Oracle Installs Deceptive Software With Java Updates

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
Here's a tip, just treat Java and Flash updates the same as you would a suspicious file that can potentially harm your system. We all know that a week after you install them they will be compromised and require another update anyway. :D Thanks to [H] forum member jadams for the link.

Oracle's Java plugin for browsers is a notoriously insecure product. Over the past 18 months, the company has released 11 updates, six of them containing critical security fixes. With each update, Java actively tries to install unwanted software. Here's what it does, and why it has to stop.
 
How much does ask toolbar pay per install, is oracle really that desperate for money?
 
Java has always and will always suck. Even without the 3rd party software and sneaky foistware, the code is just clunky, heavy, slow and vulnerable.
 
Notice the same thing couple days ago. Simply unchecked the box. But was thinking the same: "WTF is Oracle doing trying to install Ask bar. The worst f@$%^ search bar at that...!!!" Somebody needs to get fired, and quick at Oracle...:rolleyes:
 
I had a similar problem when the Yahoo toolbar was somehow installed on my system. I don't know what prompted its install, but even after I uninstalled that damn thing it kept changing my default search box in Firefox. I had to manually remove it from Firefox deep within its settings to get back control of that damn box.

I understand that these things keep software free, but it doesn't make it any less bullshit.
 
Notice the same thing couple days ago. Simply unchecked the box. But was thinking the same: "WTF is Oracle doing trying to install Ask bar. The worst f@$%^ search bar at that...!!!" Somebody needs to get fired, and quick at Oracle...:rolleyes:

It's random. Sometimes it's Bing, sometimes it's Ask.com. Never had a download with Google in it though.
 
I learned OOP using java. Feeling ashamed.

Java isn't the problem (at least in this article). Oracle buying up Sun and pulling this kind of crap is the issue. I don't recall Sun ever doing this when it was running things. (could be wrong though)
 
Java isn't the problem (at least in this article). Oracle buying up Sun and pulling this kind of crap is the issue. I don't recall Sun ever doing this when it was running things. (could be wrong though)

Correct - they also did a lot of other asshole things....like stopping Solaris code from being shared to the forks, like openSolaris and others.
 
Yay! Filled with holes AND installed stuff we don't want! It's a fantastic piece of software!
 
First time ever on the home computer, off a new build of 7, did I not install Java. It occured to me that the home computing habits don't need it.

Unfortunately, some of the office computers need it. :(
 
I don't have it on my home computer either but unfortunately and frightening enough most business need it...
 
ahh consumer whoring at it's finest.

We all remember programs that used to simply WORK. No frills, no razzle dazzle, that slowly sold out or whored out and became total crapware.

WinZip, Nero, Symantec, Winamp -- just to name a few.

Hell even the free Avira antivirus that I love has started selling out.

Anytime a program asks to install a toolbar or some other crap -- usually means the program itself is a piece of shit in some way shape or form.
 
Another deceptive write up. The whole thing is because the user didn't un-check the box.

Cmon.....how hard is it to un-check the box? :rolleyes:

Every piece of software you don't pay money for has this in some way.....for a long time now. It's nothing new except for it showing at every update instead of only at the initial install.
 
People act like this is new. It's been happening for years, even before Oracle took over Sun.
 
It is sleazy practice to have that shit checked by default. If you do install it by accident the toolbar installer remains silently active for 10 minutes so it does not appear in the control panel immediately. They purposely made it difficult to detect. Oh and Java never scales right with Windows DPI settings. Fuck them.
 
I never use searchbars or toolbars and I have told all the pc users I know to never install them.
back in the day everything wrong that would happen with malware and virus' was always attached to one or the other somehow.
 
Another deceptive write up. The whole thing is because the user didn't un-check the box.

Cmon.....how hard is it to un-check the box? :rolleyes:

Every piece of software you don't pay money for has this in some way.....for a long time now. It's nothing new except for it showing at every update instead of only at the initial install.

Not only that but, in the article it also says that the Ask.com installer runs on a 10 minute delay. This is used so that in the event you have an "oh shit!" moment realize you didnt uncheck the box. You goto the add/remove programs and see no ask.com bar. ITs not there! You dodged a bullet. Actualy its because the installer for ask.com is slightly delayed.

Shady, just shady.
 
Yup. Agree. The install of additional software/toolbars/etc is nothing new. People need to learn to read.

What really grinds my gears is the bullshit of creating a desktop icon and having no option to disable this during install (Adobe Reader!).
 
I recall this being part of Java's SOP for a long time now, not sure why this article needs to point out what's already been known

IAC, which partners with Oracle to deliver the Ask toolbar, uses deceptive techniques to install its software. These techniques include social engineering that appears to be aimed at both novices and experienced computer users, behavior that may well be illegal in some jurisdictions.

