FlightSimLabs Installs More Questionable Stuff On Users' Machines, Then Threatens Reddit
from the bumpy-landing dept
Hopefully you will recall FlightSimLabs, the company that makes custom add-ons for computer flight simulation software. FSL made it onto our pages after a Reddit user noticed that every installation of FSL software, including that of a legitimate purchase, installed a file named “test.exe” which was not just a form of DRM, but which also serves as a Chrome password dumping tool, extracting user names and passwords from people’s web browsers. Whatever the fuzzy line between DRM software and malware, FLS’s installation of its text.exe file clearly leapt over that line with a flourish. The backlash in the Reddit communities and elsewhere was swift and severe, leading Lefteris Kalamaras, who runs FSL, to release the following statement.
We have already replaced the installer in question and can only promise you that we will do everything in our power to rectify the issue with those who feel offended, as well as never use any such heavy-handed approach in the future. Once again, we humbly apologize!
And that really, really should have been the end of it. If nothing else, the backlash from the community should have informed FSL as to the precise tolerance its customers had for this type of nonsense, which is to say zero. Amazingly, despite Kalamaras’ promise, it appears FSL tried to give this DRM thing another try, and somehow managed to make itself look even shittier in the process.
Just before the weekend, Reddit user /u/walkday reported finding something unusual in his A320X module, the same module that caused the earlier controversy.
“The latest installer of FSLabs’ A320X puts two cmdhost.exe files under ‘system32’ and ‘SysWOW64’ of my Windows directory. Despite the name, they don’t open a command-line window,” he reported. “They’re a part of the authentication because, if you remove them, the A320X won’t get loaded. Does someone here know more about cmdhost.exe? Why does FSLabs give them such a deceptive name and put them in the system folders? I hate them for polluting my system folder unless, of course, it is a dll used by different applications.”
If you don’t have a technical background at all, essentially FSL attempted to deliver DRM again onto users’ machines, but named the files to mimic a common Windows background file that users see all the time. It’s actually quite common for a user opening Task Manager to see several instances of cmdhost.exe running at once. In other words, it’s the kind of thing nearly everyone would scroll past, assuming its legit.
As several people on Reddit have pointed out, this sort of misleading naming of software services is a hallmark of malware.
“Hiding something named to resemble Window’s “Console Window Host” process in system folders is a huge red flag,” one user wrote.
“It’s a malware tactic used to deceive users into thinking the executable is a part of the OS, thus being trusted and not deleted. Really dodgy tactic, don’t trust it and don’t trust them,” opined another.
Why FSL seems to get all of its best ideas from the realm of malware is an open question. The company put out a statement explaining that the file is a part of its product activation software and that the file had been vetted by every major antivirus maker out there. Both appear to be true, which doesn’t even begin to explain why FSL, having had its reputation so thoroughly tarnished recently, thought pulling this name convention trick with its DRM was a good idea. Reddit users remained on the warpath, causing FSL to really torpedo its reputation even further.
In private messages to the moderators of the /r/flightsim sub-Reddit, FSLabs’ Marketing and PR Manager Simon Kelsey suggested that the mods should do something about the thread in question or face possible legal action.
“Just a gentle reminder of Reddit’s obligations as a publisher in order to ensure that any libelous content is taken down as soon as you become aware of it,” Kelsey wrote.
Noting that FSLabs welcomes “robust fair comment and opinion”, Kelsey gave the following advice.
“The ‘cmdhost.exe’ file in question is an entirely above board part of our anti-piracy protection and has been submitted to numerous anti-virus providers in order to verify that it poses no threat. Therefore, ANY suggestion that current or future products pose any threat to users is absolutely false and libelous.”
The letter concluded with the suggestion of how much FSL would just hate to have to get their lawyers involved if the Reddit moderators left the critical posts up. The mods refused to comply, leading to FSL sending another message to the moderators accusing the critical posts of being defamatory and, if not cleaned up, the company would have “no choice” but to send in the lawyers.
Just to be clear, the legal threats here are nonsense. Contrary to the claims in the message, Reddit is not under any “obligation as a publisher” to take down such content, thanks to CDA 230. Oh, and all of that presumes that the original content is, indeed, libelous. Which it is not.
The mods again refused, while also accusing FSL of trying to game Reddit’s voting system to push down critical posts.
“While what you do on your forum is certainly your prerogative, your rules do not extend to Reddit nor the r/flightsim subreddit. Removing content you disagree with is simply not within our purview.”
The letter, which is worth reading in full, refutes Kelsey’s claims and also suggests that critics of FSLabs may have been subjected to Reddit vote manipulation and coordinated efforts to discredit them.
Once again, responding to internet posts and comments a company doesn’t like by trying to censor them, particularly after going through a reputational gauntlet previously, might just be about as dumb as it gets. Between the DRM, the shady installation of software, and the anti-consumer behavior to cover it all up, one wonders what flight simulator mod could possibly be worth engaging with FlightSimLabs ever again.
Filed Under: censorship, defamation, drm, flight sims, free speech, intermediary liability, malware, threats
Companies: flightsimlabs, reddit
Comments on “FlightSimLabs Installs More Questionable Stuff On Users' Machines, Then Threatens Reddit”
Flight sim people are weird and trapped
If you invest in flight sims any or all you likely have thousands tied up in hardware plus whatever software and you are likely obsessed so you aren’t going to throw it all over to play doom xxx no your ready for extortion, what was that err … nintendo? flight sim game that called you a looser, if your already down with that you may was well play BDME and slavery and you.
Re: Flight sim people are weird and trapped
Um, what?
Re: Flight sim people are weird and trapped
ARE YOU HAVING A STROKE SIR?
DO YOU SMELL TOAST?
Re: Re: Flight sim people are weird and trapped
Sorry I’m late!
F: Face drooping. Ask the person to smile, and see if one side is drooping.
A: Arm weakness. Ask the person to raise both arms.
S: Speech difficulty.
T: Time to call 9-1-1!
Best of luck on your recovery!
So, yet again, a company installs literal spyware on innocent peoples’ computers and openly breaks various laws in order to try and make money they imagine is owed to them (on the very broken assumption that a pirated copy equals a full priced lost sale).
So, which tactic will our resident idiots use? The one where any action is acceptable if a company thinks it’s losing money, lying about everyone who dares criticise said companies, or do we have the one where all gamers are personally attacked because a tiny niche market unaware of this company’s actions might continue to but from them?
Let’s see. The stupidity of those trying to defend these companies’ actions is sometimes as entertaining as the actions themselves.
Re: Re:
Remember when average_joe and out_of_the_blue furiously insisted that the Sony rootkits were an “anomaly”? Never mind the fact that Sony was never punished for it, as recent as five years ago before this company rightsholders demanded for the right to install malware on computers they thought belonged to pirates.
Copyright-types – always going to be a fucked up bunch.
Re: Re: Re:
Their stance has always been the same – the law is the law and cannot be questioned, violators must be punished. Unless breaking it makes them more money, in which case it’s perfectly optional and everybody else’s rights are forfeit.
Re: Re:
How exactly does this NOT violate the Computer Fraud and Abuse Act?
And given that the company has been caught violating the Act quite recently, why is there no indictment?
Re: Re: Re:
I’m sure someone’s either working on it, or the company is such a niche / irrelevant entity it’s taking their own self-promotion to get authorities to notice them. Actually, why indict them now, when they seem intent on publicising everything bad they’re doing in public forums?
Either way, I’m positive that what they’re doing has to be more illegal – and is certainly more morally objectionable – and the piracy they claim to be trying to fight.
Re: Re: Re:
Just because something is illegal does not mean the AG or DA will press charges or even investigate. Selective enforcement of the law is a favorite go to for the authoritarian law n order types.
Re: Re: Re:
Two words: Selective enforcement.
Re: Re: Re: Re:
That, and some affected person actually has to report it to a prosecutor.
Re: Re: Re: Re:
Selective Enforcement is technically Unconstitutional and runs afoul of several “equal protection under the laws” statutes that exist practically all over the place in government and law.
But it’s not like we expect citizens to give enough of a shit about that for there to be a change in their voting habits. There are much bigger issues to be addressed like who is fucking who in the privacy of their own bedroom and if money was involved or how to take peoples guns away. No matter which party you pine for the problem remains the same.
