Talk:CDex

Latest comment: 3 years ago by IMSoP in topic Hostile takeover

Untitled

edit

CDex is Malware that installs software on your computer (e.g. AVG toolbar) without consent and that is very difficult to remove — Preceding unsigned comment added by 86.25.12.255 (talk) 10:25, 15 February 2015 (UTC)Reply

In my experience none of the adware I mentioned below seems to have installed when I opted out of CDex's installer, though it's not unheard of overall. The software does however seem to function as intended and did manage to rip my audio CD to MP3 format.Inferno986return (talk) 10:50, 25 December 2017 (UTC)Reply

Licensing issues

edit

The project has not published any source code for a long time despite making new releases. Therefore, I think it should not be listed as Open Source/GPL anymore.

The project site offers a download of the CDex 1.70 beta 2 source code which is from 2006 while the code in SVN was last updated in 2008. The latest release is CDex 1.78 from 2015. I asked for up to date sources on their SourceForge support forum, but the post was deleted by the project admins. An email asking for the same was silently ignored.

I think this software should be listed as freeware.

78.50.176.60 (talk) 17:33, 12 May 2015 (UTC)Reply

The licensing is certainly ambiguous. Both the site and the installer state the software is available under GNU GPLv3 yet the source only points to 1.70b2 rather than the current 1.96 (see the website). I'll see if I can have better luck chasing it up and hopefully the code can be moved to GitHub. Inferno986return (talk) 10:47, 25 December 2017 (UTC)Reply

Warning

edit

I followed the link and downloaded this program. It then proceeded to install all sorts of non-kosher stuff. I imagine there's a coverall statement about external links but I think there needs to be a specific one here. — Preceding unsigned comment added by 86.172.119.112 (talk) 14:48, 24 June 2015 (UTC)Reply

The installer offered two pieces of adware for me, a copy of ByteFence (which ironically claims to prevent adware) and a Chromium build (which could have anything inside) with Yahoo Search pre-configured. It's not immediately clear to the user how to opt-out either, instead relying on a small link which leads to a checkbox which is unintuitive. Inferno986return (talk) 10:47, 25 December 2017 (UTC)Reply

Malware?

edit

If this project is now shrouded in mystery and the potentials of malware present are possible/valid, why is this program even linked to in the article anymore? I don't know how many months or years will pass before this issue is correctly addressed, but I'm posting this here in the hope that it happens sooner rather than later! IIRC I checked VirusTotal not too long ago and it was listed as having tons of malware detected. Someone should fix this article, seriously. 77.250.227.202 (talk) 21:47, 20 August 2018 (UTC)Reply

Well, as you discovered, anyone can edit a page on Wikipedia, including you. So the simplest solution would be to Be Bold and simply remove the link, rather than waiting for someone else to do so.
My only hesitation in doing so is the likelihood that someone will add it back. What would be really good would be a solid reliable source (e.g. a major anti-malware vendor) saying that this is now malware to be avoided, and then the article could lend more weight to that aspect. At that point, removing the link would feel less like Wikipedia making an opinion, and more like it following an external consensus. - IMSoP (talk) 17:51, 10 September 2018 (UTC)Reply

Malware again

edit

This article needs more valid sources to support what appears to be OR and POV in the later part of the article.24.235.74.199 (talk) 20:17, 14 December 2018 (UTC)Reply

Info about the current code maintainer

edit

I went into the CDex website and found that the current code maintaner's name is "codingmaster". It's not a real name, but a username. Probably a suspicious one, used to hide the code maintainer's true identity. codingmaster is also writing release blog posts and posting them on the website's home page. There are currently three blog posts, one of them has an unknown poster. Go to the website and check out those blog posts. Website link: https://cdex.mu/ DarthonTheOverseer (talk) 14:59, 25 September 2019 (UTC)Reply

Hostile takeover

edit

The Facts:

  1. The website links to source code and bug tracking have all been removed from https://cdex.mu/[1][2]
  2. https://cdex.mu/ formerly pointed to source code and bug tracking at http://cdexos.sourceforge.net/.[3]
  3. The last source code was published in 2008. (According to above discussion. It used to be available via SVN at https://cdexos.svn.sourceforge.net/svnroot/cdexos/cdex1/trunk/cdexos or https://svn.code.sf.net/p/cdexos/code/cdex1/trunk )
  4. While the CDex source code seems fine, the installer has long been bundling potentially unwanted programs.[4][5][6][7]
  5. The http://cdex.mu/ website began in 2013.

I'm inclined to remove links to cdex.mu as hazardous and direct users to CDex Portable, which uses the same core program but doesn't included the bundled programs from the installer.[8][9] Daask (talk) 21:05, 14 February 2021 (UTC)Reply

You say that "the source code seems fine", but I've not seen any evidence of anyone other than the owner of CDex.mu seeing the source code since version 1.70. Note that the "Portable Apps" version doesn't actually recompile the source, it simply bypasses the installer of a copy of the program downloaded from CDex.mu. If you don't trust the owner of CDex.mu, that sounds like a bad strategy - just because no recognised malware is detected in the executable files, doesn't mean those executable files aren't doing anything malicious. - IMSoP (talk) 09:34, 17 February 2021 (UTC)Reply

Forks

edit

Might we consider https://github.com/elha/CDex the new official version? Daask (talk) 21:05, 14 February 2021 (UTC)Reply