DonationCoder.com Software > N.A.N.Y. 2015
.
TaoPhoenix:
By my way of thinking, it's not important if this detection happens before or after the wrapper tries to install any adware or bundled crap. The point of this DLL is not to prevent the wrapper from running -- it's to let your installer detect this case and decide what to do. Some coders may decide that the best thing to do is warn the user, exit, and send the user to the REAL program web page. Other coders may decide that the best thing to do is let the install complete but warn the user.
Ideally just the use of this dll will be enough to trigger these websites automatic wrapping tool to give up and not wrap the program.
-mouser (November 22, 2014, 08:47 PM)
--- End quote ---
Something bothers me here. I think if we're going to be proactive enough to spread a tool, we might want to be more aggressive. I think the detection should certainly trigger before the wrapper does anything; trigger as fast as possible. Most people have no idea how nasty the wrappers are.
It's practically a game of Minefield to unclick all the junk the wrapper wants to do, and that's assuming it even plays quasi fairly. (I think I saw a few stories, some don't!)
mouser:
I think the detection should certainly trigger before the wrapper does anything;
--- End quote ---
This is almost certainly not realistic/practical.
The wrapper is going to do its own thing, and then unpack and launch your original pristine installer after it has offered up its bundled adware, etc.
If you wanted to physically stop the wrappers from running, the only solution is to have some other software already running (like an antivirus) that detected it and stopped it. And if you are the kind of person who would run such a tool constantly in the background, you are also the kind of person who won't get bit by these wrapped installers in the first place.
However, I believe that the solution with the dll preventing your program from installing from a wrapper and telling the user why will accomplish the same goals.
The most likely result of having this dll prevent the wrapper from completing its installation, is that it will never be wrapped in the first place.
First, it's quite likely that the automated wrapper creation tool will abandon trying to wrap your program, meaning you will stop this problem before it ever gets to the user. Second, if it they do try to distribute your wrapped program, it won't be long before they get enough complaints from users that downloaded it that they will remove the wrapper and put back your original.
TaoPhoenix:
I think the detection should certainly trigger before the wrapper does anything;
--- End quote ---
This is almost certainly not realistic/practical.
The wrapper is going to do its own thing, and then unpack and launch your original pristine installer after it has offered up its bundled adware, etc.
If you wanted to physically stop the wrappers from running, the only solution is to have some other software already running (like an antivirus) that detected it and stopped it. And if you are the kind of person who would run such a tool constantly in the background, you are also the kind of person who won't get bit by these wrapped installers in the first place.
However, I believe that the solution with the dll preventing your program from installing from a wrapper and telling the user why will accomplish the same goals.
The most likely result of having this dll prevent the wrapper from completing its installation, is that it will never be wrapped in the first place.
First, it's quite likely that the automated wrapper creation tool will abandon trying to wrap your program, meaning you will stop this problem before it ever gets to the user. Second, if it they do try to distribute your wrapped program, it won't be long before they get enough complaints from users that downloaded it that they will remove the wrapper and put back your original.
-mouser (November 23, 2014, 01:06 PM)
--- End quote ---
Maybe this is a double barreled problem. For example, with me as your test case, "Anti-Virus" programs do nothing about junk installers. So what if you just spread a second project dll/file that looks for the top twelve junkware installers and sorta acts like an Anti-Virus addon? Aka "No they're not viruses, exactly, but they're mean. You probably shouldn't be running that. So whatever cool little tool you just tried to download was scooped up. Try to find the original copy."
Twist - sometimes the wrapped copy is the only one left after a few years. Web volatility and all.
It's like I want this utility to "scan inside itself" to see whatever it will *eventually* install, then notice that's not the same as the wrapped mess, then do something. It sounds easy in concept logic, prob tricky to really do.
Edit: I just installed a new copy of Java. They used to have a nasty installer, but I forgot what was bundled with it. Today the new one "just did what apparently it was supposed to". (We'll see!!)
IainB:
Not sure if this is true today but I think Oracle's Java and/or Adobe/Macromedia Flash Player installs used to (and may still do) come bundled with the Ask.com web browser search installer.
From memory, I recall that MBAM (Malwarebytes) is able to detect some candyware as PUPs (Potentially Unwanted Programs) that it has recorded in its virus signature database. It detects the signature files for PUPs in software installers and I think (but am not sure) that it may even sometimes be able to isolate/remove the PUP components from the main software install, leaving the basic software installer intact.
I shall post a query for clarification about this in the MBAM support forum and drop the answer in this thread.
TaoPhoenix:
Not sure if this is true today but I think Oracle's Java and/or Adobe/Macromedia Flash Player installs used to (and may still do) come bundled with the Ask.com web browser search installer.
From memory, I recall that MBAM (Malwarebytes) is able to detect some candyware as PUPs (Potentially Unwanted Programs) that it has recorded in its virus signature database. It detects the signature files for PUPs in software installers and I think (but am not sure) that it may even sometimes be able to isolate/remove the PUP components from the main software install, leaving the basic software installer intact.
I shall post a query for clarification about this in the MBAM support forum and drop the answer in this thread.
-IainB (November 23, 2014, 03:23 PM)
--- End quote ---
That's what I meant Iain, today it didn't seem to be there.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version