Welcome Guest.   Make a donation to an author on the site September 19, 2014, 10:59:54 PM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
Read the full one-year retrospective report on DonationCoder.com.
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: Prev 1 2 [3] 4 5 6 7 8 ... 20 Next   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: What the hell is OpenCandy?  (Read 124265 times)
1NR1
Supporting Member
**
Posts: 29


View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #50 on: May 14, 2009, 10:39:43 PM »

Hm-mm.  Good discussion here about many sensitive issues: downloading transparency, up front information, what is an ad and what constitutes spying. Perfect subjects for the DC site.

I for one when first reading about Open Candy thought the concept seemed somewhat benign, even after reading and re-reading "opposite" sides of the issue.

Until I viewed the 'video'.  This is "in you face" advertising.  Of course so is most marketing online and to me it's only the Internet version of floor posters in the grocery aisles. Those I never read. However, Open Candy requires that you read their advertising and read it closely and become a participant, willing or otherwise, by tapping your options. 

Lastly, this concept lends itself well to a shifting baseline, that is, will this style of marketing creep into general use?  Probably, especially when 'names' are throwing money at it, and those (like me) who would rather burn and loot than sell-out, fade away.

Cordially,
NR

Logged
cmpm
Charter Member
***
Posts: 2,025

View Profile Give some DonationCredits to this forum member
« Reply #51 on: May 15, 2009, 11:13:05 AM »

I can either super glue my mailbox shut (that is in my front yard).
Or throw the ads away, but wait.
There may be an ad in there I'm interested in, and there has been.

Point being, what is being advertised is as important as how it is being advertised. Since as the daily mail in my front yard (what a waste of paper) can be discarded.

And it seems to me I have opted in without my sayso to many bs mailings. Just by living here. And the county publishing info on my house.

So, if they would ask first if they could mail me some ads that would be nice. But no, I'm here-they know it and I can not stop the junk mail. Just throw it away.

But I don't have to call their phone or respond to them directly.

The US Postal Service doesn't seem to care much.
Except for fraud.

----

OC seems to open their doors to software.

Ok-finally-question! Questions actually.

What are the requirements to be an "opt-in".

Is the software through OC inspected in any way.
Such as Softpedia and MajorGeeks and many others.
What are the standards set to be a part of OC?

The installer issue aside, I'm talking quality and safety.
As well as ad-free operation of the product as discussed.
And full disclosure of info collecting practices of the products included in OC's opt-in.

-Maybe this was covered, and I missed it....

Kind of like-
I only want quicktime-not itunes
or worse.....
Logged
drapps
Supporting Member
**
Posts: 29


View Profile Give some DonationCredits to this forum member
« Reply #52 on: May 15, 2009, 12:49:24 PM »

Quote
@cmpm: Is the software through OC inspected in any way.
Such as Softpedia and MajorGeeks and many others.
What are the standards set to be a part of OC?

The installer issue aside, I'm talking quality and safety.
As well as ad-free operation of the product as discussed.
And full disclosure of info collecting practices of the products included in OC's opt-in.


Quote
Excerpt from my long post

@drapps said

What happens when a developer wants to participate (as a publisher or advertiser) in the OpenCandy network

-I check the Hosts file providers to see if a potential developer that wants to participate in OpenCandy is on those lists.

-I check McAfee SiteAdvisor and WoT.

-I check the potential publisher’s and advertiser’s installers using Virus Total.

-I check antispyware forums to see if user’s have any issues with the software.

-I look at the company’s business practices in general.

In addition, our software guidelines (which we be available soon for all to see) were built on top of AND further enhance policies created by Download.com, StopBadware, and the Antispyware Coalition. As well as our own ideals…

I (and the rest of the OpenCandy team) don't want ANY software in our network that we wouldn't use ourselves (or recommend to our mother, father, sisters, brothers, best friends, etc..). That's a big part of what I do at OpenCandy, I make sure potential members of our network meet that quality/security/privacy bar. smiley I accomplish that by going through the steps outlined above, as well as by downloading, installing and testing each piece of software myself.

Hope that helps. smiley

Thanks!

Dr. Apps
Software Community Guru
OpenCandy

http://twitter.com/drapps



Logged

Dr. Apps
Software Community Guru for SweetLabs

http://twitter.com/drapps
cmpm
Charter Member
***
Posts: 2,025

View Profile Give some DonationCredits to this forum member
« Reply #53 on: May 15, 2009, 01:16:42 PM »

Thanks for the reminder from your earlier post.

The current software outlets are quite sufficient and list the products/applications that are useful to me.

