent on download sites. Of course, this kinda thing has been going on forever – keep in mind that “internet years” are like “dog years”, only more so – but in recent history, it has run rampant. A lot of this sort of thing appears on download sites that are supported by advertising. While the person or organisation who owns the site is somewhat at the mercy of advertisers, Dr. Data cannot help but wonder how many of them are complicit in the misdirection schemes.
My first example is from the website for The Windows Club which offers advice, technical information and some really handy utilities. The example was taken from a post about the free edition of A+ Folder Locker. (Clicking on the image below will show a full-size version of the screen capture.)
Can you find where to download this apparently terrific product? Well, Dr. Data will give you a hint; The download link is not one of those word combinations in blue with the double underscore. (Placing your mouse pointer over them will cause one of those annoying pop-up ads to appear.) The line in blue that begins with “Stay Safe!” is incorrect as well. That’s obviously an ad for Acronis True Image. Most likely, your eye will be drawn to the big green button that says DOWNLOAD. It even looks like it’s the place to go because the OS compatibility, Language and Version # are listed beneath it. In reality, clicking the green button will take you to a page that says that your download is ready. If you read the accompanying text, you will discover that you’re not getting the above-mentioned software that you cannot live without. Instead, you will be downloading something called the Zoom Download Manager. The only people who might really need something like this are those folks who are burning up their DSL connection with perpetual downloads. This product may be legit but you don’t really need it.
N.B. The text underneath the DOWNLOAD button mentions “ZoomDownload.com” which is up for sale by one of the domain name re-sellers. The link will actually take you to ZoomDownloader.com. The fact that the text says one thing while the link takes you somewhere else makes Dr. Data feel that the whole thing is more than a bit dodgy.
In case you were wondering, the real download link is the blue text in the sentence that reads “Head over to its home page, if you want to download it.” It’s right there in plain sight but the eye is misdirected to the DOWNLOAD button first. You should also know that there is another green DOWNLOAD button a paragraph or so above the text in the example. Is this confusing or what?
For our next example, Dr. Data will give no hints. (Clicking on the image below will show a full-size version of the screen capture.)
Dr. Data was trying to download Piriform’s excellent file recovery tool, Recuva from FileHippo.com. It’s easy to do directly from Piriform’s own download site but FileHippo makes things much more confusing. Can you tell where the real download link is?
Play the Jeopardy “Think Music”
[ca_audio url=”http://howardparsons.info/wp-content/uploads/2012/09/Jeopardy.mp3″ width=”500″ height=”27″ css_class=”codeart-google-mp3-player”]
OK. Give up? The real download link is circled in red on the image below. (Clicking on the image below will show a full-size version of the screen capture.)
The big green DOWNLOAD button (circled in purple) is for an audio converter that you probably don’t need and that is probably supported by advertising. The red “START DOWNLOAD” button (circled in orange) will take you the page shown below. (Clicking on the image below will show a full-size version of the screen capture.)
This is definitely not Recuva but it is for a similar product and may not be free as Piriform’s product currently is. Long story short, you have only a one in three chance of getting what you came for on the 1st shot. Given that English is read from left to right, odds are that you’ll go for the red START DOWNLOAD button first. If not, the big green DOWNLOAD button will probably be your next most likely destination. The real button to download Recuva is the smallest of the three graphics and in the right-hand column where folks are used to seeing ads.
In all of the examples above, the misdirection destinations are probably legitimate but what if they are not? What if the Download Manager contains malware? With some malware sites, you don’t even have to actively download anything. Just visit the site and they will infect your PC for you.
Here are your take-aways:
- When downloading software – especially freeware – always take the time to read the contents of the entire page before clicking the download link.
- Many of the misdirection links will load something you probably don’t want or need to your PC. You may say to yourself “I’ll get rid of it later” but the odds are that you probably won’t.
- Some of the misdirection links will take you to sites offering a similar product but not what you came to get.
- When downloading utilities, etc. check Downloads.com first. This site is run by C|Net and is good, safe & reliable. While they do have ads and sponsored products, the download links for the software you want are clearly marked and there is no attempt at misdirection.
- Above all, take your time. Trying to find and download software in a hurry can result in you selecting the wrong product or – even worse – downloading something that will harm your PC.
Whether you’re ready or not, another release of Microsoft Office is in the offing. Tech Republic recently posted a slide-show giving consumers a first look at Office 2013. Yet another new version. Yet another reason to open your wallet. If you’ve just installed Office 2010 on your system then you most likely will be good to go for a while and can wait until Office 16 or 17 arrives. If you’re using Office 2007, it may be time to upgrade and if you’re still using Office 2003, it most definitely is time to upgrade and pony up big bucks for the privilege.
