OpenCandy - Bad or Good??
Posted 07 April 2011 - 10:51 PM
I must admit to only having come across the term 'OpenCandy' quite recently, after a comment from member Bala7 letting us know this relatively new advertising medium was bundled with one of the freeware products listed here on FreewareBB.
It seems OpenCandy is proliferating quite rapidly with more and more software developers bundling it with their products. So, I have been spending some time researching this issue. The OpenCandy platform utilises controversial techniques which have been the cause of heated debate across forums and blogs. Many are saying OpenCandy is adware or spyware while others say it is merely a legitimate instrument for advertising.
When you install a program that comes bundled with OpenCandy; during the installation process OpenCandy will surreptitiously scan the host computer and then make software recommendations based on the findings. The user will then be given the choice of installing the additional software [or not] via an opt-in/opt-out system. Hopefully most [distributors] will stick with the preferred opt-in selection process rather than the very much sneakier opt-out option.
Here are a few points to bear in mind:
*The recommendations OpenCandy makes are largely based on the products already installed on your computer. OpenCandy gathers this information by covertly scanning the computer without asking for nor gaining your permission.
*If you agree to install any of the software recommended by OpenCandy: not only will that software then be downloaded and installed but OpenCandy itself will also be permanently installed on the computer.
*Even if you choose not to install any of the additional software recommended by OpenCandy, your computer will still be secretly scanned and that information sent to the OpenCandy people.
The defenders of this system, including the makers of OpenCandy, make the following observations [claims]:
*Many programs from known reputable companies scan the computer during the installation process to check for older versions and to confirm the existence of mandatory components, etc.
*If you choose not to accept any of OpenCandy's recommendations, then no 'extras' are permanently installed on the computer.
*OpenCandy states that any data sent back to them is simply general information of the type normally collected by a website whenever you visit, and contains no personal details.
There are indeed 'two sides to the story'. On the face of it, OpenCandy seems harmless enough but there are certainly some serious reservations:
*Will all software distributors who utilise OpenCandy make full disclosure; on their home page, as part of the download details, in the EULA.
*If an opt-out system is employed for the OpenCandy software recommendations; how many people are going to inadvertently install unwanted extras on their machines.
*There is currently little or no evidence that suggests OpenCandy is spyware BUT the potential is certainly there.
Consider this; As the use of OpenCandy expands and it is installed on more and more computers, how tempting would it be for the owners to utilise that massive data base more aggressively.
What do I think: I believe OpenCandy, as it now stands, is relatively harmless adware; on the proviso that the software distributors who bundle it with their products stick to a regimen of full disclosure and employ an opt-out system. However, the potential for abuse is somewhat disturbing and I would like to see some more concrete assurances/guarantees in place.
What do you think?
Posted 08 April 2011 - 02:58 PM
In an ideal world, addon software would be opt-in, that is we would be asked if we wanted to install it with the tick-box already NOT ticked which means it wouldn't be installed if we missed the option and just pressed 'next', 'next', 'next'. We know this will never happen because simply put there is too much money involved. Everytime someone installs something like OpenCandy there is money to be made from recommendations, referrals and other options - when this happens the person who agreed to bundle OpenCandy will no doubt receive some commission from this and so on and so on. Money talks and makes people do things they wouldn't normally do like agree to bundle stuff with their otherwise fine product. Trouble is, if this third party (the "adware") decides to go nuts and sell everything down the river, the developers reputation goes with it!.
Personally speaking, and as the owner of FreewareBB, users have to put up with enough surprises these days, without software developers including all manner of useless addon software in their installers which is nothing at all to do with the software itself, but more to do with making money.
Of course no-one objects to anyone making a little extra cash, but I really do think it does nothing for the developers reputation when they include certain third party addons.
Talking specifically now about OpenCandy, checking WOT the first thing I see is the reputable "hpHosts" noting that OpenCandy is "Engaged in the distribution of malware". Now this is most certainly not something I would want my software to be associated with, no matter what the interpretation is of "malware", "adware" or anything close to it, people see this and run a mile and therefore it's no surprise that FreewareBB have also in the past removed software containing things like this. Reading on in WOT there appears to be more than one complaint about OpenCandy although I would be inclined to trust the comments of hpHosts as do WOT. At the end of the day, it really is about individual choices, do you take the chance or not? Is the software really of that much importance to you that you would take a risk? Isn't there an alternative that doesn't include a third party addon?.
More specifically for us freeware users is the fact that in all probability most of the "recommendations" from OpenCandy WILL NOT be freeware - there is basically no money to be made in that, so instead most recommendations will come from shareware, trialware or commercial software, the developers of which will probably pay a commission for the recommendation and pass a small percentage of this payout to the person who agreed to bundle Open Candy in their software. In a commercial environment, there isn't anything wrong with this, but for us freeware lovers it's not what we want so becomes a complete waste of time in my opinion.
Posted 08 April 2011 - 09:21 PM
In many cases keeping Freeware free is of some import, particularly the good [popular] Freeware. If something like OpenCandy helps developers maintain that free status then I believe it is, overall, doing more good than harm for end users.
As I said in my original post: providing those developers who utilize OpenCandy are completely up front about it and employ an opt-out system I can't really see any harm. The essential element, I believe, is 'full disclosure'.
I would tend to discount the negative comments via WOT; there is no evidence at all to suggest OpenCandy is [or contains] spyware/malware. In my opinion, any negative comments would be derived from ignorance or inexperience. I believe those who argue that OpenCandy is spyware are predicating their claims on what could possibly happen rather than what is actually happening.
When I asked my friend and renowned security expert Ken (The Geek) Harthun about OpenCandy, he agreed that in its current form OC was totally benign [his word]. And that seems to be the general consensus among the security fraternity.
Definitely one to keep tabs on!!
Marko - Co-incidentally I just visited the PeaZip download page to check out the latest version and there is a fine example of how developers can utilize OpenCandy in a sensible and responsible way. Downloads are clearly labeled, from top to bottom: installer - with OpenCandy bundled, installer - without any 3rd party bundle, portable - without any 3rd party bundle.
Posted 09 April 2011 - 07:47 AM
To me OpenCandy is like those "recommendation" sites which are set up just to take the highest bidder and write favourable reviews about them, OpenCandy will only recommend those programs which make them money, there could be another 10 programs out there which will do something a great deal better although they will never be recommended by OpenCandy because the developers haven't signed up to their advertising network and so we get a biased and income generating based review from OpenCandy - sure, I could do that on FreewareBB and nobody would probably know any different, would help pay the hosting costs as well but at the end of the day if someone exposed me for doing something like that our rep would be in tatters, yet OpenCandy make a living from it
Posted 03 May 2011 - 05:36 PM
Recently on checking a couple of free apps registry keys "current user & local machine" I came upon a couple of keys in reference to "OpenCandy".
Now usually with any freeware install I will check the EULA under the microscope, but these two items in question got passed me.
The question I have for you is this, do you intend on flagging any new apps or existing app updates that contain "OpenCandy" because I'm sure others will be concerned about any software that has no opt-out on the install?
Posted 03 May 2011 - 06:16 PM
You can see a list of downloads already removed from our site by searching for "(REMOVED)" (without the "" quotes).
As for your own experience, can you share the details of your findings (namely the titles of the freeware) and we will take a peek ourselves and take the necessary action if we list them
Posted 03 May 2011 - 11:57 PM
As I have stated previously, full disclosure is key. I would definitely not recommend any product which did not practice same, and agree any such products should indeed be blackballed.
I too would like to know the titles of the freeware you mentioned?
Posted 04 May 2011 - 10:55 PM
I have a freeware where the "donation" are not enought, unfortunately I m considering Opencandy as a sponsor, and looking on internet I found your thread, it's interesting to get your point of view, and I would follow your recommandation.
So in short, Peazip is the model of what to do to notify users about opencandy bundle ? that's right ?
Posted 05 May 2011 - 07:57 AM
Posted 05 May 2011 - 05:26 PM
However, if you are in a position where you must go with OpenCandy in order to continue your work then yes, PeaZip would be a very good model.
It's all about full disclosure; i.e. making sure your prospective users are fully aware.