Re: Re: Re:2 Re:
Unconstitutional enforcement of a law can result in the law being struck down via constitutional challenge. Given how much prosecutors rely on badly written laws like that, you’d think they’d be more careful.
FSLabs new motto: CRASH AND BURN!!!!!
Re: Re:
(Beeping in background) Terrain. Pull up. Terrain. Pull up. Terrain. Pull up.
Its certainly a daring PR strategy based on previous attempts by others to do the same thing.
Still you never know, perhaps they have found the right combination of legal expertese, bullshit and threats to prevail where others have failed.
On balance however, i probably wont be putting my money on it though.
Nothing shady here at all...
The company put out a statement explaining that the file is a part of its product activation software and that the file had been vetted by every major antivirus maker out there. Both appear to be true, which doesn’t even begin to explain why FSL, having had its reputation so thoroughly tarnished recently, thought pulling this name convention trick with its DRM was a good idea.
… because as any good salesman/programmer/anyone with a working brain knows, the very best way to make it clear that a particular bit of code is totally aboveboard and not at all shady is to covertly slip it in with the rest of your program, using a technique commonly used by those pushing malware.
Their previous stunt of adding malware to their program burned through all the trust they might have enjoyed, and that they tried this leads me to suspect that despite their ‘we’re sorry you were offended’ apology for that stunt, they haven’t learned a thing.
Re: Nothing shady here at all...
It also makes me wonder what hidden capabilities the new software has. Antivirus can only stop known malware, sure an antivirus company can analyze and produce new definitions, but unless I see proof of who the top consulting firms were as well as a report, I wouldn’t trust their latest attempt at malware.
Re: Nothing shady here at all...
They’ve learned that if they get caught all they have to do is issue an "apology" and then carry on as before.
Development And Industrial Training Company
9781896895 – Industrial Training Company In Chandigarh, Mohali |ClikSoft, Advance PHP, CMS), iOS , Android , Networking, Autocad, Embedded, Web Designing etc.
Industrial Training Company In Chandigarh, Industrial Training Company In Mohali.ClikSoft is a Professional SEO and Website Design / Development Company in Mohali and Chandigarh. 100% Clients Satisfied with us.
Re: Development And Industrial Training Company
I wasn’t. Horrible horrible service.
Re: Development And Industrial Training Company
Our SEO is based on spamming unrelated forums with BS messages, we’ll get you punished by the rankings while robbing you blind.
Re: Development And Industrial Training Company
Have you tried contacting FlightSimLabs – I have a feeling your company’s will like a plane, i mean house, on fire.
Re: Re: Development And Industrial Training Company
*get on
Re: Development And Industrial Training Company
Posting a spam ad, on a story about a company that does shady things. Targeting the kind of audience that reads a legal/tech blog. Brilliance!
Eeveryone knows that the proper way to implement DRM is to use code injection to escalate privileges so you can replace the boot loader.
Re: Re:
‘What an interesting idea… now, purely hypothetically and asking for a friend, how would one go about doing this?’ – FSL
We did this to stop the pirates!!!!!!!!
Of course we used underhanded tactics used by those with ill intentions, but we’re the good guys!!
Hey wait, why are you guys using pirated versions with this “feature” stripped out?!!?
You HAD a devoted customer base.
You fucked them over once, pretended you were sorry, and are SHOCKED your latest bad idea burned you so bad.
You can tell it’s a really bad plan because they are playing all of the cards trying to remove people stating their opinion on a game company who uses malware style tactics. Vetted by AV vendors… because AV NEVER FAILS.
Because you assholes put a password dumper on our machines last time we’re supposed to trust you this time that its safe?
Produce a letter from an outside firm that your misleading program is not a threat to anyone.
Cause – We use sketchy tactics that can screw our cusotmers.
Effect – Why are more people looking for pirate copies stripped of this latest stupidity??
You have them locked into your platform, but you’ve done a very good job of pushing them to find a replacement. Hell a competitor could offer a discount to those customers fleeing you & make a killing.