But why should you have to spend so much for the ability to read, edit and create Word documents or Excel spreadsheets?
As it turns out, you don’t. Enter the LibreOffice suite, a set of productivity tools that are 100% compatible with Microsoft Office and are free, Free, FREE.
C|NET offers a highly positive review of Version 3.4 as well as a download of the software and Infoworld calls Version 3.5 “The best Office Killer yet.” If you’re wondering how you’re going to read or create MS Word & Excel documents, the LibreOffice suite is capable of saving files in the various MS Office formats (*.doc, *.docx, *.xlsx, *.xls, etc.) as well as reading them.
The only thing that the LibreOffice suite does not offer is an analogue to Outlook. If you’re contemplating a move to Linux thus saving scads of cash in operating systems, hardware, etc., there is Evolution – another freebie – that can serve as an excellent replacement of Outlook. There is an experimental Windows port of Evolution available but this project has been an on & off thing for a number of years now. The blog for Win Evolution has not been updated in over 2 years though the latest download is, as of this writing, less than a year old. If you’re committed to Windows, there are other substitutes available such as Mozilla’s Thunderbird or the Opera e-mail client. There is a review of 11 FREE e-mail clients on About.com.
Returning to the topic at hand, LibreOffice is available on the following platforms:
- Mac: Intel or PowerPC
- Linux (deb): x86 or x86_64
- Linux (rpm): x86 or x86_64
For Windows or Mac users, this is a way to experiment with your business tools before telling Microsoft or Apple to buzz off.
So, whether you’re sticking with Windows, OS X or moving to Linux, there are definitely some good substitutes for Office 10, 13 or whatever. By the way, did I mention that they are FREE?
Last month, I reviewed some free add-ons that will correct some of the design blunders Microsoft insists on making with Windows 8. One of my biggest complaints was that you have to go to the Windows Start Page – the one that uses the Metro interface – before you can go to the more familiar Windows desktop even if you have a desk/lap-top and have no need or desire to use Metro.
The engineers at Stardock have added functionality to their free Windows 8 start-menu utility that will take you, upon boot-up, directly to the Windows Desktop bypassing the start page completely. Thus you have Metro-no-mo!
Some users may or may not like the format of the Start Menu provided by Start8 but one thing is perfectly clear; If Stardock can figure out how to bypass the Metro interface, then other developers will quickly follow suit. Hopefully, we will see such enhancements from other developers before Windows 8 is released in October. The preview version of Windows 8 will cease to function at that time thus preventing any further testing.
The availability of suitable workarounds will impact the decision of many users as whether to migrate to 8 or stay with 7. Of course, Microsoft could avoid this situation in the first place by building flexibility in to Windows 8 to begin with. If we, the users, wanted a rigid, only-one-way-to-do-it operating system, we’d all be using OS X.
Testing of the enhanced version of Start8 will begin on Monday. If you want to try it for yourself, visit the Start8 Download page. Remember, Start8 is completely free.
If you haven’t paid a visit to my resume’, I’m a senior software engineer. That’s a fancy-pants name for a programmer, a profession that I’ve been involved in since the late ’70s. Over the years, I’ve heard more times than I care to think about that this programming language is “dead” or that programming language is on its way out. A glance at the List of programming languages by type on Wikipaedia will reveal scads of programming languages that were in use at one time or another. Many of them still are. Among those that are truly dead is my favourite; NCR’s NEAT/3 and NEAT/VS. Another dead – or nearly so – language is the one I developed; TOOL – Text Oriented Object Language.
Neither of these languages showed up on the list of 10 development technologies that refuse to die published by Tech Republic. The ones that did make the list are interesting. I won’t go into detail about all the languages but here are a few examples:
- COBOL – This is the language developed by the mother of modern programming, Admiral Grace Murray Hopper, and for decades powered much of the world’s business applications. One famous though unattributed quote ran something like “I don’t know what programming language will be used at the start of the 21st century but its name will be COBOL”. There are countless COBOL based applications still doing work for banks, insurance companies, etc. For what it’s worth, I’d love to write COBOL again; especially since many of today’s younger programmers are frightened by the thought of COBOL and are scared to death of JCL.
- C – This language had been sailing into the sunset of application development and looking forward to an active retirement powering hardware drivers and operating systems development. All that changed with the release of the iPhone and iPad, both of which use Apple’s iOS. Objective C – a superset of C – is being used to develop countless cutting edge applications to be run under iOS. Hmmmm . . . maybe it’s time to pull my C manuals out of storage.
