>I've been installing seamonkey for a year or so now and >every time it offers to install the google toolbar.
Um, you didn't get it from Mozilla then. Mozilla does not offer the Google Toolbar in any of its products.
>Why would Mozilla do this? I don't understand. If I wanted >Google tool bar I'd download it. Isn't this some kind of >fucked up bundling issue? Or is it ok because it's Mozilla >Corp. and Google who promise to do no evil as long as the >$30 million a year keep rolling into Mozilla Corp.'s bank account.
You're confused. Mozilla Corporation doesn't distribute SeaMonkey and doesn't derive any revenue from it. SeaMonkey is a community project distributed by it's maintainers and not by the Mozilla Corporation.
Firefox from Mozilla absolutely 100% does not push the Google Toolbar (or any other software for that matter) on users during install or during update. Ever. No exceptions.
>ok, but i have upgraded firefox b4 and been prompted >to install the google toolbar. I believe mozilla got >money from google to do this.
You must be using a version of Firefox from someone other than Mozilla. Beware the sites you download software from. Mozilla has never offered the Google toolbar with Firefox, either in an initial download or with an update.
I recommend uninstalling that version of Firefox, visiting www.mozilla.com and getting an official release from Mozilla.
>At the most this is a trial ware offer, like the >Firefox+Google toolbar bundle - THAT is deceptive >as well as all other typical software updates from >Adobe, Real, or Norton - those don't even tell you >clearly what you will be downloading and disguise >them in various ways. Big deal over nothing.
No, you're missing the key difference. This isn't a bundle in a downloaded program installer. This is the update service for an already installed program. That's the difference and the reason anyone from Mozilla commented on this in the first place.
Sleezy installer bundles go back ages but this is the first time that a high-profile, generally respected software vendor (Apple) has resorted to slipping a new piece of software into an update for an exiting installed app. People associate application updaters with security updates and are conditioned (rightly so) to agree to the installation. Slipping in other programs at this point is not just rude, it damages the trust users have in their vendors keeping them safe with software updates.
You can decry the installers that bundle stupid options or unrelated software products, but those are quite different than a software update mechanism, the most important resource a user has to keeping herself safe, to hock unrelated wares.
If there's anything that Apple doesn't do casually, it's prepare Steve's keynote slides.
It makes perfect sense for Apple (or Opera or any other alternative browser) to target Firefox users since those people have already shown a willingness and (and an ability) to try new browsers. An user for Apple is a user and I have no doubt they'll go after the easiest gains first. Easiest of all are Mac users -- they just get whatever Steve wants them to get. Next easiest are users who know how and have shown a willingness to download and try new software -- especially browsers.
It is possible that this latest sleezy maneuver is the beginning of the pivot to chasing a broader audience, but neither changes the fact that Apple is going after Firefox users (they'd be foolish not to) or that this is a sleezy tactic usually reserved for crapware and malware vendors.
>I think you'll find that IE7 was distributed exactly this >way. And since IE is part of the operating system, they >can claim it's an OS security update. Meh.
I realize that putting people in the position of defending MS will lead to less criticism of your assertion but you're simply wrong here.
IE 7 is an update to a piece of already installed software, IE 6.
The tactic Apple is using is providing an *update* to a piece of software which is not already installed. An update to a piece of software which is not already installed. Get it? Not already installed. Update. See how they're different? If the user already had, say Safari 2 installed and the updater offered an *update* to Safari 3, no one would be complaining. If the user was prompted with a recommendation to install a new and unrelated piece of software, no one would be complaining. What people are complaining about is that Apple is pushing an update to a piece of software which is not already installed. Get it? Not already installed. An update. To something that's not already, you know, installed. An update. See? See how they're different?
>one thing seemingly being ignored is the fact that it's a Mozilla guy complaining about this mostly optional bundling.
It's not bundling that anyone at Mozilla is complaining about. It's the bundling mechanism. Fine, bundle it in an installer or even launch an installer from an existing installed product but don't offer it as "an update" along with real updates for installed software. It's confusing to users and erodes the value of a real software update system that's designed to keep the user safe and secure. Safari is *not an update* to QuickTime or iTunes. It's a new product and it's confusing and dangerous to blur that distinction.
