@Renegade - ok, I think I'm following so far.
Few more questions (there will probably be more later):
0. I have been told that prior to doing any sort of opt-in or opt-out, OC scans the user's drive and sends back information to...someplace...and modifies the users registry without any notification or option to prevent it. This operation is automatic, unstoppable, and runs completely invisibly. Is this true?
-40hz
No. It is not completely true.
The license screen is displayed prior.
Checking, and the DLL "OpenCandy_{57E292A3-7C15-41F2-AD55-F8AADEA415B7}.dll" (some GUID in there) runs from User/NAME/AppData/Local/OpenCandy/OpenCandy_{GUID}.dll.
I'd need to look into it some more. It uses Amazon storage though.
The installer IS the user interface. It IS the front facing interaction. There's no reason to display more than that. That would only complicate things further.
1. Why doesn't OpenCandy make it's presence known during the installation like the Ask Toolbar or other (supposedly) "just like" apps do. Why not just call it what it is? It seems OC tries to cloak it's presence by burying itself in somebody else's installer and EULA. Why is that? Why don't they just run OC as an additional installer that tags along (like everybody else's does) if it isn't primarily motivated by a desire to make its presence and actions less noticeable? What good and purely technical reason(s) do they offer for doing it this way?
-40hz
It's like going to the grocery store and having them ask you to make a donation to some cause, e.g. flood victims or whatever, at the register instead of having people ask you as you enter/leave -- it's more streamlined.
There's nothing masked or cloaked about it. The EULA is displayed. Nobody reads them. Who's fault is that? You can only do so much. Would you prefer that all software force you to click a checkbox for every sentence in the EULA? Of course not.
The way they have it set up is minimally intrusive and easy to work with. It's right up in front with nothing hidden at all.
I can't "see" air. So... God must be hiding something from me in the air. God is out to get me. God is in league with Satan...
Of course invisible processes are invisible. That's nothing new. In the *NIX world they are daemons, and in the Windows world, services. Software runs invisibly all the time. A lot of things just don't make any sense to have a UI for. That doesn't make them malicious.
If they did set it up like you mention there, people would complain because it's too intrusive running another installer.
There's no winning at all. It's damned if you do, damned if you don't, and damned for any reason whatsoever.
I blame all this on the SCAREWARE industry. They're some of the most irresponsible b******s out there. They've got everyone so brainwashed about "malware" and whatever that there's no escaping the tiniest scrutiny.
Some software writes to its program files folder. Does that make it evil?
There's just no good reason to make a simple installation all complicated and to require the user to confirm every little thing. Most people wouldn't know what any of it was anyways!
2. The author of DarkWave Studio uses OC, and says he has set it to default to opt-out. Do you control whether it is set up to follow an opt-in or opt-out methodology? DWS's author seemed to infer it was his choice which way to go. How does his statement square with your statement there is no opt-in or out per se?
-40hz
I have not seen any opt-in/out options. Maybe those are some of the changes in the SDK.
3. Is there anyplace where you are given the opportunity to remove all traces of OC regardless of where (registry, etc) they are located without having to manually dig it out? Do they publish a utility to do that? And do they advertise such a utility is available and make it easy to get if they do? If not - why not?
-40hz
Lots of programs leave traces. It's not the end of the world.
A file can't delete itself without a reboot. I've not checked that as I hate rebooting. (I'll check when I do reboot though.)
As far as I can see so far, there's nothing nefarious going on at all.
4. Why do they store their stuff in the registry? Is there a demonstrably valid technical reason for doing it that way as opposed to putting it in some sort of cache file elsewhere on the drive?
-40hz
Like I said before, I didn't find any registry traces.
5. You object to calling OC adware. But then you say it presents "offers." How is an "offer" to consider buying something different than an "ad" which also asks you to consider buying something? Forgive me if I sound obtuse. But I suspect I may be a little 'colorblind' in that end of the spectrum. What in the name of the Purple Buddah is the difference between an ad and an offer?
-40hz
Ahem... Which is why I used 20pt. Apparently I need to do it again... Perhaps 36pt is better. In red.
(Muahahahaha~!
