Slashdot Mirror
Apple Pushes Unwanted Software To PCs, Again
itwbennett writes "Blogger Steven J. Vaughan-Nichols wags his finger at Apple for indiscriminately pushing the iPhone Configuration Utility 2.1 update out to Windows users, since it is a tool for business system administrators to set up and administer corporate iPhones — the blogger himself (and practically every other iPhone user) not being of the corporate iPhone user persuasion. But more than just unnecessary, the update actually puts him and millions of other iPhone owners/Windows PC users at increased risk by installing 'not just a configuration program, but the Apache Web server as well,' says Vaughan-Nichols. 'A Web server like the one Apple [is] adding to your PC... [is] a gateway just asking to be hammered on by an attacker. Managed properly Apache is as safe a Web server as you'll ever find, but ordinary PC users shouldn't try to manage it, and even an expert can't do anything with it if they don't know it's there.'" Reader CWMike notes that Apple pulled the iPhone Configuration Utility from the update list after a few hours.
I'm sorry, but this is NOT even close to true. It has been offered for at least a week, and came up again on my machine last night. I've had it "offered" several times now on both machines. I don't know who first said it was only a few hours but that is just dead wrong.
the update actually puts him and millions of other iPhone owners/Windows PC users at increased risk by installing
Millions? Lets see here, the update was only recommended for a few hours and was quickly pulled. How many people do you think update constantly? If Windows updates are any indication (and most just install in the background with almost no user interaction) chances are very few. We aren't talking about "millions" but a few thousand in the worst case.
Well iTunes has been installing the Apple Updater Thingy by default for a long time, so the question is how often that checks for updates. And according to Ars Technica (http://arstechnica.com/apple/news/2009/09/apple-pushes-unwanted-enterprise-tool-to-windows-users.ars) the update was actually pushed "earlier this month" and only came to the attention of the online media today. It sounds like it was pulled a few hours after it hit half the computer-related news sites, not a few hours after it was pushed out to users.
"I zero-index my hamsters" - Willtor (147206)
I have the iPhone Configuration Utility installed on a work machine as we support a few dozen iPhones at work. Just checked, and there's no Apache process (just an iPCU.exe) when running the app. One of the links in the summary also mentioned using a browser against localhost:3000 for configuration, netstat shows no process listening on that port.
My sister in law runs itunes on her windows laptop. When she bought it I installed firefox for her to use then she called me to report some strange behavior. She had somehow started running Safari. Firefox had disappeared. So either it happened automatically or she was tricked into installing it.
http://michaelsmith.id.au
Defending Apple? In my slashdot?
This was a stupid move and Apple's not as innocent as you claim. Defaulting the box to checked is almost equivalent to installing it without consent and Apple knows it. In both cases you end up with users loaded down with crap they don't need and distrusting updates, which has real dollar costs. The only difference is that in the former case the tech crowd squeals a little less, so that's the route they choose.
Honestly, even if they were really stupid enough to not see any problem when they did it the first time, they have no excuse for doing it a second time. Why would they put it out and then withdraw it a few hours later? Did they forget the user backlash from the first time?