"It'd be nice if we could always trust the vendor, but we simply can't. Updates periodically break things. Users need to be educated to determine whether or not an update is important enough to apply. This trust relationship everyone's talking about is what's silly. Users should trust their computers as little as possible. Just because it looks like the vendor's dialog box, don't assume that it is. You never know when the rules are going to change."
And again here's where we part ways. I don't believe that the situation is as hopeless as you do. I believe that users can and should trust their vendors to help them stay safe and secure. If you trusted Mozilla enough to let it put it's software on your machine in the first place, you should trust that Mozilla won't try to screw you with a software update. If you are worried that Mozilla might try to screw you with a software update, you really shouldn't put Mozilla software on your computer in the first place because an untrustworthy organization can do a lot worse stuff without even resorting to informing you with an update dialog.
"It may make sense that Mozilla leverage the Firefox browser at some point to push other technologies they feel aren't getting the attention they deserve. A foundation that is "...dedicated to improving the Internet experience for people everywhere" may think it should install Sunbird and Thunderbird by default. Really what is stupid to you may be quite smart to others."
It may. It may not. But if Mozilla does decide to offer other products "through" Firefox, you can bet it won't be through Firefox's update mechanism which is reserved for, you know, updating Firefox.
>Users should question their software when it asks to install anything new.
You and I fundamentally disagree here then. Firefox users should and do trust the Firefox updater because it doesn't abuse that trust. If a user trusts a software vendor to install that vendor's software on their machine (which could conceivably do horrible things on their machine.) there's every good reason for them to trust that same vendor to keep that software up to date. It's an abuse of that trust when a vendor uses the software update mechanism to do things other than keep that user up to date.
You may eventually be right and Apple is helping to speed things toward a world where users cannot trust their software vendors to keep them safe and secure. That's unfortunate but I'm not ready to give up yet (as you apparently have.)
>Firefox climbed to about 15% share and has stalled there for quite a while.
Actually, Firefox _user_ growth has been pretty much linear since we shipped Firefox 1.
The several plateaus that _usage_ growth has had (and overcome) are mostly related to seasonal changes in overall _usage_ on the Web. The somewhat slower increases in _usage_ as compared to _users_ is a result of reaching the larger segments of the internet using population which use the computer and or the web less frequently.
"Many software platforms over the years, (including a lot of linux ones), have a Software Update type of tool as a part of the operating system that keeps the software up to date. It also works as an installer of new software and an uninstaller of older software. I still think it's appropriate to "suggest" new software if it's available, but the user must remain in control and be offered a clear choice."
All of the package management systems I've used on Linux make a very clear distinction between updates for existing programs I have installed and new programs that I do not have installed.
When an installed program's updater is triggered, whether it's specific to the particular program or a system-wide tool, the interface to be presented to the user should be one of updating. It's that simple. During software updates, it is no time to be hocking new wares. If you want to use the same system to promote new products and to offer security updates for already installed products, you don't do it the way Apple has done it.
When I have QuickTime installed and a critical QT flaw is discovered and QuickTime offers me an update for that flaw, anything, anything that gets in the way of that simple and necessary transaction is a disservice to users and other vendors. Using that mechanism at that time to advertise additional products is just sleezy.
>The *only* issue here (and where the "inappropriate" part >begins), is the installation of Safari being checked by default. > >If they unchecked that box Apple would be golden from the moral >side of things and there would be no problem at all.
I disagree. By mixing up "new stuff you may or may not want" with "stuff you really, really, really need to install immediately to keep your already installed software safe from exploits" is just a bad, bad idea.
When my software update mechanism comes up with a critical security update and I have to spend time trying to work out whether or not I should check or uncheck or install or not install, it creates confusion and leads to some percentage of people not opting in for the right parts.
If Apple wants to use the same infrastructure to advertise new products, fine by me, but don't mix them in with real updates for software I already have installed. Make it clearly a different interaction.
