ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

What the hell is OpenCandy?

<< < (59/99) > >>

Renegade:
Up until now, there has been pretty much universal agreement that anything which gets installed on your PC without giving notice and asking your permission is unacceptable.

...

And I think the reason for that is very simple: most people wouldn't install OC if they knew about it.
-40hz (March 31, 2011, 06:25 PM)
--- End quote ---

But that's the thing -- It doesn't get installed! It runs, but it isn't installed.


When most people go to install software, they aren't agreeing to a lot of things, but things are genuinely changed on their system that they have NOT asked for. This is the normal way of doing things and nobody would call it malicious. For example, an installer adds registry keys and puts a DLL in the system32 folder, creates a ProgramData entry, another local/roaming directory structure, checks if certain other software is installed, if not installs it or upgrades it, etc. etc. That's normal. But OpenCandy isn't doing all that stuff. It runs then it's done.

app103:
This is the problem, and will continue to be the problem:

When I install your software there has to be a certain amount of trust in you for me to be able to do that. And now I have to have trust in OC as well.

While I may trust you, I don't trust OC at all and I never will, regardless of how much you trust them.


* The same guys responsible for the spyware in DivX start a company to pack offers into the installers of other people's software.
* They assigned each computer a unique tracking ID, even if they declined the offer, building profiles of people and what they installed, what they declined, and all kinds of other information tied to that unique ID...till they got caught.
* They used registry entries like permanent tracking cookies, even if you declined the offer...until they got caught.
* When they get caught doing something, they say it was a bug, the developer's fault, etc. never taking the blame for their shenanigans.
* They said they don't believe in opt-out and would never change from opt-in to opt-out...until they did, and they blamed developer greed for them adding that option.
What are they going to do next? What will they get caught doing that they will have to change? What will they blame next on the developers that put OC in their installers?

When you ask me to trust them while installing your software, you are asking too much and I won't do it.

They are also peddling their stuff to open source developers, to include a closed source .dll on machines that install the open source software. When I install open source software, I expect to be able to have access to the source, all of it, for everything it installs on my machine. If the source for the OC dll is not included, it has no business being put on my machine during the install of a piece of open source software.

40hz:
But that's the thing -- It doesn't get installed! It runs, but it isn't installed.
-Renegade (March 31, 2011, 06:36 PM)
--- End quote ---

Sorry. I'm a bit color blind in that end of the spectrum.  :)

Regardless of whether it copies itself onto the hard drive, or loads itself into RAM before it runs, it's still installed on your system. The mechanism employed for the IPL* (initial program load) is a technical detail, not a functional difference.

------------
* At least that's what they called it when I was taking my CompSci courses in college.  ;D

wraith808:
Up until now, there has been pretty much universal agreement that anything which gets installed on your PC without giving notice and asking your permission is unacceptable.

...

And I think the reason for that is very simple: most people wouldn't install OC if they knew about it.
-40hz (March 31, 2011, 06:25 PM)
--- End quote ---

But that's the thing -- It doesn't get installed! It runs, but it isn't installed.


When most people go to install software, they aren't agreeing to a lot of things, but things are genuinely changed on their system that they have NOT asked for. This is the normal way of doing things and nobody would call it malicious. For example, an installer adds registry keys and puts a DLL in the system32 folder, creates a ProgramData entry, another local/roaming directory structure, checks if certain other software is installed, if not installs it or upgrades it, etc. etc. That's normal. But OpenCandy isn't doing all that stuff. It runs then it's done.

-Renegade (March 31, 2011, 06:36 PM)
--- End quote ---

This! If it were installing anything, I'd totally agree.  But it's not!

They are also peddling their stuff to open source developers, to include a closed source .dll on machines that install the open source software. When I install open source software, I expect to be able to have access to the source, all of it, for everything it installs on my machine. If the source for the OC dll is not included, it has no business being put on my machine during the install of a piece of open source software.
-app103 (March 31, 2011, 07:39 PM)
--- End quote ---

But it doesn't *install* the dll... when you get an installer for OSS software, is it required to give you the source to the installer?  I don't think so, though I could be wrong?  And if it's not, there's no reason to have to give the source to the OC dll.
But that's the thing -- It doesn't get installed! It runs, but it isn't installed.
-Renegade (March 31, 2011, 06:36 PM)
--- End quote ---

Sorry. I'm a bit color blind in that end of the spectrum.  :)

Regardless of whether it copies itself onto the hard drive, or loads itself into RAM before it runs, it's still installed on your system. The mechanism employed for the IPL* (initial program load) is a technical detail, not a functional difference.
-40hz (March 31, 2011, 08:50 PM)
--- End quote ---

Yes, indeed it is a functional difference.  Several things run on your machine without being installed - classic asp and javascript are two good examples- they run on the client in the browser.  Does that mean that every bit of JS or VBscript has to be vetted?

app103:
But it doesn't *install* the dll.
-wraith808 (March 31, 2011, 08:55 PM)
--- End quote ---

What is the purpose of an installer? I thought the purpose was to install software. And software consists of many types of files, not just .exe executables.

If one of my applications comes with xml and wav files, I am not going to argue that they are not "installed" with my application...they are.

The big issue with the OC .dll being installed along with open source software is that it is compiled code in which the source is not available.

when you get an installer for OSS software, is it required to give you the source to the installer?
--- End quote ---

No, I wouldn't expect the source for the installer maker, but I would expect to be supplied with the information of what was used and with the scripts used to make the installer if they were not included and I asked for them.

I should be able to compile an exact copy and when you toss in the OC dll, that isn't possible. I should also be able to change any of it any way I see fit and redistribute those changes, and if I am not allowed to change and redistribute the OC dll, then it has no business being placed on my system, without that right, along with an open source application.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version