Feed up with Open Candy / Bloatware!

Discussion in 'malware problems & news' started by Cutting_Edgetech, Mar 4, 2014.

Thread Status:
Not open for further replies.
  1. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
    I'm feed up with bundled bloatware, or Open Candy! Its gotten to the point that you can't find any software that has not been bundled with some form of bloatware which many times behaves like Spyware. I would suggest if you agree then at least give bad WOT ratings to these sites that bundle open candy with software. They know that most novice users will install this software without understanding what they are doing. Most of this software degrades computer performance, collects their information, and causes error messages. Users don't deserve their computers being used as marketing tools, and they sure should not have their information collected for such purposes. I'm sure there is a lot more that can be done, but I think it would be very easy for users to at least give bad WOT ratings to these sites if they use WOT. I just flagged download.com, and sourceforge since they are conducted these bad business practices. Maybe if they loss a big chunk of their user base, and their good company name is damaged they might understand that these type of practices are not acceptable. I also encourage you to list other websites that often bundle bloatware with software on their website. Thank you for helping, and doing your part as Security enthusiast, and Security Experts!!

    Websites I have flagged so far:
    -www.download.com-
    -http://sourceforge.net/-

    Edited post 3/5/2014 @ 3:01 am. I removed BSOD's as being caused by bloatware, or open candy. There's no solid evidence to support this.
     
    Last edited: Mar 5, 2014
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    I use NVT's Exe Radar Pro, and leave it on alert. You can see the installers run the exe's that install this junk. I just block them and let the install continue. That is if I really need the software that is installing it.
     
  3. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    Why flag the whole Sourceforge? It seems to me that this does more harm than good... :doubt:
     
  4. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    Controversial Advertising Program Now Being Embedded in More Software

    OpenCandy employs some controversial techniques in its operation and this has created some
    heated discussions in internet forums and blogs. Some say it is adware or spyware while
    others say it is just another legitimate form of advertising. Whatever, you need to be
    aware of this product and its potential pitfalls.

    https://www.techsupportalert.com/co...-program-now-being-embedded-more-software.htm
     
  5. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
    Because they are the ones bundling the bloatware with the installer according to some developers that host their software there.
     
    Last edited: Mar 4, 2014
  6. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
    NOD 32 usually blocks the installer before it finishes downloading, and if it does happen to finish downloading it flags it immediately when the download is complete. If I want to ignore the warning I usually have to select ignore from NOD 32 2 to 3 times before NOD 32 will allow the installation to proceed. Then after that Online Armor flags it as soon as I start the installation. If I click allow then Online Armor blocks it anyway so I have to go back, and manually browse to the path of the installer within OA. Then I have to select trust before OA will allow the installation. Its so hard to find software that does not bundle bloatware with their installer now. Many software developers only host their software on download.com, or another site that bundles bloatware with their software. I think it's time we stand together, and show these websites these practices are not acceptable. If developers only host their software on websites like download.com then I will not use their software anymore. I will find developers that have better business practices.
     
  7. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
    I think this short thread I started about Camstudio containing 4 different bundled software offers in their installer is also worth reading. After I declined all offers it installed a bundled software distributor on my machine anyways. I never did get any response back from the developers of Camstudio.
    https://www.wilderssecurity.com/showthread.php?t=360573
     
  8. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
    Thank you for the link :thumb:
     
  9. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
  10. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    Really? Have you got any evidence to support your claims of bundled software causing errors, blue screens or even "collecting information?"

    While it is unfortunately all too easy to end up with extra software installed if you don't pay attention during the install process, it needs to noted that the optional software installed by OpenCandy is not malicious.

    There is the option to download the original installer in cases where download.com is using their own installer.
     
  11. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  12. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
    I have worked on many computers over the years that had so much bloatware installed on their computer that it crippled their computer. Especially those that had older computers. They just keep installing bloatware until their computer is unusable. Most of them informed me they did not know how it got on their computers. I have to remove the stuff from my parents computer about every 3 months. They get really upset, and wonder why it keeps freezing over, and over again. After I remove everything their computer is working fine again for another 3 months. Are you serious? lol You really don't think these bundled applications degrade computer performance, and at the very least collect marketing information like user habits from the user's computer?
     
  13. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    Yes they can, if they are set to run at startup, or add extensions to browsers.

    No I don't think they do. Can you provide me any proof that they do? Or, is that just speculation on your part?

    Also, you failed to mention anything about blue screens. I'd be really interested (and extremely surprised indeed) if you can provide any proof that any of the extra software that gets installed will cause blue screens. I've never witnessed such behaviour myself.
     
  14. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
    Opps... forgot to respond to one of your questions. I have personally seen bundled software that has caused the user to get error messages at start up of their computer. I have not personally seen a BSOD that I can say was positively caused by the bundled software. I have only read reports of BSOD related to bundled software.
     
  15. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
    I think no matter what I reference you are going to dismiss it. Their is so much literature on the web about companies using bundled software to collect user habits for marketing that i'm sure you can easily find it if you look.
     
  16. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
  17. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
    Roger, I think you have a good argument about there not being enough evidence that bloatware causes BSOD's. I think if a BSOD did occur due to bloatware then that would be more likely due to bad coding. I will remove BSOD's as being caused by bloatware / open candy. I will put edited at the bottom of the post with the time, and date. I will also describe exactly what I removed from the post, but I have seen first hand the other problems associated with bundled bloatware that I have listed.
     
  18. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    Sure, it can happen. But, my understanding in the case of OpenCandy that only harmless software gets bundled. So, if the software gets installed without the user realising it will be, then is most certainly unwanted, there's no argument from me there. However, considering the no malware is getting installed, and the software comes with uninstallers, then it's not really a big deal in my opinion. It's nothing like the old days where software came bundled with adware and perhaps would not run without the included adware. Sometimes the bundled adware came without an uninstaller and could be hard to remove when it was brand new adware that was no yet detected by antispyware software.

    I want to make it clear that I don't like software being bundled with installers. But, as long as you can opt out of installing any extras, and also if the included extras are not malicious, it's no a big deal to me. Also, I see no difference between Chrome being bundled with Avast and other 3rd party software being downloaded from installers using OpenCandy.
     
  19. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
    What do you think about my experience with Camstudio recently? I was offered 4 different bundled software offers, and I declined them all. Then some time later I turned on the option in NOD 32 to detect potentially unsafe applications, and NOD 32 detected bundleoffermanager.exe actively running in the background (according to NOD 32) from Camstudio installation folder. I was not even using Camstudio at the time, and I had not used Camstudio that entire session. I sent an email to the developers of Camstudio requesting information about what was installed. They never did return my email. The only way you can join their forum is by invitation only so I have no clue if they got my message.

    Usually the TOS will inform the user about their policy for collecting data for marketing purposes. They make the things so long that they know very few people will take the time to read them. One deceptive way they get many users to install the bundled software is by only giving the option not to install it under the Advanced Install Option. They will even list the default, or normal install method as recommended in parentheses. I have not seen it much recently, but I have seen many cases of it in the past. I try to stay away from all bundled software now unless it's something I absolutely need so i'm not sure how often this type of deceptive practice is still used. I did see some installers using it last year, but I can't remember the host that was bundling software like this.
     
  20. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    That is certainly not a good experience at all, and do have a big issue with extras being installed when you select not to install them.

    But, in my experience with installing many programs (I have nearly 550 exe files sitting in my downloads folder, which I've downloaded in the last 18 months), what happened in your case is not a common scenario. Usually, the extras are not installed when you opt out. This doesn't matter much to the average user who blindly installs software and accepts everything, but for users like myself who (most of the time) take note when installing software and opt out of an extras being installed, it means we can avoid the extras.
     
  21. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    There is one solution that would stop developers from doing this.....pay for the software
     
  22. chris1341

    chris1341 Guest

    I installed the latest update to uTorrent and Foxit Reader recently and got Open Candy whether I wanted it or not. The only way I knew it was there was when AppGuard blocked the dll from loading with the installed software when it tried to give me a 'one-off' fantastic software deal.

    I declined all the Foxit offerings and uTorrent only gave me the option not to install Spigot. Open Candy was not even mentioned but I got it anyway.

    I've seen the thread about Foxit and can assure you I did not accept any bundled software but the dll ended up on my system anyway in appdata/roaming/temp and it tried to load with the application.

    I also got Linkular with Sumo. Again without asking.

    I know there is no such thing as a free lunch and if we want software developers to provide new/updated functionality 'free' they need other ways to pay the bills. I'm also aware some of the adware bundled are fairly open about what they do and the likes of Open Candy give you instructions and a tool to clean up remnants.

    I don't really care whether it is bloat or not. The reality is though users don't want this stuff. They might not say they don't want it at the right time during the install or simply get it whether they want it or not. Either way I don't believe it is ethical to bundle it without pre-download warnings even if there are opt out choices. Nobody willingly chooses this stuff surely? They just click through to get to the part where they can use the software they think they're downloading.

    What's wrong with saying 'This installer is bundled with other software we think you may like. Remember you don't have to accept it to use our software. If you don't want to use it please be sure to decline the offer during the instalation process' or similar?

    For info I was only trying SUMO and won't use it (I'm aware the lite or portable or whatever doesn't come bundled) and have removed Foxit and uTorrent. They gained some funds but lost a customer. Don't suppose they care much.

    I'll continue to avoid bundled software that the developers or download sites choose to bundle where I can.

    Cheers
     
  23. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,237
    But you need to understand is that OpenCandy is just used by a programs to offer 3rd party software to be installed, and that is all. OpenCandy does not install on your computer.
     
  24. chris1341

    chris1341 Guest

    I don't think I said it installed, I said I got it whether I wanted it or not. By got it I mean it dropped a dll into a temp folder which attempted to run on execution of the downloaded app and wrote 2 folder entries into appdata.

    I merely point out I got something I didn't want running on my computer, even if only once for an express purpose, without my consent because a software vendor chose not to tell me.

    As noted neither me nor anyone else wants this type of thing but its forced on us in a dishonest way IMO.

    Yours is different. Fair enough.

    Cheers
     
  25. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Yes I have seen reports of that, but it's several months back so I can't link you to anything, but search around and maybe you'll find some.

    @Cutting_Edgetech, Softonic is a "bad" place to download from too.
     
Loading...
Thread Status:
Not open for further replies.