Would you find this acceptable (or class it as SpyWare)?
-
I doing HTTP based version checking in the new version of ED4W and I've been surprised and how sites where this doesn't work. I assume that it is being blocked by a firewall or an in some cases personal firewall apps like ZoneAlarm. Certainly from my experience so far you can't assume this will work for all users and at a guess I'm seeing around 50% of sites where it works. I'm only doing a HTTP GET to download a 20 byte plain text file. I can't see any reason why you'd want to upload a file to a server and get it to do the comparison for you. As an end user I'd be more suspicious if even a single byte was being sent from my PC. I agree with all the previous comments about how to go about making it optional etc. I'd be most interested to hear of the experiences of others using Internet based version checking with regard to percent of customers where it works/doesn't work. Neville Franks, Author of ED for Windows www.getsoft.com
Some good feedback, thank you. In addition, i'd just like to make a few amendments: The program would not be updating any files to our server, just a single (16 bytes or so) packet containing the version number and product code (by product code, I do not mean any code that is user-unique, but the acronym for the product name, eg: WBA). I can't see anyone finding this suspicious, so long as it is carefully explained in beforehand. Certainly downlaoding a file containing the version number to the users computer would work, but a request would still need to be sent out by the program to get the file, and this would in the long run just waste time and bandwidth, as the whole version check could be performed with just one communication each way. Making it optional is a good idea, and a combination of showing a "
Do not show this message again." dialog, and having a checkbox in the program preferences to turn the checks on and off. And if only 1% of users upgrade using this method it would have been a sucess. If 50% did it would be a remarkable success. (A happy customer is a repeat customer). David Wulff dwulff@battleaxesoftware.com -
I doing HTTP based version checking in the new version of ED4W and I've been surprised and how sites where this doesn't work. I assume that it is being blocked by a firewall or an in some cases personal firewall apps like ZoneAlarm. Certainly from my experience so far you can't assume this will work for all users and at a guess I'm seeing around 50% of sites where it works. I'm only doing a HTTP GET to download a 20 byte plain text file. I can't see any reason why you'd want to upload a file to a server and get it to do the comparison for you. As an end user I'd be more suspicious if even a single byte was being sent from my PC. I agree with all the previous comments about how to go about making it optional etc. I'd be most interested to hear of the experiences of others using Internet based version checking with regard to percent of customers where it works/doesn't work. Neville Franks, Author of ED for Windows www.getsoft.com
as i said we develop for the financial markets ... most of them are firewall city generally ... we have no problems getting through the http port ... any problems we have we simply ask them if they can connect to the web via a browser ... if they can then we work ... if not its an easy test for them to perform. and to david ... i do agree that uploading anything to the server is not necessary ... not doing it allows you to state "we upload nothing" on the product ... which may or may not be a moot point technically but the PR effect on people is very valuable :) --- "every year we invent better idiot proof systems and every year they invent better idiots"
-
In a certain suite of software im working on, we have plans for an “automatic update notification” feature. Basically, at idle times while the app is running, it has a look to see if the user is connected to the Internet. If so, and a check has not been performed that day, a single packet of information will be sent to a secure server containing the products current version and build number, and the three figure acronym we use to name our products (e.g. WBA). Nothing else (no serial number/name/GUID’s/etc) is sent – other than the current IP that is obtained from the connection at the server end. The secure server would then compare the version number for the user’s product against the current versions stored in a database, then return a single packet to the user (and thus the application) stating whether an update is available or not. No data is stored on the server side. The IP address is not cached or recorded in any way. Then the user would be presented with a message on the next application startup to say that an update is available, and ask if they would like to download and install it. We had brainstormed over whether to prompt the user before sending out the ‘is an update available’ packet in lieu of all the paranoid computer users out there, but decided showing this each day would get very tedious to the end user. Currently we have settled for a design whereby the user is shown a message the first time the application runs, stating that the program can optionally check for updates, anonymously, and would they like to disable this feature. Do you think this approach would be acceptable? Do you think the message needs to be shown the first time the program runs (I say this as many beginner to intermediate computer users may just choose to disable it without realising it actually performs a necessary task.) Do you have any other views or opinions you’d like to share? Yours, David Wulff dwulff@battleaxesoftware.com
I have written an Internet/Client-Server application. When the user first logs on, I check for any updated client programs that user is lacking. If there are updates, they are sent. If the client software doesn't get updated, it probably won't work with the server. BTW. I based this on the way AOL operated the last time I looked.