Recommendations are made to users during the installation process. Utilizing the install process creates a user-friendly experience and offers optimal engagement for making a software recommendation. The user is presented with a screen that describes the recommendation, at which time they may choose to install the recommended software.
We then provide analytics back to the creators, so they can see how their software and recommendations are performing. This way they can better understand how to build and recommend great applications.
We've also provided our technology as a platform to a handful of software creators who are utilizing an offer screen during the install process as an advertising unit. Some creators are already monetizing their distribution by offering apps like browser toolbars, so we're helping them improve their user experience and optimize the effectiveness of their offers.
Lets be careful about the choice of words for the naming "Open"+"Candy". They are making it like this stuff is all open and sweet. app103 is right on the track. These guys are very sneaky.-kartal (May 13, 2009, 12:36 AM)
OpenCandy was started by founding and early members of DivX, at which we were responsible for distributing hundreds of millions of DivX software downloads, and now we want to use what we've learned to help the software community. Software distribution is of immense value but largely untapped, so we started OpenCandy to democratize this value. Now we're backed by top-tier investors and partnered with some really great software creators.-http://www.opencandy.com/about/
If you read their site they claim not to be adware spyware but snooping on people`s choices is a form of attack on privacy in my book.
I hope you will continue your role in making sure that OpenCandy maintains the policies you describe -- making sure that "recommended" software is opt-in and that nothing is installed on the users pc that would send info back to the site about user during usage of their selected program.
"OpenCandy has figured out a way for the most successful software developers to share the attention flow that comes their way with other developers whose work they admire," said O'Reilly Media's Tim O'Reilly. "It's a unique application of the implicit social graph in the software development community."
Lets be careful about the choice of words for the naming "Open"+"Candy". They are making it like this stuff is all open and sweet. app103 is right on the track. These guys are very sneaky.-kartal (May 13, 2009, 12:36 AM)
In my experience with regular (normal, novice, whatever we should call them) users, they prefer installers because they aren't sure what to do with zip files. I'm a techie, but personally I don't have a preference of installer vs. zip file. As long as an application with an installer includes a 'Custom' install option where I can choose where to install the app and select/deselect shortcuts and stuff like that, I'm happy.
Plus (if necessary for some apps, like Spiceworks for example) installers help ensure prerequisites like .Net, VC++ redistributables, Ruby, PHP, Python, certain necessary patches, etc are installed. Nothing worse than trying to run an app and find out you need to download and install something to make it actually run. :)
Dr. Apps
Software Community Guru
OpenCandy
http://twitter.com/drapps-drapps (May 13, 2009, 08:16 PM)
I mentioned that because of your venture will force more developers to use installers when they do not need to.
I have a question that needs clarification, if another developer wants to recommend an application through OpenCandy, without that developer being an OpenCandy member, can he do that?
In other words, if I were an OpenCandy member and wanted to recommend one of mouser's apps in the installer of one of mine, and he wasn't a member, could I do that?-app103 (May 13, 2009, 09:33 PM)
I didn’t expect to wake up this morning to a Google Alert about OpenCandy being raked over the proverbial coals.
Yes, you could. But we think the right thing to do is for you (as a publisher) is to ask permission from the developer(s) whose software you want to recommend -- if that developer doesn't already participate in the OpenCandy network. In addition, the EULA of the software being recommended must allow the distribution of its installer.-drapps (May 14, 2009, 08:43 AM)
Where do I go to opt out, since I never want to see my software promoted in this manner.
In addition, the EULA of the software being recommended must allow the distribution of its installer.
Well I gotta say this is all rather above board to me. Ads are everywhere, I see no real difference between an ad in the installer and one on the download page.-Eóin (May 14, 2009, 03:24 AM)
I also don't quite see Kartals position on installers, if the developer chooses to use OpenCandy even when an archive would have sufficed for distribution then that is the developers choice. I don't see where the issue with OpenCandy. Kartal you seem to be suggesting that that there is something inherently wrong in advertising in general. You also seem to be using the words spam and ads interchangeably which they certainly are not.-Eóin (May 14, 2009, 03:24 AM)
Just out of curiosity, what made the developers decide to use the word "open" as part of the product name? I'm curious since doing so usually makes people think such products are GPL/FOSS applications.-40hz (May 14, 2009, 09:27 AM)
I'm also a little puzzled by this comment you made:
@drapps: I didn’t expect to wake up this morning to a Google Alert about OpenCandy being raked over the proverbial coals.
It seems to me that running an early warning system such as this indicates that there has been serious concern on the part OpenCandy about negative comments to the extent that "Big Brother Google" is being used to seek out and monitor them. I think this says quite a bit about the mindset of the company.
Which leads me to this question: How much negative pushback are you getting with this? Since you're monitoring via Google, I'd guess you'd have some very solid statistics you could share with us on on that topic beyond the usual "overall response has been very positive" PR boilerplate.
If you haven't, I'd be happy to post a video on YouTubei think that would be a good idea :up:
If you haven't, I'd be happy to post a video on YouTubei think that would be a good idea :up:-mouser (May 14, 2009, 11:36 AM)
Would you rather have another opt-out browser toolbar trying to push it's way onto your system or have a recommendation for a piece of software that a developer you trust (you trust them enough to install their software) loves?and:
There isn’t any choice there, if you surf the web that’s the way things are [=privacy intrusive]. And soon, all software installers will be the same way. But this can either be done the right way [...] or the wrong way.
Eóin, I try to live an ad free life, to me %98 of ads on the planet are obnoxious and waste of resources in my personal view, And spam is a way of delivering those obnoxious ads. Because ads are everywhere does not make "ads everywhere" a justified issue. Ads are everywhere because many people figured out "bogus" ways to make money, like putting banners on highway, buildings, times square, and noone questioned their acts.-kartal
I appreciate that Dr Apps/Andrew took time to make a detailed and friendly case for OpenCandy. You come across as a likeable person that believe that this is something good and take user worries seriously!
Developing software is hard and selling it harder.
Ad supported services never get better they just get more and more obscene and obnoxious. I am sure you all have seen this happening around. Do you think that google would advertise less and less by the time goes?
To me, putting ads or recommendations or surverys or whatever on an application *installer* that i use only once, is one of the least bothersome things i've heard-mouser (May 14, 2009, 01:04 PM)
Watched the demo video -- very helpful to see it in action.
I stand by everything i've said above -- seems fine to me, and i like how it launches the normal installer for the recommended program if the user chooses to install it, so user can always change their mind and cancel, or uninstall later, etc.
Couple things came to mind watching it:
- Developers need to very clearly identify whether the program being recommended is freeware or shareware -- you wouldn't want people installing programs they think are free only to find out they are shareware.
- It would be nice to add to the OpenCandy recommendation screen a link where the user can Learn more about the recommended program (taking them to it's web page), and maybe a link to OpenCandy page describing what it is.
-mouser (May 14, 2009, 02:04 PM)
@cmpm: Is the software through OC inspected in any way.
Such as Softpedia and MajorGeeks and many others.
What are the standards set to be a part of OC?
The installer issue aside, I'm talking quality and safety.
As well as ad-free operation of the product as discussed.
And full disclosure of info collecting practices of the products included in OC's opt-in.
Excerpt from my long post
@drapps said
What happens when a developer wants to participate (as a publisher or advertiser) in the OpenCandy network
-I check the Hosts file providers to see if a potential developer that wants to participate in OpenCandy is on those lists.
-I check McAfee SiteAdvisor and WoT.
-I check the potential publisher’s and advertiser’s installers using Virus Total.
-I check antispyware forums to see if user’s have any issues with the software.
-I look at the company’s business practices in general.
In addition, our software guidelines (which we be available soon for all to see) were built on top of AND further enhance policies created by Download.com, StopBadware, and the Antispyware Coalition. As well as our own ideals…
Thanks for the reminder from your earlier post.
The current software outlets are quite sufficient and list the products/applications that are useful to me.
And, well, I would like to see what softwares signup with OC.
So we will see. That will be very revealing I think.-cmpm (May 15, 2009, 01:16 PM)
If you haven't seen the YouTube video I put up yesterday, it's available here: http://www.youtube.com/watch?v=7Wr5DIbOAaA-drapps (May 15, 2009, 03:09 PM)
@drapps said
What happens when a developer wants to participate (as a publisher or advertiser) in the OpenCandy network
-I check the Hosts file providers to see if a potential developer that wants to participate in OpenCandy is on those lists.
-I check McAfee SiteAdvisor and WoT.
-I check the potential publisher’s and advertiser’s installers using Virus Total.
-I check antispyware forums to see if user’s have any issues with the software.
-I look at the company’s business practices in general.
(the awesome apps out there that are still largely undiscovered and thus don't have the download volume it takes to be included on "Top 50" lists)a chance and test and run. As well as a post on their blogs if they are truly good apps, not even awesome.
From the publisher side (those who recommend) a few apps you can check out are MediaCoder, MediaInfo and Startup Manager to see the (high) quality of software they are recommending.
@cmpm
Adding using/testing the program would be essential.
Or have them tested independently by a number of resources.
I currently have 20 feeds for software.
They all test and run the software themselves and give a review.
@cmpm Recommendations based on what I already use......
or based on what someone wants me to use.
Either way, what I use is being monitored for sales.
I don't believe it's spyware or adware...
... but a way to sell.
@drapps From the publisher side (those who recommend) a few apps you can check out are MediaCoder, MediaInfo and Startup Manager to see the (high) quality of software they are recommending.
@cmpm What publisher is recommending these programs for instance?
Open source and freeware publishers recommending other freeware or open source software has nothing to do with sales.
Venture Capital & Capitalism (GASP!)
We are in business to help developers get more visibility and make money, if they chose to do so. It's a key part of enabling our vision of helping developers innovate and create better, more competitive products. By doing so, consumers benefit by having better products available to them. That's our vision. We limit our ability to help developers accomplish this if we can't help them gain visibility and/or make money.
Dr. AppsBig deal, right? Well, this kind of mimics the situation we are discussing. Why do you put this at the end of each post? This forum already allows for a signature field. The signature field can be turned off in each person's user options. So, by you not putting it in the signature, but in the actual post, you are bypassing the intent of that feature of this site. Sure, you are not doing anything wrong, but your intent is clearly subversive. This is the same kind of annoyance that we as users feel with things like OC for installing programs. Yes, technically there's nothing wrong with it, but it's annoying. Clever, is the most positive word I can use for it. My opinion is that the amount of "good" that comes from OC is pretty minimal.
Software Community Guru
OpenCandy
http://twitter.com/drapps
but your intent is clearly subversive.
may i hazard a guess that as a new user of the forum, this just didn't occur to andrew and that his intent was not "subversive" ;DOk, ok...I kind of was thinking that as soon as I sent in the message. OK, I'm sorry. Normally, i wouldn't say anything about it, but i thought it made a good point about the whole topic being discussed. Again, technically, there is nothing wrong and the polite thing to do would be what mouser said and point out the signature field. I just wanted to specifically make a point in this case because it directly correlated to the discussion. And granted, the point was a very subtle, minor one about intentions, psychology, etc.-mouser (May 15, 2009, 11:27 PM)
I would much prefer that you list your recommendations simply with a link tot he developers website and preferably a link to a trusted download website where apps are test for spyware and allow user feedback.
@cmpm "Is it a download that will install in the computer?"
@cmpm "Probably like one of those update checkers."
@cmpm "Is it web based or a program to be installed?"
@cmpm "Hope you get the thing in the open soon.
Then it can be tested."
@Carol Haynes
"When you install an application are the recommended title installers included in the download or does the installer download the extra software as required by the user? If the latter is the case then this is a better alternative than every bit of software you download including extra crap - I am personally sick of wasting time and bandwidth downloading Yahoo toolbar every time I download a shareware trial or update an application (like CCleaner). If the installer merely contain the suggestion and a pointer that to me would be a step forward."
@Carol Haynes "How easy wold this system be to spoof and cause real mayhem across the internet - if there is no control over where you choose to download applications from I think there is a serious potential for major abuse of people's systems."
@Carol Haynes "In the long post above a number of checks are listed. I have serious problems with some of those checks - McAfee SiteAdvisor is known to be broken because they don't update their system often enough. I have also found a number of legitimate sites blocked by some of the free HOSTS files you mentioned (and is one of the reasons I gave up using a downloadable HOSTS file for security - there is no way anyone can check 170000 entries manually so how do you know they are legitimately blocked)."
@Carol Haynes"prefer that you list your recommendations simply with a link tot he developers website and preferably a link to a trusted download website where apps are test for spyware and allow user feedback."
Regarding SiteAdvisor, I've seen a decent amount of false positives there as well.-drapps (May 16, 2009, 02:45 PM)
This is about the time when andrew is probably regretting he ever joined in this discussion, since answering the posts in this thread has become a full time job for him :huh:
If it's any comfort -- i do think the thread is an overall positive thing for OC -- in letting you explain the workings of it to people who might be initially skeptical. Not everyone will like it, but at least this thread will be a place they can find out more and see both sides discussed reasonably.-mouser (May 16, 2009, 08:19 PM)
[The sending of information to the OC server, while harmless in my view, especially compared to what info websites track every day, is one reason that i personally wouldn't use OC though. Not because i think it's evil to collect such information, but i just don't think it's worth the nervousness that it causes people. Though if you made it opt-in to send the info, but let users uncheck the option, that would mostly solve that.]-mouser (May 16, 2009, 09:26 PM)
@mouser
"...or is it just a dll/library that is part of the installer and only runs during installation and uninstallation?"
@mouser
"This is about the time when andrew is probably regretting he ever joined in this discussion, since answering the posts in this thread has become a full time job for him huh
If it's any comfort -- i do think the thread is an overall positive thing for OC -- in letting you explain the workings of it to people who might be initially skeptical. Not everyone will like it, but at least this thread will be a place they can find out more and see both sides discussed reasonably."
@cmpm
"He is a salesman mostly, not a tech, nothing wrong with that."
@mouser
As cmpm confirmed -- it's just an extra dll that the setup program loads.
Which is how i assumed it worked when andrew explained that OC can be integrated into Inno Setup and NSIS Installers. And that's really a very clever, non-intrusive way of doing it, which i think should be applauded. Much of the resistance from people on this thread may result from the fact that people assume that OC is installing some standalone program that is running in the background, etc.
Really OC is not doing anything all that different from what many installer tools from larger companies *already do* (i.e. show some blurbs during installation, offer to let people download another related program from the company, etc.); OC just seems to offer an easier and standard way to do this for the developer who is creating the install package.
I think it's pretty clever actually.
@kartal
ok here is my bet, I am putting my 100$ if anyone wants to bet on it.
I am %100$ sure that in 2 years OC will become an application that will try to install hidden stuff and spy on your download-installation activity. If anyone wants to bet I am accepting bets. Since we do not want to gamble lets keep the amount not more than 100$.
@mouser
"i think it should be pretty clear by now that if OC start to make some evil changes -- you can be we will all be screaming bloody murder here on this forum :)"
@app103
"I have teamed up with a company with a proven track record of abusing the trust of everyone. But don't worry, the founder of the company says he saw the light and he is all reformed now.
@app103
"I trust him, because the guy that he sent to talk to me seems like a likable guy, and that is what is really important. Whatever the nice guy says about him must be true and his motives must be pure & honorable, just because the nice guy says he believes it.
Of course I don't have any proof that the nice guy is telling the truth or that he believes what he is saying..."
