The Next Java Update Could Make Yahoo Your Default Search Provider

itwbennett writes: At the company's shareholder meeting on Wednesday, Yahoo CEO Marissa Mayer announced a partnership with Oracle that could result in Yahoo becoming your default search provider in your browser. Starting this month, when users are prompted to update to the next version of Java, they'll be asked to make Yahoo their default search engine on Chrome (and Internet Explorer, for what it's worth). And, according to a Wall Street Journal report, the button will be checked by default, so if you aren't looking out for it, you might unwittingly find yourself a Yahoo user.

This will do WONDERS for Yahoo's image!

[kelarius]

Seems to me like this will lump them in with Ask.com and other bullshit sites that drive traffic through mostly shady means. Giving up Marissa?

Re:This will do WONDERS for Yahoo's image!

[pla]

This. People just looove it when their homepage or search provider changes. Why, just the other day, a coworker told me how much he loved Bing coming back after every round of Windows updates.

Oh, no, wait, he switched to Chrome because he hated it so much. Take the hint, Marissa.

As an aside, though - Does anyone actually allow Java to update itself? Of all the common self-updating software out there, Java easily wins as the single most obnoxious. Aside from hijacking the top result when I type "update" in the start menu's search bar... Aside from running all the fucking time rather than just when Java starts... Aside from nagging the user more relentlessly than even the far more legitimate Windows update (Bing aside) - It actively breaks shit every time it updates. You had one job, Larry...

Re:This will do WONDERS for Yahoo's image!

[AmiMoJo]

Microsoft started flagging the Ask toolbar as malware recently in Windows Defender, and automatically removing it. They did so because the Ask toolbar changes your default search provider without asking. Seems like if they made the Java installer do that too, the entire installer would be flagged as malware by Microsoft.

Could be interesting.

Re:This will do WONDERS for Yahoo's image!

[Cro+Magnon]

I find it ironic that Ask would do that without, er, asking. Clearly, it's questionable behavior.

Re:This will do WONDERS for Yahoo's image!

[AmiMoJo]

Why, just the other day, a coworker told me how much he loved Bing coming back after every round of Windows updates.

Windows Update doesn't do that. Microsoft's anti-malware tools sometimes do, if they detect that your default search provider or homepage have been changed to malware sites. Both Windows Defender and the Malicious Software Removal Tool get updated with Windows Update every month, so maybe that's why his settings kept being reset.

Re: This will do WONDERS for Yahoo's image!

[kenh]

Whoosh!

Ask, questionable... Come on, you didn't see that coming?

Re:This will do WONDERS for Yahoo's image!

[pla]

Yeah, fantastic suggestion! Say, could you just convince my boss, his boss, and three more layers up, that we need to:

• Scrap $300k in MS licensing and established server deployments,
• Spend a year or two rewriting everything we have in production that depends on Windows or IIS,
• Replace or retrain our entire netops, infosec, and helpdesk with people who know Linux,
• Retrain 15k users and watch their productivity drop to a crawl for at least six months...

...Just so we can switch to an OS that "cares"? ;)

I like Linux. I run Linux at home. But I make my living putting up with Windows.

Re:This will do WONDERS for Yahoo's image!

[grahamtriggs]

Both should be a criminal offence - If I install an application (e.g. Java), then it should do what it needs to do to make that application work, not mess around with *my* environment unnecessarily.

Re: This will do WONDERS for Yahoo's image!

[Z00L00K]

If all anti-virus softwares started to list any installer with an "Opt-Out" procedure as "Potentially Unwanted Program Installer" it would put an end to the habit of pushing shit down the throat of users.

The problem is not so much people competent with tech as people that don't know left from right on computers and just clicks "Ok". They suffer from all that crap like a new browser installed as well as changed homepages and search providers and then they scream that they don't understand their computer.

Re:This will do WONDERS for Yahoo's image!

[Xest]

As a professional developer who has led a number of fairly large scale Java projects I've always just accepted the existence of Java on my computer, it's a thing I've worked with so it's a thing I need. Or so my default thinking always went.

But the last time Java asked for permission to update on my computer at home there appeared to no longer be an obvious way of avoiding the Ask toolbar install. I had a choice of next, or cancel which cancelled the whole installation. I was getting fed up of it anyway, given that it seemed to be persistently asking to update every time I went to my computer anyway.

Java, therefore is gone from my home computer and I will no longer consider it for any spare time projects. This has the knock on effect that it's reduced in desirability for me as an option when determining what technology to use for new commercial projects at work too. If I have a choice between Java + Ask, or no Java, it's not really a difficult choice for me.

So for me, Yahoo can stick whatever they want on it, but under Oracle's stewardship it's going to end up a dying product. For some reason, Yahoo seems incredibly intent on consistently tying itself up with losers. Instead of continuously wasting money backing losers, they should probably just spend what needs to be spent on backing a winner for once.

