tag:blogger.com,1999:blog-242237432024-03-13T16:05:26.130-04:00Cranial SoupPeas, carrots, green beans, and gray matter.Apphttp://www.blogger.com/profile/04973805741360160102noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-24223743.post-53108292661501897122009-05-13T00:34:00.014-04:002013-10-30T20:52:23.329-04:00OpenCandy: A New Kind of Adware/Spyware<img alt="" border="0" id="BLOGGER_PHOTO_ID_5335167503983734690" src="http://4.bp.blogspot.com/_qlCAUZtia6Q/SgpSk_Qob6I/AAAAAAAAAx8/s3LFFsZIZs4/s400/opencandy.jpg" style="float: left; height: 164px; margin: 10px 10px 10px 0pt; width: 303px;" /><br />
They claim to be doing something noble, but the only thing sweet about <a href="http://www.opencandy.com/" rel="nofollow" target="_blank">OpenCandy</a> is the sales pitch to naive developers that might just fall for it, tricking them into thinking it is somehow different than the typical common adware/spyware.<br />
<br />
A lot of developers do seem to be biting the bait, but no matter how you slice it, it's still adware/spyware, and to me it stinks worse than the old fashioned kind.<br />
<br />
In <a href="http://www.opencandy.com/what/" rel="nofollow" target="_blank">OpenCandy's own words</a>, this is what they do:<br />
<blockquote>
Recommendations are made to users during the installation process. Utilizing the install process creates a user-friendly experience and offers optimal engagement for making a software recommendation. The user is presented with a screen that describes the recommendation, at which time they may choose to install the recommended software.</blockquote>
That makes it adware!<br />
<blockquote>
We then provide analytics back to the creators, so they can see how their software and recommendations are performing. This way they can better understand how to build and recommend great applications. </blockquote>
That makes it spyware!<br />
<blockquote>
We've also provided our technology as a platform to a handful of software creators who are utilizing an offer screen during the install process as an advertising unit. Some creators are already monetizing their distribution by offering apps like browser toolbars, so we're helping them improve their user experience and optimize the effectiveness of their offers. </blockquote>
That makes it your typical spyware/adware we have always known.<br />
<br />
Actually, this is much worse, because instead of big companies like Sun & Opera making some software and offering it for free and advertising Yahoo's toolbar in the installer, we have a lazy predator company backed by venture capitalists that doesn't want to bother with or take the risk in developing a ton of software of their own to push toolbars to make their millions. They want to use the software of naive developers to accomplish it.<br />
<br />
An ad is an ad, and to me there is no difference.<br />
<br />
There is no difference between showing an ad for some other product by some other developer in the installer of my software, no matter how much I might even like that software myself, and popping up an ad for CocaCola or Viagra on a user's screen during the install process.<br />
<br />
Do you remember what you parents told you about not taking candy from strangers and why? Well, these guys are not really strangers, they are known preditors. The founders of OpenCandy are <a href="http://www.opencandy.com/about/" rel="nofollow" target="_blank">the same guys</a> responsible for the inclusion of the <a href="http://www.google.com/search?hl=en&q=divx+adware" target="_blank">spyware/adware in DivX</a>.<br />
<br />
Now, before you call me a hypocrite for bashing adware installers while having ads on my blog, let me explain the difference:<br />
<br />
Any visitor to my blog can turn off Javascript and not be exposed to ads. Or they can use a noscript plugin, or an ad blocker. They have that choice before they land on my site.<br />
<br />
I even offer an <a href="http://cranialsoup.blogspot.com/feeds/posts/default">ad-free RSS feed</a>.<br />
<br />
If I want to recommend software to my users, I put it <a href="http://appsapps.info/links.php" target="_blank">on a separate page of my site</a> and not in my software or installers.<br />
<br />
When the ads are in an installer, the user can't install the software without seeing the ads. They have no real choice. That's the difference. And I seriously doubt that developers are going to offer two different installers and give users the option to see or not see ads or be exposed to spyware.<br />
<br />
So now that I have told you what I think, what is your opinion on OpenCandy, as either a software user or developer (or both)?<br />
<br />
<u><b>UPDATE Saturday, February 19, 2011:</b></u><br />
The following applications have been found to install OpenCandy:<br />
<br />
<ul>
<li>aMSN</li>
<li>Any Video Converter (last freeware, OpenCandy free version 1.21 available <a href="http://www.neowin.net/forum/topic/512255-free-any-video-converter-10/" target="_blank">here</a>)</li>
<li>ApexDC++</li>
<li>ATI Tray Tools</li>
<li>aTube Catcher </li>
<li><span style="font-size: small;">avast! Free Antivirus </span></li>
<li><span style="font-size: small;">AxCrypt </span></li>
<li>CDBurnerXP Pro</li>
<li>Cheat Engine</li>
<li>CNET TechTracker</li>
<li>Connectify </li>
<li>CrystalDiskInfo</li>
<li>CrystalDiskMark </li>
<li>CutePDF</li>
<li>Daemon Tools </li>
<li>DarkWave Studio</li>
<li>Dexclock</li>
<li>Dexpot</li>
<li>DoubleTwist </li>
<li>Driver Sweeper</li>
<li>Duplicate Cleaner</li>
<li>DVDStyler </li>
<li>DVDVideoSoft products</li>
<li>eRightSoft products,including Super</li>
<li>ExtractNow</li>
<li>Ezvid </li>
<li>FL Studio</li>