- FORTRAN – I never wrote much code in this language but I did teach my wife to use it when she was in graduate school. FORTRAN code still runs things in certain industries/sectors and is hard at work today doing weather prediction.
- JAVA – No, JAVA is not going away anytime soon. Despite its flaws, JAVA is still a powerful language and is to the first half of the 21st century what COBOL was the 2nd half of the 20th century.
And for the people who write all this code? Old programmers never die, they just run to E-O-J.
This is what the sparse post that went out yesterday afternoon was intended to be. I wanted to gather a bit of information for the next day’s post before I went to see a client. I was short on time and apparently hit “Publish” rather than “Save as Draft”. My apologies.
I am always on the lookout for free software & utilities that actually work and have run across three more for your consideration.
- Advanced Uninstaller Pro – Some weeks ago, I posted about software uninstallers that worked better than the one built into the Windows Control Panel and offered two possibilities: (a) Revo Uninstaller (b) Your Uninstaller. There were one or two others that were more “trial-ware” than anything else & Advanced Uninstaller Pro was one of them. Innovative Solutions have decided to make version 10.6 absolutely free. Are all uninstallers the same? Well, some uninstallers are better at finding things than others. I had considered Your Uninstaller to be tops at finding installed applications but I accidentally installed a bit of “crap-ware” the other day & went to use Your Uninstaller to get rid of it. That application could not find it but Revo Uninstaller did. The moral? It always helps to have two uninstallers available even if you only install software on rare occasions because when you really want to rid our PC of something, you need to find it & get rid of it completely!
- WinDirStat – Ever wonder which files are consuming the most space on your Hard Drive? Then this may be the answer for you. WinDirStat analyses your HDD and displays the results in a proportional sized, colour coded matrix. You can learn what type of file it is, where it is and how big it is. Perfect for finding that monster logfile that’s squatting in a forgotten folder.
- FileType ID – This scenario has probably happened to a lot of us. Some one sends you an email w/ a file attached. Maybe it’s a file type that you recognise. Maybe it’s not. Since you don’t know the true nature of this file & the sender has always sent you good stuff before, you double-click on the file and – surprise, surprise – you wind up introducing your system to viruses, malware and other “cooties”. So how do you know what’s good and what’s not. Antivirus file scanning programmes have been known to miss a lot of things. (They have also been known to quarantine and/or delete perfectly safe files.) FileType Id will give you detailed information on any file before you open it by analysing the file’s binary signature. You can save the results of a file’s analysis as an HTML document And share it with friends, co-workers, etc. to get a second opinion. With around 4700 file-type definitions at the moment, this application is a “must have”.
All three of these freebies were reviewed at The Windows Club so you know that the applications have passed through an initial trial and review.
Finally, always keep an eye on what is going on with the installation process. In other words, read each installer panel carefully. A lot of good software uses installers that want to add a toolbar for a search engine, etc. If you’re not careful, you might wind up with something that you really didn’t want.
Week before last, I posted about three free-ware tools for Windows users. Today, I review Everything, a free file search utility by VoidTools.
Even though the Search feature in Windows 7 is a vast improvement over that offered by Windows XP, It can still take a heck of a long time to find the file or folder that you’re looking for. Enter Everything, a file/folder search utility that pre-indexes every file and folder on your system. The up-front indexing is considerably faster than the Win 7 search and Everything monitors your file system for changes. If you add “Document-x.doc” to a folder or move “Document-y.doc” from folder A to folder B, Everything will track the changes and the file name and path will be waiting for you the next time you need to look for it.
It’s dead simple to use Everything. Simply start it – if it’s the first time on this particular machine, you’ll have to wait a minute or so for your file system to be indexed – and type in the file/folder name. If you’re not quite sure of just what that file or folder name was, the search accepts wild cards (“*”). Everything begins to filter the indexed files the moment you begin typing and continues until you’ve either entered the complete name or have entered enough of the name to narrow down the list of possible files or folders.
What Everything does not do is search the contents of files. Fear not, there is a utility by Nirsoft that allows you to do just that. It too, is free and is knows as SearchMyFiles. While it will also search for file and folder names as well as the contents of files, its interface is a good bit more complex so it’s worthwhile to read the instructions on the download page. Dr. Data recommends that you use Everything for basic file and folder name searches and save SearchMyFiles for those times when you want to find a file based on its contents.
Either way, you’ve got two great search tools for Windows and they’re both FREE!