But they won't do that. They don't want to create an advertising mechanism here, they want to create a situation where users feel like they "need" to install this new software by associating it in every way possible with critical security updates.
It's not enough to simply uncheck the box. There needs to be a clear distinction that most users will understand between "update what I've already got on my system so that I can stay safe and secure" and "offer me new stuff that i may or may not want."
>Google and Yahoo do this as well as Apple. Have you tried >to download Adobe Reader only to have it auto-install the >Google / Yahoo (whoever's paying them that month) IE toolbar >unless you opt out?
Yes, but this is apples and oranges. Installers are one thing. Software updaters are another. With an Installer, you haven't installed the software yet and you are free to chose options (or not, I really don't want to defend crappy installers) but with an updater, you've installed the software and you should be able to trust it to simply update itself, not to transform into an installer for other software and to mix in those other offers with security updates for the piece of software you did install.
Installers and updaters are not the same thing. Abusing updaters is really, really bad for everyone because it causes people to lose trust in the updaters and that means lots of people less secure in the long run.
>Basically, when I install something -- no matter WHAT I'm >Installing -- I don't want any other software auto-installed >without an opt-in. Heck I even hate all the little >auto-update craplets that get installed with every software >package out there from Sun Java to iTunes to Reader/etc.
Again, installers are not updaters and I don't hold them to the same standard. That being the case, I agree with you. Installers mostly suck (We try hard not to suck with Mozilla Firefox's installer and I think we're doing a pretty good job) and users should complain. But bad acting installers are not even in the same category as updaters for installed software.
>Doesn't the firefox install offer google toolbar?
Not if you got it from Mozilla (Mozilla is the vendor that makes and distributes Firefox.)
And even if it did (which it doesn't, unless you get it from some third party) that is a completely different issue.
We're not talking about installers here and their various options. We're talking about a software update system which is expected to, you know, update your software. Safari is not an update for iTunes. It's not an update for QuickTime. It's not an update for anything except Safari and if the user doesn't have Safari installed, she shouldn't have it pushed on her by an *updater*
>My completely unsubstantiated guess is that this was >a misconfiguration of the Apple Software Update - there >was a Safari 3.1 update rolled out, and instead of just >those who had it installed seeing it, everyone did. >Probably a missed configuration option in there, >somewhere.
Let's hope you're right. I look forward to the fix being rolled out shortly.
>Apparently, according to most of the commentors , the average Windows/iTunes >user, upon seeing the Update Safari" checkbox, are too stupid, too ignorant, >too docile and conditioned by Windows to do anything other than click the >"install" button.
No. Not quite. The average Windows user, having developed a trust relationship with their software vendors, (now, thanks to Apple) incorrectly assumes that a software updater will do just that and update software they've already installed. They don't assume that a software updater will try to sneak new programs on to their computer. They rightly see software updaters as important tools to keep their installed software up to date and they don't want to worry that agreeing to software *updates* for their installed software will put new software on their system.
>I think users should be given an opt in with a default of >off on the safari install. I guess this story would have >more impact if someone from mozilla had not said it. Someone >is competing against them and they are pissed.
I think you're missing the core issue here (did you actually read John's post?)
The problem is that an update system is being used to advertise (or sneak in) new software installs. Safari is not an update for iTunes and it's not an update for QuickTime, yet it's being offered as an update -- one that's checked by default.
Users should trust the updaters for their installed software to keep them updated and secure. They shouldn't have to worry that the vendor will try to sneak in things which are not updates. When users stop trusting the updaters for their installed software, everyone loses. Trying to sneak in new programs when users are trying to keep their existing programs secure and up to date will cause users to trust their installed software updaters less and that's dangerous.
>Microsoft and Apple's respective services are system-wide, >and both offer you software beyond that which you have >installed currently.
I have yet to see an automatic update notice from either Microsoft or Apple (on a Mac) or any other reputable software vendor (other than Apple on Windows) that had an *opt-out* *update* for a piece of software that was *new to the system*. Even Apple doesn't do this on Macs systems.
On Macs, Apple does the right thing. On Windows, Microsoft does the right thing. On Mac, Windows, and Linux, Mozilla does the right thing. The odd man out here is Apple's software update system on Windows.