And, well, I would like to see what softwares signup with OC.
So we will see. That will be very revealing I think.
Logged
drapps
Supporting Member
**
Posts: 29


View Profile Give some DonationCredits to this forum member
« Reply #54 on: May 15, 2009, 03:09:04 PM »

Thanks for the reminder from your earlier post.

The current software outlets are quite sufficient and list the products/applications that are useful to me.

And, well, I would like to see what softwares signup with OC.
So we will see. That will be very revealing I think.


@cmpm

From the publisher side (those who recommend) a few apps you can check out are MediaCoder, MediaInfo and Startup Manager to see the (high) quality of software they are recommending.

We've been in a "closed beta" since October 2008 and we've focused exclusively on getting the developers of the high-quality applications we (personally) know and love to participate in the network. We've also been reaching out to developers of great applications on the Download.com Top 50 and Sourceforge.net Top 50, as well as other highly regarded apps (the awesome apps out there that are still largely undiscovered and thus don't have the download volume it takes to be included on "Top 50" lists).

Also, just to reiterate, the developers (acting as publishers) in our network ARE and ALWAYS will be the ones who picks the software they want to recommend (from the available pool of applications that have passed our strict guidelines).

If you haven't seen the YouTube video I put up yesterday, it's available here: http://www.youtube.com/watch?v=7Wr5DIbOAaA

Thanks smiley

Dr. Apps
Software Community Guru
OpenCandy

http://twitter.com/drapps
Logged

Dr. Apps
Software Community Guru for SweetLabs

http://twitter.com/drapps
40hz
Supporting Member
**
Posts: 10,670



see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #55 on: May 15, 2009, 04:50:51 PM »

If you haven't seen the YouTube video I put up yesterday, it's available here: http://www.youtube.com/watch?v=7Wr5DIbOAaA

I watched it and, quite frankly, I didn't like it. To my mind, it felt a bit like when a sales clerk attempts to do an "up sell" on me while I'm trying to check out.

Just my 2¢

I also asked four other people to watch it, and made it a point to say nothing other than: What do you think about this service? All four said it wasn't something they much cared for. One of them went so far as to say she though it 'presumptions.'

Just their 2¢

Between them and me you now have a dime's worth of customer input!  Grin Thmbsup



Logged

Don't you see? It's turtles all the way down!
cmpm
Charter Member
***
Posts: 2,025

View Profile Give some DonationCredits to this forum member
« Reply #56 on: May 15, 2009, 06:01:36 PM »

The concept seems to be usable, but it's implementation will be dicey.

Quote
@drapps said

What happens when a developer wants to participate (as a publisher or advertiser) in the OpenCandy network

-I check the Hosts file providers to see if a potential developer that wants to participate in OpenCandy is on those lists.

-I check McAfee SiteAdvisor and WoT.

-I check the potential publisher’s and advertiser’s installers using Virus Total.

-I check antispyware forums to see if user’s have any issues with the software.

-I look at the company’s business practices in general.

Adding using/testing the program would be essential.
Or have them tested independently by a number of resources.
I currently have 20 feeds for software.
They all test and run the software themselves and give a review.

I'd be willing to bet each one would give these-
Quote
(the awesome apps out there that are still largely undiscovered and thus don't have the download volume it takes to be included on "Top 50" lists)
a chance and test and run. As well as a post on their blogs if they are truly good apps, not even awesome.

DC sets here with open forums for such developers with applications to be discovered. DonationCoder is the most popular site according to a recent article. If exposure is needed there are a few ways to do it here as well as the feeds.

Recommendations based on what I already use......
or based on what someone wants me to use.
Either way, what I use is being monitored for sales.

Let's get it straight, there's a difference between discussing programs and selling them.
I'm not against sales, but the purpose is clear.
And some good programs can be found in this manner.

I don't believe it's spyware or adware but a way to sell.

Quote
From the publisher side (those who recommend) a few apps you can check out are MediaCoder, MediaInfo and Startup Manager to see the (high) quality of software they are recommending.

What publisher is recommending these programs for instance?


Logged
drapps
Supporting Member
**
Posts: 29


View Profile Give some DonationCredits to this forum member
« Reply #57 on: May 15, 2009, 08:39:37 PM »

Quote
@cmpm
Adding using/testing the program would be essential.
Or have them tested independently by a number of resources.
I currently have 20 feeds for software.
They all test and run the software themselves and give a review.

