the effort that's involved would be pretty substantial for little benefit
-wraith808
I think that's only true if you're looking at it from a purely technical perspective.
What makes OC a bellweather is its asking us to accept that a piece of software - provided by a third party and totally unrelated to the main app's function - should be allowed to scan and transmit data back to that third party without announcing itself or getting the user's permission before doing so.
Regardless of whether or not it's been happening in other places, this has not generally been considered acceptable behavior for a legitimate software product. Truth is, stealth and operating without permission has always been considered more in keeping with malware and quasi-maleware behaviors.
And with venture capital backing and several prominent software developers signing onto OC, I think we really need to see this as a company attempting to change the definition of what is considered acceptable. If it wasn't trying to do this, it wouldn't be causing some anti-malware products to flag its behaviors as suspicious.
Whether or not it's malicious, by the way it operates, OC shares cultural and technical similarities with software that is potentially dangerous.
And while so-called false positives may damage a product's reputation unfairly, we also need to consider that most anti-malware detection is based of behavioral analysis. And to have a legitimate product display such behaviors
by design - and then insist the anti-malware detection methodology needs to be changed to accommodate it - creates an even bigger problem when it comes to continuing to be able detect truly malicious code that operates in a similar manner except for the payload.
I'll risk a clumsy analogy to illustrate my point:
***
Suppose in a certain city, several of the most notorious and violent street gangs were easily identified by the fact they wore green fedora hats and drove a certain model van. The police were aware of this behavior, so it was relatively easy for them to spot the gangs and intervene whenever they were seen racing around in their vehicles or entering buildings at a a run.
Now suppose that the EMTs in this same city decided to also adopt green fedoras and begin driving similar looking vehicles.
Now the police have a much harder time identifying potential trouble and preventing it.
Are those two green fedora wearing guys who just ran into that building going in to put a hit on somebody or rob the place? Or are they just EMTs responding to an emergency call? And is that van that just flew down the road fleeing a crime scene - or is it attempting to get a stroke victim to an Emergency Room in time to save someone's life?
When the EMTs are asked to stop wearing green hats and get different vehicles, they refuse, claiming it's not
they who are doing anything wrong.
And when an EMT unit is inevitably pulled over in error, the EMTs all demand that the police stop profiling them as if they were criminals - because again, it's not
they who are doing anything wrong despite the fact their appearance and behavior demonstrates strong similarities to those who are.
In the wake of this, the police now have a much harder job zeroing in on potential trouble.
And as a result, they are not as effective as they used to be when dealing with a certain criminal element.
***
So while it may be a large effort for small gain, in the larger cultural and technical arena, having something work like OC introduces issues that could easily be avoided if it was implemented differently.
And that is something they are apparently refusing to do even though it shouldn't present much in the way of a technical challenge for them change their software.
Just my 2¢