You're missing the fundamental distinction that makes this an issue in the first place. We are not talking about *installers* here. We're talking about software *updaters* -- that is, the software that runs from already installed software to update itself.
Bundled installers have been around forever. This is the first time a major software vendor has abused the update system for already installed software to push an entirely new program on users. The update system is critical to keeping user's already installed software up to date and secure. Treating it as an advertising platform for new programs is just wrong. Even worse is that it's hardly advertising at all. It's attempting to sneak in under the radar of a security update by being checked by default (opt out rather than opt in).
This makes users trust update systems less and means that more people will be less secure in the long run. That's a bad practice. That's the reason there's even a story here.
>Or do you think that spoofing of auto-update windows >isn't ever going to be a threat? They already spoof >"windows updates" in spam messages containing trojans.
That's just silly. The last thing a spoof is going to do is place notices of additional software in a spoofed dialog.
If a user trusts the dialog itself, they should not have to worry about the contents of the dialog. Apple is creating a situation where users have to worry about their trusted vendor doing something sneaky and that's bad for everyone.
>Exactly. Why do you think there are so >many unpatched Windows installs? Because >MS tries to push out "updates" not as >patches but as entire different versions. >Think of IE6 to IE7
Ugh. Now why'd you go and do that -- forcing me to defend Microsoft. Yuck!:-)
IE 7 is a security update to IE6. Did they also add new features and new UI? Yes, they did. That does not mean that it's not also a security update -- just like updating from Firefox 1.0 to Firefox 2.0 is a security update. It does mean new features and a slightly different UI and that may cause some confusion, but it's still critical that Firefox 1 users updated to Firefox 2 because Firefox 2 is light-years ahead of Firefox 1 in security.
Software update systems should not be used to advertise new software. Create an advertising system that pops up and tries to convince users to get your other offerings, but don't abuse the system that users must trust for security in order to hock new wares.
>The Mozilla folks are whining because there >is some chance that a significant portion of >Firefox users will switch to Safari.
The complaint is not about the result, it's about the means. Mozilla, Microsoft, and Apple all have very good software update systems that help users keep their software up to date and secure. This keeps users safe. This matters, a lot.
Apple is taking that system, which has been effectively used by Mozilla, Apple and Microsoft to keep their users safe, and turning it into an advertising mechanism for new software. This will cause users to have less trust in that update system and all update systems and will lead to fewer users taking advantage of a great tool that users and vendors have to keep computers up to date and safe.
If Apple had simply shipped an "advertising service" that popped up and tried to convince users to install additional Apple products, that'd have been fine with me and most other critics of Apple's current approach. But they didn't. They used the software update service to advertise Safari as an update. Safari is not an update to QuickTIme and it is not an update to iTunes. It should not be labeled as such and it should not be offered to users as if it was an important update to already installed software.
>Google's gotten pretty bad about trying to >get other companies to bundle their toolbar >and hard-wire or at least default their browser >searches to Google as well (Safari and Firefox).
Google didn't try to get Firefox to bundle its toolbar or hardwire it as the default search. Firefox (and Mozilla before Firefox) had Google as a built in option going back to 1999 or 2000, it was made the default in 2002 or early 2003 (replacing Netscape search, which was just a rebranded Google search) and there was no relationship with Google until late 2004.
We put Google there because people wanted it and it was extremely useful. We also made sure that you could change the default easily and add as many additional search services as you want (Today we ship Yahoo, Ebay, Wikipedia, Amazon, and others as selectable options and there are more than 10,000 additional services available at mycroft.mozdev.org.)
Um, no it doesn't. Care to provide support for that claim? Last I checked, iTunes used QuickTime for its toolkit and to display the iTunes Music Store.
Slashdot Mirror
>I've been installing seamonkey for a year or so now and
>every time it offers to install the google toolbar.
Um, you didn't get it from Mozilla then. Mozilla does not offer the Google Toolbar in any of its products.
