Jump to content
floele

New version: 4.3.7 and OpenCandy

Recommended Posts

I understand your concerns and will think about them in the future, or rather, I'm already aware of certain issues and I might try an adjustment eventually.

Share this post


Link to post
Share on other sites
Guest pedrito

So does the PORTABLE version has OpenCandy or not?

My opinion is that if it has OC, it is somewhat abusive because a Portable version is suppose to run on computers that might be unaware that hidden software is inside the only software they allow to run in their computer (ie CDBurnerXP only).

Share this post


Link to post
Share on other sites
Guest kwieringo

open candy is detected as a piece of adware and maybe I missed it, but I didn't see a place to check (or uncheck) to install or (not to install) opencandy.

Thanks,

Ken

kwieringo@vt.edu

-=====-

Share this post


Link to post
Share on other sites
Guest glutenenvy

Now that Microsoft Security Essentials is flagging opencandy it appears to the average joe that CDBurnerXP is compromised and should not be installed.

In "average joe" and "dilbert manager" speak it is infected.

Any plans on changing opencandy to something else in newer versions?

Share this post


Link to post
Share on other sites
Guest nStuff

To me this is very simple. (I just got a message from Microsoft Security Essentials myself - That's what brought me here.)

Have 2 Versions 1 with OpenCandy and a disclosure stating what it is and some anti-spyware programs flag it as bad.

Another without it that requires a small donation. People have a clear choice as to what they want to do.

I've used this software for YEARS and love it. I've even already made a donation...

nStuff

Share this post


Link to post
Share on other sites
Guest Thr

More precisely:

http://ember.cdburnerxp.se/cdbxp_setup_4.3.8.2513.exe	a variant of Win32/OpenCandy potentially unwanted application		Threat was detected upon access to web by the application: C:\Program Files\Ketarin\Ketarin.exe.

Share this post


Link to post
Share on other sites
Guest mimix

wow, clap clap clap, im only going to say this you should be in promotions, opencandy IS exploitable, opencandy IS dangerous, the 4.3.7 that you are installing is not, dont click the radio buttons in your installation processes so quickly people, and as to it being dangerous, its only because of its potential, and using networks that certain people talk on.

Share this post


Link to post
Share on other sites
Guest nStuff

Flo,

I think you need to make a new (newer) "sticky" post on this subject. You have said it plainly for me. (I believe several times in all these posts). I checked out the Downloads, and I choose the one that I felt was best for my use.

I appreciate your openness on this subject and that is why I like CDBurnerXP! You provide support.

THANKS!

nStuff

Share this post


Link to post
Share on other sites
Guest tummychow

While it bothers me that CDBurnerXP contains adware (I wouldn't call it spyware, but OC is adware) I think it was the right call to provide users with the choice to not use it at all. We can say all we like about the right or wrong of incorporating it into the installer, but there are two bottom lines: 1) software writers have to make money somehow and 2) as long as the end user still has a choice, you aren't compromising them by it.

@ people: If OC bothers you like it does me, that's cool. What I did was I disconnected from the internet while installing. It doesn't leave anything on your computer after installation (afaik at least). No need to block IPs or firewall control when you can just pull the plug. Watch as adware tries to transfer your precious marketing data to its c&c server over a nonexistent connection =]

Share this post


Link to post
Share on other sites
...we should focus the discussion on how to make the OpenCandy integration as much acceptable as possible.

I sympathize with your desire to earn a little something for your work, Flo, but I have to admit I have my concerns about OpenCandy as well. It may or may not be perfectly safe. I don't know. Their privacy policy may or may not be honest. I don't know. But I would rather not put it on my system - that way I know that it's not having any effect. Maybe I'm paranoid. I don't know. :)

But ultimately it's your choice and I wouldn't dream of taking that away from you.

Without going into the question of what xyzware categories OpenCandy might or might not fit into, you ask: how can we make it more acceptable? My feeling is that rather than maintaining two separate installers (which will probably be a pain), perhaps it would be simpler to put an option screen in the installer that asks the user something like, "We have partnered with OpenCandy to offer you some special deals on other software. Would you be interested in seeing more about these deals?" or whatever seems fitting, and then on the same screen offer a checkbox "Yes, I'm interested" (which could even be pre-checked). If the user unchecks this box, then do not run ANY OpenCandy code during installation; otherwise run it normally.

