Apple, Google, Microsoft Chided For 'Sneaky' Installations - InformationWeek
Cloud // Software as a Service
03:34 PM
Connect Directly
Building Security for the IoT
Nov 09, 2017
In this webcast, experts discuss the most effective approaches to securing Internet-enabled system ...Read More>>

Apple, Google, Microsoft Chided For 'Sneaky' Installations

Mozilla's Asa Dotzler urges the three companies to 'stop being evil.'

Asa Dotzler, Mozilla's director of community development, wants software makers to adhere to established principles of notice and consent when it comes to installing software on users' computers.

Dotzler charges that Apple, Google, and Microsoft are abusing their positions as trusted software providers to sneak software onto computers without explicit user permission.

This is a longstanding issue for software makers. Recall that in 2008, Apple was accused of using its automatic update process to deliver software to Windows users without adequate notice and that it responded by changing its iTunes 8 download process.

And now the issue has resurfaced in the context of Web browser extensions. Dotzler says that installing iTunes led to the unauthorized installation of the iTunes Application Detector plug-in for Firefox, that installing Microsoft Office added the company's Windows Live Photo Gallery and Office Live plug-ins without permission, and that installing either Google Earth or Google Chrome brought the unsanctioned installation of the Google Update plug-in for Firefox.

Dotzler says such practices are unacceptable and indistinguishable from the way malicious software gets installed.

"I downloaded and installed a specific application from these vendors intending to have only that application installed, and without my consent that application foisted additional software on me," he wrote in a blog post on Sunday. "In my book, that fits the definition of a trojan horse. Yes, that is precisely how a trojan horse operates. These additional pieces of software installed without my consent may not be malicious but the means by which they were installed was sneaky, underhanded, and wrong."

Apple and Microsoft did not immediately respond to requests for comment. Google declined to comment directly, but a spokesperson pointed to Chrome's End User License Agreement.

Section 11.1 of the Chrome EULA states that Chrome "may automatically download and install updates from time to time from Google. These updates are designed to improve, enhance and further develop the Services and may take the form of bug fixes, enhanced functions, new software modules and completely new versions. You agree to receive such updates (and permit Google to deliver these to you) as part of your use of the Services."

Thus, by installing Chrome or Google Earth, both of which will install Google Update, Dotzler gave Google permission to deliver new software modules, including the Google Update extension for Firefox.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll