xavier roche's homework

random thoughts and sometimes pieces of code

I Do Not Want Your Search Bar

I am writing to follow up on an email regarding a possible sponsorship on HTTrack.com. …

I would like to offer you a partnership agreement to monetize your application HTTrack …

We are a software monetization platform and I’m contacting you to discuss possible partnership …


The first time I got one of these email, I really didn’t know what it was all about. At first glance, I thought they wanted to offer some kind of ad-platform for httrack.com, or maybe some kind of sponsored links.

I generally always decline these offers, as I do not plan to put more ads on the main site (the only ad, placed on the download page, is to support bandwidth fees, as I’m hosting the binaries directly). Oh, and also because many of these ad providers are really terrible – do you really want to have ads for counterfeit clothes, fake enhancement pills, or pyramid-scheme business ? Me neither.

After several emails, I decided to ask for a bit more information on these “partnerships” and “opportunities” to understand what they really wanted.

It appears that what they were interesting in was to put a “download bar” (or a “software bundle”, or a “download optimizer”) in the httrack installer executable, and share benefits with me (well, at least this is what they said).

The only purpose of the search bar was to “enhance browser experience” and things like that (yes, really).

Oh great, a search toolbar!

.. said nobody. Ever.

Do you have a search bar installed on your PC ? I mean, you have a browser, and you decide to install an additional bar to… search for things. Like with the regular bar.

No, I suppose. Me, neither. Nobody does. Even your grandma.

So, what’s the point ?

  • each time the search bar is installed by your bundled application, you get some revenue
  • each time the user is using the search bar, the search is redirected to some kind of second-zone search site loaded with ads (and crap)
  • ads do generate revenue, fueling the system

Great, isn’t it ?

Hell no, this is crapware!

Adware, spyware, crapware. Yes. And this was my first reaction, and then I politely declined.

But you can opt-out your users during install!

Oh great. So each time a user install the program and does not carefully look at the checkbox enabled by default, he’s going to install the bar. This is the kind of thing which infuriates me.

But you can opt-in your users during install, too!

I was still skeptical, but why not, after all ? People installing the program by clicking “next-next” will not be harmed. And after all, this is just a search bar, isn’t it ?

Pact With The Devil

Well, no, this is wrong. So wrong.

First, if you take look at the reputation of all these companies, you’ll be horrified. Endless list of users trying to remove the infamous search bar, trying to figure out why they caught this virus, why they have pornographic pop-ups everywhere, etc.

Second, nobody will install this component opt-in.

More precisely:

  • very few people will install the opt-in component, generating nearly no revenue at all
  • people who trust you will do – and will be betrayed, and will hate you, and it will harm your reputation

What’s the point in allowing opt-in for these companies, by the way, is it does not generate any real revenue ?

The bleak truth is that in this case they are not providing you a marginal revenue. They are using your reputation to cover their bad one.

And this is the last reason why you should never, ever, make a deal with these people: as a developer, you have a reputation. You built something great (with few bugs, possibly) and you have a large user base trusting you. Do not betray them.

Oh, And One More Thing

Unfortunately, some ├╝ber-jerks found an even better solution: bundle your application without telling you, and put it on their smelly download site.

The consequences are extremely annoying

  • users complaining that httrack contains trojans
  • users who are reluctant in trusting httrack because of the bad PR
  • more generally, bad PR for “free” softwares (are they even safe ?)

That is why I recently decided to start signing the Windows installer version, with an official trusted SSL key (registered to Xavier Roche). I will probably do the same for the program DLL’s soon. By the way, on Debian platforms, I have been signing the sources from the beginning, and this is a very good practice.

TL;DR: Search bars are crap, and you should always download programs on trusted sites.