Yes, that's part of the approval process... In addition to the testing I've done (over the past 9+ years) and continue to do to this day, I (we) also rely heavily on third party reviews. My top/favorite download/review sites are Betanews, Majorgeeks, Filehippo, GivewayoftheDay, Elite Freeware, DonationCoder, Confessions of a Freeware Junkie, Freeware Genius, MSFN, NeoWin, Snapfiles, Download.com and Softpedia... I've been frequenting those sites for years to discover software and read reviews to try to find the "diamonds in the rough". I also frequent developers' forums, security forums, user help forums, etc...  smiley

Quote
@cmpm Recommendations based on what I already use......
or based on what someone wants me to use.
Either way, what I use is being monitored for sales.

Open source and freeware publishers recommending other freeware or open source software has nothing to do with sales. In that case, they do it because they love an app and believe their users could benefit or derive value from using it as well. smiley

Quote
I don't believe it's spyware or adware...

 thumbs up

Quote
... but a way to sell.

Yes, for commercial software developers, using OpenCandy is a way to increase their distribution in an effort to acquire more paying customers. smiley

Quote
@drapps From the publisher side (those who recommend) a few apps you can check out are MediaCoder, MediaInfo and Startup Manager to see the (high) quality of software they are recommending.

Quote
@cmpm What publisher is recommending these programs for instance?

In the case of those programs (MediaCoder, MediaInfo and Startup Manager) they cross-recommend each other (with the exception that MediaCoder doesn't recommend Startup Manager via OpenCandy).

Thanks. smiley

Dr. Apps
Software Community Guru
OpenCandy

http://twitter.com/drapps
Logged

Dr. Apps
Software Community Guru for SweetLabs

http://twitter.com/drapps
cmpm
Charter Member
***
Posts: 2,025

View Profile Give some DonationCredits to this forum member
« Reply #58 on: May 15, 2009, 10:33:16 PM »

Quote
Open source and freeware publishers recommending other freeware or open source software has nothing to do with sales.

I did not limit the publishers to open source and freeware. Has OC? Open source is one thing and freeware is another. And donations accepted on both.
To which I am not opposed to. Obviously, I'm here, though I haven't donated much.

It is a centralizing of product distribution.
Nothing new, there are distribution sites all over the net.

Why is it sounding different?
Downloads kept track of by a third party-OC.
Recommending more products-based on info gathered from my software

You would be in my computer, to a degree.
Like Google in everything I say on the net.
Doesn't take much to profile a person.

Quote
Venture Capital & Capitalism (GASP!)

We are in business to help developers get more visibility and make money, if they chose to do so. It's a key part of enabling our vision of helping developers innovate and create better, more competitive products. By doing so, consumers benefit by having better products available to them. That's our vision. We limit our ability to help developers accomplish this if we can't help them gain visibility and/or make money.

Info is not safe, so someone will pick up on a program I use.
Yeah, I'm sure there are ways to use it in a way I would be bothered by, if not infringed upon. How many publishers' privacy agreements look like gmail's?


Google claims that privacy crap too.
Sent an email to my friends new address.
His email is- me at *****. Not gmail.
Now I get spam from someone named "me".
Tons of it goes in the spam folder on auto.
Never had spam from "me" until I emailed him ONCE.

Index my words on the net, but no indexing of my software on my computer.


« Last Edit: May 15, 2009, 10:44:13 PM by cmpm » Logged
superboyac
Charter Member
***
Posts: 5,676


Is your software in my list?

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #59 on: May 15, 2009, 11:20:19 PM »

I have to add one observation here.  I agree with mouser that there is technically nothing wrong with what OC is doing.  But I also understand what kartal is saying, and I do have one foot partially in his camp.  That is, I'm not as committed as he is to the idea, but I lean that way more so than the way of OC.

Now, Dr. Apps is saying all the right things regarding OpenCandy to satisfy the suspicions of the predominantly ad-unfriendly atmosphere here.  But I'd like to point out that you end each post with:
Quote
Dr. Apps
Software Community Guru
OpenCandy

http://twitter.com/drapps
Big deal, right?  Well, this kind of mimics the situation we are discussing.  Why do you put this at the end of each post?  This forum already allows for a signature field.  The signature field can be turned off in each person's user options.  So, by you not putting it in the signature, but in the actual post, you are bypassing the intent of that feature of this site.  Sure, you are not doing anything wrong, but your intent is clearly subversive.  This is the same kind of annoyance that we as users feel with things like OC for installing programs.  Yes, technically there's nothing wrong with it, but it's annoying.  Clever, is the most positive word I can use for it.  My opinion is that the amount of "good" that comes from OC is pretty minimal.

