Open Candy trusted by AVG & Baidu ?

[Kate_L]

Hello

I notice something, here it is and I will let you see more / research.

On the OpenCandy (the PUP) website, it is a banner with "Trusted by" and you can see AVG and Baidu, both are security products.

Also I did some research and I notice this: "What kind of information does OpenCandy collect from users running OpenCandy-powered installers?" and there is something like PII (Personally identifiable information).

How AVG or Baidu can say this adware is "trusted" ?

 

[Oxygen]

Why am I not surprised?

 

[Kate_L]

They should protect the users not work against them ... QQ

 

[RevolutionSphere]

Apparently Microsoft trusts them too.

 

[Dubseven]

Thank you for the info, OpenSec

 

[Oxygen]

They should protect the users not work against them ... QQ

You've got to realize that you're talking about AVG.

 

[PVA_BR]

Just wondering... These brands are really used with owners consent within open candy's site?

 

[xxtoss23]

baidu=adware

 

[Jaspion]

http://www.opencandy.com/privacy-matters/

Personally Identifiable Information
We do not collect any personally identifiable information, such as name, email, or computer MAC address and we do not store IP addresses.

So that's probably why it can be trusted.

What's going on? Baidu, for example, with its shameless PUP tactics. Well, we all know that the threshold for something truly malicious is that the malicious program will give you no choice, whereas the annoying but not malicious program will give you a choice not to install it, and also a means to uninstall it.

Some companies are more aggressive (like ESET, Emsisoft) in dealing with PUPs than others. Baidu, for example, acts like a PUP, but has recently joined the International Association of Privacy Professionals.

http://antivirus.baidu.com/news/2014-06-23/1406775631.html
https://www.privacyassociation.org/publications/how_baidu_wraps_privacy_into_new_products

If the story in the second link is right, they may have to change their PUP tactics (at least here in Brazil) because they irritate people, to say the least.

Anyway, I sure hope all this privacy concern from these companies and institutions is not just all talk.

 

[Littlebits]

OpenCandy has cleanup a lot over the years, they no longer offer tricky installers, opt-outs are easy to find and uncheck.
Most AV no longer detect OpenCandy and I do agree that they shouldn't because with a lot of small freeware developers who make excellent products, this is the only source of income that they get to keep up with their development. Most users will never donate a cent, these developers have to get paid for their work somehow, OpenCandy helps these developers stay in business.

If I had a choice to get an excellent product for free using OpenCandy installer or have to buy the product instead I rather use OpenCandy installer since I can choose not to install anything but the products that I want.

If you are concerned by OpenCandy privacy there is alternatives.

1. Install the product with your internet connection unplug, most of the time the product will still install without any connections to OpenCandy. (unless the installer is just a online downloader stub)

2. Block connection to the installer with your firewall when running it.

3. (Most effective) Block all OpenCandy connections using Windows Host File with a program like HostsMan.
You can manually add the following lines to Windows Host File or use MVPS Hosts blocking list via Hostsman.
127.0.0.1 media.opencandy.com
127.0.0.1 cdn.opencandy.com
127.0.0.1 tracking.opencandy.com
127.0.0.1 api.opencandy.com
127.0.0.1 tracking.opencandy.com.s3.amazonaws.com


I use Hostsman with MVPS Hosts blocking list method since it also blocks other adware installers as well.

Enjoy!!

 

[Kate_L]

Thank you all for the info.

 

[Ink]

Apparently Microsoft trusts them too.

MS have new standards about Adware, check Microsoft sub-forum for related thread.