Sign in to follow this  
jytu

Thank you for this great app but..

Recommended Posts

http://i758.photobucket.com/albums/xx228/pdnnoob/downloadpdn.png

I posted this image in a thread on the same topic. It's just three screenshots of what I see on the download pages. As you can see, there is only one download button/link on every page. I have Adblock installed and I'm just here to say this: it works. Download and install firefox, then get the adblock plugin.

Once you have that done, uninstall as much of Internet Explorer as Windows will allow, then delete all the shortcuts to it so you will never have to deal with the accursed thing again.

Share this post


Link to post
Share on other sites

@pdnnoob. I also posted a simular image in a previous thread and apart from eer linking to it :) it seemed to fall upon blind eyes. I don't use adblock or firefox and have never had problems downloading anything either from pdn or any other program. As for your screenshot (like mine) It clearly states in blue "get it now" i'm sure it is not rocket science that this is the link to get pdn although as you may know, to some people it is! :roll:

Edited by nitenurse79

Share this post


Link to post
Share on other sites

@pdnnoob. I also posted a simular image in a previous thread and apart from eer linking to it :) it seemed to fall upon blind eyes. I don't use adblock or firefox and have never had problems downloading anything either from pdn or any other program. As for your screenshot (like mine) It clearly states in blue "get it now" i'm sure it is not rocket science that this is the link to get pdn although as you may know, to some people it is! :roll:

...hence the quote from BoltBait in my signature :D

Here, however, it seems the issue is the number of ads, as some of them are simply images of download buttons...

Share this post


Link to post
Share on other sites

I'm not relying on the ad clicks, but it seems to me that the link could be made more obvious or relocated to the main page (rather than the sidebar).

Perhaps just make the link a nice friendly button titled "Download Paint.NET"?

Share this post


Link to post
Share on other sites

I've always kind of wondered why Paint.NET never employed something like OpenCandy in the installer instead of advertisements on the homepage. It seems like Rick could make some steady income off of it. Plus, it would monetize the users who are already Paint.NET users through updates.

Share this post


Link to post
Share on other sites

No one needs to install Firefox to get the superior browsing experience that AdblockPlus affords. Internet Explorer 9 (a fine browser, IMO) has a feature called

Tracking Protection Lists, and there is a TPL created by the author of EasyList, one of the main subscription lists written for AdblockPlus. With that installed, the

PDN homepage is ad-free, and, at least with the sort of websites I frequent, there is very little difference between pages viewed with IE9 or with Firefox with AdblockPlus

installed.

Share this post


Link to post
Share on other sites

I've always kind of wondered why Paint.NET never employed something like OpenCandy in the installer instead of advertisements on the homepage. It seems like Rick could make some steady income off of it. Plus, it would monetize the users who are already Paint.NET users through updates.

I talked with the OpenCandy guys about 3 1/2 years ago while they were still preparing to launch. Ultimately my decision was against using it, but not because I disliked what they were doing. I didn't think the end-user experience would be compromised or cheapened, and in fact I thought it was a pretty decent idea. Asking users if they want to install complementary programs like Picasa, Irfanview, GIMP, Inkscape, WindowClippings, etc. is a clever, even innovative, idea. And it sure as **** beats all those installers that think installing unrelated browser toolbars is a good idea, let alone something that any user would ever actually want. (I even saw an official Microsoft DirectX installer that asked you to install the Bing browser toolbar ... what the?) We all have friends/family who wind up with 5 toolbars docked in their browser, or 8 additional startup/tray applications for the stupidest things ever. Oh you bought an HP printer? Clearly you want a photo gallery upload sync social applet running in the tray all the damn time.

Instead, the reasons were related to security. I ultimately would be responsible for it since their DLL would be executing code inside of my installer's process, but I would be unable to vouch for its correctness. I said I would need to see the code for myself in order to validate it, but also acknowledged such a request as unrealistic (not many companies are in the habit of sharing source code, including Paint.NET/dotPDN LLC!). Around this time I settled on having a general policy of only releasing what I have the source code for, and that I can include in my build process. This ensures that I can review the code and be responsible for it, and having a policy like that helps ensure I won't get greedy and compromise my own ethics. And if I don't review it because I'm lazy, then I don't have a flimsy excuse, which ensures I won't skip the review. (I will also ship binaries that are digitally signed and serviced* by Microsoft, such as .NET and Visual C++ runtimes.)