But again, I want to emphasize that it's not an issue I would really take sides about.  I would more likely just roll my eyes to OC and think "Cmon, man, you know what you're doing.  Maybe you have to do it, we all have to do things we don't absolutely love sometimes to get through life, but don't pretend like it's this great thing."
Logged

mouser
First Author
Administrator
*****
Posts: 33,363



see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #60 on: May 15, 2009, 11:27:25 PM »

Quote
but your intent is clearly subversive.

may i hazard a guess that as a new user of the forum, this just didn't occur to andrew and that his intent was not "subversive"  Grin

come on guys -- by all means disagree and express your opinions strongly.. but what happened to that old DC spirit of assuming the best in people and giving people the benefit of the doubt.  we can disagree in good faith without accusing someone of knowingly subverting the natural order of the universe just because they haven't configured their signature.

wouldn't it be more in DC spirit to tell andrew how to use the signature system and then wait for him to rip off his mask and reveal that he is doctor evil before making the accusation that he is doing it on purpose because he has figured out that people can disable signatures and has come up with a clever dastardly way around that loophole, so that everyone will see his name at the end, and never be able to disable it.

ps. note that the link at the bottom is to his twitter page, not to OpenCandy page.. damn you guys are really in attack mode lately.. Deep breaths everyone -- remember all you old timers are ambassador's for DC -- you are supposed to be setting a standard for humility, generosity, and a welcoming spirit.
« Last Edit: May 15, 2009, 11:36:11 PM by mouser » Logged
kartal
Supporting Member
**
Posts: 1,529


View Profile Give some DonationCredits to this forum member
« Reply #61 on: May 15, 2009, 11:32:43 PM »

superboyac, very good points.

Since I am one of the loudest regarding these matters here I would like to point out that I am not against OC per se. What I am against is those who exploit people`s harmless trust on such services and our very short computer history is full of these kinds of massive exploitation. As long as OC behaves like a good entity and does take the dark side(although some of the founders ahs done it multiple times in the past) I would not raise my voice much. But I am suspicious of their justifications and means that is why I am questioning OC`s integrity here.

I personally would not use any software OC is embedded even if they are the good guys. I also would try to inform those people who see no harm in this.

I hope that drapps does not take my verbal negativity personal because it has nothing to do with him, with his skills or with his words. His integrity would not change my mind at all. My intuition tells me that something is little fishy with OC, that is all smiley


You know if they have money and man power they can find many other ways to make money. Either they ran out of ideas or there is big money in this.

« Last Edit: May 15, 2009, 11:41:22 PM by kartal » Logged
superboyac
Charter Member
***
Posts: 5,676


Is your software in my list?

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #62 on: May 15, 2009, 11:52:35 PM »

may i hazard a guess that as a new user of the forum, this just didn't occur to andrew and that his intent was not "subversive"  Grin
Ok, ok...I kind of was thinking that as soon as I sent in the message.  OK, I'm sorry.  Normally, i wouldn't say anything about it, but i thought it made a good point about the whole topic being discussed.  Again, technically, there is nothing wrong and the polite thing to do would be what mouser said and point out the signature field.  I just wanted to specifically make a point in this case because it directly correlated to the discussion.  And granted, the point was a very subtle, minor one about intentions, psychology, etc.

Along these lines of psychology, I still feel compelled to say a little more.  Even operating under the pc assumtion that drapps did not know about the signature feature, there's still a feel of (almost negligible) annoyance at the way it is done.  Let's compare it to what Stephen Avery does:  he signs off on his posts with a "Shalom".  Even though he and drapps are technically doing the same thing, the psychology is different.  Stephen's is very innocent...I want to even say charming and pleasant.  Drapps leans more towards the annoying side.

The reason why I'm talking so much about it is because that's exactly the way a lot of us feel about OC.

Seriously, drapps, no disrespect.  The word subversive was much too strong for what I meant...I meant something much more neutral...I don't have a good enough vocabulary to know what that word is...but that's the word I meant.
Logged

superboyac
Charter Member
***
Posts: 5,676


Is your software in my list?

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #63 on: May 15, 2009, 11:55:33 PM »

To dr. apps and mouser:
Logged

mouser
First Author
Administrator
*****
Posts: 33,363



see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #64 on: May 15, 2009, 11:58:14 PM »

superboy: hahahaha  Grin Grin Grin Grin Grin Grin
that redeemed you  Thmbsup  Kiss

Off Topic:

I will say that personally i think that ideal forum etiquette would involve not specifying a signature with links until you have established a regular presence on a forum (regardless of whether you use a built in signature or simply end your posts with something standard).

I'm probably in the minority on that point, and i'm not complaining about the practice.  I just think in general people might be better off not putting links in their signature until they've been around for a while, or people might jump to the conclusion that the *reason* you are posting is simply to get visitors at your page. [in the case of andrew this really isn't what's going on since we know he is directly replying to the issues about OpenCandy, so it's kind of irrelevant point in this case -- but the general principle remains].
Logged
cmpm
Charter Member
***
Posts: 2,025

View Profile Give some DonationCredits to this forum member
« Reply #65 on: May 16, 2009, 12:39:08 AM »

Is it a download that will install in the computer?
From what I've seen it is.
Probably like one of those update checkers.
What is not being said or addressed speaks.
Is it web based or a program to be installed?

Sure it would be great if it is handled and worked as promised and privacy was actually attainable. The promise of privacy can be over ridden by higher powers.

Yes, welcome, drapps, and set a while. The idea of OC is fine. Making money all around is great, they deserve it, so is users who like the software.

I'm noone, I have nothing to hide on my computer.
But I don't want anyone poking around in it either.

I don't know how OC works.
It sounds like OC inside my computer initiated by OC.
Rather them me submitting my info and get feedback.

Been burned and watched a few fires.
Questions will be asked, especially where people know a few things.

Hope you get the thing in the open soon.
Then it can be tested.
Logged
Carol Haynes
Waffles for England (patent pending)
Global Moderator
*****
Posts: 7,955



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #66 on: May 16, 2009, 10:08:00 AM »

Sorry if I am being dim but there are a couple of questions I don't really get:

  • When you install an application are the recommended title installers included in the download or does the installer download the extra software as required by the user? If the latter is the case then this is a better alternative than every bit of software you download including extra crap - I am personally sick of wasting time and bandwidth downloading Yahoo toolbar every time I download a shareware trial or update an application (like CCleaner). If the installer merely contain the suggestion and a pointer that to me would be a step forward.
  • How easy wold this system be to spoof and cause real mayhem across the internet - if there is no control over where you choose to download applications from I think there is a serious potential for major abuse of people's systems.
  • In the long post above a number of checks are listed. I have serious problems with some of those checks - MacAfee SiteAdviser is known to be broken because they don't update their system often enough. I have also found a number of legitimate sites blocked by some of the free HOSTS files you mentioned (and is one of the reasons I gave up using a downloadable HOSTS file for security - there is no way anyone can check 170000 entries manually so how do you know they are legitimately blocked).

If you must use advertising within installers (which I personally abhor - in fact I abhor the whole advertising 'culture' that has been lying to and abusing western society since the 30s) then I would much prefer that you list your recommendations simply with a link tot he developers website and preferably a link to a trusted download website where apps are test for spyware and allow user feedback. If you want to receive click through revenue from this you still can but it would be more reassuring that the end user gets to at least see who the developer is and some feedback from real people before committing to installing the application.
Logged

mouser
First Author
Administrator
*****
Posts: 33,363



see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #67 on: May 16, 2009, 10:21:36 AM »

Quote
I would much prefer that you list your recommendations simply with a link tot he developers website and preferably a link to a trusted download website where apps are test for spyware and allow user feedback.

I know that many novice users would prefer the convenience of being able to click to install the recommended software, but i think Carol's point is yet another reason why it's so important to provide a link to the recommended program's website (possibly with something similar to an affiliate id in the url).

I'm with carol -- i wouldn't trust any installer to download the recommended program for me (it's not a matter of trusting OC -- if anything it's a matter of trusting the author who wrote the program i was installing).

If i found the recommendation useful i would want to go to the recommended program's original website and download it from there, which doesn't in any way take away from or hurt the OC model as i see it.
« Last Edit: May 16, 2009, 10:23:23 AM by mouser » Logged
drapps
Supporting Member
**
Posts: 29


View Profile Give some DonationCredits to this forum member
« Reply #68 on: May 16, 2009, 02:45:46 PM »

Apology accepted @superboyac. And sorry about the signature everyone. There wasn't anything subversive or psychological about it. I'm kind of an old school/old fashioned guy and sometimes I'm perhaps a little too formal... My father was pretty strict which is probably the reason (I also tend to be overly polite). In this case I thought the right thing to do was put my info in the bottom of my posts, not knowing that some people like to hide (I didn't even know you could hide) signatures on DC. I should have spent time going through my profile and putting my signature in there. Side note: If anyone here every meets me in person, you'll notice I'm even worse at saying goodbyes. I'm the type of person that worries that every time I say goodbye to a person (even if I'm supposed to see them the next day) that it could be the last time I ever seen them.

And now for my shocking (and slightly embarrassing) revelation: Until now the only time I'd ever posted on a forum was about 10 years ago... on a Volkswagen forum. smiley When I started the Appsolute Tech Show (my defunct podcast about great Windows/Mac/Linux software) it was the first time I was using my tech knowledge to give back to the online community (I've been doing it offline for a long time). From there I discovered Twitter and thought it would be a good place to help people with hardware/software problems and post when updates to software that I loved were available. So, historically, I've pretty much kept to myself on the internet. Which explains why I'm still learning forums and good "netiquette". smiley

To that end: I added my signature via the DonationCoder profile settings and I will no longer manually put it in the body of my posts. smiley

@kartal

No personal offence taken. When I interviewed for my position at OpenCandy I was skeptical as well. I'd been around long enough that MY intuition was telling me something could be fishy. But something in my head made me make the decision to get on a plane for the first time in 15 years and fly 3000 miles to meet with the OpenCandy team (the whole story is here: http://www.opencandy.com/blog/entry.php?id=7). My intuition was wrong (which is rare)... I made the right choice to visit with the team because I found people that are passionate about solving a problem: regular people still have trouble discovering great software and developers still need new (or better) methods of distributing software and some developers (like freeware and open source) would like to make money (outside of donations or Cafepress t-shirts) from their existing software distribution but do it in a way not previously possible (user-friendly, opt-in recommendations for software they personally use and/or love).

We all have to find a way to make a living. To me the greatest thing you can do is to find a way to get paid doing something you love and are passionate about. I'm passionate about software and have personally (face to face) introduced hundreds of people to software they had no idea existed. Now I have the chance to reach even more people.

@cmpm

I think I understand what you are asking, but if I miss something, please let me know. smiley

Quote
@cmpm "Is it a download that will install in the computer?"

You mean OpenCandy right? OpenCandy is a plugin that developers integrate into their software installer to make recommendations. The OpenCandy plugin has absolutely no functionality outside of the software installer it was integrated with. If you choose to accept a recommendation, then the OpenCandy download manager (which is part of the plugin) will open up and download the installer for the software you choose to install. That's it. The OpenCandy plugin/download manager has no persistent functionality.

Quote
@cmpm "Probably like one of those update checkers."

I think I covered that in the previous question. But no, OpenCandy is not like an update checker, it's only functionality is allowing a developer to recommend software during installation of their software and to download the recommended software if the user chooses to accept the recommendation.

Quote
@cmpm "Is it web based or a program to be installed?"

OpenCandy's technology includes both an installer plugin and our backend technology which instructs the installer which software it can recommend based on the pool of applications the developer chose.

Quote
@cmpm "Hope you get the thing in the open soon.
Then it can be tested."

It can be tested today. OpenCandy recommendations are in millions of downloads every month. To see it in action you can check out some of the programs I mentioned a few posts up.

Quote
@Carol Haynes

"When you install an application are the recommended title installers included in the download or does the installer download the extra software as required by the user? If the latter is the case then this is a better alternative than every bit of software you download including extra crap - I am personally sick of wasting time and bandwidth downloading Yahoo toolbar every time I download a shareware trial or update an application (like CCleaner). If the installer merely contain the suggestion and a pointer that to me would be a step forward."

OpenCandy = No extra software bundling! That's one of the unique things about how the OpenCandy system works. The only thing included is the OpenCandy plugin that goes in the installer of the application that wishes to recommend other software (installer plugin is about 300k). Only WHEN/IF the user chooses to ACCEPT a recommendation does our download manager launch to download the accepted program's installer.

Quote
@Carol Haynes "How easy wold this system be to spoof and cause real mayhem across the internet - if there is no control over where you choose to download applications from I think there is a serious potential for major abuse of people's systems."

Good news: OpenCandy can't be spoofed like that!:) Each developer (who has been approved) that uses OpenCandy to recommend software receives a unique API keys specific to their installer. So the only software that can be recommended is the software that developer chose to recommend.

The installer for an ACCEPTED recommendation is downloaded via our download manager from a repository of installers on Amazon S3 that we maintain.

Those installers are the exact ones available from a developers website (that's were we get them from for open source software such as Audacity or Flock and for companies paying to have their software recommended they directly provide their installer directly to us for auditing and subsequent uploading into our download repository). Each time an application (recommended via OpenCandy) is updated, we check the new installer to ensure it's still "kosher" before we upload the updated installer into our repository. This is to ensure a previously reputable developer hasn't gone rogue and decided to throw their reputation out the windows all the sudden and decide "Hey, let's put a keylogger in our program).

Quote
@Carol Haynes "In the long post above a number of checks are listed. I have serious problems with some of those checks - McAfee SiteAdvisor is known to be broken because they don't update their system often enough. I have also found a number of legitimate sites blocked by some of the free HOSTS files you mentioned (and is one of the reasons I gave up using a downloadable HOSTS file for security - there is no way anyone can check 170000 entries manually so how do you know they are legitimately blocked)."

