FlightSimLabs Installs More Questionable Stuff On Users' Machines, Then Threatens Reddit
from the bumpy-landing dept
Hopefully you will recall FlightSimLabs, the company that makes custom add-ons for computer flight simulation software. FSL made it onto our pages after a Reddit user noticed that every installation of FSL software, including that of a legitimate purchase, installed a file named "test.exe" which was not just a form of DRM, but which also serves as a Chrome password dumping tool, extracting user names and passwords from people's web browsers. Whatever the fuzzy line between DRM software and malware, FLS's installation of its text.exe file clearly leapt over that line with a flourish. The backlash in the Reddit communities and elsewhere was swift and severe, leading Lefteris Kalamaras, who runs FSL, to release the following statement.
We have already replaced the installer in question and can only promise you that we will do everything in our power to rectify the issue with those who feel offended, as well as never use any such heavy-handed approach in the future. Once again, we humbly apologize!
And that really, really should have been the end of it. If nothing else, the backlash from the community should have informed FSL as to the precise tolerance its customers had for this type of nonsense, which is to say zero. Amazingly, despite Kalamaras' promise, it appears FSL tried to give this DRM thing another try, and somehow managed to make itself look even shittier in the process.
Just before the weekend, Reddit user /u/walkday reported finding something unusual in his A320X module, the same module that caused the earlier controversy.
“The latest installer of FSLabs’ A320X puts two cmdhost.exe files under ‘system32\’ and ‘SysWOW64\’ of my Windows directory. Despite the name, they don’t open a command-line window,” he reported. “They’re a part of the authentication because, if you remove them, the A320X won’t get loaded. Does someone here know more about cmdhost.exe? Why does FSLabs give them such a deceptive name and put them in the system folders? I hate them for polluting my system folder unless, of course, it is a dll used by different applications.”
If you don't have a technical background at all, essentially FSL attempted to deliver DRM again onto users' machines, but named the files to mimic a common Windows background file that users see all the time. It's actually quite common for a user opening Task Manager to see several instances of cmdhost.exe running at once. In other words, it's the kind of thing nearly everyone would scroll past, assuming its legit.
As several people on Reddit have pointed out, this sort of misleading naming of software services is a hallmark of malware.
“Hiding something named to resemble Window’s “Console Window Host” process in system folders is a huge red flag,” one user wrote.
“It’s a malware tactic used to deceive users into thinking the executable is a part of the OS, thus being trusted and not deleted. Really dodgy tactic, don’t trust it and don’t trust them,” opined another.
Why FSL seems to get all of its best ideas from the realm of malware is an open question. The company put out a statement explaining that the file is a part of its product activation software and that the file had been vetted by every major antivirus maker out there. Both appear to be true, which doesn't even begin to explain why FSL, having had its reputation so thoroughly tarnished recently, thought pulling this name convention trick with its DRM was a good idea. Reddit users remained on the warpath, causing FSL to really torpedo its reputation even further.
In private messages to the moderators of the /r/flightsim sub-Reddit, FSLabs’ Marketing and PR Manager Simon Kelsey suggested that the mods should do something about the thread in question or face possible legal action.
“Just a gentle reminder of Reddit’s obligations as a publisher in order to ensure that any libelous content is taken down as soon as you become aware of it,” Kelsey wrote.
Noting that FSLabs welcomes “robust fair comment and opinion”, Kelsey gave the following advice.
“The ‘cmdhost.exe’ file in question is an entirely above board part of our anti-piracy protection and has been submitted to numerous anti-virus providers in order to verify that it poses no threat. Therefore, ANY suggestion that current or future products pose any threat to users is absolutely false and libelous."
The letter concluded with the suggestion of how much FSL would just hate to have to get their lawyers involved if the Reddit moderators left the critical posts up. The mods refused to comply, leading to FSL sending another message to the moderators accusing the critical posts of being defamatory and, if not cleaned up, the company would have "no choice" but to send in the lawyers.
Just to be clear, the legal threats here are nonsense. Contrary to the claims in the message, Reddit is not under any "obligation as a publisher" to take down such content, thanks to CDA 230. Oh, and all of that presumes that the original content is, indeed, libelous. Which it is not.
The mods again refused, while also accusing FSL of trying to game Reddit's voting system to push down critical posts.
“While what you do on your forum is certainly your prerogative, your rules do not extend to Reddit nor the r/flightsim subreddit. Removing content you disagree with is simply not within our purview.”
The letter, which is worth reading in full, refutes Kelsey’s claims and also suggests that critics of FSLabs may have been subjected to Reddit vote manipulation and coordinated efforts to discredit them.
