Everything on CNET is being tested manually with VirusTotal. If it gets at least 4 positives/false positives from 43 antivirus engines they don't publish it or work with it, until developers get things settled down with anti-virus/anti-malware companies.
They get not that much profit from paid accounts cause of small percentage of subscribers, and give away tons of traffic + man hours even for free products. That includes manual testing, checking and writing descriptions, reviewing, and that repeats for each update. And lots of companies update their products like 10 times a week, just to get bumped in search, or create like 20 versions of 1 program under different names, especially Chinese developers.
So they just monetizing traffic and stimulating developers to get subscriptions to remove ad for their products.
I personally hate all kind of that toolbar stuff, but hey, there are not so many ways to promote an alternative search engines that work for free.
Here's the deal: That still doesn't mean it's not crapware.
You mention the difficulty of funding your download site (built almost exclusively on supplying other people's free content). I can't imagine what the bandwidth costs must be on a site like that. I'm sure there are plenty of other visitors on HN that are familiar with this issue and are daily encountering similar ethical decisions about how best to fund their business.
There are many ways of resolving difficult ethical decisions. http://en.wikipedia.org/wiki/Normative_ethics One useful technique is to ask yourself: If everyone behaved in this manner, what kind of world would result?
So let's imagine such a world:
* Want to view a .pdf on the web? ... receive and run an executable downloader from an unrelated party.
* Want to watch a video on YouTube? ... receive and run an executable downloader from an unrelated party.
* Want to install an application? ... receive and run an executable downloader from an unrelated party.
Do you see the problem here?
(Maybe you don't, but most everyone else on HN will and I'm doubtful that you're even reading the responses. But if you are still interested I'm sure we can politely explain it further for you.)
It's just my humble opinion as an internet marketer :) i'm not related to CNET atm, worked there as tech for some time. And i think it's really an ingenious idea with wrapper, maybe not so good with all that toolbars.
Maybe it's crapware and they lose like all geeks, 20% publishers and 30-40% users maximum - they still will be like x10 profitable than before. Don't get me wrong but Google wasted like hundreds of millions on unprofitable YouTube, and now they airing this shitty advertisements that are so fucking annoying %) luckily there are all theese adblock extensions out there.
But it's not an ingenious idea; malware has been doing that kind of thing forever.
Downloading and installing software is an activity that is fraught with peril. The authenticity of the app you're downloading is critical and almost all the security properties depend on it.
If you think that breaking app authenticity is a great marketing opportunity, well, your brand will do no business with me or those I advise.
The problem with this statement is that what you say is true... but only for the software the developers are actually distributing on CNET.
Whether CNET passes their own wrapped installer through VirusTotal is a good question, and I for one highly doubt that's the case. Who knows, maybe they tried, got a hit for malware and decided that they would ignore it because it would be counter productive...
