CDex


CDex is a free software package for Digital Audio Extraction from Audio CD and audio format conversion for Microsoft Windows. It converts CDDA tracks from a CD to standard computer sound files, such as WAV, MP3, or Ogg Vorbis. CDex was previously released as free software under the terms of the GNU General Public License ; however, although the website claims that this is still the case, no source code has been released since 2005. It was originally written by Albert L. Faber, and is developed and maintained by Georgy Berdyshev. Recent versions of the software may be compromised and a security threat.

Features

CDex is able to convert CD audio into several formats including WAV, Vorbis, MP3, VQF, Musepack, APE, and many others. As of version 1.70b2 FLAC encoding is native, but for version 1.51 FLAC and other codecs can be used by using an external encoder. It supports CD-Text to allow ripped tracks, with reduced user effort, to have the names of songs, artists and albums. It can also automatically identify inserted audio CDs and look up the metadata by means of an online database for automatic tagging, naming and sorting of ripped files. It also includes cdparanoia for robust CD reading. CDex is considered to be very configurable and relatively easy to use.

History

In 2000, at the start of the beta phase for version 1.30, CDex was turned into a free software project and hosted on SourceForge.net.
In January 2006, the CDex homepage requested a new project manager and developer, implying that Albert L. Faber had abandoned development of CDex. On 5 June 2006, CDex 1.70 Beta 1 was released via the SourceForge.net website. It was the first official update to the program in almost three years, with CDex 1.70 Beta 2 following soon after on 23 June 2006. In 2008 Berdyshev was joined by Ariane Gomes as project developers. On 18 November 2009 CDex 1.70 Beta 4 was released. CDex 1.70 Final was released on 29 June 2014 featuring a Unicode and Multibyte version.
On 30 June 2007, just one day after the release of the GPLv3, the license of CDex was updated. However, the last version for which source code was made available is 1.70 Beta 2, and the SourceForge project appears to have been shut down in July 2015, shortly after the release of version 1.79.
From version 1.76 the installer includes the adware OpenCandy.
In November 2017 version 1.96 was released. It is not clear who is the current code maintainer, and no contact details are provided. Four further versions were released by March 2018.

Potential risk

The recent reincarnation of CDex has seen a number of sponsored programs being automatically selected during installation with little information about their nature. Scan results suggest there may be a substantial risk to any system these are installed on along with the source code no longer being publicly accessible, preventing independent code review.
This project should be considered as exploited by the new maintainer and should not be trusted. This project should not be trusted or installed on your machine. As the new maintainer has taken over new releases have been pushed out showing activity, the support links are broken, the ticketing system does not exist and is a broken link, there are no contact details or method to interact with the developer and the installer is installing adware without any notifications. The new maintainer has exploited the strong reputation and work of the project and turned it into mechanism to profit. Updates are being made to the application, including the installer with hidden software being installed.
Later versions apparently also add artifacts to ends of certain tracks that are ripped by the program. Rolling back to an earlier version of the program eliminates this issue.