Once again, responding to internet posts and comments a company doesn't like by trying to censor them, particularly after going through a reputational gauntlet previously, might just be about as dumb as it gets. Between the DRM, the shady installation of software, and the anti-consumer behavior to cover it all up, one wonders what flight simulator mod could possibly be worth engaging with FlightSimLabs ever again.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: censorship, defamation, drm, flight sims, free speech, intermediary liability, malware, threats
Companies: flightsimlabs, reddit
Reader Comments
The First Word
“There is no line, "fuzzy" or otherwise. DRM is malware, and needs to be recognized by the law as such. Accusations of copyright infringement need to be treated the same way as accusations of any other lawbreaking: the accused is innocent until proven guilty in a court of law. People aware of this issue have been trying to raise the alarm ever since the DMCA was first passed, and now look at how many other places the presumption of innocence is under attack in our society! We need to push back.
Subscribe: RSS
View by: Time | Thread
Flight sim people are weird and trapped
[ link to this | view in chronology ]
Re: Flight sim people are weird and trapped
[ link to this | view in chronology ]
Re: Flight sim people are weird and trapped
DO YOU SMELL TOAST?
[ link to this | view in chronology ]
Re: Re: Flight sim people are weird and trapped
F: Face drooping. Ask the person to smile, and see if one side is drooping.
A: Arm weakness. Ask the person to raise both arms.
S: Speech difficulty.
T: Time to call 9-1-1!
Best of luck on your recovery!
[ link to this | view in chronology ]
So, which tactic will our resident idiots use? The one where any action is acceptable if a company thinks it's losing money, lying about everyone who dares criticise said companies, or do we have the one where all gamers are personally attacked because a tiny niche market unaware of this company's actions might continue to but from them?
Let's see. The stupidity of those trying to defend these companies' actions is sometimes as entertaining as the actions themselves.
[ link to this | view in chronology ]
Re:
Copyright-types - always going to be a fucked up bunch.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
And given that the company has been caught violating the Act quite recently, why is there no indictment?
[ link to this | view in chronology ]
Re: Re:
Either way, I'm positive that what they're doing has to be more illegal - and is certainly more morally objectionable - and the piracy they claim to be trying to fight.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
Two words: Selective enforcement.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
But it's not like we expect citizens to give enough of a shit about that for there to be a change in their voting habits. There are much bigger issues to be addressed like who is fucking who in the privacy of their own bedroom and if money was involved or how to take peoples guns away. No matter which party you pine for the problem remains the same.
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Still you never know, perhaps they have found the right combination of legal expertese, bullshit and threats to prevail where others have failed.
On balance however, i probably wont be putting my money on it though.
[ link to this | view in chronology ]
Nothing shady here at all...
The company put out a statement explaining that the file is a part of its product activation software and that the file had been vetted by every major antivirus maker out there. Both appear to be true, which doesn't even begin to explain why FSL, having had its reputation so thoroughly tarnished recently, thought pulling this name convention trick with its DRM was a good idea.
... because as any good salesman/programmer/anyone with a working brain knows, the very best way to make it clear that a particular bit of code is totally aboveboard and not at all shady is to covertly slip it in with the rest of your program, using a technique commonly used by those pushing malware.
Their previous stunt of adding malware to their program burned through all the trust they might have enjoyed, and that they tried this leads me to suspect that despite their 'we're sorry you were offended' apology for that stunt, they haven't learned a thing.
[ link to this | view in chronology ]
Re: Nothing shady here at all...
[ link to this | view in chronology ]
Re: Nothing shady here at all...
They've learned that if they get caught all they have to do is issue an "apology" and then carry on as before.
[ link to this | view in chronology ]
Development And Industrial Training Company
9781896895 - Industrial Training Company In Chandigarh, Mohali |ClikSoft, Advance PHP, CMS), iOS , Android , Networking, Autocad, Embedded, Web Designing etc. Industrial Training Company In Chandigarh, Industrial Training Company In Mohali.ClikSoft is a Professional SEO and Website Design / Development Company in Mohali and Chandigarh. 100% Clients Satisfied with us.
[ link to this | view in chronology ]
Re: Development And Industrial Training Company
[ link to this | view in chronology ]
Re: Development And Industrial Training Company
[ link to this | view in chronology ]
Re: Development And Industrial Training Company
[ link to this | view in chronology ]
Re: Re: Development And Industrial Training Company
[ link to this | view in chronology ]
Re: Development And Industrial Training Company
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
'What an interesting idea... now, purely hypothetically and asking for a friend, how would one go about doing this?' - FSL
[ link to this | view in chronology ]
Of course we used underhanded tactics used by those with ill intentions, but we're the good guys!!