<li>FreeFileSync </li>
<li>Free YouTube Downloader</li>
<li>Freemake Video Converter</li>
<li>Freemake Video Downloader</li>
<li>Free Music Zilla</li>
<li>Free Video Dub</li>
<li>Free Video To Flash Converter </li>
<li>Frostwire</li>
<li>GameHouse</li>
<li>HappyLand Adventures </li>
<li>IE7Pro</li>
<li>Image Tuner</li>
<li>ImgBurn </li>
<li>IZArc</li>
<li>kantaris</li>
<li>KMPlayer</li>
<li>Launchy (when not downloaded from SourceForge) </li>
<li>Media Info</li>
<li>MediaCoder</li>
<li>MediaInfo</li>
<li>MiPony </li>
<li>mIRC</li>
<li>Miro</li>
<li>MyPhoneExplorer </li>
<li>Office 2010 Trial Extender</li>
<li>Orbit Downloader</li>
<li>PDFCreator</li>
<li>PeaZip </li>
<li>Photobie</li>
<li>PhotoScape</li>
<li>Power Plan Assistant for Windows 7 </li>
<li>PrimoPDF</li>
<li>PSP Video</li>
<li>RealArcade </li>
<li>RedKawa</li>
<li>SIW</li>
<li>Soldat</li>
<li>Soft32 Updater </li>
<li>SPlayer </li>
<li>Startup Manager</li>
<li>StepMania </li>
<li>SUPER </li>
<li>Super Mario Bros X (Level Editor)</li>
<li>Super Simple Photo Resizer</li>
<li>Sweet Home 3D </li>
<li>TechTracker</li>
<li>Trillian Astra</li>
<li>Tubetilla </li>
<li>True Burner</li>
<li>Unlocker</li>
<li>uTorrent </li>
<li>Veoh Web Player </li>
<li>Videora </li>
<li>Vistaglazz</li>
<li>WebShot</li>
<li>Winamp </li>
<li>WinSCP</li>
<li>Xfire </li>
<li>YouTube Downloader HD </li>
</ul>
This is not an exhaustive all inclusive list. This is just what I have found with a quick Google search. If you know of any other applications that should be added to this list, leave a comment and let me know.Apphttp://www.blogger.com/profile/04973805741360160102noreply@blogger.com55tag:blogger.com,1999:blog-24223743.post-33372510950285003512008-12-06T13:00:00.003-05:002010-12-13T22:49:33.156-05:00AutoHotkey is NOT a Virus, Worm, or Trojan!<p><img style="margin: 0px 10px 0px 0px" height="200" alt="AutoHotkey" src="http://lh5.ggpht.com/_qlCAUZtia6Q/STq90-KrE6I/AAAAAAAAAgg/_kavoAd-uH4/ahk%5B9%5D.png?imgmax=800" width="200" align="left" /> I am so sick and tired of irresponsible antivirus companies unfairly flagging compiled AutoHotkey (AHK) scripts as viruses, trojans, and worms. </p><p><a href="http://www.autohotkey.com" target="_blank">AutoHotkey</a> is a free, open source scripting language, just as much as Perl, Python, Ruby, or JavaScript is a scripting language. </p><p>There is nothing wrong with the language itself, nor is there anything wrong with most scripts written in it. A lot of <a href="http://www.donationcoder.com/Software/Skrommel" target="_blank">really awesome, useful, Windows utilities</a> have been developed in AutoHotkey. </p><p>The language is powerful, easy to learn, enables you to write Windows utilities very quickly, and you can compile them to .exe and distribute them to others that don't have AutoHotkey installed, or you can give them the source script (.ahk) and they can run that if they do have it installed. </p><p>The problem is that there are idiots that will write malware in AHK, just as there are idiots that will write malware in any other programming language. You can't blame the language for this. And you can't blame all the developers that use the language, either. </p><p>But that is exactly what the antivirus companies are doing. They have decided that if a single person writes and compiles malware in AHK, then all compiled AHK scripts are malware. This results in tons of false positives, ruined reputations of innocent programmers, and a mistrust in AHK applications by the general public. </p><p>Developers have repeatedly contacted antivirus companies and complained, which after enough outcry from programmers and the public will result in them fixing the problem with the false positives. That is until a new version of AutoHotkey is released. Then the antivirus vendors get amnesia and forget that AutoHotkey is a language again, and flag all utilities made with it as malware, once again. </p><p>Lather, rinse, repeat. </p><p>This has been going on for a few years now and it's a viscous cycle that needs to stop. </p><p>I have written utilities that I would love to distribute to the public, with the source code, but I am afraid of putting them on my website, out of fear that my reputation will be destroyed by the stupidity of the antivirus companies. </p><p>This is unacceptable behavior on their part. Can you imagine if these antivirus companies decided to pick on another programming language and did the same thing they do to AutoHotkey? Can you imagine if every six months they decided that all applications written in C/C++ were malware? Or anything compiled with Microsoft's Visual Studio was malware? How about if they decided that all JavaScript was malware? You wouldn't be able to load most web pages or run most of your software. If they did that, those antivirus companies would all be out of business very quickly. </p><p>But that is exactly what they are doing. And AHK is the language they are picking on. </p><p>I am asking all developers and AHK users to join an organized effort to take the bull by the horns and petition the antivirus companies to stop the unfair treatment of our software. </p><ul><li><a href="http://www.autohotkey.com/forum/viewtopic.php?t=31975" target="_blank">An open letter for Antiviral software companies</a> </li>
<li><a href="http://www.donationcoder.com/Forums/bb/index.php?topic=15210.0" target="_blank">DonationCoder stands behind AHK developers</a> </li>
<li><a href="http://www.autohotkey.com/forum/viewtopic.php?p=223437" target="_blank">All of these false positive virus alerts on ahk scripts</a> </li>
</ul>Apphttp://www.blogger.com/profile/04973805741360160102noreply@blogger.com10