>Why would Mozilla do this? I don't understand. If I wanted
>Google tool bar I'd download it. Isn't this some kind of
>fucked up bundling issue? Or is it ok because it's Mozilla
>Corp. and Google who promise to do no evil as long as the
>$30 million a year keep rolling into Mozilla Corp.'s bank account.
You're confused. Mozilla Corporation doesn't distribute SeaMonkey and doesn't derive any revenue from it. SeaMonkey is a community project distributed by it's maintainers and not by the Mozilla Corporation.
You must have gotten it from somewhere else.
Firefox from Mozilla absolutely 100% does not push the Google Toolbar (or any other software for that matter) on users during install or during update. Ever. No exceptions.
- A
>ok, but i have upgraded firefox b4 and been prompted
>to install the google toolbar. I believe mozilla got
>money from google to do this.
You must be using a version of Firefox from someone other than Mozilla. Beware the sites you download software from. Mozilla has never offered the Google toolbar with Firefox, either in an initial download or with an update.
I recommend uninstalling that version of Firefox, visiting www.mozilla.com and getting an official release from Mozilla.
- A
>At the most this is a trial ware offer, like the
>Firefox+Google toolbar bundle - THAT is deceptive
>as well as all other typical software updates from
>Adobe, Real, or Norton - those don't even tell you
>clearly what you will be downloading and disguise
>them in various ways. Big deal over nothing.
No, you're missing the key difference. This isn't a bundle in a downloaded program installer. This is the update service for an already installed program. That's the difference and the reason anyone from Mozilla commented on this in the first place.
Sleezy installer bundles go back ages but this is the first time that a high-profile, generally respected software vendor (Apple) has resorted to slipping a new piece of software into an update for an exiting installed app. People associate application updaters with security updates and are conditioned (rightly so) to agree to the installation. Slipping in other programs at this point is not just rude, it damages the trust users have in their vendors keeping them safe with software updates.
You can decry the installers that bundle stupid options or unrelated software products, but those are quite different than a software update mechanism, the most important resource a user has to keeping herself safe, to hock unrelated wares.
- A
>Still, I don't think that invalidates my observation about which
>competitive browser is actually the target of this distribution
>mechanism.
See http://john.jubjubs.net/2007/06/14/a-pictures-worth-100m-users/
If there's anything that Apple doesn't do casually, it's prepare Steve's keynote slides.
It makes perfect sense for Apple (or Opera or any other alternative browser) to target Firefox users since those people have already shown a willingness and (and an ability) to try new browsers. An user for Apple is a user and I have no doubt they'll go after the easiest gains first. Easiest of all are Mac users -- they just get whatever Steve wants them to get. Next easiest are users who know how and have shown a willingness to download and try new software -- especially browsers.
It is possible that this latest sleezy maneuver is the beginning of the pivot to chasing a broader audience, but neither changes the fact that Apple is going after Firefox users (they'd be foolish not to) or that this is a sleezy tactic usually reserved for crapware and malware vendors.
- A
>I think you'll find that IE7 was distributed exactly this
>way. And since IE is part of the operating system, they
>can claim it's an OS security update. Meh.
I realize that putting people in the position of defending MS will lead to less criticism of your assertion but you're simply wrong here.
IE 7 is an update to a piece of already installed software, IE 6.
The tactic Apple is using is providing an *update* to a piece of software which is not already installed. An update to a piece of software which is not already installed. Get it? Not already installed. Update. See how they're different? If the user already had, say Safari 2 installed and the updater offered an *update* to Safari 3, no one would be complaining. If the user was prompted with a recommendation to install a new and unrelated piece of software, no one would be complaining. What people are complaining about is that Apple is pushing an update to a piece of software which is not already installed. Get it? Not already installed. An update. To something that's not already, you know, installed. An update. See? See how they're different?
- A
>one thing seemingly being ignored is the fact that it's a Mozilla guy complaining about this mostly optional bundling.
It's not bundling that anyone at Mozilla is complaining about. It's the bundling mechanism. Fine, bundle it in an installer or even launch an installer from an existing installed product but don't offer it as "an update" along with real updates for installed software. It's confusing to users and erodes the value of a real software update system that's designed to keep the user safe and secure. Safari is *not an update* to QuickTime or iTunes. It's a new product and it's confusing and dangerous to blur that distinction.