)
ADWARE got a bad name (and rightfully so) because software would install other software (the actual adware program)that would pop up ads at any time -- the installed software's sole purpose was to pop up ads on the desktop. OpenCandy does not do that at all. You're confusing ads with "adware". (Thanks to the SCAREWARE industry that does nothing but sow FUD.)
I go to find an answer to a question I have in a search engine. There are ads there. Is the search engine "adware"?
I click through a link to a site to find my answer. They have ads there. Is the website "adware"?
The search engine and website both put cookies on my computer and track me. Are they "adware" or "malware"?
Is TV 'adware'?
I drive down the road and there's a billboard ADvertising something. Does that make the roads "ADWARE"?
I buy a shirt that has the manufacturer logo on it. Does that make the shirt "ADWARE"?
I wear the shirt. With the ad on it. Does that make ME "ADWARE"?
A book I buy has the publisher name, logo, and other information about the publisher in it, which is all entirely irrelevant to the content of the book that I paid for. Does that make the book "ADWARE"?
I go to the movies and there are previews. Are movies "ADWARE"?
There is no end to it.
I put that horrible 20/36pt font there for a reason.
There is a very big difference between "adware" and "advertising supported".
OpenCandy provides a way for software vendors to "advertise" their software by paying other software vendors to display their "ad" or "offer" one time during the installation of that 2nd vendor's software. It does not pop up ads like adware.
When I first came to DC, I followed a link from inside of some weblogs to a review about ALZip.
https://www.donation...ndex.php?topic=896.0I was clear in my disagreement with the inhouse graphic in the upper right not being adware:
License Type - It's freeware for home users while commercial users have an unlimited trial period, but are asked to purchase a license. It's most certainly NOT adware. None of the ALTools have any adware, no spyware, no junkware, no third party bundled wierdness - nada, zilch, zip I really don't want people to think that ALTools are adware. The info banner in the upper right only mentions ALTools and does not serve ads for any third parties. PLEASE - Would you kindly fix this. I really don't want anyone to get the impression that we're associated with that seedy underside of the Internet...
I still believe that.
As an analogy, why don't we hang soldiers for murder? They kill people. That's murder.
Adult topic (analogy)
While we're at it, why not throw all couples in prison for rape. At some point in a relationship partners have sex with the other when they don't really want to, but they do it for the other partner. So, are they willing or not? Why not just solve the problem and throw them all in prison?
The connotation for "adware" is so drastically negative that the 2 analogies above, while extreme, are actually accurate. "Adware" = "death sentence".
Advertising supported? That's ok. Lots of things are. There's nothing wrong with it, and nothing underhanded. (I'll not get into propaganda or what actually happens in mass media advertising as that's an entirely different can of worms, and I'd disagree with my previous sentence in that context.)
6. You seem to infer that you're comfortable with OC's business model and modus operandi. Are you comfortable enough with it that you'd be willing to accept personal responsibility for any software problems, privacy breaches, or security issues introduced on one of your user's machines if it was the direct result of something done by OC during it's normal operations? Not to say you should. But would you at least be willing?
-40hz
No. I wouldn't. Nobody does. And that's in my EULA. It's a standard disclaimer in all software EULAs.
7. Does OC in any way indemnify you for any problems their software may cause your user's system? If you get sued by somebody because OC did something and you got blamed for it - does OC offer you any legal protections or warranties?
-40hz
As #6. Standard EULAs all have those provisions.
8. Have you been allowed to examine the source code for their software - or gotten a chance to look behind the scenes and observe their backoffice operation in action? If not, why do you trust them like you do?
-40hz
Have you seen the source code and gone through it all for your OS and all the programs you run? If not, why do you trust them like you do?
That's really way to far out of line. Companies keep internal processes internal for a reason -- they don't want someone to rip them off and steal their ideas. That's even more important for software companies that have only intellectual property (e.g. copyrights) as their only assets. Google is nothing more than a bunch of dead servers and office buildings without their IP.
I know these are a lot of questions. So don't feel rushed to get back. Sorry to be asking you all this. But you're apparently DC's resident expert on things OC -so You Da Man to ask.
-40hz
Like I said before:
I think you're looking for things that aren't there.