Main Area and Open Discussion > General Software Discussion

What the hell is OpenCandy?

<< < (23/99) > >>

cmpm:
Nothing about OC in the license or any place for xulrunner, mediacoder or miro.

This is targeting open source projects. And could be the end of some, with google hits mounting as to the nature of OC and the job of removing it. As it is a software that was received without notice.

When I download a software program or application, I expect that is what I'm suppposed to get.

http://getsatisfaction.com/participatoryculturefoundation/topics/opencandy

http://forum.mediacoderhq.com/viewtopic.php?f=3&t=5741

Besides having to find and delete the file-

1. Start the registry editor
- Go to Start Menu
- Click 'Run'
- Type 'regedit', click ok
2. Navigate to the open Candy folder
- On XP it is located at: HKEY_LOCAL_MACHINE > SOFTWARE > OpenCandy
3. Backup the OpenCandy Registry Key (just to be safe, in case something goes wrong.)
- Right click the OpenCandy registry key (looks like a folder)
- Click 'export'
- Save the file somewhere on your computer
4. Delete the OpenCandy Registry Key
- Select the OpenCandy registry Key (looks like a folder)
- Go to the edit menu and click 'delete'
- Click 'OK' to confirm the deletion
--- End quote ---

How long will people have to deal with this?
When word spreads further, and it will, there will be no OC.
And how many open source projects will it affect?
All of them?

Since there is no notice or informing of an OC install.
(And good for "Bitdefender" to catch that operation.)
This is bad practice for a seemingly good source of info on other products. Why are the software's involved not 'open' about this tactic before the download even starts?

mouser:
This thread is going in circles..  To get mad about a single key in the registry, or a DLL file that is part of the installer and does nothing but suggest another program you can opt-in to install, is really misplaced concern in my view.  All this hand wringing is best saved for *real* adware, spyware, hidden installs, etc. Stuff that really *does* install programs behind the scenes that users don't want.

As someone pointed out to me in a personal message -- this thread is starting to feel like the one single company trying to do this in a reasonable fashion is being made the scapegoat for the worst behaviors of the worst offenders in the spyware world.  There are real bad culprits out there, but this isn't one of them, and i think we are getting to the point where this thread is making things more confusing to readers rather than educating them.

Regardless.. maybe it's time we wound down the repeated posts on this thread that are merely restating the same points.  Maybe i'm guilty of that too, so i'll not be repeating myself again.

Josh:
Mouser, I can point you to several infections I have had in the past, Pre-SP1 XP, that were only a single DLL that manipulated itself into various exe files once loaded at startup. A registry entry alone, yes, could be harmless unless it is exploiting some feature that is undocumented (as windows has thousands of) and the enabling of such opens up other holes. The dll, while part of the installer, is left behind. If someone discovers an exploit in said dll, or a way to load it with other malware and use it to exploit other holes, then the dll (for installer purposes only) serves another more vicious purpose. I am not saying OC does this, but I do believe NOTHING should be left behind that isnt absolutely necessary.

Eóin:
Josh that's incorrect, a DLL sitting there not in use is completely benign. It's only if it is loaded into a process can it cause harm, and even then no more harm than that process itself could do. It getting loaded into some processes address space cannot happen spontaneously, something must load it and that something is then the malicious application, not the DLL.

Sorry to be blunt but you're concerns here are unfounded.

cmpm:
Fine, mouser, I'll quit.

I am referring to reply 104 that has not been done.
There is no eula for open source posted with an install of these programs.

Navigation

[0] Message Index

[#] Next page

[*] Previous page