Hello GIMP devs. I'm hoping that someone on this list can help point me in the
My name is Andrew Brandt. I'm an security researcher for the antivirus company
I've come across a large number of installers for GIMP which have been
published by a company called iBryte.
That company, whose web site is at http://landing.ibryte.com/ creates
installers of open-source applications which have been bundled with additional
software. The installers require the person who is attempting to install these
products to agree to install all of the following software before they may have
the GIMP binaries:
-- "Pagerage" -- a browser plugin which embeds ads within Facebook. This is a
-- "Alot toolbar" and "alot.com" homepahe -- an adware toolbar and a
modification to the browser's default search settings (this is an optional
installation which is preselected)
-- "PlayBrite" -- some sort of software that's used to display ads while you
play online games through a web browser. This is a non-optional installation
which affects all installed browsers on the system.
-- "Yontoo Layers" -- a Firefox plugin which is installed during the process
but which is not disclosed in the installation Wizard. It is unknown what this
plugin does at this time.
I have a number of questions for someone who is in a position to speak on
behalf of the GIMP project.
-- Have you signed a distribution agreement with this company?
-- Are third parties permitted, according to your EULA, to bundle your product
-- If this company is distributing this software without your express, written
consent, what steps do you plan to take to put an end to this practice?
I realize this list goes to a lot of people, but I'm hoping this message will
end up in the hands of someone who can speak to all of these issues. Please
feel free to contact me directly if you have additional questions.
Lead Threat Research Analyst
Gimp-developer mailing list