Companies bundling spyware, adware with open-source media player

Companies bundling spyware, adware with open-source media player

Summary: VideoLAN named-and-shamed at least 25 companies that are guilty of bundling spyware and adware programs with the highly rated open-source VLC media player.

SHARE:

VideoLAN developer Ludovic Fauvet has come out swinging against companies that bundle adware and spyware with the open-source VLC media player.

"At VideoLAN we’re really fed up with all those websites/companies that are tricking our users to download malware and violate our IP by distributing misleading versions of VLC without conforming to the GPL license," Fauvet said.

"What bothers us the most is that many of them are bundling VLC with various crapware to monetize it in ways that mislead our users by thinking they’re downloading an original version. This is not acceptable," he added.follow Ryan Naraine on twitter

Fauvet named-and-shamed at least 25 companies that were guilty of bundling spyware and adware programs with the highly rated open-source media player.

"The result is a poor product that doesn’t work as intended, that can’t be uninstalled and that clearly abuses its users and their privacy. Not to mention that it also discredits our work as volunteers and that it’s time-consuming, time that is not invested in the development," he argued.

Fauvet called on users to always download the VLC media player from the project's official website.

Separately, VideoLAN shipped a patch for a pair of "highly critical" security holes that expose users to computer hijack.

  • An integer overflow error when parsing a RealAudio data block within RealMedia (RM) files can be exploited to cause a heap-based buffer overflow.
  • An integer underflow error when parsing the "strf" chunk within AVI files can be exploited to cause a heap-based buffer overflow.

Successful exploitation of the vulnerabilities allows execution of arbitrary code, Secunia said in an advisory.

The vulnerabilities are confirmed in version 1.1.10. Prior versions may also be affected.

Topics: Open Source, Hardware, Malware, Mobility, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

37 comments
Log in or register to join the discussion
  • I bet that M$ might be behind some

    of those cyber crooks who disgrace FOSS with spyware.
    The DOJ should investigate!
    Linux Geek
    • You make me laugh.

      @Linux Geek
      Are you the poster clown for Linux?
      dniemczycki
      • RE: Companies bundling spyware, adware with open-source media player

        @dniemczycki <br><br>Yep, Linux Geek is the Ronald McDonald of linuxland. Shame really, it's such a nice OS it could well do without the likes. But then I imagine Microsoft is behind HIS posts. The DOJ should investigate.
        bargeemike
      • RE: Companies bundling spyware, adware with open-source media player

        @dniemczycki

        Also, he's using a picture of Sarah Palin as an avatar. I mean, really pushing the clown analogy!
        bargeemike
      • RE: Companies bundling spyware, adware with open-source media player

        @bargeemike: Linux Geek will complain his Linux computer was hacked by someone at Microsoft [and offer no proof]. :-)
        Gis Bun
      • RE: Companies bundling spyware, adware with open-source media player

        @dniemczycki
        He's a Micro$oft troll pretending to be a Linux geek
        blind obedience
    • It's no big deal Linux Geek

      @Linux Geek
      I was told that spyware and adware can't and won't run on Linux, which is why it's so good! ;)
      William Pharaoh
      • RE: Companies bundling spyware, adware with open-source media player

        @William Pharaoh
        You might read through links, the spyware and adware bundled with VLC are directed toward Windows users.
        daikon
      • daikon, but how would it get onto a Windows machine

        @William Pharaoh
        unless by magic, perhaps?

        :|
        Tim Cook
      • RE: Companies bundling spyware, adware with open-source media player

        @Mister Spock
        Not magical at all, user clicks link and downloads. Windows users are the target.
        daikon
    • RE: Companies bundling spyware, adware with open-source media player

      @Linux Geek : Get a friggen life. Get off your high horse. You're acting childish.
      Gis Bun
      • RE: Companies bundling spyware, adware with open-source media player

        @Gis Bun
        Ya, and his high horse is about 6 feet underground!
        kstap
    • RE: Companies bundling spyware, adware with open-source media player

      @Linux Geek You sound like an idiot. No, really, you do.
      Nadaphanboi
    • RE: Companies bundling spyware, adware with open-source media player

      @Linux Geek Huh?
      skippe93
    • RE: Companies bundling spyware, adware with open-source media player

      @Linux Geek Wow! Just WOW!
      bvonr
  • Apple App Store version

    If that misguided fool who requested it be taken down from the App Store would change would change his mind then at least one guaranteed true version would be available. That way there would be a good reference point for the App.
    I've seen this App run when it is untainted and it is good but on other platforms it is buggy and most likely tainted with Trojan horses.
    global.philosopher
    • RE: Companies bundling spyware, adware with open-source media player

      @global.philosopher What platform do you feel it is good on, vs. buggy on all others? I've seen it work fine on both Windows and Linux.
      jgm2
    • RE: Companies bundling spyware, adware with open-source media player

      @global.philosopher
      Didn't devs themselfs said that GPL is not compatible with Apples regulations?

      Anyway, MS did said that for their own appstore. Apple should do the same.
      przemoli
  • I Thought FOSS Was Source of ALL Malware

    Cracked, copied, poorly designed, runs poorly if at all, patched constantly w/o warning or cycle, written with intent to overcome DRM, praised by folks who really believe what Linux Geek is satirizing(?!) - all FOSS seems "mal" to me.

    Jus look what the flagship, Firefox has become: a still slow and clumsy imitator of better browsers (and I don't mean Konquerer.)
    pmchefalo
    • re:Cracked, copied, poorly designed, runs poorly if at all...

      @pmchefalo@... Sounds like YOU downloaded the bundled VLC Player.

      Good you for being so trusting of software not direct from the source.
      frizzllefry