Hi all,
I am really a newbie in here and i tried to download scummVM however my anti-virus and also firefow says that sourceforge.net is not reliable and it may come with some malware bundled with it.
After some research over the internet, I realized that this is actually true. So my question is: Is there any safe place to download scummVM?
Regards,
Didier
Others download sites rather than sourceforge.net
Moderator: ScummVM Team
Try http://www2.scummvm.org, downloads section.
We're in progress of transitioning to a new server from sf.net.
Eugene
We're in progress of transitioning to a new server from sf.net.
Eugene
Re: Others download sites rather than sourceforge.net
Those files are easy to spot.didier wrote:my anti-virus and also firefow says that sourceforge.net is not reliable and it may come with some malware bundled with it.
At SourceForge.net, projects that are infected with these kind of online installers has got an option at the top of the 'Files' page that says "Direct Download Link".
Clicking this option, and thereby changing its state to "On" will give you the clean offline installers instead:
ScummVM's SourceForge page doesn't have this option, because none if its installers have been hijacked in this manner.
At least, not yet.
- LogicDeLuxe
- Posts: 437
- Joined: Thu Nov 10, 2005 9:54 pm
Re: Others download sites rather than sourceforge.net
I've never seen this. Any infected examples?Tomaso wrote:At SourceForge.net, projects that are infected with these kind of online installers has got an option at the top of the 'Files' page that says "Direct Download Link".
Re: Others download sites rather than sourceforge.net
LogicDeLuxe wrote:I've never seen this. Any infected examples?
Code: Select all
http://sourceforge.net/projects/filezilla/files/
http://sourceforge.net/projects/miranda/files/
- LogicDeLuxe
- Posts: 437
- Joined: Thu Nov 10, 2005 9:54 pm
Re: Others download sites rather than sourceforge.net
The only hint I see is the text "SourceForge Installer will be downloaded shortly and will provide you some options during the installation process...Tomaso wrote:Code: Select all
http://sourceforge.net/projects/filezilla/files/ http://sourceforge.net/projects/miranda/files/
Problems with the download? Please use this direct link.". No download is started automatically and there is no switch either. The link works as expected.
I have all domains blocked with noscript, except for sourceforge.net. Probably that makes a difference for the better.
Re: Others download sites rather than sourceforge.net
If you don't set the "Direct Download Link" to "On", the EXE installers that you download will be much smaller than the original ones.LogicDeLuxe wrote:The link works as expected.
When launched, those small installers will connect to the internet to download the necessary install files + additional crapware!
I haven't tried running those nasties myself, but this is how I assume that it works.
As an example, I downloaded the latest installer for FileZilla 64-bit, with and without the Direct Download Link set to On.
In this picture you can see the difference between the two files:
Keep in mind that most people don't use NoScript, and they don't even filter outbound traffic on their systems.LogicDeLuxe wrote:I have all domains blocked with noscript
This is a very sneaky approach by SourceForge!
--
EDIT:
I uploaded the online installer to VirusTotal.com..
Here are the results:
https://www.virustotal.com/en/file/97d7 ... /analysis/
At least, some of the engines recognizes it for what it is.