Home » Industry Watch
Download CLIX from Rixstep (And Nowhere Else)Tough times at CBS?
Do not download Rixstep software anywhere but from the Rixstep site. Repeat: Do not download Rixstep software anywhere but from the Rixstep site.
Just a note that your awesome product CLIX is currently not working as downloaded from CNET.com. Download is 246 KB zip file. Running Mavericks. Error message = unable to expand - error 1 operation not permitted. I tried multiple unarchive utilities and they all error'd out. Thank you very much. -J
CLIX is a security product. As such, it should not be acquired anywhere but from the vendor. This applies more and more to all types of software. Over the years there have been many attempts to compromise OS X users, not based on systemic flaws which are very hard to find, but on dirty tricks.
The only way a site like CBS CNET can be permitted to list and provide links for software products is if there's a tacit assumption or a formal promise to never tamper with the products.
Comparing the download offered by CNET and the original from the Rixstep site reveals the following.
√ The CNET download is 246208 bytes, the Rixstep original is 253875 bytes.
√ hexdump -Cv is used on both downloads and the output files are compared with FileMerge, resulting in the following.
√ There is one difference between the files, and that difference occurs at the end.
√ An older and more versatile version of HexFiend can then be used to inspect and extract this difference - which turns out to be the listing of file destinations, the lack of which in the CNET copy explains why people downloading ran into the following.
There is no sign of malfeasance at CNET, unless one wants to consider bad web code an act of malfeasance. This anomaly has happened once before with CNET, so the odds are good that this is only CNET incompetence shining through once more.
But don't take a chance. In this era of NSA free speech online, trust only your software providers to deliver the goods.
An HTTP GET also confirms that CNET really tried to take the download from Rixstep (but failed miserably).
http://download.cnet.com/CLIX/3000-18512_4-47673.html
http://dw.cbsi.com/redir?edId=3&siteId=4&oId=3000-18512_4-47673&ontId=18512_4&spi=0b1a29c8a71ff0a2deef5c648da34002&lop=link&tag=tdw_dltext<ype=dl_dlnow&pid=13429184
&mfgId=10017920&merId=10017920&pguid=UqDI8goOYIwAACJv5GYAAADy&ctype=dm;;language&cval=NONE;;en&destUrl=http
%3A%2F%2Fdownload.cnet.com%2F3001-18512_4-47673.html%3Fspi%3D0b1a29c8a71ff0a2deef5c648da34002
http://download.cnet.com/3001-18512_4-47673.html?spi=0b1a29c8a71ff0a2deef5c648da34002
/CLIX/3001-18512_4-47673.html?spi=0b1a29c8a71ff0a2deef5c648da34002
http://download.cnet.com/CLIX/3001-18512_4-47673.html?spi=0b1a29c8a71ff0a2deef5c648da34002
And that finally results in the following.
<META HTTP-EQUIV="Refresh" CONTENT="0; URL=ftp://rixstep.com/CLIX.zip"/>
Except it doesn't work. This however does:
ftp://rixstep.com/CLIX.zip
That should be 253949 bytes on the download, including the gunk Apple put on it, and when that gunk is stripped away, you should have 253875 bytes, and that's as it should be.
2nd Time Around
This isn't the first time this has happened with CNET. The first time was quite a while back. That it happens again and after such an interval indicates that they've never fixed the issue. Confidence in their programming expertise is not high to say the least.
VersionTracker got devoured by CNET (and CBS) and initially expectations were high. VersionTracker staff were (are) the best in the business, and have continually operated on a level of ethical standards not found in their upstart competitor 'MacXXXX' where all the rules were broken, and vendors and users all deceived.
VersionTracker staff have been promising improvements for years now. The course of action has to be to put more pressure on CNET to get their act together, not to join up with a band of ruffians from Bumphuck Michigan.
See Also
CLIX: Learn How to Fish
|