I also did not like the fact that OpenCandy would be running code inside of the Paint.NET installer's process to do things like querying a web service, downloading another installer, and then executing it. Or rather, I didn't like that it would be doing those things with an Administrator privilege level. After double-clicking on Paint.NET's installer EXE, they then would have clicked "OK" on a UAC dialog with the idea they were granting that permission for installing Paint.NET, and not for other stuff. I wanted a system that would run OpenCandy out-of-process with demoted privileges and have it send me messages like "hey I found suggestions for you: A, B, C, and here's their banner clicky images or whatevs, ok now let me know if they click on it", then I'd display the banner within the Paint.NET installer. If the user did happen to click "why yes sir I would like to install Picasa / Inkscape / whatever," the secondary installer could be downloaded and launched from within the sandboxed process. This would ultimately bounce the user through another UAC security prompt instead of just automatically running the secondary installer with full Administrator privilege.

This may sound like a crazy extranneous design requirement, but consider what would happen if there was a bug in the OpenCandy code, or if their server was hacked, and suddenly everyone updating Paint.NET got some nasty malware instead of Picasa, or it deleted files or who knows what (anyone remember the uninstaller bug from Myth 2? it deleted your whole hard drive!). These concerns just simply evaporate if the process doesn't have privileges to do any of that in the first place, and would have removed my requirement to inspect their code myself. It's not that I didn't "socially" trust the folks at OpenCandy, as they were nice people and all. It's not like they're the government with rumors of rampant corruption and insider trading. No, it's simply that I can't afford a level of technical trust to, well, any code that I can't see for myself. By the way, "social trust" and "technical trust" are vastly different, the former being roughly defined as "I like this person and will let them hang out with me and we will gossip" and the latter having a very strict definition of something like, "a trusted entity is one that can break the security policy" (I think this definition comes from the U.S. military). Example: you grant technical trust to your doctor with respect to accessing your medical records. Security and privacy policies on these are very strict. He or she could make copies and send them to everyone on the Internet (there is no ultimate physical barrier preventing this, although they'd certainly get fired and banned from ever practicing medicine again), but you socially trust that they won't!

Yeah, I tend to be pretty stodgy about things like security and privilege level stuff. Back in the day, I worked on Windows Live OneCare and this mentality became firmly imprinted into my engineering mindset. Step 1 is make sure you don't have security bugs! Step 2 is to have some humility and recognize that some will slip past no matter how awesome you and your team are, and to place "physical" limitations on the code (forcing reduced permissions, running your program with a user account that only has access to files it actually has a provable need to access, etc.) so that those bugs won't even have the ability to cause harm, or if they do cause harm that it's reduced in scope as much as possible. As an analogy, my indoor-only cat can't get outside because I close and lock my doors whenever I leave. And if the doors aren't locked for whatever reason, she just doesn't have the physical strength to pull them open. Also, the doors are hung in such a way that gravity causes them to close and latch on their own. So even if I'm stupid and leave my doors open and unlocked when I leave, my cat still can't escape and get scared by dogs and run up a tree and get lost and starve.

Anyway, like I said this was over 3 1/2 years ago. I have no idea what they've been up to or what's changed in their code, or what it was like when they finally launched, etc.

(Disclaimer: This is my own technical analysis which could be out-of-date. None of this information is confidential since you can infer that OpenCandy runs/ran in-process by noting that 1) it's sitting in a DLL which is then loaded by the installer's process (you can observe this with Sysinternals Process Explorer), and 2) no "OpenCandy.exe" process gets launched from an OpenCandy-powered installer, which means there's no opportunity for privilege demotion. Or if it did launch an extra process, 3) you could inspect its security level, again with a tool such as Process Explorer. This analysis is also not specific to OpenCandy and would apply to any "installer plugin" that runs in-process. This is also not a condemnation of OpenCandy's security, but simply my own technical opinion of running things like that in-process at Administrator privilege. Assuming the code is correct, I don't actually have a technical objection to launching another installer without a UAC prompt if the user has granted permission to do so. I simply think it's risky to run the other tasks, such as querying a web service to get download links for other executables, with Administrator privilege.)

* serviced = maintained, bugfixed, updated, etc.

Share this post


Link to post
Share on other sites

...

This may sound like a crazy extranneous design requirement, ...

...

Yeah, I tend to be pretty stodgy about things like security and privilege level stuff. ...

No, it does not.

I'm greatful you are. Thank you.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this