Goodbye to software bundlers and crapware dealers. Go and make their business illegal!
Unwanted extensions in browsers that become subtly changed so the crap will stay on forever
and cannot be uninstalled in a normal way,
Methods to earn cheap money at the expense of the unaware end-user,
but performed in such an unethical way it borders on being cybercrime.
Unfortunately this has enough loopholes that you can drive a truck through them.
“the installation of apps by Canadians onto their own smartphones and tablets is not regulated by CASL”
It’s apparently designed to prevent third part installation of Crap-ware.
The line here is whether you download crap knowingly or not? So when you cannot opt out or only uninstall/cleanse with a lot of difficulty such downloads should be illegal and those that provide them should come under prosecution. And they know it because why a lot of these crap dealers have such a large judiciary staff to work against anyone that calls a spade a spade? Now we have malcreants and pseudo-malcreants that abuse the loop-holes that were created for them.
But there is an (after)effect they have to consider and also for instance Verizon knows that with their zombie cookie header injection, continuing with their unethical methods when found out may backfire big time and then they can only say: “Was it worth doing it in the first place?”.
Damien,
We all know what should be done. That doesn’t mean that not doing it is illegal.
This law, even if it were universal, would not prevent installation of crap onto your system when you start the
download of software that will reside on your own system.
I am realistic enough to know that there is a big gap between an ideal world and everyday’s reality.
But we have to start somewhere, crap that changes files in your computer browser to be able to stay on forever is where the bundler’s are crossing a line, especially when these goodies are being dealt out unsollicited. When they can close down piratebay, why cannot they terminate such clown’s crap spreading? Double standards maybe?
To get a clearer view, we launched Process Hacker, found EasyDiskDriveRepair.exe in the list, double-clicked it and selected Memory > Strings. This displays more text strings the program might be using, and once more the very first page displayed something dubious: "HKCU\Software\Microsoft\Windows\CurrentVersion\DirectManipulation", something which could be used as part of an attempt to get more direct control over our Registry.
Another string showed a dubious Registry query: “C:\Windows\system32\cmd.exe” /c reg query HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f “chrome” /d > c:\windows\temp.txt – searching for Chrome being launched when Windows starts, and saving any hits to a temporary file.
Why Chrome? Clicking Filter in the bottom-left of the Strings box allowed us to search for Chrome references, and sure enough the program was trying to use sqlite3 to directly modify Chrome’s database: “sqlite3.exe “C:\Users\mikew_000\AppData\Local\Google\Chrome\User Data\Default\Web Data” “update keywords set url = url || ‘&tag=chrome20-20′ where url like ‘%amazon%’ and url not like ‘%&tag=chrome20-20′;”
It doesn’t take any great expertise to realize that this looks very bad, but we wanted to complete the picture by running a complete scan with “Easy Disk Drive Repair” and using Sysinternals Process Monitor to capture what it did.
If anyone here knows where it is heading and how it is being performed, it is you.
They can work all these devious malcode manipulation tricks almost unhindered
and no one blocks them in their ways or seem to stir or even raise a finger,
so it is going from bad to worse. Crap starts to rule.
Some of these bundled softwares also change chrome if it is present to the developer build. This means that any add on can be installed from anywhere with no security check on it