Posted 06 May 2011 - 07:07 AM
Although I didn't want to get into the whole "is it adware/dangerous" argument, take a look at some of the comments on WOT and make your own mind up: http://www.mywot.com/en/scorecard/opencandy.com/event-33368#events
Personally, and as I've said before, the application itself won't necessarily harm your computer, but OpenCandy works on recommendations which it will then download and install on your computer if you choose to accept the recommendation, however my problem is that these recommendations are PAID one's. This means it will only ever recommend a program to you if it's developer has previously signed up and paid for this service - there could be issues with that software, it could contain more problems or could come bundled with anything else you don't know about and in all probability there could be 101 better applications out there which could be free but are not part of the OpenCandy push because the developer hasn't signed up for their service (maybe they too have read the negative remarks on WOT or elsewhere and don't want to run the risk of their software being labelled!).
In the particular world of freeware and open source I don't think OpenCandy or any other similar third-party add-on has a place here, it's intrusive, suspect and will ultimately damage the reputation of your software - many other download sites don't really care about promoting software which comes bundled with add-ons (including the big download sites like download.com) but I guess they too are putting profits before pride which is why we see many computers with 10 toolbars, running slow and the end user scratching their heads wondering where the hell all this crap came from?!. If we ignore the problem of add-ons which force themselves onto your computer via an install routine then we do so at our peril - many end users rely on sites like ours to protect them from such downloads and while we always remain transparent and admit we can't be right all the time we nevertheless act when we know about it and it's no different in this case - Opencandy does not have a home here nor does any other add-on which can't guarantee to be 100% safe and where it's given to you as a choice then most times we're happy to allow you to make the decision, when it's forced on you through an installer then I'm sorry, but it's history on this site!.
Trying to make enough money to cover cost's is all fair and well, but you can't force people to hand over money and by forcing add-ons onto your end users you run the risk of frustrating them to a point where the usefulness of the application is shadowed by the add-on itself. It can be a tricky situation to recover cost's and I personally can tell you we have probably spent more money over the past few years than we have gained through advertisements on the site, but running one of the safest and honest download sites in the world is often payment for me - that is until the wife get's hold of the outgoings
Posted 06 May 2011 - 08:24 PM
There is absolutely nothing on the home page or download page to suggest that Photobie comes bundled with OpenCandy and if they are not including any options to opt-out either, that is just disgraceful!!!
I say to all Photobie users.....let the developers know you are thoroughly disgusted with their tactics.
And I say to all Freeware users......register your protest, do NOT download, use nor recommend this product!!
Posted 07 May 2011 - 02:15 PM
Check it out (http://news.cnet.com/8301-17939_109-10094314-2.html) and strangely enough you can also check their user comments who don't seem too pleased either, but then again cnet obviously won't act because they're making way far too much money to start banning software that comes bundled with ad-ware.
Interestingly also, a user called "logan1337" tells others to "cool down" as the software ...
I presume he is talking about the 'recommendations' that OpenCandy will no doubt make after install, because as we have proved just recently, OpenCandy IS now being forced onto your computer by some developer installers.
He goes on to say ...
which again, isn't quite right, because YOU ARE installing someone else's software when you unwittingly install OpenCandy as part of another installer which has this fact as part of it's terms but STILL won't give you the opportunity to 'opt-out'.
Normally I don't rise to the slating of other sites, but seriously, a site as large as cnet is quite obviously putting itself and it's profits before anything else, shrewd in a business sense, potentially catastrophic to the unwitting user
I also found the following statement on the OpenCandy website:
Although there is no reason to doubt this is the case, there are many negative comments on WOT which don't really explain if they have contracted a virus, malware or adware via their recommendations although it's clear end users are not happy at this intrusion and Microsoft Security Essentials have themselves labelled OpenCandy as "Adware:Win32/OpenCandy" despite Microsoft 'apparently' being one of OpenCandy's "largest partners". Why would Microsoft 'partner' with a site that it labels as "Adware"?. Your guess is as good as ours!!.
Anyone able to use common sense and think logically would have to agree with your assessment. Not necessarily those who are biased by a personal agenda though!!
- ? Spotify - was it too good to be true?
- Help, Hints, Tips & Tech Stuff
- How To: Quick fix internet connection problems – XP and Vista. ?