Why is the opt-in toolbar scam still acceptable?
Aside from when I need Photoshop, I've been using my Chromebook 80% of the time & loving it but over the last year, I've had 3-4 family members and friends ask me to help them remove toolbars/search helpers and other shit they downloaded by mistake while installing a legit piece of software on a Windows box.
The industry should have evolved beyond this practice by now. I'm sure there's a less invasive profit center.
This practice specifically preys on the less tech savvy. Not cool... It seems like reputable companies would distance themselves from the practice but some of the most popular software still tries to get you to opt-in via a strategically placed checkboxes or misleading question. It's time for us to stop accepting this. Our parents, kids and friends deserve better.
Thoughts?
54 comments
[ 3.0 ms ] story [ 118 ms ] threadGaming, Tech, Adult, Entertainment category websites see the highest adblock users ranging from 30-20%. Other websites go as low as 5%.
Our local IT press also constantly advertises for adblockers and non-IE browsers, too, so it might be a "cultural" issue.
I know I avoided using adblockers (I want to support my favorite websites after all)...until I had one particularly pernicious ad served to me on comics.com that hadn't been vetted, and caused my browser window to minimize, and displayed a popup right over my (Windows) system tray, styled to look like a system alert, indicating my system wasn't secure and I needed to click here and download X. That was the final straw, and I haven't looked back.
I was on a computer the other day without adblock and I can't believe how horrible the standard internet viewing experience has become.
Simple example would be : Flash, Reader, Java, Avast, ...
And the Java updater for Windows tries to install the Ask toolbar on every update. I feel like these are programs I can't really avoid installing, either. Scum!
Oracle doesn't bundle adware with the JDK.
Since they won't, makes you wonder how much they're being paid to leave it in.
https://chrome.google.com/webstore/search-apps/toolbar
As a guy who uses firebug, I'd much rather download a special built executable of firebug for myself, once, than spend a lifetime cleaning up relatives browser bars.
(edited to rephrase, what I'm asking for is a market bifurcation where stereotypical end users can't install toolbars and stuff to get owned, but devs are given the ability to screw their browsers up. Or we simply distribute dev tools separate from end user tools.)
In the end, browsers can only do so much; you need full process isolation at the OS level to avoid these problems.
AGREE to this offer DECLINE this offer
And the offer obviously is to install some toolbar crap into your browser. Normally I'm very careful not to install any adware or toolbars, but this one caught me off guard.
This would be a non issue with a proper package manager (that or a well curated "app store").
Installers should be a thing of the past, they hardly serve any purpose in this day and age.
You can't expect people to stop doing that if it makes them money. I'm pretty sure the vast majority here doesn't accept this kind of behaviour (whatever that means), but so what? We're not the target anyway.
Look at Steam. Look at the various un*x package managers. They don't have this problem. When I install/update a game through Steam I don't have to worry about crapware (besides steam itself, but that's an other issue).
It would be a huge win for Microsoft IMO, better user experience, software updated automatically for better security, less chance to spread a virus etc...
I'm not advocating a walled garden, I'm advocating a fenced garden you can leave at any moment if you need to and you know what you're doing. Best of both worlds IMO.
It would also simplify the work of the devs, because right now most windows applications feature a custom and non-standard way to check and download updates. Or worse, they don't check, making sure that virtually nobody updates them ever.
As for 3rd party curated stores, we don't need to look beyond Adblock whitelisting Google ads to see where that's headed. Once any 3rd party store reaches critical mass, dollar signs start showing up and it won't be long before "official" weeds begin to creep into the 3rd party garden.
It might be possible for the EFF or a related body to step in and mandate that before installing a toolbar/extension browsers run a check against a Web Of Trust (WOT)-like decentralized system gathering ratings from actual users for all toolbars and extensions. This is a long-term play, one that is unlikely to come to fruition given the massive amount of co-ordination necessary for relatively little payoff.
Realistically, it's up to the users to get savvy. People get ripped off all the time in the real world and no one has managed to put a stop on that, why expect anything different from the virtual world.
Edit: I just had an epiphany in the shower that leads me to believe I closed off the discussion too soon. My initial thinking was that since this was a social engineering issue a technological solution was impossible. It took a hot shower to remind me that we have solved a similar issue with technology before; we know this as "Parental Controls".
Adopting a similar system for naive users has huge benefits — the control remains in userland instead of in the hands of a 3rd party which means its scalable (new users can begin using it right away instead of waiting/hoping a 3rd party would approve) and specific (opt-in/opt-out remains a choice of the user, so savvy users remain unaffected by the needs of the naive).
It works via a browser setting that a savvy relative can turn ON for the user. Once turned ON, all extensions and plugins including toolbars are blocked. Savvy user can whitelist some extensions etc during setup. Problem solved.
We can call this system "Special Controls", which I think is the best name that describes the purpose of the feature without offending the sensibilities of the user.
[0] https://news.ycombinator.com/item?id=7161609
Note that most Ubisoft titles on Steam currently just install and launch UPlay instead of actually running the game through Steam. This is despite the fact that in the past having UPlay installed exposed you to remote code execution vulnerabilities.
YC has invested[0] in a company called InstallMonitizer[1] that appears to help developers and advertisers connect in the pay-per-install marketplace.
[0] http://www.techdirt.com/articles/20130115/17343321692/why-ar...
[1] http://www.installmonetizer.com/
Sadly it does't seem like a practice that will go away any time soon. I'd like to do some digging around on developer forums and see if any folks have shared their experience and would be able to comment on the amount of extra revenue that they see from such programs.
If I rememeber correctly, Ccleaner was removed from Ninite due to the automatic refusal of big G's toolbar.
And to be clear, they were not checkboxes, or "custom install" options. They were straight-up walls of text in tiny textareas, with only "accept" and "decline" buttons.
My instinct was to decline them, and they just kept coming. After I dismissed the final crap, the installer then downloaded the real installer for the app I was trying to install.
This - download.com and others - is absolutely not one of them.