Friday, June 24, 2016

Steve Goodman - 1972-12-09 - University of Illinois, Champaign, IL

4 comments:

  1. The download site hosting the mp3 files downloads a malicious exe file to Windows computers.

    Beware.

    ReplyDelete
  2. padarjohn,

    No, You are wrong, the download site (upload.ee) does not download any malicious files. However, you do need to be careful, because there are additional pop-up screens that may have exe files if you click on them. Only click on the green download button on the upload.ee page (you may need to click on it multiple times to start the download). DO NOT click on any buttons on any subsequent screens that pop-up after clicking on the upload.ee page. These are not part of the download, even though they disqguise themselves as legitimate pages by showing things as 'ready to download' or download page'. Just ignore and close these subsequent pages. Only click on the download button on the main upload.ee page (often takes three separate clicks on this same page to get the download to start). I know this can be confusing (and infuriating), but it is the subsequent pop-ups that are the problem, not the actual upload.ee site. It is quite safe unless you inadvertently click on something you shouldn't (and even then it is easy to delete any exe file before it can be utilized).

    ReplyDelete
  3. Sorry, but I tried multiple times. I generally use Linux, and so was surprised when my WIndows-using friends reported trashed systems, so I went back to investigate using my Windows 10 system.
    The first time I tried, it redirected to a page trying to get me to download something called "System Mechanic". Trying again produces a page with the simple label "Download Area" and a download button which is not uncommon for sites like this. However, that download, which purports to be for 'Steve_Goodman_1972-12-09_University_of_Illinois_mp3.rar', actually downloads 'Steve_Goodman_1972-12-09_University_of_Illinois_mp3.exe' which most Windows users will blindly assume is a self-extracting archive.

    When the download link tries multiple times to get you to instead download malicious files, and you have to know enough to not click on them, that's a problem. Expecting the average person to "just ignore and close these subsequent pages" isn't good enough.

    And you can't say that "the actual upload.ee site" isn't the problem when that's the site that's actively serving up the malicious pages trying to fool the user into infecting their systems.

    At a very minimum the download link in your post should be warning about this in big, bold letters. Even better would be to use a site that doesn't do this.

    ReplyDelete