Mozilla CEO accuses Apple of malware distribution practices

Mozilla CEO accuses Apple of malware distribution practices

Summary: Yesterday Apple pushed out a Safari 3.1 update via Software Update on Windows.


Mozilla CEO accuses Apple of malware distribution practicesYesterday Apple pushed out a Safari 3.1 update via Software Update on Windows. In a blog post, Mozilla CEO John Lilly describes why Mozilla feels Apple's decision is wrong -- and how moves like it can endanger the security of the Web. From John Lilly's blog:

What Apple is doing now with their Apple Software Update on Windows is wrong. It undermines the trust relationship great companies have with their customers, and that’s bad — not just for Apple, but for the security of the whole Web. What they did yesterday was to use their updater for iTunes to also install their Safari Web browser –what follows is some background and analysis.

Topics: Windows, Apple, Browser, Operating Systems, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • then it prompts to be your default browser!!

    I noticed that my wife's Vista system suddenly has Safari on it, and when I run it, it asks whether I want it to become the default browser. While this is standard practice for browsers, it's unconscionable for a browser that we never even wanted to download to begin with, much less make it the default.

    Come to think of it, I'm not sure I ever installed iTunes either, but it's in there. I think the only thing I intentionally installed was QuickTime, and that was because it was required for some educational game cd roms. So it seems that installing quicktime gives apple "license" to install any and all software that they feel like installing at any time?
    • If you didn't want them..

      you shouldn't have installed them. You were given an option
      not to install them, and you went ahead anyway. It's up to
      you to pay attention to what you put on your computer.
      • One thing you forgot to mention...

        Apple checked the Safari by default. So, it's not that he "chose" to install it. The choice was made for him. What Apple did was put the onus on him to make the choice NOT to install it instead of giving him the OPTION to install it. Apple chose for him.
        • Just because it's checked by default..

          doesn't mean he couldn't uncheck it. If you look at the
          screen shot, it's fairly obvious.

          While I think that there should have been some
          differentiation between and update and a new install, he
          could have thought "Gee, I don't have Safari installed on
          my computer. That's odd. Well, I don't want it there, so I'll
          just uncheck it."

          Come on.

          And, as I said, this is standard behaviour. I never wanted,
          and still don't want, "Texas Hold 'em." Yet Microsoft
          insists on installing it. Worse, it does this automatically,
          even though I unchecked automatic updates.
          • And every update forever too.

            It is the default no matter how many times you uncheck it. This behavior has to change. OK, Apple, it's somewhat slimy to have an "update" to iTunes install Safari, but after the first, second, or as Adrian said, 30 times you uncheck it, respect the user's wishes.

          • This isn't unique behaviour.

            No matter how many times I declined to download "Texas
            Hold 'Em" it was always there in Windows Update, ready to
            be installed [b]by default[/b].

            Now, I just found out that it was installed, with no
            affirmative action on my part. I turned off "Automatic
            Updates," but apparently, my explicit wishes were
            disregarded, and my computer, [b]despite my wishes and
            actions[/b], downloaded and installed this crapware on my

            Is that 'slimy' on Microsoft's part?
          • Sadly

            Apple seems to be learning MS tricks.
            Love my Macs but Apple gets no pass from me on this
          • Very Slimy on MS's part.

            Assume that the Texas Hold Em game opened an exploit to your system (say an update daemon running). Your point is 100% valid, any company that pushes over and over unwanted programs despite your explicit choices is slimy.

          • @PghNative.

            this is Mt Everest made out of two grains of sand piled on
            each other.

            Look at the screen shot. Is everyone here incapable of
            clicking on a check box? Does noone understand what the
            big bold letters saying [b]New software[/b] means? Is
            there anyone here who can read a button that says "install
            (x) items," and understand that clicking on that button will
            install (x) items?

            It seems that there are a lot of people posting here who
            have no idea of how to use a computer.
          • I can find no mention

            of Microsoft forcing "Texas Hold Em" onto computers on any search sites. (unless I'm missing something)

            Could you have missed it one time? If so, that would definately ad weight to the article above, where as the fact that someone may miss unchecking the "yes" box loads the program onto they system without being noticed
          • @GuidingLight.

            All I can say is that I deliberately disabled Automatic
            Updates when I installed Vista. When I did a manual check
            for updates, I [b]never[/b] told it to download and install
            the "Ultimate Extras" - the card game and the language
            packs, or whatever they were.

            I disabled the nag screen telling me that I had Automatic
            Updates off. There was no way of my knowing that it had
            been turned back on.

            When I used the computer the other day, I found that the
            Ultimate Extras were on there. I also found over 40
            downloads since the beginning of the year, all of them at
            about 3am.

            I see nothing malicious in this, and I won't do anything
            about it, other than turn off Automatic Updates again. But
            none of this was done with my express approval. Nowhere
            was there any notification of this. I was not given the
            opportunity to disable it, since I was not informed of it in
            the first place.

            What I'm trying to say is: It happens. When a reputable
            company does it - and I consider Microsoft and Apple
            reputable - I just figure it was a mistake. I don't think
            they're trying to foist 'malware' on me.
          • re: This isn't unique behaviour

            [i]Is that 'slimy' on Microsoft's part?[/i]

            If that's what happened, then yes.. it is.

            Does that now make it ok for Apple to do it? Obviously not.