The thing is that OC installs itself (in the program directory as dll and in the registry) and does not tell the user about it
Well,
The thing is that OC installs itself(in the program directory as dll and in the registry) and does not tell the user about it even if the user does not want to install the recommended software, based on my experience. I do not know why you keep claiming that you wont do anything bad or wrong but in my standard this is bad and wrong. Because first of all most people wont know that OC is included in the installer of the application until they open the installer. Second most people wont even have any idea what the heck a dll or registry is. Clearly you are targeting this majority of people and I believe this might be called an abuse of trust that is shown by those people who though that would just get a free application. You need to make it explicit.-kartal (May 17, 2009, 10:02 PM)
Installshield (and several other installers) do the same thing. How is this any different?-wraith808 (May 18, 2009, 12:22 AM)
Second, the standards you guys are asking for would amount to all authors "warning" people about all the DLLs and helper libraries every used in any of their programs and installers. That is just plain silliness. There is something inherently bad about programs that silently install background processes/toolbars/etc., but this is *not* anything like that.-mouser (May 17, 2009, 11:38 PM)
Installshield (and several other installers) do the same thing. How is this any different?-wraith808 (May 18, 2009, 12:22 AM)
Install shield does what? Does it install secret advertising network dlls?-kartal (May 18, 2009, 12:26 AM)
mouser, I did not think that you were trying to pick on me. But the way wraith808 laid his cases sounded like he wanted to ridicule the idea little bit. I do not have any personally issues with any personality on this board :D-kartal (May 18, 2009, 12:36 AM)
<snip />
This is like placing non-expiring tracking cookies in your registry....the kind that make the old doubleclick look like angels.-app103 (May 18, 2009, 12:41 AM)
@kartal
"The thing is that OC installs itself(in the program directory as dll and in the registry) and does not tell the user about it even if the user does not want to install the recommended software, based on my experience."
@PhilB66
"I asked a similar question some 70 posts ago.... http://www.donationcoder....18297.msg164050#msg164050"
@app103
"Let's say I install something containing OC and decline the recommended application. Then the next time because of the stuff they left on a user's system, they know what I previously installed, so they don't offer me that, and they know what I declined and won't offer me that again, either. After awhile, after a sizable portion of the world's developers are using OC in their installers (which is what they are hoping for), it would be possible to gather a pretty large list of what a user has installed on their system and what they are not interested in, in a single shot."
@app103
"But if it is harmless and not capable of doing anything, what would be the reason for leaving it and any registry entries related to it on a user's system after the install process is completed, unless it is to activate and/or retrieve other data later, such as the next install of anything containing OC?"
@app103
"Combine that with the data they can collect from your IP address when it contacts their servers, and they can pretty much know where you live, your connection type, what ISP you use, whether you install software at night more than during the day, on weekends rather than during the week, and a ton of other statistical data about you,too. Even without knowing your actual identity and precise street address, they can know a lot about you. This is what is not told to the user, and it's this type of information collecting the user doesn't know about and hasn't consented to."
@cmpm
"Why is it I had to point out what is installed where? And not OC's webpage."
@cmpm
"What exactly is that dll doing in it's own folder as well as other programs, after the install, nothing? Is it waiting on input? Is it sending anything anywhere?"
@cmpm
"No, Dr apps I don't see you as a tech, as in computer technician.
Unless you are just not saying. Cause you haven't said anything that leads me to think that you know much more then anyone with google and some scanners."
@cmpm
"And most troubling is the lack of willingness to disclose the users of OC. If it's so great then why is it not revealed before installs. There's other questions not answered
as well."
In other words -- I really think its misdirected energy to be complaining about the abstract concept of using a DLL in an installer -- there is just nothing to complain about regarding such a trivial everyday thing. And I don't see why anyone should care if an installer makes an opt-in recommendation to a user about another program that the author wants to recommend.
OK -- here's the deal...
If you're familiar with the GOTD site (giveawayoftheday.com), today (5/29) they're offering a copy of StarBurn. StarBurn offers in an very upfront, opt-in/out way to add a toolbar etc -- check out the high % of negative comments & comment ratings, mainly because the add-on's even offered.-mikiem (May 29, 2009, 03:19 PM)
1. Start the registry editor
- Go to Start Menu
- Click 'Run'
- Type 'regedit', click ok
2. Navigate to the open Candy folder
- On XP it is located at: HKEY_LOCAL_MACHINE > SOFTWARE > OpenCandy
3. Backup the OpenCandy Registry Key (just to be safe, in case something goes wrong.)
- Right click the OpenCandy registry key (looks like a folder)
- Click 'export'
- Save the file somewhere on your computer
4. Delete the OpenCandy Registry Key
- Select the OpenCandy registry Key (looks like a folder)
- Go to the edit menu and click 'delete'
- Click 'OK' to confirm the deletion
think-mouser (May 30, 2009, 08:57 AM)
To get mad about a single key in the registry, or a DLL file that is part of the installer and does nothing but suggest another program you can opt-in to install, is really misplaced concern in my view. All this hand wringing is best saved for *real* adware, spyware, hidden installs, etc. Stuff that really *does* install programs behind the scenes that users don't want.-mouser (May 30, 2009, 08:57 AM)
Josh that's incorrect, a DLL sitting there not in use is completely benign. It's only if it is loaded into a process can it cause harm, and even then no more harm than that process itself could do. It getting loaded into some processes address space cannot happen spontaneously, something must load it and that something is then the malicious application, not the DLL.
Sorry to be blunt but you're concerns here are unfounded.-Eóin (May 30, 2009, 09:26 AM)
What if someone else exploits it? I think some of you are very smart but naive people.-kartal (May 30, 2009, 01:10 PM)
What if someone else exploits it? I think some of you are very smart but naive people.-kartal (May 30, 2009, 01:10 PM)
It cannot activate itself and if something else activates it then that is the malware.-Eóin (May 30, 2009, 01:35 PM)
Fine, mouser, I'll quit.
I am referring to reply 104 that has not been done.
There is no eula for open source posted with an install of these programs.-cmpm (May 30, 2009, 09:47 AM)
Like nchsoftware, they are getting away with it.-cmpm (May 31, 2009, 04:47 PM)
Quickly though, even if you don't accept a recommendation, bookkeeping information about the publisher's software you did install (in your case Scancode, MediaCoder) are created within the publisher's registry key inside an OpenCandy key (so in this case it should be HKLM\Software\MediaCoder\OpenCandy\) as well as a non-reversible identifier created via a random number generated which helps us prevent fraud/gaming and also lowers the likelihood that a declined recommendation will be shown again in the future.-drapps (September 13, 2009, 07:42 PM)
As kartal said, that is exactly what I was referring to as well. What if a malware is designed to look for OC's dll files and exploit a known or , up until now, unknown vulnerability in said dll?That sounds a bit silly - if a piece of malware is able to scan for OC dlls, it's already on your system - what would it gain, then, by exploiting those DLLs?-Josh (May 30, 2009, 04:22 PM)
The only extra thing i want to comment on is how bizarre a situation we are in where every web site on the planet tracks every click we make, how long we stay on every given page, etc., and no one raises an eyebrow -- but yet if a "program" does it, most of us go crazy.-mouser (May 13, 2009, 03:25 PM)
One: with websites you don't really have a choice. It's not even as if you could avoid sites that gather such data and reward those that don't, because it's a safe bet they all do. With desktop apps though, you still have a choice. Also, you can't tell if someone's Apache server is hooked to a big honking advertising database, but you can usually tell if your desktop apps try to phone home. So not only do you still have a choice, but you have the technology to help you make it.
Two, probably more important. As long as we trust the browsers we're using (and I am aware of JavaScript exploits et al), the information a browser can leak really pales in comparison to what a local app can potentially disclose. Anything on your system that's not encrypted is game, so I'd say the stakes are higher.
The distinction does blur the more people switch to web apps like Gmail or Google Docs, but you can still use your best judgement about what to use Google Docs for, and when to stick with Word. But when you have spyware on your desktop, then the choice between what's sensitive and what isn't is no longer yours.
So I think there is a difference, and of course I still wish Odin's wrath upon all the data collectors everywhere. Bottom line for websites: if tracking me is making you money, I want a piece of it, because it's my stuff. You would not give that data to me for free, would you?
I’m back. Things have been hectic. Of course moving took much longer than I thought; I didn’t realize how hard it would be with the baby and doing 95% of the move myself!:Thmbsup:-drapps (September 24, 2009, 05:16 PM)
I/we owe you a big THANKS!You're welcome. Dev<>Users feedback is what makes DC græt!-drapps (September 24, 2009, 05:16 PM)
Oh yeah, the FAQs are up (http://opencandy.com/faqs)!:Thmbsup:-drapps (September 24, 2009, 05:16 PM)
We don’t specifically require that they be within an OpenCandy subkey-drapps (September 24, 2009, 05:16 PM)
Click the arrow to expand the publisher’s registry key, and then right-click on the OpenCandy key and click ‘Delete’.-OpenCandy FAQs (http://www.opencandy.com/faqs/)
DC<>Users is what makes DC great!
I have more great news...Drumroll please...-drapps (September 30, 2009, 12:09 PM)
As of v1.3.1, all ALL OpenCandy publishers are REQUIRED put OpenCandy related registry entries inside an OpenCandy subkey within the publisher's registry key.:Thmbsup: :Thmbsup: :Thmbsup: * Removed OpenCandy from evil list :)-drapps (September 30, 2009, 12:09 PM)
ok here is my bet, I am putting my 100$ if anyone wants to bet on it./me puts $25 against Kartal
I am %100$ sure that in 2 years OC will become an application that will try to install hidden stuff and spy on your download-installation activity. If anyone wants to bet I am accepting bets. Since we do not want to gamble lets keep the amount not more than 100$.-kartal (May 17, 2009, 01:05 AM)
^^ what he said (and $25) (and my cat) (and a tattoo)Gotta be a tattoo of p3lb0x's face saying "pzwn'd!", then ;)-scancode (September 30, 2009, 05:14 PM)
ok here is my bet, I am putting my 100$ if anyone wants to bet on it./me puts $25 against Kartal
I am %100$ sure that in 2 years OC will become an application that will try to install hidden stuff and spy on your download-installation activity. If anyone wants to bet I am accepting bets. Since we do not want to gamble lets keep the amount not more than 100$.-kartal (May 17, 2009, 01:05 AM)-scancode (September 30, 2009, 05:03 PM)
ok here is my bet, I am putting my 100$ if anyone wants to bet on it./me puts $25 against Kartal
I am %100$ sure that in 2 years OC will become an application that will try to install hidden stuff and spy on your download-installation activity. If anyone wants to bet I am accepting bets. Since we do not want to gamble lets keep the amount not more than 100$.-kartal (May 17, 2009, 01:05 AM)-scancode (September 30, 2009, 05:03 PM)
Looks like scannie owes kartal 25 bucks.-Josh (February 26, 2011, 10:04 AM)
ok here is my bet, I am putting my 100$ if anyone wants to bet on it./me puts $25 against Kartal
I am %100$ sure that in 2 years OC will become an application that will try to install hidden stuff and spy on your download-installation activity. If anyone wants to bet I am accepting bets. Since we do not want to gamble lets keep the amount not more than 100$.-kartal (May 17, 2009, 01:05 AM)-scancode (September 30, 2009, 05:03 PM)
Looks like scannie owes kartal 25 bucks.-Josh (February 26, 2011, 10:04 AM)
They're still no worse that a Google or Bing Toolbar :-\-Eóin (February 26, 2011, 10:53 AM)
wraith, how is this not the same as installing hidden software? Many users click-thru installers. They will not pay attention and as such, this will result in an, often-times, unwanted application being installed. This is, to me, the same as hiding the installation since most users won't pay it two regards.-Josh (February 26, 2011, 12:53 PM)
Are you going to tell that to the average home user? Most expect that when you install something, that you are only installing software released by that company. End-user education has not reached the point that a class is being given in school. It needs to be so, but it is not. So, how can you blame a user who really does not know any better? That's like saying that a driver is responsible when they go to a dealer to get an oil change and they another part that is supposedly "better" without telling you and this new part causes your engine to catch fire. The driver did not know that the part was installed even thou it was listed on the invoice. They did not ask for it, and chances are they did not want it.-Josh (February 26, 2011, 01:19 PM)
you are responsible for your own safety in the end. It's not hidden, it's clearly there.-wraith808 (February 26, 2011, 01:15 PM)
Note: I am not condoning the practice. I'm just saying that it's not hidden. And clearly it's not, IMO.-wraith808 (February 26, 2011, 01:23 PM)
you are responsible for your own safety in the end. It's not hidden, it's clearly there.-wraith808 (February 26, 2011, 01:15 PM)
Agree on your first point. But not on your second.
I am very careful to read everything, not opt-in to anything, and always opt-out when asked, whenever I do an install.
However, I've had to remove OpenCandy from my software evaluation and test machine twice this month.
This is the first time I've ever had to do that. For OpenCandy - or anything else.
I did not see anything that asked me (since it's now opt-out) if I wanted to not install OC.
I'm the only person who loads anything on this machine.
So...it think it's safe to say something has been changed.-40hz (February 26, 2011, 01:26 PM)
When you download an install an application, you expect to only get the application you intend to install.-app103 (February 26, 2011, 01:29 PM)
Apparently enough people have complained that Microsoft Security Essentials is flagging OC as well.
(see attachment in previous post (https://www.donationcoder.com/forum/index.php?topic=18297.msg238952#msg238952))-40hz (February 26, 2011, 01:56 PM)
@Wraith808 - understand what you're saying. But again - to my point - I neither told anything to install OC, nor was I asked not to install it. And regardless of who is tacking OC onto whatever, it is obviously something OC is aware of and marketing.
So in the end, the buck has to stop right at OC's doorstep.
All the talking in circles, justifications, "yeah buts", similar things other people are allegedly doing, and "looking at things in perspective" isn't going to change that.
It's their product. It's their responsibility. smiley-40hz (February 26, 2011, 01:56 PM)
As I was saying at the beginning, having an opt-out policy is not hiding it. If it is truly hidden, then that's a different story. But from the times I've seen OC, it's been pretty obvious. In the case that it's hidden, then it falls into the category of malicious, IMO.
To re-state, so it's clear. If it's an opt-out dialog during the installer (and even in subsequent updates) then it's not hidden.-wraith808 (February 26, 2011, 01:54 PM)
When you download an install an application, you expect to only get the application you intend to install.-app103 (February 26, 2011, 01:29 PM)
Only if you very very naive, and therefore shouldn't be allowed online.-Eóin (February 26, 2011, 02:06 PM)
the OC junk being placed on your hard drive and in your registry-app103 (February 26, 2011, 02:12 PM)
Sure. Let's put that right up there with all those young women who got assaulted because they were obviously "asking for it,' right?
Always expedient to blame the victims. Absolves everybody else quite neatly don't you think? :P-40hz (February 26, 2011, 02:12 PM)
The thing about your point is that it was in response to mine. So it either goes with/against my point... or shouldn't have been a response? If that had been what the original conversation was about, I'd have had nothing to say, truthfully. What you say is blatantly wrong... and I don't agree with at all.-wraith808 (February 26, 2011, 02:07 PM)
the OC junk being placed on your hard drive and in your registry-app103 (February 26, 2011, 02:12 PM)
@April - is there a manifest for what OC installs available anywhere? I've got some software audits coming up. Be interesting to check and see how widespread the actual deployment is. I'm sure my clients would be interested too. :)-40hz (February 26, 2011, 02:17 PM)
HKLM\SOFTWARE\ADatumCorporation\OpenCandy
HKLM\SOFTWARE\ADatumCorporation\OpenCandy\Completed
HKLM\SOFTWARE\Wow6432Node\ADatumCorporation\OpenCandy
HKLM\SOFTWARE\Wow6432Node\ADatumCorporation\OpenCandy\Completed
As I was saying at the beginning, having an opt-out policy is not hiding it. If it is truly hidden, then that's a different story. But from the times I've seen OC, it's been pretty obvious. In the case that it's hidden, then it falls into the category of malicious, IMO.
