Main Area and Open Discussion > General Software Discussion
What the hell is OpenCandy?
Paul Keith:
This is one of those times where maybe the company should take advantage of the bad press and advertise themselves as ad-ware lite on their webpage with a special section on top answering/comparing and posting the answers here and on many other forums on what they do different from normal ad-ware. :P
kartal:
think
-mouser (May 30, 2009, 08:57 AM)
--- End quote ---
To get mad about a single key in the registry, or a DLL file that is part of the installer and does nothing but suggest another program you can opt-in to install, is really misplaced concern in my view. All this hand wringing is best saved for *real* adware, spyware, hidden installs, etc. Stuff that really *does* install programs behind the scenes that users don't want.
-mouser (May 30, 2009, 08:57 AM)
--- End quote ---
Josh that's incorrect, a DLL sitting there not in use is completely benign. It's only if it is loaded into a process can it cause harm, and even then no more harm than that process itself could do. It getting loaded into some processes address space cannot happen spontaneously, something must load it and that something is then the malicious application, not the DLL.
Sorry to be blunt but you're concerns here are unfounded.
-Eóin (May 30, 2009, 09:26 AM)
--- End quote ---
What if someone else exploits it? I think some of you are very smart but naive people.
On the otherhand all I have seen so far either OC had a bug in the installer or it was an honest mistake on the developer`s side or it was some other problems that was causing OC`s unattended invisible installations. Just more excuses for more malign behaviours. You know if noone ever raised anything about these issues, you bet they would not be called bugs or honest mistakes.
Mouser, I am already trying to reach the developers who embedded this OC stuff in their apps. So It is not like I am coming and just bithcing about the same issues over and over again. I hope that more users talk to developers. As someone pointed out the Miro forum, you can see that Miro users are very unsatisfied with Miro`s desicion and I myself bitched about it in ther beta forums as well. They seemed like they had no idea what OC was up to.
Eóin:
What if someone else exploits it? I think some of you are very smart but naive people. -kartal (May 30, 2009, 01:10 PM)
--- End quote ---
No, it can't be exploited. This is not naivety, a DLL just sitting there inactive is completely benign. It cannot activate itself and if something else activates it then that is the malware.
kartal:
What if someone else exploits it? I think some of you are very smart but naive people. -kartal (May 30, 2009, 01:10 PM)
--- End quote ---
It cannot activate itself and if something else activates it then that is the malware.
-Eóin (May 30, 2009, 01:35 PM)
--- End quote ---
Is not that what I said? I used the word exploitation, I did not say it would activate itself.
Josh:
As kartal said, that is exactly what I was referring to as well. What if a malware is designed to look for OC's dll files and exploit a known or , up until now, unknown vulnerability in said dll?
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version