            The problem is that the screen that says you have updates to install, [i]most[/i] users will just click update not realizing what they are updating other than, it's a Quicktime/iTunes update. My guess is Apple is counting on this.

            Microsoft or any other company doing the same thing, would be just as slimy IMO.
          • Uncheck the Google Toolbar too...

            ...when installing Adobe Reader 8! It seems to be a trend......a lame trend no matter who is doing it!
            I'd rather choose than "unchoose"!!!
            An Apple a Day
          • @Badgered...

            Here we disagree. While it happened to me, I [b]do not[/b]
            think it was slimy of Microsoft.

            I feel that with Automatic Updates, Microsoft is doing its
            best to help its users keep up with the ever-changing
            threats, and newly-discovered issues with its software. I
            personally feel that this is a good and responsible thing on
            Microsoft's part. I am not upset by what happened to me -
            I'm just amused that there's so much feigned anger over a
            single 'x' in a check box, but none at the other companies
            who do the same thing.

            Again, let me state: I feel that Microsoft is doing the right
            thing. For most users, this is the best they can do, and I
            applaud them for it.

            In the case of this brouhaha, please note that the Apple
            Update Window has, in big, bold letters the phrase "[b]New
            software is available from Apple.[/b]" The words "New
            software" are very prominent in that window.

            I don't know, but if I were to see "New software" I'd take a
            look at the rest of the window. If I didn't want it, I could
            use my mouse to de-select it. This is such a minor thing, I
            really have a hard time understanding why people are so
            upset. Well, probably not really upset, just want to slam
            Apple, as many here like to do, for behaviour that isn't all
            that different from other companies.

            Look here to see a screen shot of the window in question:
          • Defaults


            "Just because it's checked by default
            doesn't mean he couldn't uncheck it."

            Agreed. The same thing has happened to me when I've installed Flash, or Google Earth, or some other application which comes "bundled" with something I don't want installed. And yes, I'm familiar enough with this kind of "back door" installation process that I pause long enough to uncheck the unwanted garbage.

            That having been said, it's obvious there are many people who are either unaware of those scurrilous practices or are simply in a hurry to be done with the installation that they don't actually notice additional crapware being shoved onto their computers. It happens.

            And yes, it's a "scurrilous" practice that some software vendors take part in. Look it up.

            "And, as I said, this is standard behaviour. I never wanted,
            and still don't want, "Texas Hold 'em." Yet Microsoft insists on installing it. Worse, it does this automatically,even though I unchecked automatic updates."

            Funny, but Microsoft has never forced the "Texas Hold 'Em" game on my Vista Ultimate installation. It's an optional Ultimate extra which must be [b]selected[/b] (read as: "specifically checked") for it to be installed. The same goes for the Realtek Gigabit networking driver which has never successfully installed on my machine, so it remains "specifically unchecked". When I finally get tired of seeing it, I'll tell WU to "hide" it.

            Your defense of Apple's iTunes "Update" policy isn't working.
            M.R. Kennedy
          • I don't understand what you mean..

            by 'back door.' This is right out in the open.

            As for Automatic Updates, remember, when that option is on,
            you have no say in what is downloaded and installed. That's
            a back door, and one which I have stated over and over I
            have no problem with.
          • "Back door"


            What I mean by that term is that if one is not paying particular attention while installing the wanted program (in this case, say, the Yahoo Widget Engine), one could easily end up installing a particularly [b]unwanted[/b] program--Yahoo's Toolbar. I've seen similar things in other application-specific installers. In some cases, the bundled application is displayed in text so small that it's easily overlooked.

            "As for Automatic Updates, remember, when that option is on, you have no say in what is downloaded and installed."

            Not so. When Automatic Updates are selected in Windows (or Microsoft) Update, only those updates marked "Critical" or "Important" are automatically downloaded and installed. Updates marked "Optional", such as [b]all[/b] of the Vista Ultimate Extras are precisely that--optional. One must actively tick the checkbox in order for WU to download and install them.
            M.R. Kennedy
        • The herd mentality.

          Many viruses on Windows are triggered by people who click
          ok without looking at (or thinking about) what they are
          clicking on. Apple's taking advantage of this click-on-it
          without a brain engaged to get their software on as many
          Windows machines as possible. Take advantage of an ideal
    • Apple's questionable tactics

      Yep - without any real warning, Apple will slip in the iTunes download and install if you request a QuickTime update. Questionable, at best, and what makes it annoying is the default action is to download and install, rather than offering it to you and requiring you to request it.

      But, Apple knows best what we want, and they're so good they can't be questioned, right?

      As far as the default browser query, EVERYONE does that - IE, FF, etc. So they're all guilty.
    • Apple and automatic installs

      Anyone who has used an Apple product for any period of
      time will realize that Apple never never does anything on
      your machine without prior approval that includes shutting
      down your computer or emptying the Trash. They do give
      you, in a lot of instances, the option to forego the
      warnings. This also pertains to software updates if you
      selected to have Apple automatically install updates it feels
      necessary for proper operation their software on your
      computer then you got what you asked for. As stated in
      other posts you can uncheck the automatic option and
      then on whatever update schedule you select your
      computer will go out to the Apple update site and inform
      you of any current updates available for your configuration
      you can opt to install or not install by checking or
      unchecking the selection box (YOU are in CONTROL). If you
      are too lazy to monitor the upgrade process then you get
      what you get, No Moaning allowed!!