Windows 7 Clean Install Download site has changed! Why is that?

DiracDeBroglie · 20 Nov 2012

The point is that -msft.digitalrivercontent.net- raises some (serious) questions about security and safety.

With all those ISO files, -msft.digitalrivercontent.net- is an ideal platform for distributing malware. Cybercrime is a very serious issue nowadays and I'm a bit surprised that people, and ICT folks especially, just download ISOs from that site without asking too many questions. For all I know millions of computers could be hit already by sophisticated and nearly undetectable malware from that site. Are people, including ICT folks, really *that* naive and not ask any questions about the site?

Who owns -digitalrivercontent.net- ? And can anyone proof the ownership of the site?
In case something goes wrong, who is then responsible and liable for any damage coming from ISOs on -digitalrivercontent.net- ? Is it Digital River, Inc.? If yes, give me proof.

In the case -digitalrivercontent.net- would be a source of malware, it is very likely that Digital River, Inc. will just walk away and will not be held responsible because there is no mentioning of -digitalrivercontent.net- on -www.digitalriver.com- ; there is simply no relationship between -digitalrivercontent.net- and Digital River, Inc.

j

derekimo · 20 Nov 2012

Sorry mate, can't give you any proof.

If you want 100% secure you'll have to acquire an install DVD from a reputable retailer.

These are convenience links, if you are not comfortable with them, by all means don't use them.

Britton30 · 20 Nov 2012

I've used the iso from Digital River and the Dell site with no issues. Don't use it if you think it's compromised.

Urthboundmisfit · 20 Nov 2012

DiracDeBroglie said:

The point is that -msft.digitalrivercontent.net- raises some (serious) questions about security and safety.

With all those ISO files, -msft.digitalrivercontent.net- is an ideal platform for distributing malware. Cybercrime is a very serious issue nowadays and I'm a bit surprised that people, and ICT folks especially, just download ISOs from that site without asking too many questions. For all I know millions of computers could be hit already by sophisticated and nearly undetectable malware from that site. Are people, including ICT folks, really *that* naive and not ask any questions about the site?

Who owns -digitalrivercontent.net- ? And can anyone proof the ownership of the site?
In case something goes wrong, who is then responsible and liable for any damage coming from ISOs on -digitalrivercontent.net- ? Is it Digital River, Inc.? If yes, give me proof.

In the case -digitalrivercontent.net- would be a source of malware, it is very likely that Digital River, Inc. will just walk away and will not be held responsible because there is no mentioning of -digitalrivercontent.net- on -www.digitalriver.com- ; there is simply no relationship between -digitalrivercontent.net- and Digital River, Inc.

j

SEC Form 10-K

On September 1, 2010, we announced an amendment of our agreement with Microsoft Corporation (“Microsoft”) to extend the term of the Microsoft Operations Digital Distribution Agreement through October 31, 2013. On August 30, 2010, we entered into the Microsoft Store USA statement of work with Microsoft whereby we will build, host and manage Microsoft® Store, an e-commerce store that supports the sale and fulfillment of Microsoft and third party software as well as consumer electronics products to customers in the United States. On March 2, 2011, Digital River began providing e-commerce hosting and payment processing services in connection with Microsoft Store. In addition to Microsoft Store, Digital River maintains its role as a reseller of Microsoft products via Digital River’s existing online stores. Currently, we are providing commerce services, ranging from transaction and payment processing, to e-marketing, digital downloads and fraud prevention in support of some of the popular Microsoft software titles, including Microsoft© Office. The global arrangement incorporates digital fulfillment across multiple geographies, including North America, Asia, Europe, Latin America and Australia.

Whois DigitalRiverContent.net - Digital River Content

Registrant:
Digital River, Inc.
10380 Bren Road West
Minnetonka, MN 55344
US

Domain Name: DIGITALRIVERCONTENT.NET

Digital River, Inc.
10380 Bren Road West
Minnetonka, MN 55344
US
952-253-1234 fax: 952-253-8497

Record expires on 23-Oct-2015.
Record created on 23-Oct-2006.

DiracDeBroglie · 20 Nov 2012

I would feel a lot more comfortable with downloading something from DR,Inc. if DR,Inc. would publish ALL their domain names (including -digitalrivercontent.net-) on their website (-www.digitalriver.com); that is just a matter of showing some corporate governance and transparency towards potential customers.
The fact that -digitalrivercontent.net- is nowhere to be found on DR's website feels like DR is trying to reject any responsibility with respect to the content on -digitalrivercontent.net- .
j

Britton30 · 20 Nov 2012

derekimo said:

Sorry mate, can't give you any proof.

If you want 100% secure you'll have to acquire an install DVD from a reputable retailer.

These are convenience links, if you are not comfortable with them, by all means don't use them.

Britton30 said:

I've used the iso from Digital River and the Dell site with no issues. Don't use it if you think it's compromised.

As said....

hatzie55 · 01 May 2014

DiracDeBroglie said:

The point is that -msft.digitalrivercontent.net- raises some (serious) questions about security and safety.

With all those ISO files, -msft.digitalrivercontent.net- is an ideal platform for distributing malware. Cybercrime is a very serious issue nowadays and I'm a bit surprised that people, and ICT folks especially, just download ISOs from that site without asking too many questions. For all I know millions of computers could be hit already by sophisticated and nearly undetectable malware from that site. Are people, including ICT folks, really *that* naive and not ask any questions about the site?

Who owns -digitalrivercontent.net- ? And can anyone proof the ownership of the site?
In case something goes wrong, who is then responsible and liable for any damage coming from ISOs on -digitalrivercontent.net- ? Is it Digital River, Inc.? If yes, give me proof.

In the case -digitalrivercontent.net- would be a source of malware, it is very likely that Digital River, Inc. will just walk away and will not be held responsible because there is no mentioning of -digitalrivercontent.net- on -www.digitalriver.com- ; there is simply no relationship between -digitalrivercontent.net- and Digital River, Inc.

j

DigitalRiver.com is a very old software distribution and e-commerce payment provider. Microsoft and many other software vendors use them for e-commerce.

Do a WHOIS lookup... DigitalRiverContent.net is registered to DigitalRiver.com

DigitalRiver.com WHOIS, DNS, & Domain Info - DomainTools
DigitalRiverContent.net WHOIS, DNS, & Domain Info - DomainTools

hatzie55 · 01 May 2014

...

gregrocker · 01 May 2014

I believe MS owns Digital River which is nonetheless their official software distribution site and likely well protected.

After the Win7 ISO servers were recently down we learned the downloads were being transferred to Azure servers.

We have been working daily with these ISO's for their entire life and never heard of any infection.

DiracDeBroglie · 02 May 2014

Azure servers?? Were would those be physically located? China? India? Europe? New-USSR (Russia)? or ... maybe US???
Soon I will have to perform a Clean Installation of my setup again.
So, just for our information, what is then the current web link/site for downloading Win7 ISOs?
Kind regards,
j