Main Area and Open Discussion > General Software Discussion
What the hell is OpenCandy?
f0dder:
To be fair to OC, even if I'm not super fond of it, if all it does is sending your OS locale and version, then it's no worse than a webbrowser - only you're a tinfoil hat wearing kinda guy with special addons, that information is present in the HTTP request headers for every web request made.
Renegade:
From what I know and have seen, both in OC and here, there seem to be a few misconceptions about what OC is doing.
First, it's not tracking you at all. However, it is doing more than a Flash banner ad on a web site.
A web site ad does not have the same access to your computer that OC has. OC has several offers available and they don't offer you what you already have, so, the logic is something like this:
--- Code: C# ---OfferList = { ...big list of offers ordered by profitability... }; foreach (item in OfferList){ if (item.IsNotInstalled) { OpenCandy.MakeOfferToUser(item); OpenCandy.OsLanguageCountry(); // Log OS, language and country as aggregates return; }}
There, item.IsNotInstalled checks to see if the item exists on the computer by checking the registry. In a way, that is more power than a normal ad. In another way, it's about equivalent.
Anyways, I don't have absolute knowledge of what is going on, but from what I can tell, that's it or at least pretty darn close.
I have not seen the advertiser SDK, so I don't know exactly what goes on there, but my guess is that there is something in it that informs OC if the offered software has been subsequently run. That is the part that ensures that the offered software is genuinely wanted by the user, which then tells OC to pay the original software author (like me). However, I am not certain. Just guessing there.
We trust software all the time. Some people even trust cracks and warez. (Yikes...) If there were something dirty going on, it would be much easier to simply not use OC and do all the dirty stuff in the software instead. But there isn't. It's pretty simple. It presents an "ad" during installation in the same way that a web site puts ads on its pages. The difference is that you're not being tracked with OC, but when you visit virtually any web page, you ARE being tracked by Double-Click or Google or someone. Google keeps PERSONAL track of you even. They use personally identifying information thanks to you having signed up at Youtube or Gmail or some other Google service. So when you visit www.acme.com, the ads are very specific to that site and YOU.
There are other privacy concerns out there that are much much more serious. But really, people just don't care. They are used to them now. This is just a slightly different way to serve up an ad/offer.
Truthfully, in an installer is PRIME space for it because you have the person's dedicated attention. They aren't distracted by anything else. (Which is the same motivation for why I used a full page back-splash for the Photo Resizer installer --- people aren't distracted then and can pay attention to the installer -- it targets people that are not tech-savvy.)
Anyways, I kind of hope that helps some with tracking and whatnot.
cmpm:
Thanks Renegade for that info.
I also thank you for your program and think you should profit more from the OC deal. imo.
I knew OC was in your installer before I installed it.
So even knowing it was there didn't stop me from installing.
OC doesn't bother me being there.
I did remove all the OC stuff from older apps after that Nod notice.
As a precaution and bored I guess. :)
That was the first time Nod blocked OC like I posted.
And I have installed other stuff with OC.
I wonder who changed, OC or Nod.
No big deal....did Eset ever answer you?
If anything starts any suspicious activity one my security programs will pick it up.
No worries....
Renegade:
@cmpm - Thanks! :)
did Eset ever answer you?
--- End quote ---
Do they ever contact anyone? Sigh... No. Not yet. I doubt they will. They really need to work it out with OC and not me. I just submitted to help get their attention as it is bad for me and everyone else that uses OC.
It is kind of frustrating... The security companies really need to shape up some and come up with methods that are reliable.
40hz:
My objection to OC isn't so much what it does on a technical level. My objection is with it's business model.
What they are doing is attempting to unilaterally redefine what constitutes adware and to justify an installation method that is basically stealthed.
I additionally have a problem with their "dealers choice" options for how it gets used (default in/default out) in an individual developer's application. I don't know if this is to provide OC with what they may feel is 'plausible deniability' when accused of being adware, or what.
Up until now, there has been pretty much universal agreement that anything which gets installed on your PC without giving notice and asking your permission is unacceptable.
OC is attempting to do an end-run around that understanding. First, by muddying up the waters with their insistence on their own definition of what "advertisement" means. Second, by refusing to have OC ask permission prior to doing what it does.
From what I've seen, there seems to be a very deliberate decision not to draw attention to the fact it's on there at all. Otherwise, it would add a mandatory splash banner, and ask if it's ok to proceed.
But it doesn't...
From what I've seen and read of it, it's left up to the app developer just how much to say about the fact OC is piggybacking on his installer.
And I'm sorry folks, but to require that some information be put in the EULA about OC is almost laughable. Not to defend people who don't read the EULAs, but the people who produce OC know (as those of us in the industry do) that very few people ever read license agreements. I'm almost tempted to say "How convenient."
This is a potential "camel with its nose in the tent" issue. OC may be the most innocuous and benign piece of code out there. But what it is asking us to see as acceptable behavior for a software installer is not. Because it asks us to greenlight an action that has, up until now, been considered unacceptable behavior.
This whole issue could have been avoided if OC just did what every other ad-type software does - pop up a notice and ask to be installed before anything actually is.
But OC has chosen not to do that.
And I think the reason for that is very simple: most people wouldn't install OC if they knew about it.
And in order for OC to sell their services to their advertising partners, they have to offer some unique sales proposition that gives them the advantage over more traditional piggyback product installers.
And that unique sales proposition is a low key approach to installation that borders on stealth, even if it doesn't quite cross the line, combined with a policy of substituting the term "recommendation" for "advertisement."
Not that it matters. Actions always speak louder than words.
To quote Douglas Adams remix of the classic 'duck test': If it looks like a duck, and quacks like a duck, we have at least to consider the possibility that we have a small aquatic bird of the family anatidae on our hands.
In my little corner of the universe, if you ask me - out of the blue - to consider buying something, then it's an 'advert' AFAIC.
And calling it something else - and insisting it's not - only makes it quack louder.
:)
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version