Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Pushes Unwanted Software To PCs, Again

Posted by kdawson on from the just-updates-please dept.

itwbennett writes "Blogger Steven J. Vaughan-Nichols wags his finger at Apple for indiscriminately pushing the iPhone Configuration Utility 2.1 update out to Windows users, since it is a tool for business system administrators to set up and administer corporate iPhones — the blogger himself (and practically every other iPhone user) not being of the corporate iPhone user persuasion. But more than just unnecessary, the update actually puts him and millions of other iPhone owners/Windows PC users at increased risk by installing 'not just a configuration program, but the Apache Web server as well,' says Vaughan-Nichols. 'A Web server like the one Apple [is] adding to your PC... [is] a gateway just asking to be hammered on by an attacker. Managed properly Apache is as safe a Web server as you'll ever find, but ordinary PC users shouldn't try to manage it, and even an expert can't do anything with it if they don't know it's there.'" Reader CWMike notes that Apple pulled the iPhone Configuration Utility from the update list after a few hours.

13 of 267 comments (clear)

  1. Not really... by Darkness404 · · Score: 3, Informative

    the update actually puts him and millions of other iPhone owners/Windows PC users at increased risk by installing

    Millions? Lets see here, the update was only recommended for a few hours and was quickly pulled. How many people do you think update constantly? If Windows updates are any indication (and most just install in the background with almost no user interaction) chances are very few. We aren't talking about "millions" but a few thousand in the worst case.

    --
    Taxation is legalized theft, no more, no less.
    1. Re:Not really... by Anonymous Coward · · Score: 5, Informative

      I'm sorry, but this is NOT even close to true. It has been offered for at least a week, and came up again on my machine last night. I've had it "offered" several times now on both machines. I don't know who first said it was only a few hours but that is just dead wrong.

    2. Re:Not really... by Colonel+Korn · · Score: 4, Informative

      the update actually puts him and millions of other iPhone owners/Windows PC users at increased risk by installing

      Millions? Lets see here, the update was only recommended for a few hours and was quickly pulled. How many people do you think update constantly? If Windows updates are any indication (and most just install in the background with almost no user interaction) chances are very few. We aren't talking about "millions" but a few thousand in the worst case.

      Well iTunes has been installing the Apple Updater Thingy by default for a long time, so the question is how often that checks for updates. And according to Ars Technica (http://arstechnica.com/apple/news/2009/09/apple-pushes-unwanted-enterprise-tool-to-windows-users.ars) the update was actually pushed "earlier this month" and only came to the attention of the online media today. It sounds like it was pulled a few hours after it hit half the computer-related news sites, not a few hours after it was pushed out to users.

      --
      "I zero-index my hamsters" - Willtor (147206)
    3. Re:Not really... by MichaelSmith · · Score: 4, Informative

      My sister in law runs itunes on her windows laptop. When she bought it I installed firefox for her to use then she called me to report some strange behavior. She had somehow started running Safari. Firefox had disappeared. So either it happened automatically or she was tricked into installing it.

      --
      http://michaelsmith.id.au
    4. Re:Not really... by Brian+Gordon · · Score: 5, Informative

      Defending Apple? In my slashdot?

      This was a stupid move and Apple's not as innocent as you claim. Defaulting the box to checked is almost equivalent to installing it without consent and Apple knows it. In both cases you end up with users loaded down with crap they don't need and distrusting updates, which has real dollar costs. The only difference is that in the former case the tech crowd squeals a little less, so that's the route they choose.

      Honestly, even if they were really stupid enough to not see any problem when they did it the first time, they have no excuse for doing it a second time. Why would they put it out and then withdraw it a few hours later? Did they forget the user backlash from the first time?

    5. Re:Not really... by NibbleG · · Score: 3, Informative

      I don't have an iPhone either, I do have a iPod Touch, but both the iPhone Config are checked when iTunes has an update. Safari is ALWAYS checked, even though I have never installed it.

    6. Re:Not really... by Achromatic1978 · · Score: 3, Informative

      And you want to compare this to Microsoft? The company that hands you Windows Media Player like it was a security patch, and hogties your system with so much DRM that you need a cabal of starving Russian crackers just to restore your fair use rights?

      Yes, I do. Because Apple installs Quicktime when you install iTunes. iTunes when you install Quicktime. Safari when it thought it could get away with it when you installed iTunes.

      And when you tell Quicktime to not be the default audio / video player, good luck. It'll still be there. As will iPodService.exe as a kernel-level service, even when you've never used an iPod.

  2. pushes? by Anonymous Coward · · Score: 3, Informative

    I'm not so sure if asking me if I'd like to update/install something is the same as having it "pushed" to me. I had the Apple Software Update thing pop up on me the other day, I unchecked the items I didn't want (the iPhone Config Util being one of them), and I went ahead and updated the software that I did want. So how exactly are they "forcing" this one me?

  3. Re:Any verification on the Apache web server? by zn0k · · Score: 5, Informative

    I have the iPhone Configuration Utility installed on a work machine as we support a few dozen iPhones at work. Just checked, and there's no Apache process (just an iPCU.exe) when running the app. One of the links in the summary also mentioned using a browser against localhost:3000 for configuration, netstat shows no process listening on that port.

  4. Try again... by spywhere · · Score: 3, Informative

    Sun was pushing the Bing toolbar with a pre-checked box until last week... now they're pushing Carbonite 30-day trialware the same way.

  5. Quicktime Alternative by Derwood5555 · · Score: 3, Informative

    Quicktime Alternative, FTW.. No iTunes, no iPhone, no iToilet...

  6. Re:Any verification on the Apache web server? by Kalriath · · Score: 3, Informative

    Since when has "virtually no" meant "no"? IIS6.x has had eight vulnerabilities in its seven years of existence (only seven if you search CERT). Less than one a year. IIS7.x has had two in two years (three if you search CERT, plus one "unreliable"). One a year. Apache 2.0.x has had TWENTY-FIVE, and Apache 2.2.x has had TWENTY SEVEN.

    --
    For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
  7. Re:Risking karma here but shovelware? You can opt by KGIII · · Score: 3, Informative

    By the same token you can click on Microsoft's updates and, you know, actually read what they are for and what they do. They even have a link to tell you.

    Err... Most of the time.

    Fairness in our bashing would go a long ways.

    --
    "So long and thanks for all the fish."