Main Area and Open Discussion > General Software Discussion
What the hell is OpenCandy?
Renegade:
...helping them deploy their data harvesting client...
-40hz (March 09, 2011, 05:37 PM)
--- End quote ---
That is not what it does. You are misinformed.
-Renegade (March 09, 2011, 06:08 PM)
--- End quote ---
Ok. Fair enough. Nobody said I was infallible. Not even me.
(Also switched the wording on my post above to accommodate your objection.)
Now could you please explain it to me so I won't be "misinformed" any more? I'm always willing to listen and accept correction. But I'm also not much of a coder so please don't get annoyed if I ask a lot of dumb questions afterwards. Ok?:)
So...starting with the OC thingy itself - who decides how it gets installed? Is it the same in every situation (it's not according to Microsoft BTW) or does each developer get to decide how it will work from a group of ...dunno...options?...deals?...revenue programs?
And if it does, does the choice of options determine the amount OC pays the developer?
-40hz (March 09, 2011, 06:37 PM)
--- End quote ---
It's actually very simple.
1. Develop software.
2. Create installer.
3. Incorporate OpenCandy into installer.
That's pretty much done there.
So, what we have is an installer with the OpenCandy DLL in there (OCSetupHlp.dll).
What happens is that during the installation the OpenCandy DLL checks to see if there is any software in its offerings that is already installed. If it is, then it doesn't offer that software to the user. Why would it? They have it already~! So, instead it offers other software that might be interesting for them or maybe not. If it is, then the user can check a radio button to accept the offer, or check a radio box to decline the offer. This makes sense for the user, the developer, and OpenCandy.
IMPORTANT: Note here that those are both unchecked radio buttons. This forces a user decision. It is neither "opt-in" nor "opt-out" in the traditional sense of a checkbox.
I believe that is a fantastic way to balance the interests of both the developer and the user. The decision is ENTIRELY up to the user and they must proactively make that decision.
The checked/unchecked check box is a passive way to deal with the problem, and quite frankly, it's very poor. Unless you want the default action... In which case you're making the decision for the user. Not good.
So... back to what's happening.
Once the user decides, the installation proceeds as normal. A downloader dialog fetches their offer and once it's completed, the user must click a button to begin the installer. (A second action.)
That completes the process. The OCSetupHlp.dll file (from the original installer) is not left on the system as it has completed its purpose.
I installed some software with OpenCandy in it and I've checked my Registry. I have 14 occurances of OpenCandy and ALL of them are things that I created or are from the SDK. There are no OpenCandy registry entries from any software. There are 0 occurances of 'OCSetupHlp'.
So...starting with the OC thingy itself - who decides how it gets installed? Is it the same in every situation (it's not according to Microsoft BTW) or does each developer get to decide how it will work from a group of ...dunno...options?...deals?...revenue programs?
And if it does, does the choice of options determine the amount OC pays the developer?
-40hz (March 09, 2011, 06:37 PM)
--- End quote ---
It doesn't get installed. That's simply not true. It "runs". There's a difference. As above, it runs during the installation of the developer's software.
The DLL has no options. Integrating it into an installer is very straight forward and simple. I had a few hiccups, but they were entirely due to me not being an Inno Setup guru. (It took me a bit to locate a few things in Inno Setup, but once I did, it was smooth sailing.)
The ONLY things that you customize are things that are specific to your own software, e.g. name of the program, your program key from OpenCandy, and your program secret key from OpenCandy. (They track that information, which lets you get paid.)
They also track basic, non-personal information like operating systems. e.g. How many Win XP, Vista and Windows 7 boxes? Technical specs in aggregate form are important for OpenCandy and developers, but are in no way violating any kind of privacy. Anyone that would complain about this is simply complaining for the sake of complaining.
Remember, OpenCandy's job is to maximize the amount of revenue that they earn from the offers they have available. They pay developers a portion of that revenue, so it's in the developer's best interests to have higher paying software offers through their installers.
But the developer has no control over that. It's the developer's job to go out and get "customers" into the shop. It's OpenCandy's job to offer an "upsell" to the customer, who is free to choose to accept or decline the offer.
Incidentally, but very much related, I've also been speaking with a competitor to OpenCandy in the same business. I mentioned OpenCandy's problems and the person I was talking to said that it was unfortunate for them. Judging from what he said and how he said it, it sounded like he empathized with them and understood OpenCandy's problems, and that he understood that those problems were not really justified or the fault of OpenCandy. But that was just my reading of what and how he said it.
P.S. No need to shout or get super creative with the font attributes. We're all listening to you even if we won't always agree. This is DC. We can be passionate about something without getting pissed off about it.
-40hz (March 09, 2011, 06:37 PM)
--- End quote ---
Sorry. That wasn't my intent, and I wasn't angry. I meant that for emphasis to point out the origin of adware as it is very different from what we're talking about here. I didn't want it to get lost in the 'noise' of my lengthy ramblings. :)
app103:
Also, frankly, trying to claim cookies are ok because they are easier to remove, while a reg entry is evil because it's harder to remove is not logical. You're arbitrarily drawing a line and saying 'easier than this is ok while harder than this is evil' and, conveniently, you've chosen to carefully position that line such that it defends your argument.
-Eóin (March 09, 2011, 07:57 PM)
--- End quote ---
Windows comes with a firewall, which is turned on by default. If you shut it off and then as a result get exploited with a worm, do you have a right to blame anyone but yourself?
If your browser rejects 3rd party tracking cookies by default and you change the setting to accept them, do you have anyone to blame but yourself when you end up with 3rd party tracking cookies?
Do you believe that webmasters have a right to view their own server logs? There is plenty of statistical information there without the need to use a 3rd party service.
I feel a webmaster has a right to this data, he has the right to know how many visitors he has had in any given day, has the right to know what his most popular pages are, has a right to know what browsers his visitors are using (should he keep supporting IE5 if nobody is using it any more?), etc.
My blog is hosted by Google, which doesn't allow me to have access to any of that data. If I want it, I have to use a 3rd party service such as Google Analytics or Koego, which I do use. There aren't too many other options if I want access to this information without moving my blog.
As far as the ads go, I would love to get rid of them and perhaps some day I will, but not until I can figure out another way to pay for the renewal of my domain names every year. Currently the Google ads on all of my sites and blogs are funding keeping 2 sites going. I am not really making a profit at all. I am barely breaking even. The Project Wonderful ads are frequently empty on most of my sites or they are providing free advertising because nobody wants to bid higher than $0 for the traffic I have. (my personal blog would be the exception to that)
If people start clicking the paypal button on my sites and donating enough to cover my needs, all the ads are gone, except for some simple linked graphics to sites I provide free advertising to because I like them and want to support them. (I recently made a change on some of my sites to display an ad to Veign's OpenMenu for free, when nobody is bidding on my ad boxes)
It's really tough to earn anything on the more ethical ad network that I use on most of my sites (Project Wonderful) when download sites are leeching from you without sending you any traffic. I have a standard email response for download sites that do that, and their reaction is usually to just remove my software from their database than to work with me to come up with a compromise that can make us both happy. They want to exploit me and use my software and my bandwidth (actually DC's) to make money off their ads, while not sending me any traffic to keep my sites online with mine (even though DC hosts them for free, I still need to pay for domain names).
The exception is Software Informer, which recently reviewed one of my apps and emailed me about it, and then changed from direct linking of download files to linking to my site when I asked them to. First download site to ever do that. If all the download sites did that I could drop the Google ads from all my sites and replace them all with Project Wonderful, because I'd have the kind of traffic that advertisers would bid on.
I can see why a software developer might be tempted to use OC. I have battled with the thought myself but ultimately I can't bring myself to do it because I don't trust OC at all. They keep going back on their own words, keep breaking promises, keep being sneaky, and only change things for the better when they get caught...till they can come up with a new way to be sneaky.
40hz:
@Renegade - ok, I think I'm following so far.
Few more questions (there will probably be more later):
0. I have been told that prior to doing any sort of opt-in or opt-out, OC scans the user's drive and sends back information to...someplace...and modifies the users registry without any notification or option to prevent it. This operation is automatic, unstoppable, and runs completely invisibly. Is this true?
1. Why doesn't OpenCandy make it's presence known during the installation like the Ask Toolbar or other (supposedly) "just like" apps do. Why not just call it what it is? It seems OC tries to cloak it's presence by burying itself in somebody else's installer and EULA. Why is that? Why don't they just run OC as an additional installer that tags along (like everybody else's does) if it isn't primarily motivated by a desire to make its presence and actions less noticeable? What good and purely technical reason(s) do they offer for doing it this way?
2. The author of DarkWave Studio uses OC, and says he has set it to default to opt-out. Do you control whether it is set up to follow an opt-in or opt-out methodology? DWS's author seemed to infer it was his choice which way to go. How does his statement square with your statement there is no opt-in or out per se?
3. Is there anyplace where you are given the opportunity to remove all traces of OC regardless of where (registry, etc) they are located without having to manually dig it out? Do they publish a utility to do that? And do they advertise such a utility is available and make it easy to get if they do? If not - why not?
4. Why do they store their stuff in the registry? Is there a demonstrably valid technical reason for doing it that way as opposed to putting it in some sort of cache file elsewhere on the drive?
5. You object to calling OC adware. But then you say it presents "offers." How is an "offer" to consider buying something different than an "ad" which also asks you to consider buying something? Forgive me if I sound obtuse. But I suspect I may be a little 'colorblind' in that end of the spectrum. What in the name of the Purple Buddah is the difference between an ad and an offer?
6. You seem to infer that you're comfortable with OC's business model and modus operandi. Are you comfortable enough with it that you'd be willing to accept personal responsibility for any software problems, privacy breaches, or security issues introduced on one of your user's machines if it was the direct result of something done by OC during it's normal operations? Not to say you should. But would you at least be willing?
7. Does OC in any way indemnify you for any problems their software may cause your user's system? If you get sued by somebody because OC did something and you got blamed for it - does OC offer you any legal protections or warranties?
8. Have you been allowed to examine the source code for their software - or gotten a chance to look behind the scenes and observe their backoffice operation in action? If not, why do you trust them like you do?
-------------------------
I know these are a lot of questions. So don't feel rushed to get back. Sorry to be asking you all this. But you're apparently DC's resident expert on things OC -so You Da Man to ask.
:)
Renegade:
Windows comes with a firewall, which is turned on by default. If you shut it off and then as a result get exploited with a worm, do you have a right to blame anyone but yourself?
-app103 (March 09, 2011, 09:14 PM)
--- End quote ---
I hate this argument. e.g.
Your house comes with a lock, which most people lock by default. If you unlock it and get robbed and murdered, do you have a right to blame anyone but yourself?
Well... First, yes. You do have a right. It's the robber/murderer (malware author) that is to blame.
Sigh... Second, no. You know you live in a bad neighborhood (the Internet), and you should have been more careful.
I don't think there's a right answer.
40hz:
while the app is worth the money, the sector it's target at isn't one that's easy to break into/willing to pay for software?
-wraith808 (March 09, 2011, 05:14 PM)
--- End quote ---
I understand what you're saying.
But from a business perspective, what you're saying doesn't really hold. Worth is a term that has no intrinsic meaning in business. Worth is a purely relative concept.
--------------
Q: Is any basketball player ever worth a $30 million dollar contract?
A: So long as any team is able and willing to pay him that amount - he is worth every penny of that $30 million - and not one cent more or less.
--------------
Q: I have an extremely valuable software product I want to sell. But nobody is interested in buying it. From a purely business perspective, what is my product worth?
A: It is worth whatever the market is willing to pay for it. So long as the customer is willing to pay no more than $0 for it, the product worth is $0.
--------------
BTW: Business is all about sales. A customer is not a customer until they buy something. So a customer who only offers to 'pay' $0 is no customer at all. And since a business can't be a business without at least one customer- anything which doesn't generate customer revenues can't be considered a business either.
Until somebody buys something, there is no 'business.'
Gratis is a marketing strategy. It's not a business model.
:)
:)
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version