Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
IT Software

Best Resource For Identifying Legit Applications? 255

Posted by kdawson
from the x-ray-goggles dept.
bjb writes "While helping a somewhat computer illiterate person figure out a problem recently, they mentioned that PDF files had recently stopped working. Upon investigation I found something installed called 'PDF Suite.' Never having heard of it, I Googled it with 'malware' and other key words, but nothing turned up, though my suspicion remained (and was somewhat confirmed by WOT.) So my question is, where can you go to find out if something is legitimate? Because the person I'm helping is on a dial-up connection, downloading malware detection applications (and updates) is too heavy consider. And I don't maintain a USB stick with such apps, since I don't do this kind of thing very often. Where can you quickly find information?"
This discussion has been archived. No new comments can be posted.

Best Resource For Identifying Legit Applications?

Comments Filter:
  • download.com (Score:4, Informative)

    by martas (1439879) on Tuesday March 09, 2010 @03:33PM (#31418636)
    and many other software download sites [claim to] thoroughly test submitted applications with antiviruses. in recent times i haven't downloaded any app from them that turned out to contain any sort of malware.
    • Re:download.com (Score:4, Insightful)

      by kalirion (728907) on Tuesday March 09, 2010 @04:01PM (#31419032)

      That might work if the application is infected by (known) malware. What if the application is itself the trojan, perhaps one that activates in the future so no one would have reported it yet? Unless someone has access to the source code and the time and inclination to look through it, how do you know it's safe?

    • beware! (Score:5, Informative)

      by TheSHAD0W (258774) on Tuesday March 09, 2010 @04:19PM (#31419298) Homepage

      BitTornado, an application I administer, was once available via ZDNet, a site which distributed freeware and shareware apps much like Download.com. At some point someone began offering download mirrors for BitTornado and other apps, with installers that were modified and apparently contaminated with malware. I complained twice; the second time, they nastily asked whether I wanted them to remove BitTornado from their site. I told them yes.

      Just because software is available via some popular gateway, you can't be 100% certain what you download will be perfect and free from malware.

  • That will help in figuring out where to go.
  • by Sir_Lewk (967686) <sirlewk@NospAm.gmail.com> on Tuesday March 09, 2010 @03:34PM (#31418656)

    downloading malware detection applications (and updates) is too heavy consider.

    Any yet they find the time to download all of that malware...

    • by Monkeedude1212 (1560403) on Tuesday March 09, 2010 @03:38PM (#31418724) Journal

      Exactly. If you have the time to download an application you have time to download malware detection.

      And really, what do you suppose you were going to do if Google did confirm it as Malware? You can't download anything and you don't have a USB stick with that stuff on it - in most cases you're pooched already.

      It honestly sounds like either you or the person you're helping simply don't want to put in the effort in -actually- testing the machine for malware.

    • Re: (Score:3, Informative)

      A dialup connection can pull a quarter gig per day. Malwarebytes is under 10 megs with all updates and patches. (More like 8 megs.) You can get 200k per minute on dialup without breaking a sweat. That's 5 minutes per meg. That's 40 minutes for the full Malwarebytes download including updates. How much time do you plan to spend investigating the source of every installed program? Sure, it would be nice if there was a big list of every application on the planet with happy faces and frowny faces next to

      • Re: (Score:3, Insightful)

        by the_denman (800425)
        Microsoft provides a free anti virus and anti spy-ware system called security essentials [upeke.net] that is not that big that you can't occasionally pull down new definitions via the dialup. Also when you visit why not run a copy of autopatcher [upeke.net] from your thumb drive to make sure they have all of their windows updates.
  • Assume malware (Score:5, Insightful)

    by c++0xFF (1758032) on Tuesday March 09, 2010 @03:34PM (#31418658)

    If you've never heard of an application, assume that it's untrusted malware.

    Linux has been pioneering a way around this through trusted software repositories, but the concept hasn't panned out for Windows yet.

