Apple updated its Safari Web browser for Mac and Windows on Tuesday and offered the new version for download from its Web site. The company also began pushing the browser to Windows users — whether it was previously installed or not — via the Apple Software Update, a practice Mozilla CEO John Lilly said is just “wrong.”
“It undermines the trust relationship great companies have with their customers, and that’s bad — not just for Apple, but for the security of the whole Web,” said Lilly in a post on his blog.
The Apple Software Update application is installed on Windows PCs when iTunes and QuickTime are installed. With so many people owning an iPod and installing iTunes, there are quite a few people Apple could potentially reach using the updater.
Lilly doesn’t have a problem with Apple using its software update utility to keep its users up-to-date with iTunes and QuickTime, or any other Apple software they may have installed. The problem for Lilly is that even if you don’t have Safari installed, Apple pushes the update to users and checks the “install” box by default.
“By and large, all software makers are trying to get users to trust us on updates, and so the likely behavior here is for users to just click ‘Install 2 items,’ which means that they’ve now installed a completely new piece of software, quite possibly completely unintentionally,” said Lilly.
Lilly’s concerns go much deeper than offering a new piece of software that users didn’t ask for, he is concerned about the trust relationship that company’s build with their customers and the security of users on the Web.
“Apple has made it incredibly easy — the default, even — for users to install ride along software that they didn’t ask for, and maybe didn’t want,” said Lilly. “This is wrong, and borders on malware distribution practices.”
Lilly said the practice Apple took with the Safari update “ultimately undermines the safety of users on the web by eroding that relationship. It’s a bad practice and should stop.”