The installer now includes OpenCandy recommendations

What is OpenCandy ?

OpenCandy runs a moderated recommendation network that enables software developers to recommend other software during installation of their application they believe will be valuable to their users. OpenCandy was started by a passionate group of people who were determined to help users discover software and change the way software developers make money and reach new users. More info at

How OpenCandy integrates with the RIOT installer ?

OpenCandy-recommendations are clearly labeled. I hand picked only high quality software from the OpenCandy partners. Only the software I chosen is recommended.
Among them, I can enumerate: Microsoft Internet Explorer 8 and 9, Microsoft Bing Bar, AVG Anti-Virus 2011, Snagit and others.

Are there any benefits ?

Installing recommended software is a great way to support RIOT if you don’t plan to donate, and discover great software that’s useful to you in the meantime.

Is it Adware ?

Some may consider OpenCandy an adware. I definitely think it is not. I would not include something that affects my users in a negative way. Basically it displays software recommendations part of the installation process, not ads. It is a way to recover software development costs. This model is adopted by many well known free applications to obtain a revenue from their work and support further development (notably IrfanView, WinSCP, Audacity, Media Coder, and many others).

OpenCandy does not demonstrate the negative characteristics commonly associated with adware:

  • Advertisement (recommendation) is only shown as a one step of software installation. Once the software is installed, you do not receive any more advertisements.
  • No unwanted software is installed or bundled. User has to explicitly choose to install recommended software to actually download and install it.
  • No private information are collected. Installation program collects only information necessary to choose relevant advertisement, such as geo-location, operating system and language. Note that this is about the same amount of information, any web page you visit receives from your web browser.

How can you avoid seeing software recommendations ?

Use /NOCANDY parameter when starting the installation program.

You can also use the portable package, thus avoiding installation program with OpenCandy.

What happens if I accept a recommendation?

If you choose to accept a recommendation, the recommended software is downloaded. When the download is complete, you can choose when you want to install the recommended software.

What happens if I do not accept a recommendation?

If you do not accept a recommendation, anonymous installer analytics are still collected about the installation.

How do you make sure the recommended software is safe?

My #1 priority and OpenCandy’s is ensuring all recommended software is safe. There are stringent guidelines and practices that we run each application through. This includes (but is not limited to), checking malware databases, security forums, software reviews by tech journalists and end-users, learning about the developer’s business practices (through the BBB and other sources), and trying each and every piece of software ourselves and discussing it as a team.

What information does OpenCandy collect during installation of an installer powered by OpenCandy?

First and foremost, OpenCandy does NOT collect any personally identifiable information. Nor store IP addresses.

They collect the following NON-personally identifiable information for aggregate statistical purposes:
A) Operating system version and language, country location and timezone of the computer running the installer, and the language of the developer’s software installer
B) That the developer’s installer was initiated, and whether it was completed or canceled
C) Whether a third-party recommendation was made and if so, whether it was accepted or declined
D) If a third-party recommendation was accepted, whether the recommended software’s installer has been downloaded and the installer initiated
E) That the recommended third-party installer was initiated, and whether it was completed or canceled.

For more information about what “personally identifiable information, see this Wikipedia article:

When is this information collected ?

A: A, B, C, and D are collected during installation of the developer’s software. E is only collected when a recommendation is accepted and the download manager is launched.

Why does OpenCandy collect this information ?

All of the data they collect is used to either help make better recommendations or help their partners improve their software and user experience.

What OpenCandy does with this information ?

They use this non-personally identifiable information in the aggregate to understand how the network and its participants are performing. They also provide this information to the software developers of the application you’re installing. Software advertisers are provided with anonymous statistics about how recommendations of their software are performing.


Joe, a software developer who participates in the OpenCandy Software Network, receives anonymous, aggregate statistics about how many computers, running Windows *XP, Vista, 7*, with an operating system language of *insert language*, in *insert country* installed his File Recovery Utility software.Joe also receives information about how his recommendations are performing. So if Joe sees that no one accepts a recommendation for Jane’s File Deletion Utility, it’s obviously not something of value to his users, therefore Joe will probably decide it’s something he doesn’t want to recommend anymore.Jane, a software advertiser in the OpenCandy Software Network, receives anonymous, aggregate statistics about the performance of recommendations of her software. So Jane can learn how many times her Secure File Deletion Utility was recommended, downloaded, or installed.

Posted in News
2 comments on “The installer now includes OpenCandy recommendations
  1. Yo Yo! says:


    Thanks for a clear explanation of what OpenCandy is – and is not. (Do you speak with authority on behalf of OpenCandy, and does it have an official website?)

    But did you have to scare the heck out of me by letting AVG declare it malware – adware – without first warning me – and all downloaders – that this was likely to happen? 😯

    Perhaps you’d like to consider providing a brief intro to OpenCandy – and a link to this page – on your download page? Fewer heart attacks! 😉 Also, you’d stand a chance of getting better installation statistics, i.e. more actual users. As a retired software developer, I do appreciate the need for revenue, and wish you well.


  2. Nathan says:

    I think making decisions based on statistics is foolish. It is analogous to people not seeing a movie because one or more critics gave it a bad review. Does that mean the movie was bad or people wouldn’t have liked it?

    Another example is canceling a television show based solely on a pilot audience’s response or yanking a movie from theaters after the first week’s low turnout. Not everything is an overnight success, but given time, can go on to be very successful. Business leaders tend to be too presumptive about performance and end up manipulating the outcome to the detriment of everyone.

    It is also foolish to pretend that someone can actually understand people’s behavior and intent solely from statistics. It is is even more misguided to utilize biased statistics only from those who participate and actually try to draw useful conclusions that will benefit everyone, including the developer. Take for instance the people that already use the software being recommended. Those people’s contribution to the statistics will be perceived as not being interested, when in fact they likely are.

Leave a Reply

Your email address will not be published. Required fields are marked *