- A
"It'd be nice if we could always trust the vendor, but we simply can't. Updates periodically break things. Users need to be educated to determine whether or not an update is important enough to apply. This trust relationship everyone's talking about is what's silly. Users should trust their computers as little as possible. Just because it looks like the vendor's dialog box, don't assume that it is. You never know when the rules are going to change."
And again here's where we part ways. I don't believe that the situation is as hopeless as you do. I believe that users can and should trust their vendors to help them stay safe and secure. If you trusted Mozilla enough to let it put it's software on your machine in the first place, you should trust that Mozilla won't try to screw you with a software update. If you are worried that Mozilla might try to screw you with a software update, you really shouldn't put Mozilla software on your computer in the first place because an untrustworthy organization can do a lot worse stuff without even resorting to informing you with an update dialog.
- A
"It may make sense that Mozilla leverage the Firefox browser at some point to push other technologies they feel aren't getting the attention they deserve. A foundation that is "...dedicated to improving the Internet experience for people everywhere" may think it should install Sunbird and Thunderbird by default. Really what is stupid to you may be quite smart to others."
It may. It may not. But if Mozilla does decide to offer other products "through" Firefox, you can bet it won't be through Firefox's update mechanism which is reserved for, you know, updating Firefox.
- A
>Users should question their software when it asks to install anything new.
You and I fundamentally disagree here then. Firefox users should and do trust the Firefox updater because it doesn't abuse that trust. If a user trusts a software vendor to install that vendor's software on their machine (which could conceivably do horrible things on their machine.) there's every good reason for them to trust that same vendor to keep that software up to date. It's an abuse of that trust when a vendor uses the software update mechanism to do things other than keep that user up to date.
You may eventually be right and Apple is helping to speed things toward a world where users cannot trust their software vendors to keep them safe and secure. That's unfortunate but I'm not ready to give up yet (as you apparently have.)
-A
>Firefox climbed to about 15% share and has stalled there for quite a while.
Actually, Firefox _user_ growth has been pretty much linear since we shipped Firefox 1.
The several plateaus that _usage_ growth has had (and overcome) are mostly related to seasonal changes in overall _usage_ on the Web. The somewhat slower increases in _usage_ as compared to _users_ is a result of reaching the larger segments of the internet using population which use the computer and or the web less frequently.
- A
"Many software platforms over the years, (including a lot of linux ones), have a Software Update type of tool as a part of the operating system that keeps the software up to date. It also works as an installer of new software and an uninstaller of older software. I still think it's appropriate to "suggest" new software if it's available, but the user must remain in control and be offered a clear choice."
All of the package management systems I've used on Linux make a very clear distinction between updates for existing programs I have installed and new programs that I do not have installed.
When an installed program's updater is triggered, whether it's specific to the particular program or a system-wide tool, the interface to be presented to the user should be one of updating. It's that simple. During software updates, it is no time to be hocking new wares. If you want to use the same system to promote new products and to offer security updates for already installed products, you don't do it the way Apple has done it.
When I have QuickTime installed and a critical QT flaw is discovered and QuickTime offers me an update for that flaw, anything, anything that gets in the way of that simple and necessary transaction is a disservice to users and other vendors. Using that mechanism at that time to advertise additional products is just sleezy.
- A
>The *only* issue here (and where the "inappropriate" part
>begins), is the installation of Safari being checked by default.
>
>If they unchecked that box Apple would be golden from the moral
>side of things and there would be no problem at all.
I disagree. By mixing up "new stuff you may or may not want" with "stuff you really, really, really need to install immediately to keep your already installed software safe from exploits" is just a bad, bad idea.
When my software update mechanism comes up with a critical security update and I have to spend time trying to work out whether or not I should check or uncheck or install or not install, it creates confusion and leads to some percentage of people not opting in for the right parts.
If Apple wants to use the same infrastructure to advertise new products, fine by me, but don't mix them in with real updates for software I already have installed. Make it clearly a different interaction.