    • Re:Assume malware (Score:5, Interesting)

      by tepples (727027) <tepples@[ ]il.com ['gma' in gap]> on Tuesday March 09, 2010 @03:47PM (#31418846) Homepage Journal

      If you've never heard of an application, assume that it's untrusted malware.

      Then how should a micro-ISV [wikipedia.org] or a free software developer earn users' trust?

      • Re:Assume malware (Score:5, Insightful)

        by fuzzyfuzzyfungus (1223518) on Tuesday March 09, 2010 @04:00PM (#31419018) Journal
        There are certainly costs to the strategy; but it is still a decent heuristic for somebody in the demographic we are talking about(ie. clueless, no broadband, probably no backups, or even system restore media).

        New entrants will naturally attract the attention of the sort of savvy tech enthusiasts who follow news outlets and whatnot, and are arguably in a far superior position to evaluate for utility and nonmalice. Once they've rendered their verdict, the noobs can follow the received wisdom, or have it done for them.

        "If you've never heard of an application, assume that it's untrusted malware." would make a shitty universal rule; but it is mostly a good idea in this context. Some people are better cut out to deal with technical risk than others. People with disposable VM appliances can do whatever they want. Noobs with dialup who will end up losing months of work, a week's use of their computer, and several hundred in Geek Squad fees if they do the wrong thing should probably stick to the beaten path.
      • by b4dc0d3r (1268512)

        some options:

        • Release the source code, or source with paid registration
        • Get listed by one of the major download sites as this poster said [slashdot.org]
        • Get listed on one of the major OS-specific app news sites as in this thread [slashdot.org]

        WOT has the same problem as anything else, false negatives. I found many different sites offering software with this name.

        This one has links to tucows and is the Google keyword sponsored link, making it look legit: http://pdf-suite.com/us/default.asp [pdf-suite.com]
        This has the same picture but entirely different we

        • Release the source code, or source with paid registration

          I know of several developers who refuse to release source code because they've had their software plagiarized[1] by some unscrupulous yet judgment-proof[2] party.

          Get listed by one of the major download sites as this poster said

          I looked into this, and it turns out that the way to get your software listed on Download.com is (fittingly) called Upload.com. And its policies don't look as bad as I expected.

          [1] Copied without attribution. In most cases, plagiarism is a form of infringement.

          [2] Lacking financial resources or located in another state or country.

    • by perlchild (582235)

      I was going to say the only safe approach was to whitelist, but you beat me to it.

      If you're not sure, don't.

      You're better off living without that one piece of software that's obscure, than dealing with the malware.

      If you really can't live without one piece of software, then you gotta research it.

    • by Dynedain (141758)

      Linux has been pioneering a way around this through trusted software repositories, but the concept hasn't panned out for Windows yet.

      I've been hearing this canard trotted out quite a bit recently... How Linux is so much easier than Windows to manage updates, so much easier than Windows to install software, etc.

      But think about it for just a minute. The model only works because you trust RedHat, Gentoo, etc to do the right thing. Imagine if the recommended way for doing software installs or updating 3rd party

      • by jedidiah (1196)

        This is a bogus argument.

        The problem with the Apple store is that it is MANDATORY.

        Also, something like a Linux package manager is something that 3rd parties can tap into
        on an as needed basis as you decide they are trustworthy. The individual can do this.
        They don't have to wait for Redhat (or whomever) to bless the vendor in question.

        • by Dynedain (141758)

          The problem with the Apple store is that it is MANDATORY.

          Use of IE isn't mandatory, yet MS has been forced by the EU to make users actively choose between it and other browsers.

      • by Miseph (979059)

        While I agree that it has some problems, I still think that's the best solution.

        One idea would even be creating the framework such that when a program is installed, it adds the appropriate update repository and is updated through the interface, but not by Microsoft, or even with their direct corporate consent.

