Main Area and Open Discussion > General Software Discussion
What the hell is OpenCandy?
Paul Keith:
One: with websites you don't really have a choice. It's not even as if you could avoid sites that gather such data and reward those that don't, because it's a safe bet they all do. With desktop apps though, you still have a choice. Also, you can't tell if someone's Apache server is hooked to a big honking advertising database, but you can usually tell if your desktop apps try to phone home. So not only do you still have a choice, but you have the technology to help you make it.
--- End quote ---
Not trying to defend OpenCandy since it's been so long since I read the thread but you do have a choice when it comes to websites by not visiting, signing up or sharing personal information on them. Pretty much the same thing as not downloading programs = choice. (Voting by boycott)
Also, most popular data mining sites are pretty much known from their Terms of Service and from the controversy they receive. (See Facebook articles)
Two, probably more important. As long as we trust the browsers we're using (and I am aware of JavaScript exploits et al), the information a browser can leak really pales in comparison to what a local app can potentially disclose. Anything on your system that's not encrypted is game, so I'd say the stakes are higher.
--- End quote ---
Not really. Adware and non-browser exploits are on par just as "rigged" programs are categorized on the same level as Javascript exploits as security/virus issues.
The distinction does blur the more people switch to web apps like Gmail or Google Docs, but you can still use your best judgement about what to use Google Docs for, and when to stick with Word. But when you have spyware on your desktop, then the choice between what's sensitive and what isn't is no longer yours.
--- End quote ---
Still is really. Remember until docx, Word has alot of privacy issues left out in the open. That puts it on par with Google Docs.
Similarly if you have an additional layer to your data, it's still a case of the spyware being able to break/know the encryption/password and not fully on just gaining access. Also most spyware can't really compare to the dormant "swine flus" of internet viruses so most part, the choice is still yours on whether you will reformat your OS or risk permanently removing it via an anti-spyware.
So I think there is a difference, and of course I still wish Odin's wrath upon all the data collectors everywhere. Bottom line for websites: if tracking me is making you money, I want a piece of it, because it's my stuff. You would not give that data to me for free, would you?
--- End quote ---
Err... they kind of do. It's the modern day technological implementation of fascism.
Give me your bookmarks, pictures, private photoes, personal info for free and we'll make you easier to find your friends online or become an internet pop sensation. (the free equivalent of the modern day internet Aryan: instant fame/instant friends/instant consumerist relevance in exchange for illusionary slavery)
That's kinda your piece while your data is theirs.
drapps:
Hi Everyone,
I’m back. Things have been hectic. Of course moving took much longer than I thought; I didn’t realize how hard it would be with the baby and doing 95% of the move myself!
Anyway…
Scancode,
Regarding the registry entries:
I misspoke (miswrote?) and should clarify that currently, per our Publisher’s Kit Integration Guide, it is only a requirement that OpenCandy related registry keys be stored within the publisher’s registry key. We don’t specifically require that they be within an OpenCandy subkey, though most publishers (MediaCoder excluded, obviously :) ) do put them within an OpenCandy subkey.
OpenCandy files in temp directory:
I/we owe you a big THANKS! You’ve actually discovered a bug with v1.3 of our plug-in that only affects NSIS based installers. Only the dll (OCSetupHlp.dll) should be in a user’s temp directory (when it’s unpacked by the installer) and it should be removed once the publisher’s installation is completed. This doesn’t change what I said above about when a recommendation is accepted. When that happens an OpenCandy folder containing the dll (OCSetupHlp.dll) and the text file (OpenCandy_Why_Is_This_Here.txt) are created within the publisher’s installation directory to facilitate the download and installation of the recommended software and once finished, the folder and files are automatically removed (unless one of those things listed in the OpenCandy_Why_Is_This_Here.txt happens: power goes out, etc... ).
We’re in the process of wrapping up version 1.3.1 which rectifies the issue. It'll take a bit before all our publishers have updated their builds. This bug does not affect OpenCandy publishers with Inno-based installers.
Oh yeah, the FAQs are up (http://opencandy.com/faqs)!
Be well everyone :)
scancode:
I’m back. Things have been hectic. Of course moving took much longer than I thought; I didn’t realize how hard it would be with the baby and doing 95% of the move myself!
-drapps (September 24, 2009, 05:16 PM)
--- End quote ---
:Thmbsup:
I/we owe you a big THANKS!
-drapps (September 24, 2009, 05:16 PM)
--- End quote ---
You're welcome. Dev<>Users feedback is what makes DC græt!
Oh yeah, the FAQs are up (http://opencandy.com/faqs)!
-drapps (September 24, 2009, 05:16 PM)
--- End quote ---
:Thmbsup:
We don’t specifically require that they be within an OpenCandy subkey
-drapps (September 24, 2009, 05:16 PM)
--- End quote ---
Any chance of changing that? Specially after you give instructions as Click the arrow to expand the publisher’s registry key, and then right-click on the OpenCandy key and click ‘Delete’.-OpenCandy FAQs (http://www.opencandy.com/faqs/)
--- End quote ---
drapps:
Scancode, et al,
Hey y'all (yeah I said "y'all"), hope you're all having a great Wednesday!
DC<>Users is what makes DC great!
--- End quote ---
I agree, no question. :)
Regarding the FAQ, Whoops. FIXED! I added instructions for those publishers that currently don't use an OpenCandy subkey. See http://www.opencandy.com/faqs/#opencandy-removing-registry-entries Thanks for pointing it out and I appreciate the time you took to read through the faqs. I'm a big fan of a "second set of eyes" especially when they come from the outside looking in.
I have more great news...
Regarding changing OC registry entry location to an OC subkey as a requirement, it was in the pipeline but I wasn't sure we would be able to get it into the version 1.3.1 update (which is rolling out shortly with the NSIS bugfix). But... we did! As of v1.3.1, all ALL OpenCandy publishers are REQUIRED put OpenCandy related registry entries inside an OpenCandy subkey within the publisher's registry key.
Take good care everyone. :)
scancode:
I have more great news...
-drapps (September 30, 2009, 12:09 PM)
--- End quote ---
Drumroll please...
As of v1.3.1, all ALL OpenCandy publishers are REQUIRED put OpenCandy related registry entries inside an OpenCandy subkey within the publisher's registry key.
-drapps (September 30, 2009, 12:09 PM)
--- End quote ---
:Thmbsup: :Thmbsup: :Thmbsup: * Removed OpenCandy from evil list :)
As a sidenote, while reversing OCSETUPHLP, I found a text reference to /NOCANDY. If I pass that parameter to the installer (MediaCoderAE-0.7.1.4496), OpenCandy does not do any changes at all (no reccomendations, no external contact, no reg keys). Is that how it's supposed to work?
ok here is my bet, I am putting my 100$ if anyone wants to bet on it.
I am %100$ sure that in 2 years OC will become an application that will try to install hidden stuff and spy on your download-installation activity. If anyone wants to bet I am accepting bets. Since we do not want to gamble lets keep the amount not more than 100$.
-kartal (May 17, 2009, 01:05 AM)
--- End quote ---
* scancode puts $25 against Kartal
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version