But they won't do that. They don't want to create an advertising mechanism here, they want to create a situation where users feel like they "need" to install this new software by associating it in every way possible with critical security updates.
It's not enough to simply uncheck the box. There needs to be a clear distinction that most users will understand between "update what I've already got on my system so that I can stay safe and secure" and "offer me new stuff that i may or may not want."
- A
>Google and Yahoo do this as well as Apple. Have you tried
/etc.
>to download Adobe Reader only to have it auto-install the
>Google / Yahoo (whoever's paying them that month) IE toolbar
>unless you opt out?
Yes, but this is apples and oranges. Installers are one thing. Software updaters are another. With an Installer, you haven't installed the software yet and you are free to chose options (or not, I really don't want to defend crappy installers) but with an updater, you've installed the software and you should be able to trust it to simply update itself, not to transform into an installer for other software and to mix in those other offers with security updates for the piece of software you did install.
Installers and updaters are not the same thing. Abusing updaters is really, really bad for everyone because it causes people to lose trust in the updaters and that means lots of people less secure in the long run.
>Basically, when I install something -- no matter WHAT I'm
>Installing -- I don't want any other software auto-installed
>without an opt-in. Heck I even hate all the little
>auto-update craplets that get installed with every software
>package out there from Sun Java to iTunes to Reader
Again, installers are not updaters and I don't hold them to the same standard. That being the case, I agree with you. Installers mostly suck (We try hard not to suck with Mozilla Firefox's installer and I think we're doing a pretty good job) and users should complain. But bad acting installers are not even in the same category as updaters for installed software.
- A
>Doesn't the firefox install offer google toolbar?
Not if you got it from Mozilla (Mozilla is the vendor that makes and distributes Firefox.)
And even if it did (which it doesn't, unless you get it from some third party) that is a completely different issue.
We're not talking about installers here and their various options. We're talking about a software update system which is expected to, you know, update your software. Safari is not an update for iTunes. It's not an update for QuickTime. It's not an update for anything except Safari and if the user doesn't have Safari installed, she shouldn't have it pushed on her by an *updater*
- A
>My completely unsubstantiated guess is that this was
>a misconfiguration of the Apple Software Update - there
>was a Safari 3.1 update rolled out, and instead of just
>those who had it installed seeing it, everyone did.
>Probably a missed configuration option in there,
>somewhere.
Let's hope you're right. I look forward to the fix being rolled out shortly.
- A
>Apparently, according to most of the commentors , the average Windows/iTunes
>user, upon seeing the Update Safari" checkbox, are too stupid, too ignorant,
>too docile and conditioned by Windows to do anything other than click the
>"install" button.
No. Not quite. The average Windows user, having developed a trust relationship with their software vendors, (now, thanks to Apple) incorrectly assumes that a software updater will do just that and update software they've already installed. They don't assume that a software updater will try to sneak new programs on to their computer. They rightly see software updaters as important tools to keep their installed software up to date and they don't want to worry that agreeing to software *updates* for their installed software will put new software on their system.
- A
>I think users should be given an opt in with a default of
>off on the safari install. I guess this story would have
>more impact if someone from mozilla had not said it. Someone
>is competing against them and they are pissed.
I think you're missing the core issue here (did you actually read John's post?)
The problem is that an update system is being used to advertise (or sneak in) new software installs. Safari is not an update for iTunes and it's not an update for QuickTime, yet it's being offered as an update -- one that's checked by default.
Users should trust the updaters for their installed software to keep them updated and secure. They shouldn't have to worry that the vendor will try to sneak in things which are not updates. When users stop trusting the updaters for their installed software, everyone loses. Trying to sneak in new programs when users are trying to keep their existing programs secure and up to date will cause users to trust their installed software updaters less and that's dangerous.
- A
>Microsoft and Apple's respective services are system-wide,
>and both offer you software beyond that which you have
>installed currently.
I have yet to see an automatic update notice from either Microsoft or Apple (on a Mac) or any other reputable software vendor (other than Apple on Windows) that had an *opt-out* *update* for a piece of software that was *new to the system*. Even Apple doesn't do this on Macs systems.
