Badware Threat Changes Apple's Tune on Safari

In response to mounting criticism from security and privacy experts, Apple has changed the way its Software Update program pushes out the Safari Web browser to Windows users. But the changes may not go far enough for many people because the browser is still being disguised as a security update.

A screenshot of how the the old updater offered Safari.

Cupertino has long used the The Apple Software Updates to deploy iTunes and QuickTime patches to Windows users. Not long ago, however, Apple also began offering Safari in the same window. This ignited a firestorm of protest from users and bloggers. Even tech policy groups jumped into the fray: Stopbadware.org -- an organization that includes tech thought leaders from Harvard, Oxford as well as sponsors like Google and Sun Microsystems - threatened last week to slap a "badware" label on Apple's updater. Stopbadware noted that not only was the practice misleading, but Apple's updater didn't even include a license agreement or privacy policy.

A screenshot of how the the new updater offers Safari.

Apple responded by patching its updater with a new one that now includes a license agreement and privacy policy. It also slightly modified how Safari is now offered, by placing it in a box separate from security updates labeled "new software."

I have previously chided Apple for using security updates as a means to cajole users into paying for product upgrades for things like QuickTime Pro. But using applications designed for rolling out security updates to gain a foothold in the browser war strikes me as a foolhardy approach, one that is likely to discourage users from trusting Apple's update process going forward. That isn't good for Apple, and more importantly, it's a disservice to the end user.