« Bears, you’re on notice.
San Diego Firefox party »

Bundled software in security updates

Today's Java security update includes a checked-by-default "Install Google Toolbar for Internet Explorer" option. Shame on you, Sun and Google. Automatic security updates are no place to push unrelated, bundled software. Making security updates annoying hurts security almost as much as making security updates complicated: users will be less inclined to update next time.

This is similar to how Flash updates attempt to install the Yahoo Toolbar. It's certainly not as bad as the frequently updated AOL Instant Messenger, which turns on the "Today window" popup on every AIM account and adds a "Netscape ISP" icon to the desktop with every security update. But I thought Google was trying to set a good example.

This entry was posted on Saturday, October 28th, 2006 at 12:47 am and is filed under Google, Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

6 Responses to “Bundled software in security updates”

  1. minghong Says:
    October 29th, 2006 at 2:19 am

    Really? But for me the update is just a normal one, I didn’t see the option for Google Toolbar…

  2. Jesse Ruderman Says:
    October 29th, 2006 at 4:55 am

    It could be worse: http://www.penny-arcade.com/comic/2001/06/18

  3. BillyG Says:
    October 30th, 2006 at 11:51 am

    It happened to me this morning too when installing CCleaner‘s new release. In this case, I think it was Yahoo’s turn. They’re all hedging their bets that we don’t read the panels as we fly through the ‘Next’ buttons. I know I don’t. I almost missed that one lol.

  4. Gstories » Google tricks users into installing their toolbar in IE? Says:
    October 31st, 2006 at 11:35 pm

    […] Via SquareFree. This entry was posted on Wednesday, November 1st, 2006 at 12:34 am and filed under Uncategorized. Follow comments here with the RSS 2.0 (XML) feed. Post a comment or leave a trackback. […]