None of those checks are perfect in and of themself, they are all part of the puzzle of ensuring the software in our network is good. By having a multi-tiered approach to auditing software we can do the best job possible of keeping out the bad eggs.

When I go to a site I believe is legimate and is blocked by my hosts files, I do research to figure out why and then I make the decision to unblock or leave them blocked. I've definitely come across my fair share of legimate sites (Softpedia, Bink.nu, Creative.com, Promotions.newegg.com, Inc.com etc) that are blocked by those lists and I unblocked them. My hosts files is a good first line of defense. smiley

Regarding SiteAdvisor, I've seen a decent amount of false positives there as well. Take FileMenuTools for example from LopeSoft (http://www.lopesoft.com/en/fmtools/info.html and no he DOESN'T participate in OpenCandy and probably doesn't know about us at all, I just LOVE FileMenuTools). I trust his software and it's safe, but he has some links to other sites labeled RED by McAfee
(http://www.siteadvisor.com/sites/lopesoft.com) and so, his site is labeled RED.

Here's a great example of how combining those checks helped me prevent one such "baddie" from joining OpenCandy:

My second day on the job at OpenCandy we received an email from a developer who filled out our web form and said "I'd like to commit $15k to pay developers to recommend my software". That in itself was unusual; my teammates said that we don't get a lot of requests in that manner because we weren't very well known.

The software they wanted to recommend was a "system utility". Now, I'd never heard of this software before, which isn't necessarily a red flag, but certainly strange because I download and test a LOT of software (in April 2009 I downloaded over 1755 installers/zip files for shareware, freeware and open source software -- a total of 18.5GB). The first thing I did was go to their website, hmmm "Page not found". I fired up HostsMan to check to see if I blocked them via my hosts files. Sure enough I did. But that's not so weird, because yes, some legitimate sites get blocked by the hosts file block-lists I use. Then I went to SiteAdvisor and saw that they were labeled RED and there was a bunch of horror stories about this company's poor business practices. Next I went to download.com to see if their software was listed for download. Oddly, it was. The SiteAdvisor comments were bad enough to mean exclusion from our network. But I still decided to search for other independent reviews of this software -- I DID NOT find a SINGLE one! Long story short, I did more digging and discovered even more disturbing things about the "company" behind the software. Mind you, this is my SECOND day on the job. I'm in my "lab" pacing around in circles wondering what's going to happen when I tell my bosses/teammates what I found and if everything I believed about what we are trying to do at OpenCandy (help users discover great software) was going to hold true. So I called my bosses/teammates and said "It's great that someone wants to spend $15k to have their software recommended via OpenCandy, unfortunately we ABSOLUTELY CANNOT allow this company or it's products in our network!" I then explained my findings and held my breath... The next words out of everyone's mouth was "THANKS DOC, AWESOME JOB! That's why you're here, to make sure stuff like that ISN'T in our network!" You have no idea how much of a relief that was to me. It again confirmed that the whole team was committed to doing the right thing.. Even, in a case like this, when it means having to forgo revenue.

Quote
@Carol Haynes"prefer that you list your recommendations simply with a link tot he developers website and preferably a link to a trusted download website where apps are test for spyware and allow user feedback."

Since I've covered our mission/vision throughout this post (in short: to help users discover great software while helping developers expand their distribution or make money from their existing distribution). And I've explained the extraordinary measures we take to ensure only good software is in our network (heck as illustrated above, a piece of software that was good enough for download.com wasn't good enough to be in the network) and how we take into account a variety of measures to make that happen.

I'll briefly explain why we do it the way we do.

I'm working on getting some hard statistics (they really don't exist in the software world), but this is what I know: There is a dropoff from someone visiting a developers website, finding where the download is, downloading the application and then installing it. From what developers have told us and from other info around the net, the dropoff between someone downloading and installing a piece of software is at least 50%. That means that for every 100 people that download an application, less than 50% actually install it (for various reasons).

That's where OpenCandy comes in. If a developer acting as a publisher (those who recommend software) believes that another application can provide value or solve a problem for their users, then they want to do whatever they can do to EASILY make that happen. Yes, you can just put a link in the developer's website (and as discussed earlier we'll be incorporating informational links into the recommendation screens soon), but then the likelihood of the person actually visiting the site, downloading the app, and installing it gets lower and lower each and every step of the process. With an OpenCandy recommendation the user gets to see a few bulletpoints about the recommended application's main features and can decide right then if it's software they're interesting in using.

-Users already in the process of installing software provide a great engagement point to discover other software they may find useful.