To re-state, so it's clear. If it's an opt-out dialog during the installer (and even in subsequent updates) then it's not hidden.-wraith808 (February 26, 2011, 01:54 PM)
When you download and run an OC powered installer, there are 3 things you could potentially install on your computer:
1. The application you intended to install (this is not hidden)
2. The recommended software (opt-in or opt-out, this is not hidden either)
3. OpenCandy itself, which you have to be a power user that knows the command line flags and knows OC is in the installer, before running it, in order to avoid being assigned a unique tracking ID and the OC junk being placed on your hard drive and in your registry. There is NO check box to opt out! Users are not well informed about this tracking garbage, despite OC "requiring" developers to inform users. They only have to mention OC somewhere on their own site. They do not mention it on download sites. So, you could download an app from Softpedia and not be informed there is OC in it, end up running it, and even when you opt out of the recommended additional software, you still get included in OC's tracking and profiling, whether you want to or not.-app103 (February 26, 2011, 02:12 PM)
The thing about your point is that it was in response to mine. So it either goes with/against my point... or shouldn't have been a response? If that had been what the original conversation was about, I'd have had nothing to say, truthfully. What you say is blatantly wrong... and I don't agree with at all.-wraith808 (February 26, 2011, 02:07 PM)
You completely lost me. (Not hard to do the way my brain's been working lately.) Could you possibly restate that? :)-40hz (February 26, 2011, 02:31 PM)
Also a thought, I would consider OpenCandy to be a lot less evil than the developers who bundle it with their software.-Eóin (February 26, 2011, 02:20 PM)
ok here is my bet, I am putting my 100$ if anyone wants to bet on it./me puts $25 against Kartal
I am %100$ sure that in 2 years OC will become an application that will try to install hidden stuff and spy on your download-installation activity. If anyone wants to bet I am accepting bets. Since we do not want to gamble lets keep the amount not more than 100$.-kartal (May 17, 2009, 01:05 AM)-scancode (September 30, 2009, 05:03 PM)
Looks like scannie owes kartal 25 bucks.-Josh (February 26, 2011, 10:04 AM)
Namely, one individual OpenCandy partner (out of hundreds) appears to have been mistakenly missing an End User License Agreement (EULA) in their installer. This means that any consumer installing this specific partner’s software did not agree to OpenCandy’s transmission and collection of anonymous information (used for purposes of making a software recommendation).
Ok, a mistake. A mistake on the part of our partner and a mistake by us for not having the right process in place to catch that the EULA had been removed after it had passed our compliance process. The partner has since added their EULA.
So what is Pokki? It looks like Adobe AIR.-Deozaan (March 07, 2011, 10:22 PM)
Status OK. Found Opencandy EULA in current dialog window.
and that tracking software will remain On their machine even if they later "uninstall" it.-40hz (March 08, 2011, 08:11 AM)
It seems like a lot of FUD, because there's a resistance to anyone monetizing software through ads. A bad state of things, as I think there's a right way, and a wrong way, and it should be a legitimate way to monetize software development.-wraith808 (March 09, 2011, 02:48 PM)
Just out of curiosity: are you going to state right up front on your download and product info pages that it contains OpenCandy, identify it as an adware application, and say that if you don't want to install it you'll need to explicitly tell it not to? and that tracking software may remain on their machine even if they later "uninstall" it.
Or are you going to let them find out about it after they download and start installing like it seems everybody who is including it does?-40hz (March 08, 2011, 08:11 AM)
Maybe someone, someday will be able to explain to me why OpenCandy is worse than Google/Bing/etc toolbar.-Eóin (March 09, 2011, 03:37 PM)
Just out of curiosity: are you going to state right up front on your download and product info pages that it contains OpenCandy, identify it as an adware application, and say that if you don't want to install it you'll need to explicitly tell it not to? and that tracking software may remain on their machine even if they later "uninstall" it.
Or are you going to let them find out about it after they download and start installing like it seems everybody who is including it does?-40hz (March 08, 2011, 08:11 AM)
Well 40hz, I didn't see you warn me (us?) that the article you linked to was on a page
a) full of ads
b) which used at least 1 type of tracking mechanism
c) left behind files on my PC (numerous cookies, at least two of which were for tracking my browsing habits) even after I browsed away from the page.
That article, was every bit as evil as people seem to claim OC is.-Eóin (March 09, 2011, 03:44 PM)
The paranoia which surround OpenCandy astonishes me. I find the DLL related freak-outs particularly funny, seems as if people think a DLL sitting on your harddrive is more dangerous than a txt file? Which by the way, in terms of security/vulnerability issues, it's not!I've yet to hear of a text-file exploit, but it's not outside the realm of possibilities that an exploit could be found in the Portable Executable parser somewhere, that could trigger during explorer icon-extraction, an anti-malware program scanning the file, etc :)-Eóin (March 09, 2011, 03:37 PM)
It seems like a lot of FUD, because there's a resistance to anyone monetizing software through ads. A bad state of things, as I think there's a right way, and a wrong way, and it should be a legitimate way to monetize software development.-wraith808 (March 09, 2011, 02:48 PM)
Might want to read the article I linked to before you assume it's FUD. OC does not do things the way most "monetizing" add-in software does. And the guys operating the freeware review site I mentioned aren't Nervous-Nellie sensationalist type bloggers either.
There's a legitimate concern surrounding OC in particular - which has nothing to do with software authors wanting to make some money from their efforts. So let's focus on this specific software and not get sidetracked.-40hz (March 09, 2011, 03:31 PM)
However, why people who are looking for sales don't just release their app as trialware will always be a mystery to me. Unless, of course, it's because the market has made it clear it doesn't consider the app worth paying for to begin with - hence the author's need to "monetize" as opposed to sell it.
Note too that Microsoft is flagging OC as adware/spyware. And nobody is more committed to the concept of having people pay to use software than they are. Draw whatever conclusions you will from that. But I don't think FUD can legitimately be one of them.
:)-40hz (March 09, 2011, 03:31 PM)
Just out of curiosity: are you going to state right up front on your download and product info pages that it contains OpenCandy, identify it as an adware application, and say that if you don't want to install it you'll need to explicitly tell it not to? and that tracking software may remain on their machine even if they later "uninstall" it.
Or are you going to let them find out about it after they download and start installing like it seems everybody who is including it does?-40hz (March 08, 2011, 08:11 AM)
Well 40hz, I didn't see you warn me (us?) that the article you linked to was on a page
a) full of ads
b) which used at least 1 type of tracking mechanism
c) left behind files on my PC (numerous cookies, at least two of which were for tracking my browsing habits) even after I browsed away from the page.
That article, was every bit as evil as people seem to claim OC is.-Eóin (March 09, 2011, 03:44 PM)
Funny. That didn't happen to me. I have a cookie and ad blocker installed on my machine.
But apparently this discussion is getting you upset. So tell you what. Let's just forget it. Ok? :)
-----
P.S. Perhaps I didn't warn you because I didn't know? It isn't my webpage. Which is a bit different than somebody who signs on with OC and does know what it does. Or at least I assume they would before they started deploying it.-40hz (March 09, 2011, 04:01 PM)
Just out of curiosity: are you going to state right up front on your download and product info pages that it contains OpenCandy, identify it as an adware application, and say that if you don't want to install it you'll need to explicitly tell it not to? and that tracking software may remain on their machine even if they later "uninstall" it.-40hz (March 08, 2011, 08:11 AM)
Or are you going to let them find out about it after they download and start installing like it seems everybody who is including it does?-40hz (March 08, 2011, 08:11 AM)
I'm not trying to sound hostile. I've got nothing but respect for you. It's just everybody using OpenCandy seems to almost go out of their way to hide its presence as much as possible from what I've seen. Makes me wonder if there's something in OC's license or in some policy or recommendation that suggests or requires a 'stealth' approach. :)-40hz (March 08, 2011, 08:11 AM)
I'm not smart enough to know if OC is a threat or not.
That's why I have security programs that detect threats.
http://www.opencandy.com/2011/03/04/the-story-behind-the-opencandy-and-microsoft-adware-debacle/
Is a poor attempt at some kind of explanation. IMO.
And minimizing their own problems.
Blaming MS Defender, well Nod32 found it too.
So it's not MS at fault, but OC's changes that got caught.
And now they back peddle.....-cmpm (March 08, 2011, 10:14 AM)
After I’d filled out the contact form at the OpenCandy site, I downloaded the Publisher SDK and got a Windows Defender warning. (Screenshot attached.) I am not certain about whether this will be a problem going forward as it appears rather recent. The MS site has OpenCandy flagged only starting in February this year.
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Adware%3aWin32%2fOpenCandy&threatid=159633
Thanks for the link. I’d already followed links from Andrew here:
https://www.donationcoder.com/forum/index.php?topic=18297.msg179472#msg179472
And was in the middle of reading it. :)
And I’ve been there as well with false positives… It’s frustrating in the extreme.
Yeah, false positives suck. Particularly when it's a large company like MS that doesn't have any concrete way to rectify it. It also sucks when your largest advertising partner (Bing) is calling you adware. It's kooky.
We’re backed by awesome investors like Google Ventures, Bessemer Venture Partners, O’Reilly AlphaTech Ventures, Reid Hoffman and Jordan Greenhall who have joined us on this mission to revitalize the software community.
...helping them deploy their data harvesting client...-40hz (March 09, 2011, 05:37 PM)
...helping them deploy their data harvesting client...-40hz (March 09, 2011, 05:37 PM)
That is not what it does. You are misinformed.-Renegade (March 09, 2011, 06:08 PM)
I never had ads on any of the sites I run/ran (excpet for a brief run at http://renegademinds.com/ on a few pages that I removed). I hate ads. But, putting food on the table and paying bills in more important than my loathing of ads.-Renegade (March 09, 2011, 06:06 PM)
Good op-ed piece which includes an eye-opening list of major apps known to include OpenCandy. Link here (http://cranialsoup.blogspot.com/2009/05/opencandy-new-kind-of-adwarespyware.html).-40hz (March 09, 2011, 02:10 PM)
Well 40hz, I didn't see you warn me (us?) that the article you linked to was on a page
a) full of ads
b) which used at least 1 type of tracking mechanism
c) left behind files on my PC (numerous cookies, at least two of which were for tracking my browsing habits) even after I browsed away from the page.
That article, was every bit as evil as people seem to claim OC is.-Eóin (March 09, 2011, 03:44 PM)
That my blog.-app103 (March 09, 2011, 07:17 PM)
Sorry you feel that way-app103 (March 09, 2011, 07:17 PM)
...helping them deploy their data harvesting client...-40hz (March 09, 2011, 05:37 PM)
That is not what it does. You are misinformed.-Renegade (March 09, 2011, 06:08 PM)
Ok. Fair enough. Nobody said I was infallible. Not even me.
(Also switched the wording on my post above to accommodate your objection.)
Now could you please explain it to me so I won't be "misinformed" any more? I'm always willing to listen and accept correction. But I'm also not much of a coder so please don't get annoyed if I ask a lot of dumb questions afterwards. Ok?:)
So...starting with the OC thingy itself - who decides how it gets installed? Is it the same in every situation (it's not according to Microsoft BTW) or does each developer get to decide how it will work from a group of ...dunno...options?...deals?...revenue programs?
And if it does, does the choice of options determine the amount OC pays the developer?-40hz (March 09, 2011, 06:37 PM)
So...starting with the OC thingy itself - who decides how it gets installed? Is it the same in every situation (it's not according to Microsoft BTW) or does each developer get to decide how it will work from a group of ...dunno...options?...deals?...revenue programs?
And if it does, does the choice of options determine the amount OC pays the developer?-40hz (March 09, 2011, 06:37 PM)
P.S. No need to shout or get super creative with the font attributes. We're all listening to you even if we won't always agree. This is DC. We can be passionate about something without getting pissed off about it.-40hz (March 09, 2011, 06:37 PM)
Also, frankly, trying to claim cookies are ok because they are easier to remove, while a reg entry is evil because it's harder to remove is not logical. You're arbitrarily drawing a line and saying 'easier than this is ok while harder than this is evil' and, conveniently, you've chosen to carefully position that line such that it defends your argument.-Eóin (March 09, 2011, 07:57 PM)
Windows comes with a firewall, which is turned on by default. If you shut it off and then as a result get exploited with a worm, do you have a right to blame anyone but yourself?-app103 (March 09, 2011, 09:14 PM)
while the app is worth the money, the sector it's target at isn't one that's easy to break into/willing to pay for software?-wraith808 (March 09, 2011, 05:14 PM)
@Renegade - ok, I think I'm following so far.
Few more questions (there will probably be more later):
0. I have been told that prior to doing any sort of opt-in or opt-out, OC scans the user's drive and sends back information to...someplace...and modifies the users registry without any notification or option to prevent it. This operation is automatic, unstoppable, and runs completely invisibly. Is this true?-40hz (March 09, 2011, 09:15 PM)
1. Why doesn't OpenCandy make it's presence known during the installation like the Ask Toolbar or other (supposedly) "just like" apps do. Why not just call it what it is? It seems OC tries to cloak it's presence by burying itself in somebody else's installer and EULA. Why is that? Why don't they just run OC as an additional installer that tags along (like everybody else's does) if it isn't primarily motivated by a desire to make its presence and actions less noticeable? What good and purely technical reason(s) do they offer for doing it this way?-40hz (March 09, 2011, 09:15 PM)
2. The author of DarkWave Studio uses OC, and says he has set it to default to opt-out. Do you control whether it is set up to follow an opt-in or opt-out methodology? DWS's author seemed to infer it was his choice which way to go. How does his statement square with your statement there is no opt-in or out per se?-40hz (March 09, 2011, 09:15 PM)
3. Is there anyplace where you are given the opportunity to remove all traces of OC regardless of where (registry, etc) they are located without having to manually dig it out? Do they publish a utility to do that? And do they advertise such a utility is available and make it easy to get if they do? If not - why not?-40hz (March 09, 2011, 09:15 PM)
4. Why do they store their stuff in the registry? Is there a demonstrably valid technical reason for doing it that way as opposed to putting it in some sort of cache file elsewhere on the drive?-40hz (March 09, 2011, 09:15 PM)
5. You object to calling OC adware. But then you say it presents "offers." How is an "offer" to consider buying something different than an "ad" which also asks you to consider buying something? Forgive me if I sound obtuse. But I suspect I may be a little 'colorblind' in that end of the spectrum. What in the name of the Purple Buddah is the difference between an ad and an offer?-40hz (March 09, 2011, 09:15 PM)
License Type - It's freeware for home users while commercial users have an unlimited trial period, but are asked to purchase a license. It's most certainly NOT adware. None of the ALTools have any adware, no spyware, no junkware, no third party bundled wierdness - nada, zilch, zip :) I really don't want people to think that ALTools are adware. The info banner in the upper right only mentions ALTools and does not serve ads for any third parties. PLEASE - Would you kindly fix this. I really don't want anyone to get the impression that we're associated with that seedy underside of the Internet...
6. You seem to infer that you're comfortable with OC's business model and modus operandi. Are you comfortable enough with it that you'd be willing to accept personal responsibility for any software problems, privacy breaches, or security issues introduced on one of your user's machines if it was the direct result of something done by OC during it's normal operations? Not to say you should. But would you at least be willing?-40hz (March 09, 2011, 09:15 PM)
7. Does OC in any way indemnify you for any problems their software may cause your user's system? If you get sued by somebody because OC did something and you got blamed for it - does OC offer you any legal protections or warranties?-40hz (March 09, 2011, 09:15 PM)
8. Have you been allowed to examine the source code for their software - or gotten a chance to look behind the scenes and observe their backoffice operation in action? If not, why do you trust them like you do?-40hz (March 09, 2011, 09:15 PM)
I know these are a lot of questions. So don't feel rushed to get back. Sorry to be asking you all this. But you're apparently DC's resident expert on things OC -so You Da Man to ask.
:)-40hz (March 09, 2011, 09:15 PM)
I think you're looking for things that aren't there.
Plain and simple, OpenCandy doesn't bother me. I think it is a good medium between being invasive and generating revenue for software developers. I honestly send no identifiable information then recommends a software, nothing is downloaded, installed, no changes made to your system unless you choose to install it.
MSE detects it and pops up this dialog meant to scare people who have no idea what they are looking at, yet Bing is a partner with OpenCandy and is one of the things offered. I hate adware, I despise software that installs on my system with other software, but this is not like that at all.-y0himba (March 10, 2011, 04:59 AM)
If I had a choice, it would not be there, but since developers need revenue, this is the way to go. IMHO.-y0himba (March 10, 2011, 04:59 AM)
If your browser rejects 3rd party tracking cookies by default and you change the setting to accept them, do you have anyone to blame but yourself when you end up with 3rd party tracking cookies?-app103 (March 09, 2011, 09:14 PM)
I can see why a software developer might be tempted to use OC. I have battled with the thought myself but ultimately I can't bring myself to do it because I don't trust OC at all.-app103 (March 09, 2011, 09:14 PM)
But I do think they are every bit as 'evil' as OC, I just don't consider that to be really evil at all.-Eóin (March 10, 2011, 05:40 AM)
Checking from a reboot, the folder:
C:\Users\Renegade\AppData\Local
Is still there, but the DLL is deleted.
So, there is a trace of a folder, but no executable files.-Renegade (March 11, 2011, 03:44 PM)
That folder is a system-specific folder, so it's ok that it is still there.
Ref: http://technet.microsoft.com/en-us/library/cc766489%28WS.10%29.aspx-wraith808 (March 11, 2011, 10:02 PM)
That folder is a system-specific folder, so it's ok that it is still there.
Ref: http://technet.microsoft.com/en-us/library/cc766489%28WS.10%29.aspx-wraith808 (March 11, 2011, 10:02 PM)
Sorry. I was continuing from a prior post, but truncated that there. I meant that inside THAT folder there is an "OpenCandy" folder, which is empty.-Renegade (March 12, 2011, 01:02 AM)
Definition of 'Screen Type'
Some recommendations allow you to choose between opt-in and opt-out (others only support opt-in) by changing the 'Screen Type'.
Opt-in means the recommendation is not selected to be installed by default.
Opt-out means the recommendation is selected to be installed by default.
Now that I've been using an application which has THREE (!) OpenCandy ads in its installer, I begin to think that OpenCandy is NOT less annoying than anything else.-Tuxman (March 19, 2011, 10:38 AM)
Not sure, might have been a previous version of SUMo?-Tuxman (March 19, 2011, 11:02 AM)
They looked all equal, so probably yes.-Tuxman (March 19, 2011, 11:31 AM)
If anyone is interested, scope out our (always evolving as the software landscape does) Software Network Policies which are what prospective and current partners must adhere to-drapps (March 24, 2011, 02:25 PM)
And they also leave a great deal of the implementation 'details' to the software publishers as well. Which doesn't give me warm fuzzies if one or more of them are in the habit of 'pushing the envelope' so to speak.-40hz (March 29, 2011, 07:20 AM)
For what it's worth, Nod32 blocked 2 internet connections to OpenCandy when installing the latest Photo Resizer with OC.
Stopping the install of OCSetupHlp.dll and any other programs being offered.
Photo Resizer did install even with nod blocking the connection to OC.
Just for your info...-cmpm (March 29, 2011, 07:21 PM)
Well, no offers of other software came up and Photo Resizer installed and works.
Searching for opencandy or OCSetupHlp.dll came up with no results.-cmpm (March 29, 2011, 07:40 PM)
For what it's worth, Nod32 blocked 2 internet connections to OpenCandy when installing the latest Photo Resizer with OC.
Stopping the install of OCSetupHlp.dll and any other programs being offered.
Photo Resizer did install even with nod blocking the connection to OC.
Just for your info...-cmpm (March 29, 2011, 07:21 PM)
Well, no offers of other software came up and Photo Resizer installed and works.
Searching for opencandy or OCSetupHlp.dll came up with no results.-cmpm (March 29, 2011, 07:40 PM)
Not for offers of other software. From looking at the agreement, they have the same concept as other advertisers, i.e. impressions and click through. I wasn't saying that it was to get more offers, but to track impressions. Did it say what the request was? That (other than asking) would seem to be the way to figure out what it was trying to do...-wraith808 (March 30, 2011, 08:53 AM)
For what it's worth, Nod32 blocked 2 internet connections to OpenCandy when installing the latest Photo Resizer with OC.
Stopping the install of OCSetupHlp.dll and any other programs being offered.
Photo Resizer did install even with nod blocking the connection to OC.
Just for your info...-cmpm (March 29, 2011, 07:21 PM)
Thanks for that.
This is really a problem. AV vendors should be focusing on developing technologies that prevent the real bad guys and not this kind of silliness.
You'd think that it would be easy to make a dime... Literally. :(-Renegade (March 30, 2011, 11:09 AM)
Having a good day, yes I am.
Perhaps you should contact Eset, and work it out with them.
Or not, I'm not taking sides, but I will stay with Nod32.-cmpm (March 30, 2011, 04:31 PM)
@Renegade
Is there a list of participating 'Advertisers' somewhere? I could not find one at http://www.opencandy.com/.-PhilB66 (March 30, 2011, 11:07 PM)
On topic, I just went to download an update for Fruity Studio, and...
http://flstudio.image-line.com/documents/download.html
(see attachment in previous post (https://www.donationcoder.com/forum/index.php?topic=18297.msg243485#msg243485))-Renegade (March 30, 2011, 09:33 PM)
That made me raise my brows as well.On topic, I just went to download an update for Fruity Studio, and...Ok, so now OC is also being bundled in with apps you already paid for?-Renegade (March 30, 2011, 09:33 PM)-40hz (March 31, 2011, 02:31 AM)
Ok, so now OC is also being bundled in with apps you already paid for?-40hz (March 31, 2011, 02:31 AM)
Do you get paid the same for recommending any of these softwares or does it depend on the advertiser's bid?-PhilB66 (March 31, 2011, 03:20 AM)
That made me raise my brows as well.On topic, I just went to download an update for Fruity Studio, and...Ok, so now OC is also being bundled in with apps you already paid for?-Renegade (March 30, 2011, 09:33 PM)-40hz (March 31, 2011, 02:31 AM)
As did the name "Fruity Studio" - didn't it use to be FruityLoops? Another of those "Oh, but the lifetime license isn't for <newname>, it was for <oldname>" tactics?-f0dder (March 31, 2011, 04:07 AM)
To know and not to know, to be conscious of complete truthfulness while telling carefully constructed lies, to hold simultaneously two opinions which cancelled out, knowing them to be contradictory and believing in both of them, to use logic against logic, to repudiate morality while laying claim to it, to believe that democracy was impossible and that the Party was the guardian of democracy, to forget, whatever it was necessary to forget, then to draw it back into memory again at the moment when it was needed, and then promptly to forget it again, and above all, to apply the same process to the process itself -- that was the ultimate subtlety; consciously to induce unconsciousness, and then, once again, to become unconscious of the act of hypnosis you had just performed. Even to understand the word 'doublethink' involved the use of doublethink.
"Oh, but the lifetime license isn't for <newname>, it was for <oldname>" tactics?-f0dder (March 31, 2011, 04:07 AM)
What is commendable, however, is that they clearly call attention to the fact they are using it right on the download page. Which is more than most publishers are doing. And which is all that 90% of the people who are objecting to OC are asking for: Being told - up front - that it is going to be installed.
Of course, providing the user with notification and an easily selectable option to not have it load at all when you run the installer would be nice...but the makers of OC seem to be quietly adamant that that is not going to happen.-40hz (March 31, 2011, 02:31 AM)
The difference is that there is no opt out of OC when installing.-cmpm (March 31, 2011, 11:26 AM)
Opt out of *what*?
I said more then I planned to in that post...so maybe I didn't communicate well.Opt out of *what*?
Exactly, you can't, OC is included.-cmpm (March 31, 2011, 11:47 AM)
So opt out of *what* is my question that still remains unanswered?-wraith808 (March 31, 2011, 12:21 PM)
So opt out of *what* is my question that still remains unanswered?-wraith808 (March 31, 2011, 12:21 PM)
3rd party tracking.-app103 (March 31, 2011, 01:29 PM)
I've even seen during the worst of their growing pains that severe detractors have said that the level of knowledge of what you've done seems to be absent.-wraith808 (March 31, 2011, 01:54 PM)
I've even seen during the worst of their growing pains that severe detractors have said that the level of knowledge of what you've done seems to be absent.-wraith808 (March 31, 2011, 01:54 PM)
You completely lost me on that one. :huh: Could you maybe rephrase it? :)-40hz (March 31, 2011, 03:13 PM)
So, The torches and pitchfork wielding villagers are incensed by the frankin-monsters insistence on playing possum?;D That's one way to put it...-Stoic Joker (March 31, 2011, 03:47 PM)
did Eset ever answer you?
Up until now, there has been pretty much universal agreement that anything which gets installed on your PC without giving notice and asking your permission is unacceptable.
...
And I think the reason for that is very simple: most people wouldn't install OC if they knew about it.-40hz (March 31, 2011, 06:25 PM)
But that's the thing -- It doesn't get installed! It runs, but it isn't installed.-Renegade (March 31, 2011, 06:36 PM)
Up until now, there has been pretty much universal agreement that anything which gets installed on your PC without giving notice and asking your permission is unacceptable.
...
And I think the reason for that is very simple: most people wouldn't install OC if they knew about it.-40hz (March 31, 2011, 06:25 PM)
But that's the thing -- It doesn't get installed! It runs, but it isn't installed.
When most people go to install software, they aren't agreeing to a lot of things, but things are genuinely changed on their system that they have NOT asked for. This is the normal way of doing things and nobody would call it malicious. For example, an installer adds registry keys and puts a DLL in the system32 folder, creates a ProgramData entry, another local/roaming directory structure, checks if certain other software is installed, if not installs it or upgrades it, etc. etc. That's normal. But OpenCandy isn't doing all that stuff. It runs then it's done.-Renegade (March 31, 2011, 06:36 PM)
They are also peddling their stuff to open source developers, to include a closed source .dll on machines that install the open source software. When I install open source software, I expect to be able to have access to the source, all of it, for everything it installs on my machine. If the source for the OC dll is not included, it has no business being put on my machine during the install of a piece of open source software.-app103 (March 31, 2011, 07:39 PM)
But that's the thing -- It doesn't get installed! It runs, but it isn't installed.-Renegade (March 31, 2011, 06:36 PM)
Sorry. I'm a bit color blind in that end of the spectrum. :)
Regardless of whether it copies itself onto the hard drive, or loads itself into RAM before it runs, it's still installed on your system. The mechanism employed for the IPL* (initial program load) is a technical detail, not a functional difference.-40hz (March 31, 2011, 08:50 PM)
But it doesn't *install* the dll.-wraith808 (March 31, 2011, 08:55 PM)
when you get an installer for OSS software, is it required to give you the source to the installer?
I should be able to compile an exact copy and when you toss in the OC dll, that isn't possible. I should also be able to change any of it any way I see fit and redistribute those changes, and if I am not allowed to change and redistribute the OC dll, then it has no business being placed on my system, without that right, along with an open source application.-app103 (March 31, 2011, 09:20 PM)
But it doesn't *install* the dll.-wraith808 (March 31, 2011, 08:55 PM)
What is the purpose of an installer? I thought the purpose was to install software. And software consists of many types of files, not just .exe executables.
If one of my applications comes with xml and wav files, I am not going to argue that they are not "installed" with my application...they are.
The big issue with the OC .dll being installed along with open source software is that it is compiled code in which the source is not available.-app103 (March 31, 2011, 09:20 PM)
But the dll isn't *left* on your machine. It is to facilitate the installation. That's the same as saying that NSIS is installed on your machine just because certain supporting dlls have to be extracted to be loaded into memory. That is *not* installation. It assists in installation of the requested software.-wraith808 (March 31, 2011, 10:17 PM)
But the dll isn't *left* on your machine. It is to facilitate the installation. That's the same as saying that NSIS is installed on your machine just because certain supporting dlls have to be extracted to be loaded into memory. That is *not* installation. It assists in installation of the requested software.-wraith808 (March 31, 2011, 10:17 PM)
But NSIS is open source and you can obtain the code for it and whatever it needs to use to assist installing an application.
OpenCandy...no.
I have decided to contact the FSF to see what they have to say about the matter. I'll let you know when I receive a reply.-app103 (March 31, 2011, 10:43 PM)
It seems to me a good solution for authors releasing open source material is to always provide the option of a "portable" non-installer download. Whether the installer is open source or not, just as a matter of convenience.-mouser (March 31, 2011, 10:48 PM)
Yes, indeed it is a functional difference. Several things run on your machine without being installed-wraith808 (March 31, 2011, 08:55 PM)
This is the no opt-out issue, you can't opt out of OC getting to run on your PC and doing whatever it does, benign though that may be.-Eóin (March 31, 2011, 10:27 PM)
So why most developers that partner with OC hid that fact?-PhilB66 (April 01, 2011, 02:40 AM)
So why most developers that partner with OC hid that fact?-PhilB66 (April 01, 2011, 02:40 AM)
I suppose that the sins of the past with stealth adware have created an environment of paranoia. The media certainly doesn't help as we've just seen yet once again with that false positive on the Samsung laptops.
*
*
*
Plainly, I think that a lot of developers are just scared. I can't say as I blame them.-Renegade (April 01, 2011, 02:51 AM)
Yes, indeed it is a functional difference. Several things run on your machine without being installed-wraith808 (March 31, 2011, 08:55 PM)
Just a minor niggle... ;)
I think you might have missed what I was trying to say there.
Based on what I learned from my professors, the fact that a piece of code is capable of being run is proof positive an installation occurred. There is absolutely no "functional difference" between installing to RAM or HD, because in either case it accomplishes the exact same function - getting a piece of binary code into a place where it can be executed by the target system.
To paraphrase so there's no confusion: If it's runnable - it's been installed.-40hz (March 31, 2011, 11:39 PM)
And I think the only answer is because it betters the odds the average end-user is more likely go along with it if they don't know about it.
Which makes the practice somewhat questionable.
I have decided to contact the FSF to see what they have to say about the matter-app103 (March 31, 2011, 10:43 PM)
The OpenBSD project does not make the ISO images used to master the official CDs available for download. The reason is simply that we would like you to buy the CD sets to help fund ongoing OpenBSD development. The official OpenBSD CD-ROM layout is copyright Theo de Raadt. Theo does not permit people to redistribute images of the official OpenBSD CDs. As an incentive for people to buy the CD set, some extras are included in the package as well (artwork, stickers etc).
Note that only the CD layout is copyrighted, OpenBSD itself is free. Nothing precludes someone else from downloading OpenBSD and making their own CD.-http://www.openbsd.org/faq/faq3.html
Yes, indeed it is a functional difference. Several things run on your machine without being installed-wraith808 (March 31, 2011, 08:55 PM)
Just a minor niggle... ;)
I think you might have missed what I was trying to say there.
Based on what I learned from my professors, the fact that a piece of code is capable of being run is proof positive an installation occurred. There is absolutely no "functional difference" between installing to RAM or HD, because in either case it accomplishes the exact same function - getting a piece of binary code into a place where it can be executed by the target system.
To paraphrase so there's no confusion: If it's runnable - it's been installed.-40hz (March 31, 2011, 11:39 PM)
You have a very ... unorthodox view of being installed. :huh:
The act of installation requires some very discreet actions that would seem to put lie to your explanation, and this is coming from someone who did installers for several years many moons ago on many varied OSes.-wraith808 (April 01, 2011, 07:40 AM)
For one thing, installation by any practical definition implies that the software in question can be run again without any need for further installation (leaving out the situation of a software upgrade, since the act of upgrading is changing the delta of the installed software.
I started referring to the act of loading an executable into working memory as an "install" after hearing Marvin Minsky refer to it that way during a lecture in 1977. Back then, we didn't differentiate between the act of "installing" in your sense (i.e. on a drive or other storage media) and loading it into RAM for execution. It was the act of loading and running that constituted the "install."If we're going back *that* far, then at that point there wasn't really anything that even resembles installations of today, especially given the change in media and storage technology, so I think that given the change in the English language and technology, to carry over a term from that time to apply to the methodologies of today is a pretty big stretch...-40hz (April 01, 2011, 12:15 PM)
And since we're trotting out our CVs, my view is from the perspective of someone who (like yourself) has programmed and installed software on various OSs for...well, let's just say a bit more than several years, starting with IBM's System/360 on mainframes, and Digital Research's CP/M on personal computers. :)-40hz (April 01, 2011, 12:15 PM)
For one thing, installation by any practical definition implies that the software in question can be run again without any need for further installation (leaving out the situation of a software upgrade, since the act of upgrading is changing the delta of the installed software.
