Apple's Trojan Easter Egg - Apple Safari

While upgrading one of my other machines to Vista SP1 this Easter weekend, my laptop popped up the all too familiar Apple software upgrade window. I figured it was yet another iTunes or QuickTime upgrade wanting to be installed. It seems these days Apple iTunes wants an upgrade of bits at least every other time I use it. Since I was busy doing other stuff, I hit the Install (1) button. But not so fast Quick Draw McGraw. That wasn't iTunes wanting it's weekly helping of fresh bits, it was Apple's Safari browser.

Some moments later up pops a new brush aluminum window sporting a Safari browser I didn't really want. What? You got peanut butter in my chocolate! I already have Firefox, my primary browser, and Internet Explorer to surf the net with. Why would I want Safari too? And when did the Apple software update utility become Apple's installer for new applications? I'm already tired for telling Microsoft I don't want their IM or media player app installed during every update. If every vendor takes up this practice, you'll have to be extra careful to avoid tagalong applications when updating software.

Looks like I'm not the only one who noticed Apple's Trojan app installer. Mozilla's CEO, John Lilly, wrote a scathing blog post about Apple sneaking in the Safari app installation. John's view is primarily that Apple's Trojan installer practice violates a trust with the end user. Probably so. He has some good recommendations for all software manufactures, suggesting they make new software installation recognizably different by the end user from software updates for applications you already have installed. Microsoft could take a page out of that book.

And they actually have, in one case. I like the way Microsoft Live applications (Live Writer, Live Gallery, etc.) have their own application installer that shows you the applications installed vs. those additional apps that are also available. You can chose just to install the applications you want. I'd like to see this approach taken with Windows Update, making it clear when new application are being installed versus updates to current installed software.

I'm interested to see if Apple will continue it's Trojan ways by defaulting the Safari installation in Apple update software. Apple likely will if the backlash from users is strong enough.

Like this? Here are some of Mitchell's recent posts.

Top 2: Hyper-V and Apple Security Patches

What You Didn't Know About Virtualization Management

Apple Fixes Open Source Vulnerabilities

Hyper-V Leaves Linux Out In The Cold

Can WM6 Phones Handle Adobe Flash?

Mitchell's Hottest Blog Posts: Kidaro Acquisition Shot Across The Bow At Citrix Xen, What Microsoft Mesh Means To You, Failure Is An Option, Just Do It Early, and Apple iPhone Doomed To Failure.

Check out Mitchell's Converging On Microsoft Podcast. Current Podcast Episode: Security Mike Gets Serious About Security

Also visit Mitchell's personal blog The Converging Network and SSAATY Security Podcast. Visit Microsoft Subnet for more news, blogs, opinion from around the Web. Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)
Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT