Beware of the Software Bundles
In this day and age, we are constantly trying to be sold something. Companies pay big money to get their products in front of us. The software world is no different. Software companies know that if they can get their software on our computers, they can get us to use it and possibly buy it or some of their other software products. This is where the ‘bundles’ come in. I called it bundled software, while the more, proper term is foistware. Foistware is software that is installed without the user’s knowledge or consent, often bundled with another product. Foistware by definition, is a bit different from what these companies do, in my opinion. Most companies dont install the bundled software without your consent or by not informing you that they will be installing it. They use a bit of social engineering to trick you into consenting and they clearly state that it will be installing additional software. When you are downloading or installing some software you want and you find that it is also asking to install or download other programs. This is bundled software. Beware of the software bundles.
Software bundling used to be something that “not-so-reputable” companies did to get theirs, or third-party software, on your computer. The additional software is usually included some kind of evasive ad system or marketing tools. Bundled software is no longer a tactic used by “not-so-reputable” companies, but larger, supposedly more reputable companies are in on it too. One such company is Oracle. Oracle is the company behind Java. When you use Java’s automatic updater to install security updates for Windows, third-party software is always included. The two additional software packages delivered to users are the Ask Toolbar and McAfee Security Scanner. Oracle gets a commission on each download and install of these products.
Both Ask Toolbar and McAfee Security Scanner are two software products that I don’t personally like. Ask Toolbar search page delivers sub-par search results and uses misleading and shady techniques to deceive visitors into clicking paid ads. McAfee Security Scanner is not as bad as the Ask Toolbar, but it is not very high on my list of effectiveness and there are other products that are far superior. Regardless of you usefulness of these bundled softwares; I dont want them if I didn’t request them.
So how do you prevent unwanted bundled software being installed on your computer? It’s shockingly simple…
- Slow down. When downloading and/or installing software, slow down your clicks. We have all been guilty of simply clicking “next” to advance the install process.
- Read. Now that you are not speed-clicking through the install process. Take a few seconds to actually read the information that is being displayed.
Social engineering is a non-technical method that relies heavily on human interaction and often involves tricking people into breaking normal security procedures or behaving in a manner that produces a desired outcome. Bundling software is effective because humans can be predictable. These companies know we barely read the information during the install process because we view it as routine stuff that is standard to all software installs. These software companies also know that we want to get the software installed as quickly as possible as we can ‘check it out’. Companies post that third-party software will be installed so that they can say that they did inform you, but we don’t read it so we don’t know. In addition, they provide a check box that you can use to opt out of the extra software install, but it is defaulted to be checked for acceptance. We click through the install so quickly though; we click “next” with the opt-in box checked, giving them authorization to install the extra software.