Grats on trying to destroy your company yet again, I hope you manage to do it this time so that you can learn. Stupid should hurt and I hope you get sued into oblivion so a reputable person like Martin Shkreli can buy you in a bankruptcy sale… he might be a prick but hes honest about it.
Brilliant tactics
Trying to bully/threaten users on Reddit is only about one or two steps less stupid than threatening 4chan. I can’t imagine this works out well for them.
Re: Brilliant tactics
But do they have Battletoads?
Re: Re: Brilliant tactics
No, but they can allow you to bullseye a womp rat in their T16 back home.
Re: Re: Brilliant tactics
Good game!
Awhile ago I came to the opinion that AV maker sometimes mark files known to be harmless as malware and vice versa. As a result, IMO, they lost any presumption of trust.
Like so many others, FSL seems to be suffering from Contempt-of-Customer, and a lack of concern for law or decency. As others have said, so many seem to think they deserve as much money as can be gotten and have little restraint about the doing.
ALSO, actual pirates would just strip the DRM anyway!
There is no line, "fuzzy" or otherwise. DRM is malware, and needs to be recognized by the law as such. Accusations of copyright infringement need to be treated the same way as accusations of any other lawbreaking: the accused is innocent until proven guilty in a court of law. People aware of this issue have been trying to raise the alarm ever since the DMCA was first passed, and now look at how many other places the presumption of innocence is under attack in our society! We need to push back.
Re: Re:
Yep, that’s right.
Let them sue
I say let FSL sue Reddit and see what happens.
It wouldn’t take long for Reddit’s lawyers to show that FSL’s tactics don’t pass the “duck test”: if it looks like malware, if it smells like malware, and if it quacks like malware, then it’s malware.
And look- a judge ruled *on the public record* that FSL is installing malware! Won’t that be great for their business?
Re: Let them sue
That’s…not how defamation suits work.
First, there’s the question of Reddit’s liability. Techdirt has quite a lot of articles on this subject under the section 230 tag, and Highlights From Former Rep. Chris Cox’s Amicus Brief Explaining The History And Policy Behind Section 230 is an excellent recent primer.
Second, there’s no "duck test". Calling the files that the software puts on the user’s computer "malware" is an opinion based on disclosed facts; therefore, it’s not defamatory. Here are a couple of good, recent Popehat articles that deal with the question of opinions based on disclosed facts:
Stephanie Clifford aka Stormy Daniels Files Questionable Defamation Suit Against Donald Trump In New York: Analysis
About The Bogus Defamation Claim Against Lee Stranahan
The difference between defamation and opinions based on disclosed facts is also near and dear to Techdirt, as it was the crux of Shiva Ayyadurai’s failed lawsuit. There’s plenty of information under the shiva ayyadurai tag, and a summary, plus the judge’s opinion, under Case Dismissed: Judge Throws Out Shiva Ayyadurai’s Defamation Lawsuit Against Techdirt. (As far as I know, the case is still pending appeal, but don’t expect Ayyadurai to do any better the second time than he did the first.)
A bit of poking around and apparently this file that’s been “vetted” more or less is a hollow shell of administrator privilege that another process can slip themselves into.
Which is, needless to say, *not* at all safe; it effectively opens your computer wide open. And (possibly) gives admin access to the flight sim and all other add-ons as well.
Again, very much *not* a desirable thing.
Don’t buy their shit. Use Free Software.
“It’s actually quite common for a user opening Task Manager to see several instances of cmdhost.exe running at once.”
Just a technicality. This is not quite correct. Windows doesnt have a cmdhost.exe but it has conhost.exe and cmd.exe. The name has been chosen to create confusion with them.
system files
Programs should either save in their own folders not strewn around the operating system. Sure piracy can be the death of smaller developers but heavy-handed responses are never the answer.
There are legitimate uses for functions that malware uses
I wouldn’t say that they are putting more malware into the computer from this alone.
The Oblivion Script Extender (OBSE) which is required to run many Mods for the game TES-IV Oblivion uses DLL Injection when it is launched. A common tactic used by malware.
This is how it inserts the code to allow for the extended scripting capabilities that OBSE dependent mods use for their enhanced features that would otherwise be impossible.