Impressed: it has been years since I've been hacked this well :(
scott at cdroo.com
Fri Jun 15 05:29:45 CDT 2007
From: "David Bovill" <david at openpartnership.net>
> Yes - but I trust the sites. I never, or almost never download shareware,
> or software demos unless it from a company that i know of and can trust.
> Shareware and ex-shareware authors out there should maybe defend
> themselves here - at least there seem to be download sites that claim to
> everything for malware. I for one have never liked the look of them.
Here's where the moderator of comp.software.shareware.* should step in....
;-) There are several ways to approach this problem. First - if the
software is being sold it is *generally* (but never by all means certain)
that it's not going to be something nasty. There have been exceptions (like
the horrible Mac programmer who deleted peoples root if they used a crack -
total idiot). The reason is economic pragmatism. You won't be selling
stuff for long if you are caught doing something nasty. Especially after
the whole Aureate disaster five or so years ago.
Second. If running on Windows is the exe signed? If it's not signed don't
run it. Why should you? If the author won't cough out a relatively paltry
sum for a security certificate then don't bother unless you know them and
Third - any member of the ASP (Assoc of Shareware Professionals with a
twenty year clean track record) will be an ex member the moment spyware or
anything nasty is proven. I can state this categorically because as an ex
Vice President of the ASP (I'm currently just a regular member who
volunteers to perform "Offers" to members from other companies - anybody
wanting to offer something to programmers for a little discount or special
deal can contact me off-list) I've been involved in turning a member into an
ex member and it was done cleanly, quickly and publically (which is one of
the reason such programmers love me so much - *not* <g>). AISIP
(Indepenndent Software Industry Professionals) which is privately held and
has a zero tolerance attitude. I can't say the same for OISV members. I
have no idea what Nick and Scott would or might care to do in this instance.
Somebody might like to ask.
Finally - if you can't ascertain this information from the programmer check
www.asp-shareware.org or www.aisip.com on their members pages. In
addition the safest place to get software is usually the programmers own
website (and if they are reputable and serious they'll have a .com or local
version of .com and not www.myispnamehere.com/~fredshome/index.html <g>
There are documented cases of people changing code on download sites and
even substituting the linked programm (research "Stephen Huff" aka "Stephen
Super Genious From Outer Space" in Google for such an example where PAD
files where substituted - leading the ASP to introduce PAD Signing for
More information about the use-livecode