        Yes, this might kill InstallShield, but who honestly cares? Nobody seems to be griping at the destruction of the floppy disk drive market, what's so magical about the application installation and updat

      • Because you don't HAVE TO rely on them. You can always create your own repos, add other users repos, etc, etc. They just provide a very good channel for managing to the two together so that you can rely on an already existing infrastructure even if you are an independent dev. Everyone doesn't have to go out write up a crappy version of Installer software..

        Furthermore, its linux, you can always grab the source and compile it yourself, or grab a binary. You are not forced to go through those channels to

  • by number6x (626555) on Tuesday March 09, 2010 @03:37PM (#31418694)

    Does the vendor make md5 or sha1 hashes available?

    Linux repositories are signed with pgp keys, this is usually pretty good(pun intended) for security. Even when breaches happen things are found out pretty quickly.

    Searching the internet for downloads and running downloaded apps to install is a very 1990's way of installing software. Its hard to believe Windows users don't have App repositories yet.

    • by Anonymous Coward on Tuesday March 09, 2010 @03:46PM (#31418836)

      Ho ho ho, allow me a moment, my monocle has fallen into my snifter of brandy. Ho ho!

      I, being a LINUX USER, you see, do not have such mundane Mico$$$$$$$$$oft problems, ho ho!

      Did I mention I use LINUX! Ho ho. I bet you are impressed with my LINUX USING ABILITY. We USERS OF LINUX have SOFTWARE REPOSITORIES, ho ho ho. By USING LINUX you too can have a SOFTWARE REPOSITORY.

      What is that I hear? You use Mico$$$$$oft products?! Ho ho! My dear friend, you must cease at once and switch to LINUX. LINUX has SOFTWARE REPOSITORIES, did I mention this? Ho ho ho...

      oh dear, it appears my monocle has come off again! Ho ho!

      • Re: (Score:3, Insightful)

        by tepples (727027)

        LINUX has SOFTWARE REPOSITORIES, did I mention this?

        The software repositories associated with major desktop Linux distributions, such as Fedora and Ubuntu, have a drawback: not all applications, even useful and legitimate ones, satisfy the licensing requirements of the repositories. For example, almost no major label video games are completely free software [gnu.org] and free assets [freedomdefined.org].

        • And they aren't always up to date, certain software you might want could have been removed from them (XMMS for example with later versions of Ubuntu), or they just never included certain software in the first place.

          • How is removing XMMS a sign of not being up to date? XMMS hasn't been supported by the developer for years. Audacious is what you are looking for and I'm sure it's in the Ubuntu repos.

        • ... almost no major label video games are completely free software and free assets.

          Well, don't you have something better to do with your life than play games?

        • Re: (Score:3, Informative)

          by the_womble (580291)

          It is much easier to deal with the rare piece of software that is not in the repo, than lots and lots of software that is not in the non-existent repos.

          Gamers are rarely completely naive users, and are rarely Linux users anyway.

          There is usually a recognised non-free repo which should be enabled on installation for free-as-in-beer proprietary software. The problem only needs to be solved once.

          Proprietary paid for software is usually safe-ish anyway (no worse than on Windows) and only a small proportion of a

      • I'm trying to picture a penguin with a monocle and a snifter of brandy... it's like Mr. Peanut, but with booze.
      • Amusing, however app repositories arent confined to open source, Apple do it (At least for the IPhone), Nintendo do it, google do it, Sony do it. No reason Microsoft couldnt do it.
        • by Dishevel (1105119) *
          Umm. Don't want to do it. But.....

          Do and Dose are not fully interchangeable.

      • because someone has to [xkcd.com]
        • Re: (Score:2, Funny)

          by Anonymous Coward

          There needs to be some sort of 'Fail' mod...

      • Ho ho ho...Ho ho...ho ho!...Ho ho...ho ho ho...Ho ho!...Ho ho ho...Ho ho!

        Who are you? Santa?!?

    • by Dr_Barnowl (709838) on Tuesday March 09, 2010 @03:54PM (#31418946)

      Signed hashes only assure you of the source of the files. They don't in themselves provide any assurance of trust.

