Apple pushes MobileMe surprise to XP, Vista via iTunes update
Adds sync service control panel to Windows without notifying users
Computerworld - Apple Inc. installed a control panel applet for its MobileMe online sync and storage service on Windows XP and Windows Vista systems when they were updated to iTunes 7.7 -- the second time this year that it's bundled new software with an update for an existing program.
The anti-malware organization that rebuked Apple for similar tactics in April said it has not had a chance to investigate, but on a general level the group objects to software that's installed without prior user approval or knowledge.
Computerworld has confirmed that installing iTunes 7.7, the version required to access Apple's new iPhone- and iPod touch-specific App Store, also installs a MobileMe control panel in both Windows XP and Windows Vista. The control panel, dubbed "MobileMe Preferences," is used by subscribers to log into the service, set sync options for Outlook or Internet Explorer, and access MobileMe's online storage.
People who are not yet subscribers are taken to an Apple marketing Web site if they click on the "Learn More" button under a "Try MobileMe" heading.
The end-user licensing agreement (EULA) that accompanies the iTunes 7.7 update makes no mention of the MobileMe software that's installed on the PC, nor are there any notifications elsewhere during the setup procedure. Also, uninstalling iTunes does not uninstall the MobileMe control panel applet. Instead, users must select "Apple Mobile Device Support" from the "Add or Remove Programs" applet in XP or "Uninstall or change a program" in Vista to uninstall the software.
Apple's decision to include the MobileMe preferences applet without telling users reminded some of the dustup last spring when the Cupertino, Calif. company offered Safari 3.1 to Windows users via the Apple Software Update tool, even if they hadn't had Apple's browser on their PCs previously.
Back in April, Mozilla Corp., which develops the Firefox open-source browser, objected to the practice, with its CEO, John Lilly, saying that the practice "borders on malware distribution practices." Stopbadware.org, an anti-malware advocacy group founded by Google Inc., Lenovo Group Ltd. and Sun Microsystems Inc., notified Apple it would soon issue a "badware" alert for Software Update because of the tactics. Apple made that alert moot, however, when it changed the updating tool so that it separated updates for already-installed programs from offers to install new software.
Maxim Weinstein, manager of Stopbadware.org., stopped short on Monday of calling Apple's newest move a repeat of the Safari incident. "We haven't had an opportunity to look at it, so we don't have a formal evaluation," he said. "But our guidelines require and the [user] community expects that when an application installs new or different functionality that users are notified and able to consent to that."
Weinstein said that Stopbadware.org would probably look into the MobileMe-iTunes situation in the next week or two.
MobileMe, which has had a rocky start since its launch a week and a half ago, synchronizes e-mail, contacts and calendars on multiple Macs, PCs, iPhones and iPod touches; provides Web-based e-mail, contact and scheduling applications; and offers 20GB of storage space for an annual fee of $99.
Read more about Malware and Vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The Threat Landscape Hardly a day goes by without the discovery of a new cyberthreat somewhere in the world! But how do you keep up with...
- Security for Virtualization In the rush to implement virtualization, security has become second. So while the business benefits are clear, the risks are less well documented...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Malware and Vulnerabilities White Papers | Webcasts