That's a new one for me. Bounced it off a couple of system admin cohorts of mine. Both felt your qualification that it "can be run again without any need for further installation" is not a valid criteria because they routinely install and run software utilities (not updates) that execute once and then remove themselves from the system. :tellme:-40hz (April 01, 2011, 12:15 PM)
It seems like there is a lot of getting hung up on terminology here. Which is ironic because one of the most important points made here - by 40hz - is that the meaning of words *is* important and is being potentially subverted here by OC. On that point I have some concern myself. Nonetheless I think whether something is "installed" or not is ultimately tangential to what is at issue here and of actual concern. After all, I'm sure Wraith would not argue that a virus that simply loads itself into memory and formats your hard drive without ever "installing" anything is ok simply because it's not being "installed" (and neither would anyone else I'd wager :D). So using "installed" as a measure of trustworthiness, safety, or anything else that is really of concern here is not really useful.-JavaJones (April 01, 2011, 02:49 PM)
Second it is the words that are my entire point of this conversation. OC is *not* adware, nor spyware, nor malware, but it is being categorized as such. Currently adware, spyware, and malware are all negative terms, and the threat of such labels is enough to force action in one way or another. But, if you dilute it using it in edge cases, or cases that have *nothing* to do with the terms in question, you begin to erode the power of the term (see rape, domestic abuse, and racism for examples of such). And that would be a real shame to see happen.-wraith808 (April 01, 2011, 10:20 PM)
It seems I agree with you generally speaking Wraith. But what is "adware"? Is that software that consistently displays ads while it runs? And regardless of labels, are you happy with how OC operates and is presented?-JavaJones (April 02, 2011, 01:34 AM)
So what you're saying is we need a new term to define things like OC? Maybe ad-ish-not-entirely-dishonest-may-not-be-so-bad-ware? :D-JavaJones (April 02, 2011, 02:34 AM)
So what you're saying is we need a new term to define things like OC?-JavaJones (April 02, 2011, 02:34 AM)
So what you're saying is we need a new term to define things like OC?-JavaJones (April 02, 2011, 02:34 AM)
Here are a few... Ad Conduit, Usage Information Sniffer/Transferer, Privacy Intrusion Mechanism. That's what OC does. How it does what it does is not an issue (at least for me it's not).-PhilB66 (April 02, 2011, 06:38 AM)
Just go through the advertisers list... Crawler Toolbar, My Shopping Genie, PriceGong, SweetIM.....sigh-PhilB66 (April 02, 2011, 06:38 AM)
Can anyone pick out anything in there that is shady?World of Warcrack. Definitely shady, ruiner of souls.-Renegade (April 02, 2011, 08:01 AM)
Can anyone pick out anything in there that is shady?World of Warcrack. Definitely shady, ruiner of souls.-Renegade (April 02, 2011, 08:01 AM)-f0dder (April 02, 2011, 08:13 AM)
To be clear, in loud, bold, 20pt, red, all caps:
*
<<SP>>
*
...and centered. :)-Renegade (April 02, 2011, 08:01 AM)
I'd guess a bit more than several years would depend on what the definition of several years is. Wink-wraith808 (April 01, 2011, 10:20 PM)
> Would placing the proprietary closed source OCSetupHlp.dll file on
> a user's system without their permission and without offering the
> source, solely for the purpose of displaying ads during the install
> process and providing the developer with install/uninstall tracking
> statistics later on be considered a violation of the GPL when it is
> done by the installer of a GPL licensed application?
The way you describe the issue, the proprietary DLL is part of the
installer, not of the GPLed software. According to the GPL FAQ, "The
installer and the files it installs are separate works. As a result, the
terms of the GPL do not apply to the installation software."
(http://www.gnu.org/licenses/gpl-faq.html#GPLCompatInstaller)
While it is unfortunate that some GPLed software would require a
proprietary installer, it is not a GPL violation.
Thank you Renegade! (Very elegant solution BTW. I like it!) ;D :Thmbsup:-40hz (April 02, 2011, 01:27 PM)
...while the software installed may not be adware or spyware, the OC powered installer is.-app103 (April 02, 2011, 03:15 PM)
Spyware is a type of malware that can be installed on computers, and which collects small pieces of information about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the user's personal computer. Sometimes, however, spywares such as keyloggers are installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other users.
Defamation—also called calumny, vilification, traducement, slander (for transitory statements), and libel (for written, broadcast, or otherwise published words)—is the communication of a statement that makes a claim, expressly stated or implied to be factual, that may give an individual, business, product, group, government, or nation a negative image. It is usually a requirement that this claim be false and that the publication is communicated to someone other than the person defamed (the claimant).
spyware (computer software that obtains information from a user's computer without the user's knowledge or consent)-http://wordnetweb.princeton.edu/perl/webwn?s=spyware
spyware
1. (Internet) programs that surreptitiously monitor and report the actions of a computer user.-http://en.wiktionary.org/wiki/spyware
Spyware: Computer programs that typically track your use and report this information to a remote location. The more malicious spyware programs may capture and report keystrokes, revealing passwords and personal information. Users are often tricked into installing spyware programs without their knowledge. Spyware is sometimes referred to as adware.-http://its.ucsc.edu/security/policies/glossary.php
Spyware Software that uses an internet connection without the permission of its owner, in order to 'listen' to confidential data and transmit them to third parties-http://www.binarysec.com/cms/docs/resources/glossary/p-s.html
The Anti-Spyware Coalition (ASC) defines "spyware and other potentially unwanted technologies as technologies deployed without appropriate user consent and/or implemented in ways that impair user control over:
- Material changes that affect their user experience, privacy or system security;
- Use of their system resources, including what programs are installed on their computers; and/or
- Collection, use and distribution of their personal or other sensitive information."
See: Recognizing Spyware-http://www.michigan.gov/cybersecurity/0,1607,7-217-34415---,00.html
Spyware
Software that gathers user information through the user’s Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet. Not all shareware and freeware applications come with spyware. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers.-http://newsletter.blizzardinternet.com/toolbox/tech-glossary/
Spyware
Spyware is software that literally spies on the activities of the user of the computer where it is installed. All possible personal data is gathered and then sent to the author of the Spyware.-http://www.soft-anti-malware.com/knowledgebase/security_terms
While the term spyware suggests software that secretly monitors the user's behavior, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet or functionality of other programs. In an attempt to increase the understanding of spyware, a more formal classification of its included software types is captured under the term privacy-invasive software.”
That’s certainly not anything that OpenCandy enables or would EVER take part in! (I wouldn’t work for a company that did… I wouldn’t be able to sleep at night.)
OpenCandy’s Analytics
This is probably a good time to address the analytics side of the OpenCandy network. The analytics that we provide back to our publishers (those who recommend other software using OpenCandy) includes NON-PERSONALLY identifiable information such as the user’s country, operating system, operating system version, operating system language, and when the software is installed (and optionally, if it is uninstalled). This information is aggregated in daily intervals and individuals are NOT identifiable (see more below). That’s it.-drapps (May 13, 2009, 02:52 PM)
Informed consent is a phrase often used in law to indicate that the consent a person gives meets certain minimum standards. As a literal matter, in the absence of fraud, it is redundant. An informed consent can be said to have been given based upon a clear appreciation and understanding of the facts, implications, and future consequences of an action. In order to give informed consent, the individual concerned must have adequate reasoning faculties and be in possession of all relevant facts at the time consent is given.-http://en.wikipedia.org/wiki/Informed_consent
Yes, but you're far from the only person using OpenCandy, and now that I know what it looks like I realize it's been used in lots of software I've installed recently. I would have liked to know so I could learn more and make a more informed decision. Lack of full disclosure by software authors is my remaining concern.-JavaJones (April 02, 2011, 03:26 AM)
^ So... I take it adobe flash is spyware? How about iTunes? Or Java? I could keep naming software- there's quite a few pieces of software that do the same in a benign way, then after the fact inform you that they did and would you like to install this update or that update. Microsoft used to do it with Windows update. Websites do it without ever telling you.-wraith808 (April 02, 2011, 11:28 PM)
Yes, but you're far from the only person using OpenCandy, and now that I know what it looks like I realize it's been used in lots of software I've installed recently. I would have liked to know so I could learn more and make a more informed decision. Lack of full disclosure by software authors is my remaining concern.-JavaJones (April 02, 2011, 03:26 AM)
So... I use other DLLs from third-parties in my software sometimes; does that mean that I need to inform you so that you can be made aware of exactly what software I'm using? Where does it end?
...while the software installed may not be adware or spyware, the OC powered installer is.-app103 (April 02, 2011, 03:15 PM)
I can see some kind of confusion over adware, but "spyware" is so far off-base, it's not in the same solar system. It's so radically different that it's just not possible to make that confusion if you know what the two are. Instead, it's libelous.
*
*
*
Defamation (http://en.wikipedia.org/wiki/Defamation):Defamation—also called calumny, vilification, traducement, slander (for transitory statements), and libel (for written, broadcast, or otherwise published words)—is the communication of a statement that makes a claim, expressly stated or implied to be factual, that may give an individual, business, product, group, government, or nation a negative image. It is usually a requirement that this claim be false and that the publication is communicated to someone other than the person defamed (the claimant).-Renegade (April 02, 2011, 10:05 PM)
Interesting comment.
Sounds very much like a threat.
Is some sort of legal threat being made here?-40hz (April 03, 2011, 12:25 AM)
It's not defamation unless it is false. I believe my statement to be true.
Spyware:spyware (computer software that obtains information from a user's computer without the user's knowledge or consent)-http://wordnetweb.princeton.edu/perl/webwn?s=spyware
What percentage of users installing software from an OC powered installer gave their informed consent and know that information will be sent back to OC, even if they refuse the recommendation?-app103 (April 02, 2011, 11:03 PM)
spyware
1. (Internet) programs that surreptitiously monitor and report the actions of a computer user.-http://en.wiktionary.org/wiki/spyware
That describes exactly what OC does.-app103 (April 02, 2011, 11:03 PM)
spyware
1. (Internet) programs that surreptitiously monitor and report the actions of a computer user.-http://en.wiktionary.org/wiki/spyware
Spyware: Computer programs that typically track your use and report this information to a remote location. The more malicious spyware programs may capture and report keystrokes, revealing passwords and personal information. Users are often tricked into installing spyware programs without their knowledge. Spyware is sometimes referred to as adware.-http://its.ucsc.edu/security/policies/glossary.php
Emphasis mine. And that is exactly what OC does. It doesn't have to do the rest to be spyware.-app103 (April 02, 2011, 11:03 PM)
Spyware: Computer programs that typically track your use and report this information to a remote location. The more malicious spyware programs may capture and report keystrokes, revealing passwords and personal information. Users are often tricked into installing spyware programs without their knowledge. Spyware is sometimes referred to as adware.-http://its.ucsc.edu/security/policies/glossary.php
...spyware is sometimes referred to as adware.-http://its.ucsc.edu/security/policies/glossary.php
...spyware is sometimes referred to as adware.-http://its.ucsc.edu/security/policies/glossary.php
I will ask one more time:
What percentage of users installing software from an OC powered installer gave their informed consent and know that information will be sent back to OC, even if they refuse the recommendation? And do they know what information?
Unless OC is getting informed consent to collect that information, it's spyware, plain and simple.
It doesn't matter if you think the information it is collecting is benign...it is still collecting information without the user's informed consent.-app103 (April 02, 2011, 11:03 PM)
Informed consent is a phrase often used in law to indicate that the consent a person gives meets certain minimum standards. As a literal matter, in the absence of fraud, it is redundant. An informed consent can be said to have been given based upon a clear appreciation and understanding of the facts, implications, and future consequences of an action. In order to give informed consent, the individual concerned must have adequate reasoning faculties and be in possession of all relevant facts at the time consent is given.-http://en.wikipedia.org/wiki/Informed_consent-app103 (April 02, 2011, 11:03 PM)
1. (Internet) programs that surreptitiously monitor and report the actions of a computer user.
Spyware Software that uses an internet connection without the permission of its owner, in order to 'listen' to confidential data and transmit them to third parties
Spyware: Computer programs that typically track your use and report this information to a remote location.
I don't think we'll ever agree on this.-Renegade (April 03, 2011, 01:08 AM)
Q: What information does OpenCandy collect during installation of an installer powered by OpenCandy?
A: First and foremost, we do NOT collect any personally identifiable information. Nor do we store IP addresses.
We collect the following NON-personally identifiable information for aggregate statistical purposes:
A) Operating system version and language, country location and timezone of the computer running the installer, and the language of the developer’s software installer
B) That the developer’s installer was initiated, and whether it was completed or canceled
C) Whether a third-party recommendation was made and if so, whether it was accepted or declined
D) If a third-party recommendation was accepted, whether the recommended software’s installer has been downloaded and the installer initiated
E) That the recommended third-party installer was initiated, and whether it was completed or canceled.
For more information about what “personally identifiable information” or “PII” is, see this Wikipedia article: http://en.wikipedia.org/wiki/Personally_identifiable_information
For additional details about information collection, please see What Information Does OpenCandy Collect?.-http://www.opencandy.com/faqs/#what-info-is-collected
The number of times the user hit the “Next” button in the installer without making an accept or decline select for the recommendation. This information is used as a feedback measurement for the clearness and transparency of the recommendation screen.
The amount of time, in second, that the user spent on the recommendation screen.
The amount of time, in seconds, that it took to download the software.
Indicates if the user launched the installed software by way of the “Launch” button in the download manager.
Outside of the anti-virus and anti-malware industry adware is broadly defined as any software that displays advertising of any form. As OpenCandy is an advertising platform, which software developers use to make software recommendations in their installers, this definition covers OpenCandy as it does most downloaded software: Skype, AVG Anti-Virus, avast! Antivirus, and Adobe Flash (which advertise products like Google Chrome in their installers).-http://www.opencandy.com/learn-more-about-opencandy-and-false-adware-detections/#is-opencandy-adware
I think it all comes down to where somebody's personal interests lie.
As Machiavelli so accurately pointed out, the best way to understand motivation is to "follow the money."
Those who stand to financially benefit from something like Open Candy will tend to see this product/service (or whatever) in a positive light, and accept OC's definitions and arguments as valid.
Many of those who don't have a financial interest in going along with OC's view of the universe will tend to be much more skeptical of OC's claims, and less likely to be convinced by the arguments and assurances being given.
In the end, it's mostly a matter of how one's bread gets buttered. And by whom.
Like the Tom Gray song says: "Money changes everything." :)-40hz (April 03, 2011, 02:49 AM)
Just look at the Samsung keylogger fiasco. THAT is what really pisses me off. They're alarmists and they do more harm than good in a lot of cases. Thank god they're not in pest control. They'd be fumigating houses with people in them.
Not quite. By agreeing to the installer, you're agreeing to the EULA. So if you agree to the EULA, then you've already given your 'informed consent' whether you read the EULA or not.^ So... I take it adobe flash is spyware? How about iTunes? Or Java? I could keep naming software- there's quite a few pieces of software that do the same in a benign way, then after the fact inform you that they did and would you like to install this update or that update. Microsoft used to do it with Windows update. Websites do it without ever telling you.-wraith808 (April 02, 2011, 11:28 PM)
Bingo!-app103 (April 02, 2011, 11:45 PM)
So... I use other DLLs from third-parties in my software sometimes; does that mean that I need to inform you so that you can be made aware of exactly what software I'm using? Where does it end?
Do those 3rd party DLLs collect user information and send it out to someone over the internet? If they do, then you should inform the user and get his permission before any information is collected.-app103 (April 02, 2011, 11:45 PM)
It's no secret that I have financial problems, no secret that my family is less than a paycheck away from disaster. I am scrambling to make as much money any way I can. I have even thought about using OC...but every time I do, I get sick to my stomach, feeling like I would be a sell-out, selling my users to a bunch of slimeballs, for a few cents each. No matter how tempting it is and how bad I need the money, I just can't bring myself to do it.-app103 (April 03, 2011, 07:23 AM)
@wraith808 - just out of curiosity, are you personally considering using OC?
If you don't mind somebody who goes "back *that* far" asking? ;)-40hz (April 03, 2011, 08:49 AM)
@Renegade
Do you have Sweet IM installed on your machine?-PhilB66 (April 03, 2011, 12:13 PM)
@Renegade
No, I did not try Sweet IM (and have no intention/need to do that). I was just wondering how you can recommend Sweet IM to others without having tried it yourself first?-PhilB66 (April 03, 2011, 12:47 PM)
@Renegade
No, I did not try Sweet IM (and have no intention/need to do that). I was just wondering how you can recommend Sweet IM to others without having tried it yourself first?-PhilB66 (April 03, 2011, 12:47 PM)
Where did he recommend it?-wraith808 (April 03, 2011, 02:38 PM)
Just curious, app103, did you install the latest Photo Resizer from Renegade?
I have all his other releases as well.
Personally I have probably 50 programs that can resize, all with their own uniqueness.
But I'm I download junkie.
I'm not asking to be controversial or make a point.
Just wondering if the current OC process would stop you from a download you want.
Peace!-cmpm (April 03, 2011, 10:20 AM)
Nitpicking? No, absolutely not. The obsession with spyware terminology, however, is a deviation from the real issue here. Fact is that OC is an Ad serving platform that also tracks your usage of software, monitors your actions and report this information back home.-PhilB66 (April 03, 2011, 08:53 PM)
Targeting the 'happy click next' ignorant crowd is not okay.-PhilB66 (April 03, 2011, 08:53 PM)
The comment about Sweet IM illustrates another issue I have with OC, developers have no control about what OC promotes-PhilB66 (April 03, 2011, 08:53 PM)
they (developers) do not care about the end user and would recommend anything that pays well. User satisfaction my arxx ... >:(-PhilB66 (April 03, 2011, 08:53 PM)
Ahem... Look at the installer screenshot that you uploaded. You cannot just click next. You MUST explicitly accept or decline the offer. Again, a baseless accusation with clear evidence to the contrary.This is a nice thing about OpenCandy, and I do hope they won't change away from that practice. But before you get to that screen, OpenCandy has run - and it's contacted the mothership, right? So you're not getting a chance to avoid that, except for... clicking through... the EULA :)-Renegade (April 03, 2011, 10:23 PM)
Ahem... Look at the installer screenshot that you uploaded. You cannot just click next. You MUST explicitly accept or decline the offer. Again, a baseless accusation with clear evidence to the contrary.This is a nice thing about OpenCandy, and I do hope they won't change away from that practice. But before you get to that screen, OpenCandy has run - and it's contacted the mothership, right? So you're not getting a chance to avoid that, except for... clicking through... the EULA :)-Renegade (April 03, 2011, 10:23 PM)-f0dder (April 04, 2011, 01:44 AM)
Let's keep some perspective here though. This does not need to be stated in scary terms in order to avoid being seen in a bad light. I believe OC could require better communication of its activities through its partners and their installers while not necessarily reducing opt-in significantly. Here's an example:
"This installer is powered by OpenCandy! As part of a free service, OpenCandy will check your system for potential software upgrades to improve performance and capabilities. This check will collect basic non-personal information about your system and store it securely on our servers. If you'd like to decline this service, simply uncheck the box below." That's 30 seconds of thought put into the wording; a good marketer could do a lot better, keeping the important information will making it more appealing. That's what marketers do, and that's ok.
They could even make it a bit more controllable and potentially get more customers by doing something like this: "...This check will collect basic non-personal information about your system and store it securely on our servers. If you'd prefer not to have your information sent to our servers, we can still perform a local check and offer some recommendations if you select the "local check" radio button below. You can also choose to decline this service by selecting the "do not check my system" radio button." In a situation like that I might still opt-in to the local check.
Adding a sentence of info about OC's service helping to support developers might also be a good thing, depending.
In the end I think the problem 40hz has, and which I share, is that OC is not very open about what it's doing, and in some/many cases even seems to be completely unmentioned in the equation (e.g. the offer appears to be coming from Microsoft for installing IE9, with no mention of the fact that OC brokered the deal). Disclosure is a big deal to many people.
Ahem... Look at the installer screenshot that you uploaded. You cannot just click next. You MUST explicitly accept or decline the offer. Again, a baseless accusation with clear evidence to the contrary.This is a nice thing about OpenCandy, and I do hope they won't change away from that practice. But before you get to that screen, OpenCandy has run - and it's contacted the mothership, right? So you're not getting a chance to avoid that, except for... clicking through... the EULA :)-Renegade (April 03, 2011, 10:23 PM)-f0dder (April 04, 2011, 01:44 AM)
A little misleading...they did change their practice back in September 2010 (http://techcrunch.com/2010/09/11/tempted-by-the-dark-side-opencandys-bundled-app-installs-now-offering-opt-out/) and blamed it in part on greedy developers wanting more money and demanding an opt-out option.
It is up to the individual developer to set whether it is opt-in or opt-out, depending in part on the software they choose to recommend (some won't allow opt-out). I believe Renegade hasn't made a choice and that is why one has to click one choice or the other and no default is selected for the apps he is recommending through OC. Other developers using OC may not be as nice, choosing only those apps that allow the opt-out option, so accidental unwanted installs are still possible with OC.-app103 (April 04, 2011, 02:02 AM)
I'm curious if anyone thinks my suggestion back a few pages actually has any merit:Let's keep some perspective here though. This does not need to be stated in scary terms in order to avoid being seen in a bad light. I believe OC could require better communication of its activities through its partners and their installers while not necessarily reducing opt-in significantly. Here's an example:
"This installer is powered by OpenCandy! As part of a free service, OpenCandy will check your system for potential software upgrades to improve performance and capabilities. This check will collect basic non-personal information about your system and store it securely on our servers. If you'd like to decline this service, simply uncheck the box below." That's 30 seconds of thought put into the wording; a good marketer could do a lot better, keeping the important information will making it more appealing. That's what marketers do, and that's ok.
They could even make it a bit more controllable and potentially get more customers by doing something like this: "...This check will collect basic non-personal information about your system and store it securely on our servers. If you'd prefer not to have your information sent to our servers, we can still perform a local check and offer some recommendations if you select the "local check" radio button below. You can also choose to decline this service by selecting the "do not check my system" radio button." In a situation like that I might still opt-in to the local check.
Adding a sentence of info about OC's service helping to support developers might also be a good thing, depending.
In the end I think the problem 40hz has, and which I share, is that OC is not very open about what it's doing, and in some/many cases even seems to be completely unmentioned in the equation (e.g. the offer appears to be coming from Microsoft for installing IE9, with no mention of the fact that OC brokered the deal). Disclosure is a big deal to many people.
Also want to mention I like the way WinSCP handles this! http://winscp.net/eng/docs/opencandy
- Oshyan-JavaJones (April 04, 2011, 02:20 AM)
If a once off usability metric is all 'spyware' ever did we would probably never have had Ad aware or Spybot Search and Destroy. No one would have considered that type of reporting malicious.-Eóin (April 04, 2011, 10:02 AM)
I'm waiting for the day they stop kidding themselves (and us) and just permanently split the screen to have ads continuously running in one of the panels during a show.-40hz (April 04, 2011, 02:13 PM)
Besides, like Renegade pointed out, end users are clueless and stupid. So why bother trying to explain all the magical and complex logic behind how OC discovered an ad is no longer an ad? And how there's no way anybody could possibly consider OC as some form of adware. Some of OC's proponents have even cited an authority as absolute and unassailable as Wikipedia to back them up with a definition of 'adware' that works well for them.-40hz (April 04, 2011, 02:13 PM)
Besides, like Renegade pointed out, end users are clueless and stupid. So why bother trying to explain all the magical and complex logic behind how OC discovered an ad is no longer an ad? And how there's no way anybody could possibly consider OC as some form of adware. Some of OC's proponents have even cited an authority as absolute and unassailable as Wikipedia to back them up with a definition of 'adware' that works well for them.-40hz (April 04, 2011, 02:13 PM)
Attacking the software/developers that use it fall under the same aegis - especially if they are coders on the site. A little vitriol can really hurt a developer's livelihood for our own personal bias...-wraith808 (April 04, 2011, 03:57 PM)
OC is gonna be totally different.
Really.
They have given us their word.
Forget they have serious venture funding - and are actively trying to get as many developers as possible into the fold without drawing too much attention to it.
And forget about some of its developer's past track records.
We all make mistakes.
Like getting caught. tongue
So let's just let bygones be bygones - and "put it behind us" as the saying goes.
That's the perfect place to stick it anyway.
Where I did err, however was in implying Renegade said, at some point, that end users were both "stupid" and "clueless." He did not say that, even though I sensed that was what he thought from some other comments, both in this thread, and a few others.-40hz (April 04, 2011, 10:53 PM)
Attacking the software/developers that use it fall under the same aegis - especially if they are coders on the site. A little vitriol can really hurt a developer's livelihood for our own personal bias...-wraith808 (April 04, 2011, 03:57 PM)
I think if you reread what I wrote, you will discover that I have not, at any point, 'attacked' (your word) either OC or the developers that use it - either here at DoCo - or out in the 'wild.'
<snip />
So for that, I do apologize.
:)-40hz (April 04, 2011, 10:53 PM)
I have avoided the use of the word "ad". But not because I'm worried about "ads"; rather, I'm concerned about the perception of "adware" as it originally evolved. Which is why I prefer "ad supported".
Adware, when it first appeared, was malware.-Renegade (April 04, 2011, 07:40 PM)
A lot of media coverage has done a lot of damage to the industry as well. The scareware industry and media seem to be only interested in hyping stories and creating scandal, even where none exists.-Renegade (April 04, 2011, 07:40 PM)
It's important for word usage to properly and accurately describe what is being talked about. Muddying the waters and diluting meaning isn't helpful.
I don't take issue with "ad" at all. I do take issue with "malware", which is strongly associated to "adware". Virtually no discussion of the topic (adware) excludes the dark-side of the Internet. It's unfortunate.
When it comes to privacy and security issues, I think it's important to be clear about what is meant. With the term "adware", it is not clear.
It doesn't serve anyone's best interests to confuse issues.
Anyways, that's just my take on it.-Renegade (April 04, 2011, 07:40 PM)
which only goes to prove that I can be an idiot as well~!-Renegade (April 04, 2011, 11:11 PM)
In the end, I don't think anyone is going to be persuaded by a few words, but by their own thoughts, if at all. And if your own thoughts are towards one end of the spectrum or the other, it is less likely that introspection is to happen. So I look at threads like this more for information sharing and debate. And I just wanted to keep it that way.-wraith808 (April 04, 2011, 11:41 PM)
...this thread has been degenerating for a while.-wraith808 (April 04, 2011, 11:41 PM)
What I do worry about, however, is that OC won't remain benign forever. With VCs backing this endeavor, big things will be expected. VCs are notorious for wanting their investments to pay off without any undue delays or surprises. So while OC may actually (to give them the benefit of the doubt) have the best of intentions, their business partners may not.-40hz (April 04, 2011, 11:42 PM)
The developer of this product has teamed with Open Candy to provide you with recommendations for a very small number of carefully selected and related software products you may also be interested in learning more about.
By teaming with Open Candy, the developers of the product you are installing are able to continue to offer it to you [free of charge|for substantially less money than it would cost otherwise.]
Open Candy will search your drive to see if you have one of its recommended products already installed. This allows us to offer you the most relevant suggestions for other software you may be interested in. No personally identifiable data will be transmitted to Open Candy as part of this process.
May the installation proceed with Open Candy? [Y|N]
FWIW, it looks like the policy is going to be that the developer gets asked up front if his/her installer uses Open Candy or any other marketing/advertising add-on.-40hz (April 05, 2011, 12:10 AM)
If the answer is yes, we're going to require that the product's download page clearly states so, and require any additional product installation options be set to "no" by default.-40hz (April 05, 2011, 12:10 AM)
We'll include our own "advisory" the product contains OC if the product is reviewed or listed on the site. After that, it's up to the visitor to decide whether or not they care. Either way, we did our part to let the public know. End of script.-40hz (April 05, 2011, 12:10 AM)
If it just popped up a screen that said something like:
The developer of this product has teamed with Open Candy to provide you with recommendations for a very small number of carefully selected and related software products you may also be interested in learning more about.
By teaming with Open Candy, the developers of the product you are installing are able to continue to offer it to you [free of charge|for substantially less money than it would cost otherwise.]
Open Candy will search your drive to see if you have one of its recommended products already installed. This allows us to offer you the most relevant suggestions for other software you may be interested in. No personally identifiable data will be transmitted to Open Candy as part of this process.
May the installation proceed with Open Candy? [Y|N]
If the person then said "no", I'd be willing to accept a second screen asking you to reconsider, and explaining how OC benefits the customer and the developer.
At which point if they still said "no" it would proceed to the installation without first invoking OC.
If OC only did this, I'd have absolutely no problem at all with it. In fact, I'd probably be willing to consider it a better alternative than a lot of what's out there.-40hz (April 04, 2011, 11:42 PM)
Renegade, I really want to acknowledge your willingness to consider these points and issues, and to actually make potential changes in your product install and business model as a result. That's really admirable and goes right along with the "open business" approach you've been talking about. Putting your money where your mouth is indeed! I for one do think the mockups you've put up in your last post would do the job at this point.-JavaJones (April 05, 2011, 01:05 AM)
I'd *like* to see something mandated by OC, and the ability for devs to optionally provide a route to still install the product without OC ever running (i.e. 1 installer, 2 install paths - with and without OC running - at the user's option). I grant that doing so would weaken OC's value proposition, but doing the right thing is seldom the most profitable route. In any case, short of OC themselves doing something about this (which I doubt), I want to applaud you for taking the initiative and doing so. Thanks for listening!-JavaJones (April 05, 2011, 01:05 AM)
A little update- I was installing Applian FLV player on my new computer. It uses Open Candy. Or at least I *think* it does. Looking in the EULA, it has something about OpenCandy. But I wasn't presented with any option other than installing their own premium version... so I'm not sure *what* that was about...-wraith808 (April 05, 2011, 01:14 AM)
I'm not sure I know what site you're talking about.
Did I miss something?-Renegade (April 05, 2011, 01:06 AM)
Any links?
I'd be curious to know what other sites you're referring to, if you don't mind sharing. Especially with the sound of the standards for software listing. :)
- Oshyan-JavaJones (April 05, 2011, 02:29 AM)
A little update- I was installing Applian FLV player on my new computer. It uses Open Candy. Or at least I *think* it does. Looking in the EULA, it has something about OpenCandy. But I wasn't presented with any option other than installing their own premium version... so I'm not sure *what* that was about...-wraith808 (April 05, 2011, 01:14 AM)
Do you have the Freecorder toolbar?-PhilB66 (April 05, 2011, 02:12 AM)
I'm going to go back to your definition of installation (you knew that was going to happen... didn't you? ;)). At the time that this dialog would be accessed, the open candy dll would already be in memory. There's no way around it. The installers don't dynamically link the DLLs so that they only load them on demand. They decompress the payload, put it in a temp directory, and run with the bootstrapper linked to the resources in that directory.-wraith808 (April 05, 2011, 01:09 AM)
Trying to come up with a compromise that would suit both perspectives... Not sure if that would work.
Try to think "in principle" and not about OC. OC is just one example. There are others as well.-Renegade (April 05, 2011, 04:38 AM)
I'm going to go back to your definition of installation (you knew that was going to happen... didn't you? ;)). At the time that this dialog would be accessed, the open candy dll would already be in memory. There's no way around it. The installers don't dynamically link the DLLs so that they only load them on demand. They decompress the payload, put it in a temp directory, and run with the bootstrapper linked to the resources in that directory.-wraith808 (April 05, 2011, 01:09 AM)
Yeah. This is where OC's real 'innovation' lies IMO.
And from my perspective, that's what makes it unacceptable.
I'd be happier if OC provided the partner developers with a full installer that the devs could load their application into rather than the other way around.
But I doubt that will ever happen for a variety of technical, legal, and business reasons.-40hz (April 05, 2011, 02:18 PM)
Umm, how does OpenCandy work, again?
Do they provide their own entire installation framework, or is it "merely" a plugin DLL available for use with 3rd party installers like NSIS, InnoSetup, InstallShield et cetera?
If it's a plugin, then Wraith isn't entirely correct - the DLL won't be part of the installer.exe import table, and it will be loaded dynamically. Now, it's several years since I've played with installers, so it could very well be that the major installers load all contained 3rd party DLLs as soon as possible... but that sounds a bit stupid.-f0dder (April 05, 2011, 03:08 PM)
the effort that's involved would be pretty substantial for little benefit-wraith808 (April 05, 2011, 03:11 PM)
the effort that's involved would be pretty substantial for little benefit-wraith808 (April 05, 2011, 03:11 PM)
I think that's only true if you're looking at it from a purely technical perspective.
What makes OC a bellweather is its asking us to accept that a piece of software - provided by a third party and totally unrelated to the main app's function - should be allowed to scan and transmit data back to that third party without announcing itself or getting the user's permission before doing so.
Regardless of whether or not it's been happening in other places, this has not generally been considered acceptable behavior for a legitimate software product. Truth is, stealth and operating without permission has always been considered more in keeping with malware and quasi-maleware behaviors.
And with venture capital backing and several prominent software developers signing onto OC, I think we really need to see this as a company attempting to change the definition of what is considered acceptable. If it wasn't trying to do this, it wouldn't be causing some anti-malware products to flag its behaviors as suspicious.
Whether or not it's malicious, by the way it operates, OC shares cultural and technical similarities with software that is potentially dangerous.
And while so-called false positives may damage a product's reputation unfairly, we also need to consider that most anti-malware detection is based of behavioral analysis. And to have a legitimate product display such behaviors by design - and then insist the anti-malware detection methodology needs to be changed to accommodate it - creates an even bigger problem when it comes to continuing to be able detect truly malicious code that operates in a similar manner except for the payload.
I'll risk a clumsy analogy to illustrate my point:
<snip />
So while it may be a large effort for small gain, in the larger cultural and technical arena, having something work like OC introduces issues that could easily be avoided if it was implemented differently.
And that is something they are apparently refusing to do even though it shouldn't present much in the way of a technical challenge for them change their software.
Just my 2¢
:)-40hz (April 05, 2011, 04:09 PM)
P.S. Nice splash screen design BTW. Really like that camera graphic. :Thmbsup:-40hz (April 05, 2011, 02:33 PM)
Applian Flv Player is bundled with FreeCorder Toolbar. No OC recommendations, just the EULA though.A little update- I was installing Applian FLV player on my new computer. It uses Open Candy. Or at least I *think* it does. Looking in the EULA, it has something about OpenCandy. But I wasn't presented with any option other than installing their own premium version... so I'm not sure *what* that was about...-wraith808 (April 05, 2011, 01:14 AM)
Do you have the Freecorder toolbar?-PhilB66 (April 05, 2011, 02:12 AM)
I don't even know what that is. I don't have any toolbars in my browsers, though. And nothing was installed other than the FLV player.-wraith808 (April 05, 2011, 08:50 AM)
Applian Flv Player is bundled with FreeCorder Toolbar. No OC recommendations, just the EULA though.A little update- I was installing Applian FLV player on my new computer. It uses Open Candy. Or at least I *think* it does. Looking in the EULA, it has something about OpenCandy. But I wasn't presented with any option other than installing their own premium version... so I'm not sure *what* that was about...-wraith808 (April 05, 2011, 01:14 AM)
Do you have the Freecorder toolbar?-PhilB66 (April 05, 2011, 02:12 AM)
I don't even know what that is. I don't have any toolbars in my browsers, though. And nothing was installed other than the FLV player.-wraith808 (April 05, 2011, 08:50 AM)-PhilB66 (April 06, 2011, 06:34 PM)
Applian Flv Player is bundled with FreeCorder Toolbar. No OC recommendations, just the EULA though.-PhilB66 (April 06, 2011, 06:34 PM)
I was searching for the Pay per install market recently and the rates of download made me chuckle. Check the rates on 21media.biz (sorry not going to give them link).
1000 downloads - 100$ (US downloads), just curious what's the rate of OC in comparison to them ? :D-mahesh2k (April 09, 2011, 01:27 AM)
What do you pay for?
We pay for a unique installation of our EXE-file on a user's computer. By registering in our affiliate program, you receive an EXE-file associated with your ID in our system. We can track the unique installations of this EXE-file on user's computers. The payment for each installation is made according to the rates of the chosen program. The installed EXE-file is safe for users, its activity does not harm users and their computers and it does not violate any law of any country.
How do I start working with your affiliate program?
You need to register and then you'll get a unique EXE-file that you can install by any means except SPAM.
OpenCandy does indeed want to make sure that we don't recommend something that someone already has installed. However, OpenCandy does *NOT* scan your computer and catalog all the programs you have installed (a very common misconception for some reason). What the OpenCandy installer plug-in does do is use what we call "validation code" to determine whether a recommendation a developer has chosen is valid for a given computer. As an example, someone without Outlook installed wouldn't benefit from an Outlook plugin. So if a developer has chosen to recommend an Outlook plugin, an XML-based file of "validation code" is sent to the user's computer. The OpenCandy plug-in (running locally) checks the "validation code" to see if Outlook is installed and if so, the OpenCandy plug-in sends our server a binary "yes" in order for the graphics and messaging for the recommendation screen to be sent to the user's computer to be displayed during the publisher's installation process.
Holy Murphy! From 21media:I doubt you'd ever see that kind of thing included with warez, though. "Hi feds, here's a money trail to follow back to us" - sounds smart to you? :)What do you pay for?
We pay for a unique installation of our EXE-file on a user's computer. By registering in our affiliate program, you receive an EXE-file associated with your ID in our system. We can track the unique installations of this EXE-file on user's computers. The payment for each installation is made according to the rates of the chosen program. The installed EXE-file is safe for users, its activity does not harm users and their computers and it does not violate any law of any country.
How do I start working with your affiliate program?
You need to register and then you'll get a unique EXE-file that you can install by any means except SPAM.
That's the kind of program that's perfect for bundling with warez and cracks.-Renegade (April 09, 2011, 04:15 AM)
Here's some good information from DrApps:Snipped the quote down a bit, and added italic emphasis. So, while OC doesn't a full list of software installed on your computer (good - let's hope that lasts), they do in effect get to know whether any of the software in their programme is installed. Better, but still not perfect.
*SNIP**SNIP* However, OpenCandy does *NOT* scan your computer and catalog all the programs you have installed (a very common misconception for some reason). *SNIP* The OpenCandy plug-in (running locally) checks the "validation code" to see if Outlook is installed and if so, the OpenCandy plug-in sends our server a binary "yes" in order for the graphics and messaging for the recommendation screen to be sent to the user's computer to be displayed during the publisher's installation process.-Renegade (April 09, 2011, 05:44 AM)
Oddly I have never found this to be the case with normal apps that aren't doing anything that people deem suspicious; only with suspect apps.You and me both, man.
(Plus that creepy smile on his avatar bugs me!! ;D )-J-Mac (April 09, 2011, 10:29 AM)
I've never installed anything OC has promoted.
Does it do an auto install if you choose one?
Or does it do it another way?-cmpm (April 09, 2011, 10:43 AM)
I've never installed anything OC has promoted.
Does it do an auto install if you choose one?
Or does it do it another way?-cmpm (April 09, 2011, 10:43 AM)
OC isn't installed on your machine. It runs in the installer temp directory, loaded into memory by the installer so that functions can be called from the installer. Once the installer cleanup runs, it is removed from your machine. Renegade did (https://www.donationcoder.com/forum/index.php?topic=18297.msg240887#msg240887) a (https://www.donationcoder.com/forum/index.php?topic=18297.msg240914#msg240914) test (https://www.donationcoder.com/forum/index.php?topic=18297.msg241181#msg241181) to see if everything is removed, and apparently it is, other than one empty folder.-wraith808 (April 09, 2011, 11:13 AM)
J-Mac: he's definitely their propagandist, but at least he's not trying to hide it - and that's something to give credit for.-f0dder (April 09, 2011, 10:39 AM)
Oddly I have never found this to be the case with normal apps that aren't doing anything that people deem suspicious; only with suspect apps.
(Plus that creepy smile on his avatar bugs me!! ;D )-J-Mac (April 09, 2011, 10:29 AM)
You and me both, man.
J-Mac: he's definitely their propagandist, but at least he's not trying to hide it - and that's something to give credit for.-f0dder (April 09, 2011, 10:39 AM)
Strongly agree w/f0dder on that point. As long as the business affiliation is announced up front, I have no problem with somebody being a paid supporter as long as there's no agenda to deceive. Most of us need to work for a living. And getting paid to 'evangelize' a piece of tech is a common and accepted practice anyway. No point singling out any one company or individual for doing that.-40hz (April 09, 2011, 12:48 PM)
J-Mac: he's definitely their propagandist, but at least he's not trying to hide it - and that's something to give credit for.-f0dder (April 09, 2011, 10:39 AM)
Strongly agree w/f0dder on that point. As long as the business affiliation is announced up front, I have no problem with somebody being a paid supporter as long as there's no agenda to deceive. Most of us need to work for a living. And getting paid to 'evangelize' a piece of tech is a common and accepted practice anyway. No point singling out any one company or individual for doing that.-40hz (April 09, 2011, 12:48 PM)
I'm not singling him out; he's done that for himself! I'm just saying that I have not seen this kind of paid supporter appearing all over the web in any other program that I use. I personally only see this in what I would call "controversial" apps or devices. Maybe you or others have seen differently.-J-Mac (April 09, 2011, 01:04 PM)
I personally think they should hire Renegade in some capacity. He's done more to build a convincing case for OC (despite the fact I personally don't like how OC implements itself) than some of the official communiqués ever did. He also speaks to the concerns of developers and software geeks. And, being a developer himself, on their level.
Hey DrApps! Maybe you folks should consider hiring this guy in some capacity?
Seriously.
8)-40hz (April 09, 2011, 12:48 PM)
I personally think they should hire Renegade in some capacity. He's done more to build a convincing case for OC (despite the fact I personally don't like how OC implements itself) than some of the official communiqués ever did. He also speaks to the concerns of developers and software geeks. And, being a developer himself, on their level.
Hey DrApps! Maybe you folks should consider hiring this guy in some capacity?
Seriously.
8)-40hz (April 09, 2011, 12:48 PM)
I personally think they should hire Renegade in some capacity. He's done more to build a convincing case for OC (despite the fact I personally don't like how OC implements itself) than some of the official communiqués ever did. He also speaks to the concerns of developers and software geeks. And, being a developer himself, on their level.
Hey DrApps! Maybe you folks should consider hiring this guy in some capacity?
Seriously.
8)-40hz (April 09, 2011, 12:48 PM)
Stranger things have happened~! :D-Renegade (April 10, 2011, 07:15 AM)
After seeing your comments over on Gizmo's blog I don’t think it strange at all! ;D 8)-J-Mac (April 10, 2011, 10:46 AM)
After seeing your comments over on Gizmo's blog I don’t think it strange at all! ;D 8)-J-Mac (April 10, 2011, 10:46 AM)
Well, one of my posts was deleted. I just noticed. Sent MidnightCowboy a PM to see if it's ok to repost. I don't think he likes me. :(
UPDATE: It's been undeleted. Maybe he does like me~! :D-Renegade (April 10, 2011, 12:08 PM)
Does it install ANYTHING (part of itself or whatever it is "offering" or anything else) without user choice to deny?
Does it send ANY info "home to mama" [I add now "or ANYWHERE"] without a user choice to deny same.
Is user option to NOT do either of the above presented clearly and obviously BEFORE it is done?-movrshakr (April 09, 2011, 01:37 PM)
Does it install ANYTHING (part of itself or whatever it is "offering" or anything else) without user choice to deny?
Does it send ANY info "home to mama" [I add now "or ANYWHERE"] without a user choice to deny same.
Is user option to NOT do either of the above presented clearly and obviously BEFORE it is done?-movrshakr (April 09, 2011, 01:37 PM)
What are the answers to these questions? And they are yes or no questions. They are simple and direct. And the answers immediately solve the riddle of whether OpenCandy is acceptable or not. I get the feeling no one wants to answer them truthfully.-movrshakr (April 10, 2011, 02:28 PM)
If most people stop installing OC partnered software, OC will become history in short order. If most people don't care, OC will probably wind up being a part of almost every piece of software out there after a few years.
Only time will tell what the public really thinks about OC. :-\-40hz (April 10, 2011, 02:49 PM)
All those words, and no answer to the questions I posed. Only three words required... pick one (truthful answer) from each line (they align with my 3 questions):
1. yes no
2. yes no
3. yes no-movrshakr (April 10, 2011, 02:53 PM)
All those words, and no answer to the questions I posed. Only three words required... pick one (truthful answer) from each line (they align with my 3 questions):
1. yes no
2. yes no
3. yes no-movrshakr (April 10, 2011, 02:53 PM)
If most people stop installing OC partnered software, OC will become history in short order. If most people don't care, OC will probably wind up being a part of almost every piece of software out there after a few years.
Only time will tell what the public really thinks about OC. :-\-40hz (April 10, 2011, 02:49 PM)
Actually, if OC can manage to get itself inserted in enough widely used, popular software titles, it won't matter; many users now shunning it will start ignoring it rather than give up their most used/useful programs. My opinion anyway.
Jim-J-Mac (April 10, 2011, 03:05 PM)
Oh no - does that mean I am going to see that creepy-looking avatar of Dr. Apps smiling back at me even more then?! ;) ;D
Thanks!
Jim-J-Mac (April 10, 2011, 03:16 PM)
Oh no - does that mean I am going to see that creepy-looking avatar of Dr. Apps smiling back at me even more then?! ;) ;D
Thanks!
Jim-J-Mac (April 10, 2011, 03:16 PM)
It is a creepy avatar isn't it? ;D
(Thx. I thought it was just me.)-40hz (April 10, 2011, 03:23 PM)
After seeing your comments over on Gizmo's blog I don’t think it strange at all! ;D 8)-J-Mac (April 10, 2011, 10:46 AM)
Well, one of my posts was deleted. I just noticed. Sent MidnightCowboy a PM to see if it's ok to repost. I don't think he likes me. :(
UPDATE: It's been undeleted. Maybe he does like me~! :D-Renegade (April 10, 2011, 12:08 PM)
@Ryan- I'm an editor over there. I suspect your post was most likely taken down by accident, or because it contained a weblink to someplace that returned a WOT rating of orange.
If a moderator took it down for what they felt was a violation of the forum rules (or if it contained a 'red' WOT rated link) it wouldn't have been put back up later. :)
FWIW, I don't think anybody (or hardly anybody at least) over at Gizmo's dislikes you personally. It's just you've put yourself in a challenging position by endorsing a product many TSA members have major concerns about. So, as unofficial apologist for OC, you're bound to get some heat. But for the most part, the responses to your posts seem to be generally positive and echo much of what's been said here: people don't like the way OC works, and they're suspicious of the reassurances OC is giving that they will "do no evil" down the road.-40hz (April 10, 2011, 02:13 PM)
they're suspicious of the reassurances OC is giving that they will "do no evil" down the road.He's done more investigating OC than anyone on this thread so far I think.
I guess I'll just bid adieu. It is clear I am very out of sync with some of the general thinking here...in that I cannot see how anyone would conclude that this "method" has any coat of acceptability whatsoever.
I say that because, to me, if anything is being done (installed or info sent to wherever) before the user has a chance to prevent it, that unquestionably (in my opinion) constitutes unacceptable behavior.-movrshakr (April 10, 2011, 03:46 PM)
That is overreacting imo.I said "...out of sync with SOME of the general thinking here."
There is no "general thinking here" here on this subject as well as many subjects.-cmpm (April 10, 2011, 03:58 PM)
That is overreacting imo.I said "...SOME on the general thinking here."
There is no "general thinking here" here on this subject as well as many subjects.-cmpm (April 10, 2011, 03:58 PM)
"That is overreacting imo."
Clearly, you have no problem with someone, without your permission, installing software on your machine, or sending off data about you or your machine--as does OpenCandy.
I do have a problem with that--a BIG problem with that.
You are OpenCandy's dream come true.-movrshakr (April 10, 2011, 04:15 PM)
You are OpenCandy's dream come true.
I said "...out of sync with SOME of the general thinking here."
the overreaction would be the leaving the forums just because a few people here like OC
I guess I'll just bid adieu. It is clear I am very out of sync with some of the general thinking here...in that I cannot see how anyone would conclude that this "method" has any coat of acceptability whatsoever.
I say that because, to me, if anything is being done (installed or info sent to wherever) before the user has a chance to prevent it, that unquestionably (in my opinion) constitutes unacceptable behavior.-movrshakr (April 10, 2011, 03:46 PM)
Clearly, you have no problem with someone, without your permission, installing software on your machine, or sending off data about you or your machine--as does OpenCandy.-movrshakr (April 10, 2011, 04:15 PM)
I guess I'll just bid adieu. It is clear I am very out of sync with some of the general thinking here...in that I cannot see how anyone would conclude that this "method" has any coat of acceptability whatsoever.
I say that because, to me, if anything is being done (installed or info sent to wherever) before the user has a chance to prevent it, that unquestionably (in my opinion) constitutes unacceptable behavior.-movrshakr (April 10, 2011, 03:46 PM)
I guess I'll just bid adieu. It is clear I am very out of sync with some of the general thinking here...in that I cannot see how anyone would conclude that this "method" has any coat of acceptability whatsoever.
I say that because, to me, if anything is being done (installed or info sent to wherever) before the user has a chance to prevent it, that unquestionably (in my opinion) constitutes unacceptable behavior.-movrshakr (April 10, 2011, 03:46 PM)
I agree to an extent; just not as passionately as you. Mainly though I just want to keep Renegade from getting cranked back up... see if we can save him from destroying his keyboard in this thread! ;D
Jim-J-Mac (April 10, 2011, 10:36 PM)
i don't mean to push my feelings on anyone.. but do we maybe think the points on this thread have been hashed out several times over, and maybe it's time to move on? just a thought.-mouser (April 11, 2011, 12:16 AM)
i don't mean to push my feelings on anyone.. but do we maybe think the points on this thread have been hashed out several times over, and maybe it's time to move on? just a thought.-mouser (April 11, 2011, 12:16 AM)
Just diverting the thread to new turn, is there any competitor of open candy ? I would like to see if there is any, afterall secondary tier CPA/CPI ads pay some good amount. It's interesting to see if there is any alternative ad network.-mahesh2k (April 11, 2011, 08:23 AM)
+1 w/Mouser. :) It's starting to loop. Time to shut it down.
Like J-Mac said, if anything new comes up someone can always start a new thread. :Thmbsup:-40hz (April 11, 2011, 06:57 AM)
Interesting...
How about starting a new thread for that question?
+1 w/Mouser. :) It's starting to loop. Time to shut it down.
Like J-Mac said, if anything new comes up someone can always start a new thread. :Thmbsup:-40hz (April 11, 2011, 06:57 AM)
As long as there is constructive conversation, is there really any need to artificially shut it down? It petered out before, and when Renegade had new information, the thread was still here to keep context... just a thought.-wraith808 (April 11, 2011, 08:53 AM)
2. I really like project wonderful and what they stand for, and their stated goals of bringing 'fairness, transparency, and profitability to the advertising process'. But if you ask yourself the same questions about OC (i.e. are you tracked before you have a chance to opt out), the answer would be no. As soon as you go to a page with the PW ads installed, you are tracked as a necessity for payment. Even thing such as tickers at the bottom of the web page track visitors, and they don't ask you before they do so. Is the only difference between these and OC the fact that OC has to be bundled into software that you use to install other software on your machine?-wraith808 (April 11, 2011, 10:55 AM)
Let me put this a different way. I have a concealed weapons license, and frequently carry a gun. Banks have very high security concerns ... yet when I go to the bank, I am (and will be) carrying said a gun. Should I be accosted at the door because of what I might do? No. My actions are perfectly legal. Even though the fact that I'm standing in a bank, with a gun, does help facilitate robbing the place. It doesn't alter the simple fact that I have absolutely no intentions of doing so.
OC is simply asking for - and I feel deserves - the same courtesy.-Stoic Joker (April 11, 2011, 11:33 AM)
Let me put this a different way. I have a concealed weapons license, and frequently carry a gun. Banks have very high security concerns ... yet when I go to the bank, I am (and will be) carrying said a gun. Should I be accosted at the door because of what I might do? No. My actions are perfectly legal. Even though the fact that I'm standing in a bank, with a gun, does help facilitate robbing the place. It doesn't alter the simple fact that I have absolutely no intentions of doing so.
OC is simply asking for - and I feel deserves - the same courtesy.-Stoic Joker (April 11, 2011, 11:33 AM)
I am sure if you had a criminal record of armed robbery they would never have given you that concealed weapons license.
Unfortunately, in the software world, there is no equivalent to that kind of license. If there was, it is unlikely OC would have ever been given one for what the founders did while at DivX. (there is your equivalent to armed robbery) And even if they had been given one, it would probably have been revoked long ago for the unique tracking IDs, stealthy registry entries, the opt-out flip-flop they made back in September, and a few other things (there is your equivalent to assault and battery).-app103 (April 11, 2011, 06:51 PM)
can we stop this please? I posted instructions that will ensure that not only will the adware not launched, but it will also never be able to connect to the internet... you can even remove it if you keep a single registry key... is that so bad? no person that has complained has truly understood why the adware is there in the first place.. it's the damned mpeg-4 licensing fees. Apple has not release QT6 so far because of this.. DXn now has.. but had to find a way to cover their costs.
divx3 is illegal.. I think we can all agree on that. xvid's license says educational use only.. of course we don't do that.. but in a legal way that makes it illegal, too. Same goes for lame where nobody pays mp3 licensing fees either. While we as private users we don't have to worry about this too much (and most people don't even know it but go flaming DXn anyways), corporations do have to worry.
And the whole "you owe me something" attitude that's being shown about DivX5 really sickens me. Nobody owes you a codec. Absolutely nobody. Take it or leave it!
I've disabled the ads and am now encoding to find out if DivX5 really is better than its predecessor.. and then face off the best parameters against XviD and SBC. That is a much more useful activity than flaming around.
Case closed.. I don't want any more of this on this forum.
It's recommend that you don't use this guide. Why? Because we are getting the opportunity to use this codec free of charge and one of the few ways DivXNetworks(DXN) can make money is by using adware and selling the pro codec. The more money they make the more resources they can make available to improve on future codecs they release. If more and more people disable the adware, DXN might have to start charging us for the use of their codec. Of course this is all up to you :-)... by powerdup
Costs need to be covered. People need to eat.-Renegade (April 11, 2011, 07:35 PM)
Those Divx Guys and My Life as a User Advocate
I’m not going to defend what some of the colleagues did while at Divx. Because I was one of the people who spent in inordinate amount of time removing the crap that Divx installed. Actually, out of the last 9 years, I’m confident in saying that I’ve spent at 2 hours a day, Monday through Sunday removing malware, adware and spyware from user’s systems. I do it for free (for those who can’t afford to pay) and I do it as a paid IT consultant (to home users and small businesses). So I’ve spent the equivalent of 273 days removing malware from systems. Heck I haven’t even been alive for 11,000 days. So approximately 2.5% of my life I’ve spent removing malware! (WOW! Now that I did the calculation and see it in writing… it’s sad.) That doesn’t include the unfathomable amount of time I’ve spent setting up Windows systems and securing them.
When I was interviewed by the OpenCandy team in February, I let my displeasure with what Divx bundled be known. And you know what? Those that were involved knew they made a mistake… and had no problem saying so. EVERYBODY makes mistakes... just NEVER make the SAME one TWICE. They didn't... What they learned at DivX allowed them to identify an opportunity to democratize software distribution so that ALL developers and ALL users could benefit. So they embarked on a mission and created a vision to do just that... the RIGHT way. And they (we) have built something that is not only beneficial to the developer community (they can increase distribution, make money or both), it’s really beneficial to users (users get to discover great software via recommendations by developers of applications they trust).-drapps (May 13, 2009, 02:52 PM)
Costs need to be covered. People need to eat.-Renegade (April 11, 2011, 07:35 PM)
Costs need to be covered. People need to eat.-Renegade (April 11, 2011, 07:35 PM)
Perhaps the best solution to that 'problem' is to write software people are actually willing to pay for?
And if that proves impossible, do something else for a living?
That's how it works with just about everything else. :)-40hz (April 11, 2011, 08:13 PM)
Perhaps the best solution to that 'problem' is to write software people are actually willing to pay for?
But while he has forgiven them and think they deserve another chance, especially since they are willing to give him a paycheck...I am not ready to forgive them or trust them, and can't bring myself to touch their money. You can't pay me to change my mind about them. I can't be that easily bought.-app103 (April 11, 2011, 07:49 PM)
So, Google should drop free Gmail and free search? People should pay for Windows updates? Ditch Linux entirely? Make people pay to use all web sites? Close up all standards and RFCs and make people pay royalties? Ban all ads? And while we're at it, make all free broadcasts for radio and television also pay-to-use?
There is more than just 1 business model in the industry.-Renegade (April 11, 2011, 08:42 PM)
But people aren't just choosing not to participate, they are actively campaigning against them. Is that right in the face of a lack of bad actions or proof of bad intent? And if the same people go to another company in the computer industry- does that make that company evil by association, since apparently this company is evil by their association?-wraith808 (April 11, 2011, 08:51 PM)
That's cool... but does an individual's right to choose not to consume make the company's right to exist and operate moot? Does an opinion not based in current facts surrounding the company make the company evil?-wraith808 (April 11, 2011, 08:51 PM)
A lot of that was back in 2002/2003. The Internet was much less mature then. There was a lot more experimenting.-Renegade (April 11, 2011, 08:42 PM)
But I think a lot of lessons were learned from a lot of mistakes in the earlier years of the Internet. It's fine to look back and see mistakes with 20/20 hindsight, but... Anyways... I'm going to drop it. I really don't care much about dwelling on ancient history. It has its lessons.-Renegade (April 11, 2011, 08:42 PM)
Wait a minute - if folks are actually going to attempt to defend what DivX did then we had better start a new thread.
Don’t speak as if we had a choice with DivX; nothing was open or upfront last time. All was deception. DivX did do some evil. And regarding Gmail I don’t think that's a valid comparison either. I use Gmail very little personally, but at least Google made it abundantly clear when they launched Google Mail that it was ad-driven. DivX dii all under the table, hidden.
Please don’t insult us with DivX apologist nonsense.
Jim-J-Mac (April 11, 2011, 09:51 PM)
That, and their name makes me think of child molesters >_<-f0dder (April 11, 2011, 11:05 PM)
Those that do not remember history are doomed to repeat it.-app103 (April 11, 2011, 10:10 PM)
Should I be accosted at the door because of what I might do? No.-Stoic Joker (April 11, 2011, 11:33 AM)
My actions are perfectly legal
That's cool... but does an individual's right to choose not to consume make the company's right to exist and operate moot? Does an opinion not based in current facts surrounding the company make the company evil?-wraith808 (April 11, 2011, 08:51 PM)
Pardon me, but it s a known fact that I have trust issues (I don't believe in 3 strikes and you'd be lucky if you were allowed 2), so help me out here...
When does a current fact stop being current and become old news, worthy of forgetting? If they do something seriously questionable today, do we immediately forgive and forget tomorrow, if they stop, change the way they do things, apologize, make promises, etc?
Where do YOU draw the line? At what point do you say enough is enough and now I am not going to trust you until you have proven yourselves worthy of that trust? How long does it take to win that trust back? How many infractions are they allowed during that period? How serious are those infractions allowed to be? At what point do you write them off and never trust again?-app103 (April 11, 2011, 10:10 PM)
@SJ - Note: this is how it works in CT at least. It may be different where you live.-40hz (April 12, 2011, 08:04 AM)
@SJ - Note: this is how it works in CT at least. It may be different where you live.-40hz (April 12, 2011, 08:04 AM)
Yeah, I'm in the south ... Our version of the "Three Step Rule" is never be more that Three Steps away from your gun... :) (Seriously) The last stats I saw on the news for FL was 1 in 10 for armed license holders ... And I think half the other 9 just do it anyway.-Stoic Joker (April 12, 2011, 12:06 PM)
And is there a point where there's no redemption? I should hope not. The lack of the possibility of redemption removes hope, and removes the one thing that can make people choose the right path. It reminds me of people with criminal records. Do you trust them outright and give them the keys to the safe? No. But if you don't give them a chance to prove themselves, then how are they ever going to be rehabilitated? And isn't it just as much your fault when given the lack of a means to make a living they resort to the only thing they can still do?-wraith808 (April 12, 2011, 09:23 AM)
@SJ - Note: this is how it works in CT at least. It may be different where you live.-40hz (April 12, 2011, 08:04 AM)
Yeah, I'm in the south ... Our version of the "Three Step Rule" is never be more that Three Steps away from your gun... :) (Seriously) The last stats I saw on the news for FL was 1 in 10 for armed license holders ... And I think half the other 9 just do it anyway.-Stoic Joker (April 12, 2011, 12:06 PM)
And is there a point where there's no redemption? I should hope not. The lack of the possibility of redemption removes hope, and removes the one thing that can make people choose the right path. It reminds me of people with criminal records. Do you trust them outright and give them the keys to the safe? No. But if you don't give them a chance to prove themselves, then how are they ever going to be rehabilitated? And isn't it just as much your fault when given the lack of a means to make a living they resort to the only thing they can still do?-wraith808 (April 12, 2011, 09:23 AM)
This comparison just don’t work for me. People with criminal records and software companies (and/or their founders) that have done serious wrong aren't in the same realm with regard to rehabilitation, second chances, etc. At least in my universe!-J-Mac (April 12, 2011, 01:39 PM)
In mine they are. I did some things out of ignorance when I was younger professionally, so I'm apt to give second chances, as I wouldn't be where I am without one. And I know people who've had criminal records for quite innocuous mistakes... the difference a criminal record makes in things you take for granted until you have one is pretty staggering!-wraith808 (April 12, 2011, 02:57 PM)
Wonder if the gun ownership ratio made those statistics better...or worse.-40hz (April 12, 2011, 02:20 PM)
In mine they are. I did some things out of ignorance when I was younger professionally, so I'm apt to give second chances, as I wouldn't be where I am without one. And I know people who've had criminal records for quite innocuous mistakes... the difference a criminal record makes in things you take for granted until you have one is pretty staggering!-wraith808 (April 12, 2011, 02:57 PM)
I think you misunderstand. I have no problem with redemption for people; but that has absolutely nothing to do with software developers. My moral code allows forgiveness for people. It doesn’t work the same way for software companies. Nor for banks, investment companies, etc. See the difference? People, yes. Software companies, no.-J-Mac (April 12, 2011, 03:30 PM)
Wonder if the gun ownership ratio made those statistics better...or worse.-40hz (April 12, 2011, 02:20 PM)
Has no impact on it what so ever actually. How much coastline does CT have? We have well over 1,000 miles; over half of the drugs smuggled into the US come right through FL (remember Miami Vice? :) ...Yeah that's right here in FL).-Stoic Joker (April 12, 2011, 03:43 PM)
Sorry to bail on you 40Hz, but I thought maybe we should hush on the tangent...before we bother the adults... :D-Stoic Joker (April 12, 2011, 05:39 PM)
No... I don't misunderstand. My professional mistakes were as a software developer, so it's very relevant. I'm sure *many* software developers have made mistakes, and have regrets, just as many people in other fields do. Does that make them ineligible to make money in their chosen profession?
The people at OC are just that... people. Yet it's guilt by association, no matter what changes they may have made, no matter what revelations they may have gleaned. It's easy to demonize companies while holding the company to some standard- but no matter what the legal definition is, a company is not an entity. And even if it were, that wouldn't hold water either, as OC is not Divx; it just has some of the same people. So it's not redemption for even Divx as a company. We're talking about people here, truthfully, and their actions and history.-wraith808 (April 12, 2011, 04:26 PM)
Nope. With your example any corporation or company is made up of people. Doesn’t get them into my definition of people. Corporations and many companies are entities totally separate from the people who make professional mistakes within them. Doesn’t count at all as far as I am concerned. Investmant companies throw money at them (Apparently they just received $3.5M from one) which they would not do if it was just people. Incorporation takes away the liability from those people, so no, that corporation does not qualify for redemption IMO.But the lack of redemption that is being talked about in this context is for the people, not the company. OpenCandy has people from Divx, who did a bad thing. So by association, OpenCandy is not to be trusted. That's referring to the people.-J-Mac (April 12, 2011, 09:25 PM)
C'mon, folks, this horse has been beaten entirely too much. Let's agree to disagree and just move on.-skwire (April 12, 2011, 08:51 PM)