5 Replies Latest reply on Jan 7, 2015 2:46 PM by dffrntwn

    How to stop Adobe from bundling "MALWARE" with their updates.

    dffrntwn

      We need to start a petition to Adobe to stop bundling McAfee automatically with every update. Not everyone is tech savvy, (including my parents), and I am sick of helping people who accidentally install this crap on their machines. If they can't stop bundling it then at least have the box unchecked on the install page so people can manually check it themselves after they read about what it is if they still want it installed. It's bad netiquette and business practice, and it needs to end now.

        • 1. Re: How to stop Adobe from bundling "MALWARE" with their updates.
          jeromiec83223024 Adobe Employee

          Thanks for your feedback.

           

          Flash Player is tremendously expensive to develop, maintain and distribute.  It requires the effort of a large number of specialized and talented people, and pushing a single update consumes about 50 petabytes of bandwidth.  For products that Adobe offers free of charge, the bundled offers represent a necessary cost-recovery mechanism.

          • 2. Re: How to stop Adobe from bundling "MALWARE" with their updates.
            dffrntwn Level 1

            Adobe is certainly not hurting for cash that they have to resort to pushing second party software onto people's machines, and knowingly disrupting the balance of thousands of operating systems per year. This is not the way to make your company look good in the public eye, and I certainly wouldn't invest in any company with such business practices. Why not just reverse the check box and allow the user to check it if they are interested in the extra software being installed? That way it's a win win proposition. No one will install it by accident, and you still are fulfilling any marketing obligations to McAfee.

            • 3. Re: How to stop Adobe from bundling "MALWARE" with their updates.
              zephalis Level 1

              That is not a good reason for auto opting in. There are very few good reasons to auto opt in anything, especially something unrelated to your software.

               

              Many people do not trust McAfee in particular for many reasons stemming from their history of advertising, poor capability, poor size, poor speed, and many other things. Even IF they made a trusted product, flash is far too ubiquitous to think that the end users don't already have an AV installed.

               

              AV software usually does not play well with other AV software, especially McAfee and Symantec.

               

              This also opens the Adobe Flash installer up for trojans to attach to as the McAfee portion requires elevated security to function well. If you think that that's a reason for direct downloads, it's not as it wouldn't be a big issue to target Adobe's servers for an exploit.

               

              The latest incarnation of McAfee's AV is very buggy and creates it's own odd user interface with no warning which is another very bad issue.

               

              Note that this issue is on top of the already bad issue of updating flash too often; always resorting to automatic updates being turned on instead of remembering the user's choice; and the new, horrible extra steps of having to go to adobe.com to do the update while still keeping the annoying previous popup installer.

               

              [rant topic=response to feedback response]

              Jeromie Clark wrote:

               

              Thanks for your feedback.

               

              Flash Player is tremendously expensive to develop, maintain and distribute.  It requires the effort of a large number of specialized and talented people, and pushing a single update consumes about 50 petabytes of bandwidth.  For products that Adobe offers free of charge, the bundled offers represent a necessary cost-recovery mechanism.

               

              If Adobe had "50 petabytes worth of bandwidth", they wouldn't need McAfee for ad revenue as they would already be one of the richest companies in the world. Why? Because Google only uses ~25 TB of bandwidth, and this would be 2,000 times more that that. Check your knowledge before representing your company.

               

              If you mean that the total amount of data transferred to end users by adobe for one update, then you have another problem, that would be >1 trillion copies downloaded!

               

              If it's so expensive for Adobe to "develop, maintain, and distribute" the flash player, maybe Adobe should look in to making some changes:

              • Stop requiring direct downloads (they are irritating and considered unsafe)
                • Deliver via torrent/cloud/normal add-on channels: safe, fast, efficient
              • Rewrite your player (it's already slow, outdated, bloated, buggy, a proved security risk, etc)
              • Open the source (what are you afraid of? That we'll steal your crappy code, create a better product in under a year, find out that it really is malware?)

               

              "the bundled offers represent a necessary cost-recovery mechanism"

              • Explain why you and Oracle are the only two major software vendors that do this
              • Is this the reason you need to bundle an AV program, to mitigate the cost of force fed garbage on people's computers?

               

              Realize that most technical users only use your product to avoid legal issues surrounding Adobe's godawful copyright on flash as there are much better flash solutions out there that are in questionable (albeit probably safe) legal territory.

              [/rant]

              • 5. Re: How to stop Adobe from bundling "MALWARE" with their updates.
                dffrntwn Level 1

                I concur, thanks for your accurate and objective assessment and feedback zephalis. This needs to be addressed by Adobe, and they really have no viable excuse not to.