      In the majority of these cases, the only thing it would achieve would be that you can state with some confidence that it's definitely the fault of a particular asshat.

      • by mcrbids (148650)

        Signed hashes only assure you of the source of the files. They don't in themselves provide any assurance of trust.

        In the majority of these cases, the only thing it would achieve would be that you can state with some confidence that it's definitely the fault of a particular asshat.

        How don't they provide provide assurance of trust?

        If you trust Vendor A, and you install Vendor A's repo, then the number of things to worry about has just been sharply reduced, because you can reasonably trust that packages signed

    • Searching the internet for downloads and running downloaded apps to install is a very 1990's way of installing software. Its hard to believe Windows users don't have App repositories yet.

      App repositories are only good if they are always up to date. One can go to Ubuntu forums, as an example, to find numerous stories of people having to go outside of the repositories to find the latest versions of apps or to find apps that aren't in the repository. Sure, repositories can help to ease in installing and finding software but they aren't this perfect magic bullet as people like you like to claim. If they were why is there any need of a mechanism to add 3rd party repositories in apt?

      • by h4rr4r (612664)

        Third party repositories are still better than random app off random webpage. As you first trust the repository before you would think of adding it. Nothing is a magic bullet, but you knew that already.

        No go back under your bridge.

        • Third party repositories are still better than random app off random webpage.

          Why? Any person can set up a random repository.

          Nothing is a magic bullet, but you knew that already.

          Which runs contrary to what the GP was attempting to project.

          No go back under your bridge.

          *yawn* Get some better material, kiddo.

        • by Dishevel (1105119) *
          This is /. Here trolls do not belong hiding under a bridge. This troll was right out in the open right where it is supposed to be.
    • by nschubach (922175)

      Searching the internet for downloads and running downloaded apps to install is a very 1990's way of installing software. Its hard to believe Windows users don't have App repositories yet.

      I haven't spent any time looking, but is there possibly a nice cross platform (Win/Lin/Mac) solution for an application developer to stick on his web server and give everyone a link to add that to their package manager of choice? That or some kind of uniform repository "tag" of sorts. This would be something that would contain the developer's repository information and all repository clients could understand how to read it and/or know if they support it.

      It definitely would be cool (and avoid silly one cli

    • Searching the internet for downloads and running downloaded apps to install is a very 1990's way of installing software. Its hard to believe Windows users don't have App repositories yet.

      How is that any less worse than having to dig up third-party repositories or searching the internet for packages to install software that isn't in your OS's repository?

      • by h4rr4r (612664)

        It's not, novice users should not be installing non-repository apps at all.

        Of course since I am responding to a troll I am sure you will insist on making more silly claims.

        • It's not, novice users should not be installing non-repository apps at all.

          Why? What if they want something that is more up to date than what is in the repository or what if the application they want has been removed?

          Of course since I am responding to a troll I am sure you will insist on making more silly claims.

          How am I a troll? Because I bring up legitimate issues that have appeared on various linux forums such as Ubuntu Forums?

          • by jedidiah (1196)

            If sorting out the crap from the good is such a burden for them, then they are probably better off staying away from the latest version anyways.

            This is Joe n00b we're talking about here, not Dave power user.

  • find /usr/ports/* >> notmalware.txt
  • by Anonymous Coward on Tuesday March 09, 2010 @03:42PM (#31418784)

    If it is malware, it's probably more secure against attack than Adobe Reader is.

  • And I don't maintain a USB stick with such apps, since I don't do this kind of thing very often.

    No better time than now to start collecting installer .exe files.

    The reason you collect the installers (or the portable installations for programs that don't require installers) is because in the Windows world, you never know when a publisher will go rogue. UsefulUtility 0.8.5 might be great, UsefulUtility 0.8.6 might come with an optional toolbar/crapware that can be deselected at install-time using the "cu

    • And I don't maintain a USB stick with such apps, since I don't do this kind of thing very often.

