Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Usurps Oracle As the Biggest Threat To PC Security

Posted by samzenpus on from the update-your-software dept.

AmiMoJo writes: According to data from Secunia, Apple's software for Windows is now the biggest threat to PC security, surpassing previous long term champion Java. Among U.S. users, some 61 percent of computers detected running QuickTime did not have the latest version. With iTunes, 47 percent of the installations were outdated versions. There were 18 vulnerabilities in Apple QuickTime 7 at the time of the study. Oracle has now fallen/risen to 2nd place, followed by Adobe. All three vendors bundle automatic updater utilities with their software, but users seem to be declining new versions. Update fatigue, perhaps?

5 of 320 comments (clear)

  1. Re:Quicktime upgrade pushes other shit by Z00L00K · · Score: 3, Interesting

    The same goes for a lot of software - clog your computer with bloatware like Chrome and whatever that I never use.

    And at every upgrade the software package asks me to confirm that I agree to the current license version instead of just installing the update in the background silently to ensure that I get the latest security updates.

    In addition to that Windows also enforces the UAC to make you confirm that the update installation is permitted. But in many cases this is problematic since it won't help many users that are out there, especially those with limited computer knowledge who either clicks "No" on everything or "Yes" on everything. In both cases it leads to bad results.

    --
    If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  2. Re:Bullshit by Anonymous Coward · · Score: 2, Interesting

    Right, because you never encounter a non-technical CEO-type person who insist on having his iCrap connected to the corporate network. Nope, never. And they certainly don't ask the supporters to jump through hoops in order their make their bling authenticate against the AD-servers, nope wouldn't happen, ever /sarcasm.

    Really, considering my workplace is supposed to be a Windows-only-shop, we spend an inordinate amount of time messing around with dysfunctional Apple-software because boss-types want to be down with the young kids and flash their toys for corporate street-cred. It's a problem.

  3. Re:It's a business opportunity! by AmiMoJo · · Score: 3, Interesting

    Mozilla and Google have solved the update problem in a nice way. They install services that do the updating, but don't run most of the time. When the app detects an update it wakes up the service, which does the installation.

    That means that the updater uses zero resources when not actively updating, and because it was installed as a service doesn't need further UAC prompts or admin level elevation to work. In other words, limited users can update.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  4. Users View Updates from Apple as Risky by jafiwam · · Score: 3, Interesting

    Users view updates from Apple as risky.

    Here is what one can expect with an update to iTunes:

    -four or five "yes I agree" click-throughs, one for each service the user hasn't signed up for or ever used
    -longer load time and general bloat
    -random UI changes that make it an exercise in "what will they think of next" to do basic stuff like sync a phone
    -an army of snotty "senior" "helpers" explaining the problem is not a problem, most of whom just don't bother to read
    -a SECOND set of random UI changes and feature removals for media organizing, moving or removing stuff like menus and ability to manage play lists, some of which represents hours and hours of tinkering with it.
    -"Careful, don't do that" advice from people who lost their whole library, or had to reinstall and couldn't find the library on the hard drive again.

    For Quicktime, it's about the same, only the user doesn't use the program much beyond obscure or old porn

    Apple has a BIG PROBLEM trying to push their UI bullshit into an environment where their UI bullshit stands out as particularly retarded. There's NO FUCKING REASON to remove the standard word based drop down across the top of the program. More space? People already have more screen space (or second, or third screens) than they know what to deal with. Doesn't look good to emo-fags? How about a toggle to turn it off? (which leaves it on by default)

    The actual risks for a slight chance for a security exploit are meaningless compared to the guaranteed fist-smashing-keyboard frustration of a simple update. I have actually helped users disable updates from Apple because they were so afraid of said bullshit or their old iPod or iPhone suddenly not working with it.

    If Apple wants to get people to update on Windows, they need to stay within the expected design parameters of Windows better and just let the program look different on different platforms.

  5. Re:Annoying update process by rhazz · · Score: 4, Interesting

    The problem with iTunes is how often they modify the UI or key functions. At my peak iTunes usage I probably only used it once a month. Every single time there was a new update waiting, and every time I allowed the update it would modify the UI in some non-intuitive way, and it would take an onerous amount of time trying to figure out where they moved a particular command. So eventually I only updated when a particular function stopped working entirely. Honestly, if you have to refactor your UI every time you add a feature, start from scratch and design something more scalable.