Open Source Subnet An independent Open Source community View more

Oracle should stop sneaking Ask.com adware into Java updates

They have enough security problems with Java without installing sneaky adware.

Like most of you, I received a notice to update Java on my laptop yesterday. It seems like it has become a weekly occurrence. In fact, Java has taken the place of Flash as the primary attack vector used by the bad guys. So, I dutifully clicked the "update now" button. I sat through the download, the extraction and the installer firing up. I was clicking through when I came to the screen below. Luckily, though tired, I was not yet asleep.

How many of you would have caught this? If you don't uncheck the box the good folks at Oracle will sell your soul to Ask.com. Ask.com becomes both your default search engine and your default start page.

What kind of nonsense is this? I expect this kind of stuff when I am installing some shareware utility or program from some small mom-and-pop software publisher looking to stay in business. But Oracle doing it with Java, which is on like 4 billion devices? Is Oracle really that hard up for the money that they would stoop this low?

I understand that Ask.com has been through the search wars and come out the other side as a bit player that has to resort to whatever it can to keep market share. Whoever made the business development deal to bring in Oracle and Java deserves a raise. I would love to see how many new subscribers Ask.com gets through its Java package. I would imagine the number has to be in the millions.

If I were Oracle, I would think I have enough problems with Java security without sneaking what some consider adware onto millions of machines. It cheapens their brand and gives us yet another reason to just tell people to remove Java from their computers altogether.

For those of you who say "what's the big deal? You just have to uncheck the box," think about non-IT people. Your aunt, cousin or neighbor who fires up their computer at home and gets the Java update message. Do you think they are going to unclick the box? Do you think they are going to go against the recommendation from Java and Oracle? As I say, I think the number is pretty high.

In fact, I have seen the Ask.com or other programs that do similar stealthy installs far too often. The fact is Ask.com is one of the easier ones to remove if you happen to click through the install without being careful. Other programs are even harder to detect and remove. I wish software publishers would just stop this practice altogether.

But of course this won't happen unless people vote with their pocketbooks against companies that practice this kind of sneaky behavior. Oracle would be a good place to start, I think. Until Oracle stops trying to sneak in software we didn't ask for, we should stop using the software. It could just make us all safer anyway.

How about it? Can we at least create enough social media buzz to get Larry's attention? I know he is busy getting ready to defend the Americas Cup, but can he cut Ask.com out of the Java install? It starts with you. If you agree with this, tweet to @java and ask to remove ask.com.

They might be a bit busy right now closing the next hole in Java, but before we have to install the update, maybe they can drop the adware.

Editors' Picks
Join the discussion
Be the first to comment on this article. Our Commenting Policies