      No better time than now to start collecting installer .exe files.

      Unless you really don't want to become that "guy who knows computers and fixes mine for free". Even if they pay you -- or especially if they pay you -- you've gotta deal with that "you touched it last" problem the next time they install some malicious. I used to be that guy, and I did just as you said. And you're absolutely right about publishers "going rogue" and the advantages of keeping multiple old version, JIC.

      I still keep that USB stick. But I try to make sure no one knows about it anymore. It's

  • Er (Score:5, Informative)

    by Quiet_Desperation (858215) on Tuesday March 09, 2010 @03:45PM (#31418814)

    Did you try Googling it *without* the word malware?

    http://www.google.com/#hl=en&source=hp&q=%22PDF+Suite%22&aq=f&aqi=g10&aql=&oq=&fp=1 [google.com]

    • by wurp (51446)

      The only thing that could have made that comment better is to use LMGTFY instead of Google in the link.

    • Re: (Score:3, Insightful)

      by nine-times (778537)

      I'm guessing you're being funny, but since you're modded "insightful"...

      I think what the OP was saying is, "I Googled it with 'malware' and other key words, but [no information about it being malware] turned up, though my suspicion remained..." So the problem wasn't that he couldn't find information about PDF Suite at all, but rather he couldn't find enough information to determine whether the program was legitimate.

  • I don't think there's a good way to tell, short of a truly rigorous approach that takes a long time to verify all the software on a system. It's a combination of (1) too many things happening at once on a modern system, (2) lack of good DRM-type authentication (which would allow you to approve or disapprove vendors, or approve each software package independently if from a noncommercial vendor), (3) too much of the stuff that's happening being distributed to different locations. In linux, you can usually t

  • Google.com (Score:2, Informative)

    by Kylow (581998)
    The best resource is still Google. You will need to be a little more patient and a little more competent with your search terms, however. Or you could just write in to Ask Slashdot.
  • by pz (113803) on Tuesday March 09, 2010 @04:03PM (#31419066) Journal

    If this person is important to you (ie, a relative, family friend), then set up a CD-R with A/V and malware detection on it such that it autoruns, and mail them a new, fresh copy once per month that includes the latest A/V definitions. Hell, include a defrag as part of the autorun process. What does this person do for updates to Windows? I'm betting nothing. Include those too.

    90% of maintaining my computer semi-literate parents' and relatives' computers is basically this: (1) update antivirus, (2) run A/V, (3) update Windows, (4) defrag.

  • If it is not in the default repositories do not install it.

    For novice users the Ubuntu Software Center is nice too.

  • Just delete the apps that aren't needed and replace them with OSS alternatives. Other than some well known software (Office, Photoshop, iTunes, etc) most everything else can be replaced with a better working, faster and generally better OSS alternative. Why keep that PDF suite? The most you would need would simply be Foxit, Sumatra PDF or Adobe Reader.
  • Download.com [cnet.com] has it all. Programs of every description.

    Open Source. Closed Source. Free Ware. Trialware. Inkscape is there.

    It's a painless way to survey pretty much everything worthwhile that is out there - and infinitely more accessible than SourceForge.

    File Hippo [filehippo.com] has much narrower, utilitarian focus, but the essential apps are there. File Hippo's update checker is quick and reliable.

  • hopefully your friend has kept all the original packing that their computer came in. Repack everything and return it to the original vendor. Tell them that your friend (and quite possibly your friend's friend) is not really smart enough to own a computer.
  • by MobyDisk (75490) on Tuesday March 09, 2010 @04:46PM (#31419686) Homepage

    Just download http:///www.amilegit.com.ru/legit_app_detector__win32_trojanfree!!!!.exe [amilegit.com.ru] and it will scan the app and tell you if it is legitimate.

  • > So my question is, where can you go to find out if something is legitimate?

    "apt-cache search " works for me, though you may prefer aptitude or synaptic.

    You can, of course, trust the Ubuntu archive as well. Debian-multimedia is ok too, though it is unofficial.

  • Now, this ain't bulletproof but it's a start.

    1) Download autoruns [microsoft.com], run it, take a look at what it finds.
    2) Think something is suspicious? Upload to Virus Total [virustotal.com].
    3) Act accordingly

    It's anything but foolproof and there are a LOT of things that will slip past, but it's a good way to start without having to know anything about software.

  • If it isn't used frequently for a specific purpose, its not a specific tool for their computer use. Remove it and install foxit, and also install an anti-malware program and run it anyways.

    Malwarebytes and Foxit are both fairly small, I don't think dialup should be an issue here.

  • by Zadaz (950521) on Tuesday March 09, 2010 @05:33PM (#31420280)

    If they (or you) can't tell then running Antivirus and Malware detection isn't "too heavy consider" it's mandatory, even if it means a few hours on dialup. If they can download the crapware they can download the AV.

    (And you're being overly dramatic. Daily updates should take a few minutes to download at most, even on dialup.)

    If the King can't afford a food taster then he gets poisoned or he starves to death.

  • by pongo000 (97357) on Tuesday March 09, 2010 @05:55PM (#31420556)

    ...I pretty much stick with Malwarebytes [malwarebytes.org], CCleaner [ccleaner.com], SpywareBlaster [javacoolsoftware.com], and MSE [microsoft.com].

    Actually, I got this tip off another /. post...researched each (non-MS) application, determined for myself that they were legit, and have not looked back. In fact, I just spent a few minutes last night eradicating the trojan "Microsoft" Antivirus 2010 on a friend's computer using the Malwarebytes app on a USB. Worked like a charm.

    But don't take my word for it...do your own evaluation. I think you'll like what you find.

  • Free Virus Scanner (Score:3, Informative)

    by hduff (570443) <hoytduffNO@SPAMgmail.com> on Tuesday March 09, 2010 @06:02PM (#31420640) Homepage Journal
    Get the ISO from http://trinityhome.org/Home/index.php?wpid=1&front_id=12 [trinityhome.org] for the Trinity Rescue Kit. Run it. Update it and save the updated ISO image. Burn that to a CD and give it to your friend. He can run it and disinfect his computer without an Internet connection. Give him an updated CD every month.
  • by hairyfeet (841228) <bassbeast1968@@@gmail...com> on Tuesday March 09, 2010 @07:32PM (#31421506) Journal

    You can get one at Big lots for $10 for a 4Gb, or if you check with surpluscomputers [surpluscomputers.com] occasionally you can get bundles of 1Gb to 2Gb sticks for dirt cheap. So get a really cheap stick and then get the Computer Repair Utility Toolkit V2 [depositfiles.com] which is like the Swiss Army Knife of PC Tools. So much more than simple malware repair it has fixes for networking, file recovery,info, scripts and tweaks, and it is simple to add you own. Just add Malwarebytes Antimalware and portable Firefox along with updating the included ClamAV and you have a one stop PC shop in your pocket.

    but trying to guess what is a nasty and what ain't, especially when dealing with dialup, is simply a fool's game. There are literally thousands of new pieces of nasty released every day, and even if you guess right on this one there is no telling what else could be on that machine. Take the Toolkit I linked to above, add installers for Comodo AV and MalwareBytes, along with the latest Firefox, and simply stick the flash on your keyring and be done with it. Just plug the stick into any PC USB port once a week to update it and you have a full toolset in your pocket. So what if you don't do it everyday? The few times you DO run into something like this you will be able to handle it easily and look like a genius at the same time, all for a few dollar flash stick and less than 5 minutes a week.

  • by wealthychef (584778) on Tuesday March 09, 2010 @08:02PM (#31421736)
    I call bullshit on the premise. If the user has bandwidth enough to download malware, he has bandwidth enough to download malware detection software and updates.

Real Programmers think better when playing Adventure or Rogue.

Working...