Deceptive techniques like not reading what the screen says and clicking next just to get through it. These social engineering novices will never know! MWUAHAHAHAHAAH.
Ok I'll admit it is kind of a douchebag move to auto-install unless you specifically tell it not to. But still.
 
Every piece of software you don't pay money for has this in some way.....for a long time now. It's nothing new except for it showing at every update instead of only at the initial install.

Really? Crap. :(

*throws Ubuntu box out the window*
 
For those simply talking about the checkbox, the article goes a little further than that. Please read it.

Furthermore this stuff is happening with their updates, not just their base install. Shady...
 
Forget about users flying through the installer and missing the checkbox for a moment..


Simply put... this article describes the ask.com software as borderline spyware/malware. Why would Oracle agree to this?
 
zdnet.com said:
search result pages expand the clickable area of each advertisement to fill the entire page width, sharply increasing the fraction of the page where a click will be interpreted as a request to visit the advertiser's page.
Yet zdnet's own background whitespace is an advertisement to do exactly the same thing!
 
It is sleazy practice to have that shit checked by default. If you do install it by accident the toolbar installer remains silently active for 10 minutes so it does not appear in the control panel immediately. They purposely made it difficult to detect. Oh and Java never scales right with Windows DPI settings. Fuck them.

Neither does Adobe software! As for Java, it's a damn shame but it happens every time when products get bought out. Screw Oracle!
 
Not even remotely close to being true.

I've updated my SOP practices to include the recommendation to counsel on un-checking the box for toolbars/optimization/secuity scan crapware for a long time now. I will admit to being somewhat inflammatory about the statement, but not by much. I wish I had a date written down, but it's been multiple years.

The only issue here is it popping up at every update now.

Really? Crap. :(

*throws Ubuntu box out the window*

:p You got me!
 
Java isn't the problem (at least in this article). Oracle buying up Sun and pulling this kind of crap is the issue. I don't recall Sun ever doing this when it was running things. (could be wrong though)

I kinda vaguely recall being upset at Sun for bundling stupid toolbars with Java before Oracle bought them, but that was like a billion years ago back when I was a really tiny Skribbel.

Anyhow, Java sucked before Oracle got their hands on it and it continues to suck now. It has everything to do with the fact that the whole basic design of on-the-fly code translation in a virtual machine is just insecure and stupid. We all need to go back to FORTRAN and Assembly or maybe use LISP. OOP is dumb and code that isn't hardware dependent is also dumb. Development should be super expensive and porting to another platform should be a titanic pain in the tail.
 
But I still use BonziBuddy. Thanks for the updates, Oracle!

It seems pretty lame that Oracle uses the deceptive Ask toolbar, but Ellison did promise to "monetize Java". He needs to get something out of that lulz Sun purchase and its servers aren't doing so hot. :D
 
Here's a tip, just treat Java and Flash updates the same as you would a suspicious file that can potentially harm your system. We all know that a week after you install them they will be compromised and require another update anyway. :D Thanks to [H] forum member jadams for the link.

I saw no such thing on my x86_64 linux install of java7u11.
 
Java SRE installers without Ask, McAfee, or other third-party installers:

http://www.oracle.com/technetwork/java/javase/downloads/index.html

(I don't know whether the auto-update that results from those installers have the Ask toolbar install window or not.)

Users less experienced than most who read this forum inevitably install everything the installer wants to It's not the user's fault. Whatever they were doing that needed Java, such as applying for a job on a company website, the browser tells them that they need Java to continue. So the installer gets run, and they click "agree" and "next" on everything because they have no way of knowing that Java doesn't require the Ask toolbar to run.

Just read the "fine print that they should have read". The window that pops up (you can see it in the article) says nothing about Java not requiring Ask to run. The big letters on top say "We recommend installing the FREE browser add-on from Ask". Just look at the window and tell me how a user is supposed to know that they don't need to install it.
 
Sorry but ooooohhhhh please...

The article is written in a way that somehow the toolbar and install behavior is non-existent in the software world.

It's been done for years, in pretty much the same fashion.

Should Oracle be protected or commended for this? no way. I think it sucks too, these installer deals really prey on most computer users that have no clue how to manage their system.

It really sucks that it is Java, not essential but close rather then winzip or some other crappy freeware/coupon app.

The article was just a rant, ranting about how ask sucks etc. Well I am sorry but a malware expert and blogger do not really have the expertise to judge a search page as "sucks" like a professional. Sure they can have their opinion, just like I have one about cars... but that doesn't mean its worth anything.

I don't really disagree that ask sucks, it was just an unprofessional article that was ranting and complaining... nothing to see move along.
 
Java isn't the only program that tries to trick you into installing the Ask toolbar and other junk programs...Foxit Reader also does it...you have to specifially opt out of it during installation
 
So... because a dumb user blindly clicks through an install, we have a problem?... java had had that in their installer for years. Uncheck box, problem solved. Same for Adobe and a even ati/and catalyst drivers for a long time.
 
Back
Top