FlightSimLabs Installs More Questionable Stuff On Users' Machines, Then Threatens Reddit

from the bumpy-landing dept

Hopefully you will recall FlightSimLabs, the company that makes custom add-ons for computer flight simulation software. FSL made it onto our pages after a Reddit user noticed that every installation of FSL software, including that of a legitimate purchase, installed a file named "test.exe" which was not just a form of DRM, but which also serves as a Chrome password dumping tool, extracting user names and passwords from people's web browsers. Whatever the fuzzy line between DRM software and malware, FLS's installation of its text.exe file clearly leapt over that line with a flourish. The backlash in the Reddit communities and elsewhere was swift and severe, leading Lefteris Kalamaras, who runs FSL, to release the following statement.

We have already replaced the installer in question and can only promise you that we will do everything in our power to rectify the issue with those who feel offended, as well as never use any such heavy-handed approach in the future. Once again, we humbly apologize!

And that really, really should have been the end of it. If nothing else, the backlash from the community should have informed FSL as to the precise tolerance its customers had for this type of nonsense, which is to say zero. Amazingly, despite Kalamaras' promise, it appears FSL tried to give this DRM thing another try, and somehow managed to make itself look even shittier in the process.

Just before the weekend, Reddit user /u/walkday reported finding something unusual in his A320X module, the same module that caused the earlier controversy. “The latest installer of FSLabs’ A320X puts two cmdhost.exe files under ‘system32\’ and ‘SysWOW64\’ of my Windows directory. Despite the name, they don’t open a command-line window,” he reported. “They’re a part of the authentication because, if you remove them, the A320X won’t get loaded. Does someone here know more about cmdhost.exe? Why does FSLabs give them such a deceptive name and put them in the system folders? I hate them for polluting my system folder unless, of course, it is a dll used by different applications.”

If you don't have a technical background at all, essentially FSL attempted to deliver DRM again onto users' machines, but named the files to mimic a common Windows background file that users see all the time. It's actually quite common for a user opening Task Manager to see several instances of cmdhost.exe running at once. In other words, it's the kind of thing nearly everyone would scroll past, assuming its legit.

As several people on Reddit have pointed out, this sort of misleading naming of software services is a hallmark of malware.

“Hiding something named to resemble Window’s “Console Window Host” process in system folders is a huge red flag,” one user wrote. “It’s a malware tactic used to deceive users into thinking the executable is a part of the OS, thus being trusted and not deleted. Really dodgy tactic, don’t trust it and don’t trust them,” opined another.

Why FSL seems to get all of its best ideas from the realm of malware is an open question. The company put out a statement explaining that the file is a part of its product activation software and that the file had been vetted by every major antivirus maker out there. Both appear to be true, which doesn't even begin to explain why FSL, having had its reputation so thoroughly tarnished recently, thought pulling this name convention trick with its DRM was a good idea. Reddit users remained on the warpath, causing FSL to really torpedo its reputation even further.

In private messages to the moderators of the /r/flightsim sub-Reddit, FSLabs’ Marketing and PR Manager Simon Kelsey suggested that the mods should do something about the thread in question or face possible legal action. “Just a gentle reminder of Reddit’s obligations as a publisher in order to ensure that any libelous content is taken down as soon as you become aware of it,” Kelsey wrote. Noting that FSLabs welcomes “robust fair comment and opinion”, Kelsey gave the following advice. “The ‘cmdhost.exe’ file in question is an entirely above board part of our anti-piracy protection and has been submitted to numerous anti-virus providers in order to verify that it poses no threat. Therefore, ANY suggestion that current or future products pose any threat to users is absolutely false and libelous."

The letter concluded with the suggestion of how much FSL would just hate to have to get their lawyers involved if the Reddit moderators left the critical posts up. The mods refused to comply, leading to FSL sending another message to the moderators accusing the critical posts of being defamatory and, if not cleaned up, the company would have "no choice" but to send in the lawyers.

Just to be clear, the legal threats here are nonsense. Contrary to the claims in the message, Reddit is not under any "obligation as a publisher" to take down such content, thanks to CDA 230. Oh, and all of that presumes that the original content is, indeed, libelous. Which it is not.

The mods again refused, while also accusing FSL of trying to game Reddit's voting system to push down critical posts.

“While what you do on your forum is certainly your prerogative, your rules do not extend to Reddit nor the r/flightsim subreddit. Removing content you disagree with is simply not within our purview.” The letter, which is worth reading in full, refutes Kelsey’s claims and also suggests that critics of FSLabs may have been subjected to Reddit vote manipulation and coordinated efforts to discredit them.

Once again, responding to internet posts and comments a company doesn't like by trying to censor them, particularly after going through a reputational gauntlet previously, might just be about as dumb as it gets. Between the DRM, the shady installation of software, and the anti-consumer behavior to cover it all up, one wonders what flight simulator mod could possibly be worth engaging with FlightSimLabs ever again.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: censorship, defamation, drm, flight sims, free speech, intermediary liability, malware, threats

Companies: flightsimlabs, reddit