-Being able to download the installer for an ACCEPTED recommendation instantly (after the install for the original software they were installing completes) translates into a higher likelihood the user will actually install the software. It also leads itself to a higher quality user for the developer of the recommended application since the user read the information about the recommended software and CONSCIOUSLY chose to install it.

I hope this info helps. It's the weekend and I want to spend some time with my daughter (http://twitpic.com/58dzv). But I'll try to be around if anybody has questions/comments/concerns/ideas. Thanks for the lively discussion! smiley

Dr. Apps (I'm still going to put that)

EDITED: I hope this answer this info helps to I hope this info helps.
Logged

Dr. Apps
Software Community Guru for SweetLabs

http://twitter.com/drapps
Carol Haynes
Waffles for England (patent pending)
Global Moderator
*****
Posts: 7,955



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #69 on: May 16, 2009, 03:28:00 PM »

Regarding SiteAdvisor, I've seen a decent amount of false positives there as well.

The bigger problem with SiteAdviser is that someone can set up a site that looks totally legit and then after gaining approval from SiteAdviser introduce anything on to that site without MacAfee retesting the site on any sort of regular basis - in some cases seemingly initially legitimate sites have been found pedalling trojans and viruses while MacAfee still make them as safe for over a year.
Logged

cmpm
Charter Member
***
Posts: 2,025

View Profile Give some DonationCredits to this forum member
« Reply #70 on: May 16, 2009, 07:41:19 PM »

After further review. And, Please correct me if I'm wrong.

The program, OC, is being installed with other programs without an opt out of OC option. It reads the registry for recommendations as well as the current install.

No identifiable info of the user is sent to OC's servers.
Is what I've seen so far from reports on the web.

Still, the situation of OC being bundled with a program is a problem when the user is not informed before the install.

Granted it seems harmless, opinions vary on that though.
Perhaps disclosing this extra program being installed, before the actual installing of the program, would help it's progress and trustworthiness.

The OC website explains how but not who is using OC.
From searching the web, there are 3 or 4 programs that I could find using OC in their installers.

The one I tried did not disclose OC in the install till it was already installed-





* Screenshot - 5_16_2009 , 8_34_46 PM.png (17.91 KB, 477x279 - viewed 274 times.)
Logged
cmpm
Charter Member
***
Posts: 2,025

View Profile Give some DonationCredits to this forum member
« Reply #71 on: May 16, 2009, 07:44:11 PM »

Maybe this is the way of future installs, but it should be disclosed that OC is part of this program before downloading it. IMHO.

btw-

http://www.doubletwist.com/dt/Home/Index.dt

seems like a cool program

And I have found I already have OC on my computer.
From mediacoder and xulplayer. After searching my files.
« Last Edit: May 16, 2009, 07:52:49 PM by cmpm » Logged
Carol Haynes
Waffles for England (patent pending)
Global Moderator
*****
Posts: 7,955



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #72 on: May 16, 2009, 08:10:54 PM »

If OpenCandy is a purely OPT-IN system as stated above then surely the installation of OC should also be OPT-IN and not uninstall after silent infiltration?

This may not be malware as such but the fact it is being installed silently with other apps makes it an unwelcome intrusion in my opinion - and it it is sending any information back to OC without expressly telling the user that it is doing that then it is (at least as far as I am concerned) spyware.
Logged

mouser
First Author
Administrator
*****
Posts: 33,363



see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #73 on: May 16, 2009, 08:16:05 PM »

question: is OpenCandy actually installing some standalone thing in your system -- or is it just a dll/library that is part of the installer and only runs during installation and uninstallation?

if its just a dll that comes with the installer.. then complaining about it being installed "silently" is a lot like complaining that the installer helper files are being installed "silently" when you install a program.. i mean if they are part of the installer then it's not really normal to be telling the user about it..  again this only holds if the OC stuff does not run except during install/uninstall, in which case i really don't see the problem.

now sending information over the internet without telling user is a different matter -- i do think user should be told about this. i don't know that it has to be opt-in, but an option to opt-out would be nice, and a little note to user about what info is being sent.
Logged
mouser
First Author
Administrator
*****
Posts: 33,363



see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #74 on: May 16, 2009, 08:19:01 PM »

This is about the time when andrew is probably regretting he ever joined in this discussion, since answering the posts in this thread has become a full time job for him  huh

If it's any comfort -- i do think the thread is an overall positive thing for OC -- in letting you explain the workings of it to people who might be initially skeptical.  Not everyone will like it, but at least this thread will be a place they can find out more and see both sides discussed reasonably.
Logged
Pages: Prev 1 2 [3] 4 5 6 7 8 ... 20 Next   Go Up
  Reply  |  New Topic  |  Print  
 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.07s | Server load: 0.17 ]