Hey wait, why are you guys using pirated versions with this "feature" stripped out?!!?
You HAD a devoted customer base.
You fucked them over once, pretended you were sorry, and are SHOCKED your latest bad idea burned you so bad.
You can tell it's a really bad plan because they are playing all of the cards trying to remove people stating their opinion on a game company who uses malware style tactics. Vetted by AV vendors... because AV NEVER FAILS.
Because you assholes put a password dumper on our machines last time we're supposed to trust you this time that its safe?
Produce a letter from an outside firm that your misleading program is not a threat to anyone.
Cause - We use sketchy tactics that can screw our cusotmers.
Effect - Why are more people looking for pirate copies stripped of this latest stupidity??
You have them locked into your platform, but you've done a very good job of pushing them to find a replacement. Hell a competitor could offer a discount to those customers fleeing you & make a killing.
Grats on trying to destroy your company yet again, I hope you manage to do it this time so that you can learn. Stupid should hurt and I hope you get sued into oblivion so a reputable person like Martin Shkreli can buy you in a bankruptcy sale... he might be a prick but hes honest about it.
[ link to this | view in chronology ]
Brilliant tactics
[ link to this | view in chronology ]
Re: Brilliant tactics
[ link to this | view in chronology ]
Re: Re: Brilliant tactics
[ link to this | view in chronology ]
Re: Re: Brilliant tactics
[ link to this | view in chronology ]
Awhile ago I came to the opinion that AV maker sometimes mark files known to be harmless as malware and vice versa. As a result, IMO, they lost any presumption of trust.
Like so many others, FSL seems to be suffering from Contempt-of-Customer, and a lack of concern for law or decency. As others have said, so many seem to think they deserve as much money as can be gotten and have little restraint about the doing.
ALSO, actual pirates would just strip the DRM anyway!
[ link to this | view in chronology ]
There is no line, "fuzzy" or otherwise. DRM is malware, and needs to be recognized by the law as such. Accusations of copyright infringement need to be treated the same way as accusations of any other lawbreaking: the accused is innocent until proven guilty in a court of law. People aware of this issue have been trying to raise the alarm ever since the DMCA was first passed, and now look at how many other places the presumption of innocence is under attack in our society! We need to push back.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Let them sue
It wouldn't take long for Reddit's lawyers to show that FSL's tactics don't pass the "duck test": if it looks like malware, if it smells like malware, and if it quacks like malware, then it's malware.
And look- a judge ruled *on the public record* that FSL is installing malware! Won't that be great for their business?
[ link to this | view in chronology ]
Re: Let them sue
That's...not how defamation suits work.
First, there's the question of Reddit's liability. Techdirt has quite a lot of articles on this subject under the section 230 tag, and Highlights From Former Rep. Chris Cox's Amicus Brief Explaining The History And Policy Behind Section 230 is an excellent recent primer.
Second, there's no "duck test". Calling the files that the software puts on the user's computer "malware" is an opinion based on disclosed facts; therefore, it's not defamatory. Here are a couple of good, recent Popehat articles that deal with the question of opinions based on disclosed facts:
Stephanie Clifford aka Stormy Daniels Files Questionable Defamation Suit Against Donald Trump In New York: Analysis
About The Bogus Defamation Claim Against Lee Stranahan
The difference between defamation and opinions based on disclosed facts is also near and dear to Techdirt, as it was the crux of Shiva Ayyadurai's failed lawsuit. There's plenty of information under the shiva ayyadurai tag, and a summary, plus the judge's opinion, under Case Dismissed: Judge Throws Out Shiva Ayyadurai's Defamation Lawsuit Against Techdirt. (As far as I know, the case is still pending appeal, but don't expect Ayyadurai to do any better the second time than he did the first.)
[ link to this | view in chronology ]
Which is, needless to say, *not* at all safe; it effectively opens your computer wide open. And (possibly) gives admin access to the flight sim and all other add-ons as well.
Again, very much *not* a desirable thing.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Just a technicality. This is not quite correct. Windows doesnt have a cmdhost.exe but it has conhost.exe and cmd.exe. The name has been chosen to create confusion with them.
[ link to this | view in chronology ]
system files
[ link to this | view in chronology ]
There are legitimate uses for functions that malware uses
The Oblivion Script Extender (OBSE) which is required to run many Mods for the game TES-IV Oblivion uses DLL Injection when it is launched. A common tactic used by malware.
This is how it inserts the code to allow for the extended scripting capabilities that OBSE dependent mods use for their enhanced features that would otherwise be impossible.
[ link to this | view in chronology ]