On Macs, Apple does the right thing. On Windows, Microsoft does the right thing. On Mac, Windows, and Linux, Mozilla does the right thing. The odd man out here is Apple's software update system on Windows.
- A
You're missing the fundamental distinction that makes this an issue in the first place. We are not talking about *installers* here. We're talking about software *updaters* -- that is, the software that runs from already installed software to update itself.
Bundled installers have been around forever. This is the first time a major software vendor has abused the update system for already installed software to push an entirely new program on users. The update system is critical to keeping user's already installed software up to date and secure. Treating it as an advertising platform for new programs is just wrong. Even worse is that it's hardly advertising at all. It's attempting to sneak in under the radar of a security update by being checked by default (opt out rather than opt in).
This makes users trust update systems less and means that more people will be less secure in the long run. That's a bad practice. That's the reason there's even a story here.
- A
>Or do you think that spoofing of auto-update windows
>isn't ever going to be a threat? They already spoof
>"windows updates" in spam messages containing trojans.
That's just silly. The last thing a spoof is going to do is place notices of additional software in a spoofed dialog.
If a user trusts the dialog itself, they should not have to worry about the contents of the dialog. Apple is creating a situation where users have to worry about their trusted vendor doing something sneaky and that's bad for everyone.
- A
>Exactly. Why do you think there are so
:-)
>many unpatched Windows installs? Because
>MS tries to push out "updates" not as
>patches but as entire different versions.
>Think of IE6 to IE7
Ugh. Now why'd you go and do that -- forcing me to defend Microsoft. Yuck!
IE 7 is a security update to IE6. Did they also add new features and new UI? Yes, they did. That does not mean that it's not also a security update -- just like updating from Firefox 1.0 to Firefox 2.0 is a security update. It does mean new features and a slightly different UI and that may cause some confusion, but it's still critical that Firefox 1 users updated to Firefox 2 because Firefox 2 is light-years ahead of Firefox 1 in security.
Software update systems should not be used to advertise new software. Create an advertising system that pops up and tries to convince users to get your other offerings, but don't abuse the system that users must trust for security in order to hock new wares.
- A
>The Mozilla folks are whining because there
>is some chance that a significant portion of
>Firefox users will switch to Safari.
The complaint is not about the result, it's about the means. Mozilla, Microsoft, and Apple all have very good software update systems that help users keep their software up to date and secure. This keeps users safe. This matters, a lot.
Apple is taking that system, which has been effectively used by Mozilla, Apple and Microsoft to keep their users safe, and turning it into an advertising mechanism for new software. This will cause users to have less trust in that update system and all update systems and will lead to fewer users taking advantage of a great tool that users and vendors have to keep computers up to date and safe.
If Apple had simply shipped an "advertising service" that popped up and tried to convince users to install additional Apple products, that'd have been fine with me and most other critics of Apple's current approach. But they didn't. They used the software update service to advertise Safari as an update. Safari is not an update to QuickTIme and it is not an update to iTunes. It should not be labeled as such and it should not be offered to users as if it was an important update to already installed software.
- A
>Google's gotten pretty bad about trying to
>get other companies to bundle their toolbar
>and hard-wire or at least default their browser
>searches to Google as well (Safari and Firefox).
Google didn't try to get Firefox to bundle its toolbar or hardwire it as the default search. Firefox (and Mozilla before Firefox) had Google as a built in option going back to 1999 or 2000, it was made the default in 2002 or early 2003 (replacing Netscape search, which was just a rebranded Google search) and there was no relationship with Google until late 2004.
We put Google there because people wanted it and it was extremely useful. We also made sure that you could change the default easily and add as many additional search services as you want (Today we ship Yahoo, Ebay, Wikipedia, Amazon, and others as selectable options and there are more than 10,000 additional services available at mycroft.mozdev.org.)
- A
"Of course iTunes requires Safari in some form."
Um, no it doesn't. Care to provide support for that claim? Last I checked, iTunes used QuickTime for its toolkit and to display the iTunes Music Store.