I like Java as a technology, and a language - hell, I've posted enough times here defending it, but when the client distribution forces the installation of malware like Ask, it's pretty much a dead end for anything desktop based. You can't as a professional insist your clients install something that tries to bundle malware to use your product with a serious face, it's just not tenable. It'd be one thing if it was just a one off question you could say no to on initial installation, but the frequent updates often mean it can be an attempt to force it on you multiple times a week in some cases. It hopes that in just one of those cases, you'll forget to untick the checkbox and accidentally install, well, obviously that hoping was fruitless, because now there just is no checkbox to untick.

I understand that with command line switches you can tell Java to skip that crap, and that there are options to automate installation without it in corporate environments but frankly in the end it's just easier to not install Java in the first place unless you simply have no choice.

I can't say I've missed it one bit, I can't remember the last time I needed it for anything at home. So my "I need that because I work with it" attitude has changed to "Why did I ever put up with all those incessant update nag screens for years". I've got better things to do than play the "try and remember to avoid installing malware because Java wants to update" game every time I sit down at my computer.

Re:This will do WONDERS for Yahoo's image!

[ADRA]

As a professional java developer who's 'led a number or fairly large scale Java projects', you never realized the JDK includes a fully functional JRE without ad-crap installed? Color me suspicious.

Assholes ...

[gstoddart]

Gee, I'm awful glad I don't have Java on my personal machine any more.

Because the sleazy bastards running it are mostly interested in their ad revenue.

Here's a thought, guys ... how about you stop trying to change our browsers for your own benefit?

Java is dying under the stewardship of Oracle. The sooner the better.

Re:Assholes ...

[93+Escort+Wagon]

Okay Larry, you can stop with the anonymous Slashdot postings - we know it's you.

Re:of course it will be a default

[BlackPignouf]

that insures greater penetration

That's the right word.

Opt out sneakware crap and Oracle suck.

[ITRambo]

Oracle, and other company's, opt out crapware installs is one reason that we install Unchecky on all customer's PC's that we service since almost everyone had Ask toolbars, but had no idea how it got installed. This will help the less aware customers avoid crud buildup in their systems, no thanks to a-hole companies like Oracle.

Re:Hardly anything new

[fph+il+quozientatore]

The real news here is that Java is now officially crapware.

I'm not worried.

[Comboman]

If Java tries to change by default search engine to Yahoo, one of my 27 toolbars will quickly change it back to Ask.com

Re:This is not news...

[fnj]

Oracle can package Java any way they want, including with "opt-outs." Downloading/installing Java is a voluntary choice the user makes.

Apologist alert. So if you "voluntarily" choose to engage me to mount new tires on your car, does that mean you don't mind if I install a tracking device in cooperation with the NSA, if you fail to spot the tiny pre-checked box on page 678 of the paperwork? Because everyone should EXPECT tracker installation when they "voluntarily" choose to install new tires, right?

Re: This is not news...

But it's still evil. Okay, so there's a way to avoid it - nice. It's still a dick move to reconfigure the user machine like this.

My machine has a default for a reason. I've set that default based on my preference. That you're changing my preference based on a totally unrelated action is a dick move. That you're changing it based on a required action is a double dick move. Java updates are *not optional* if you want to stay secure.

Once software reaches this stage it's clearly a failed business venture. What next? We could always ship Java with malware to tap into some of those botnet dollars? How about we ship it with backdoors? How about shipping it with a keylogger? Is there anything else you'd like to ship it with?

Fuck Java. I'll use C++, thanks.

Re:This is not news...

[ihtoit]

EU Directive 2002/58 on Privacy and Electronic Communications deals with this, as does the maxim "Silence or lack of objection does not imply informed consent", to paraphrase Munby LJ in G (R on the application of) v Nottingham City Council [2008] EWHC 400 (Admin), para. 56.

And

[Ol+Olsoc]

Adobe tries to slip in MacAfee on you when you download their pdf reader.

Re:Google is too wild . . .

[BlackPignouf]

If you try to access google.com from Germany, it automatically redirects you to google.de.
If you want the "original" Google from abroad, you need to type google.com/ncr.
This link should work the same all over the world :
https://www.google.com/?gws_rd...

Hopefully, the old pre-opt-out will work

[idontgno]

In Windows, use the Java Control Panel and select the "Advanced" tab.

At the very bottom of the list, completely out-of-sight unless you scroll aaaaaaal the way down, in a category called "Beware of the Leopard"... no, sorry, I meant "Miscellaneous"... there's a checkbox labeled "Suppress sponsor offers when installing or updating Java".

Of course, by default it's not checked. Because money.

But check it and apply or "OK" the settings change. In the current implementation, this prevents bundling the Ask.com malware with Java upgrades -- it's a pre-opt-out, and you never have to think of it again. (At least, until Oracle decides the option should auto-magically unset itself when the user's not looking. Because money.)

Assuming this option continues to exist in future Oracle Java versions and is honored for the Yahoo tie-in, this would alleviate the pre-opt-in crapware issue. Big assumptions, of course, because Oracle.

(Or alternately, don't install Java if you don't actually need it. Or install OpenJava rather than Oracle's.)

Turning off Java's add-on crapware

[taustin]

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft]
"SPONSORS"="DISABLE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft]
"SPONSORS"="DISABLE"

The screen with the checkboxes does not even appear.