This would portray OpenCandy as potentially useful to those who might want it (and there might actually be some people out there who would find it useful), but would give those of us who don't want it some way to avoid it completely. Most people would probably just leave the box checked and click Next without bothering to read it anyway, just like they did with Gator/GAIN and Cydoor... :)

At any rate, I've been using CDBurnerXP for years and I think it's a great piece of software. I hope this issue won't change that!

Share this post


Link to post
Share on other sites

This option seems kinda pointless. It does not prevent OpenCandy components from being "loaded" on your system, since the OC inclusion is determined at compile time of the installer. Also, the installer itself will seem "over optioned". And in any case, people will request a OC free installer anyway, because there is a difference between not showing and not including unwanted OC components. Last but not least it'll also decrease my revenue.

Share this post


Link to post
Share on other sites
My feeling is that rather than maintaining two separate installers (which will probably be a pain), perhaps it would be simpler to put an option screen in the installer that asks the user something like, "We have partnered with OpenCandy to offer you some special deals on other software. Would you be interested in seeing more about these deals?" or whatever seems fitting, and then on the same screen offer a checkbox "Yes, I'm interested" (which could even be pre-checked). If the user unchecks this box, then do not run ANY OpenCandy code during installation; otherwise run it normally.

True, it wouldn't prevent the OC .dll from being extracted by the installer like all the other files. But that isn't what I suggested.

What I would prefer is for the OpenCandy code to not be executed on my system. Extracting the file to a temporary folder is not an issue, so long as it is deleted with all the other temporary files extracted by the installer, and so long as none of the OpenCandy code is executed.

Over-optioned? I don't think users would mind one more choice if it determines whether or not some extra program unrelated to CDBurnerXP is executed during installation.

I also don't think people will object to whatever files might be extracted, so long as the code isn't executed. The OC-free installer might be a workaround, but it doesn't solve the problem of allowing users to make the choice while reducing your work load. I'd think it would be easier to maintain one installer with a choice built into it, rather than maintaining two separate installers.

As for revenue, I can't argue that issue, other than to make the point that a reduced user base (due to fears (valid or not) about OpenCandy, and due to a reputation (valid or not) for including spyware as a result of including OpenCandy) might also reduce your revenue in the long run.

Anyway, I hope you'll give this some more consideration.

Share this post


Link to post
Share on other sites
I'd think it would be easier to maintain one installer with a choice built into it, rather than maintaining two separate installers.

Actually, no. All installers are built automatically, so it doesn't really matter whether it's one, two or three of them. Due to the x64 version, there is more than one installer anyway.

Share this post


Link to post
Share on other sites
Guest Preschuto

The best reason there is? - People will not be installing your software.

I agree that OpenCandy is one of the mildest forms of "malware", but it's reputation proceeds it. Search for it and you will find vast listings saying it is a "problem". Most uses will simply shy away as they find out. Whether they are a "vocal minority" or not? - Do you really want your software associated with problematical software?

Toolbars can give the option to NOT INSTALL during installation and while that is annoying, it seems most users will tolerate looking out for a box and unticking it, but OpenCandy is flagged by a lot of security programs apparently. How many will cancel the install, or refuse permission to connect to the internet? You would know better than I do.

One last thought though, I was researching removing OpenCandy when I found this page. How many others will be finding this via search engines and tarnishing the reputation of what would seem to be rather good software otherwise? The problem is one of perception - You might not find anything wrong with OpenCandy, but if it being flagged as "undesireable" or worse by others, then ultimately, what you think does not matter if people loose interest in your software because of it perhaps?

Share this post


Link to post
Share on other sites
Search for it and you will find vast listings saying it is a "problem". [...], but OpenCandy is flagged by a lot of security programs apparently.

Like which one? I don't think there are any security problems than might not be in toolbars either.

The problem is one of perception -

Others' perception is not my problem. Let me put it this way:

- Me not using OpenCandy = 0$

- People not using CDBurnerXP because of OC = 0$

Since the latter point does not seem to be happening currently, I'll stay with OpenCandy. If you don't want to use CDBurnerXP for free because of OC, go use another software. I won't stop you. The profit OC generates is really worth it, and will open up quite some opportunities in the future that I am not going to miss.

Share this post


Link to post
Share on other sites
The best reason there is? - People will not be installing your software.

"reality is something that when you stop beliving it, it doesnt go away"

Now tell me, where did you got that people will not download or install the software ? traffic is actually growing. :D

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×