deceit

All internet users should beware when updating their systems. Business people should push back against busy work. Busy work is the part of business that makes more work but does not get you nearer to your goals. All kinds of busy work are a drain on good energy needed in today’s highly Linked In business world.

Beware when updating…

The practice of bundling junk into security updates is a particularly insidious type. Bundling stuff into free software negates the free status making them come at a high price. Duping people into product downloads in an installation packages is unethical.

Updates are critical to any widely used application, like changing passwords regularly. Misguided people will find and exploit weaknesses. The update process should be clean and worry free. A couple weeks I manually updated a computer. We shouldn’t have to be where when updating. For Tekmar and many of our clients, this usually happens in an automated fashion. Sometimes I like to run processes by hand just to see what unmanaged end user see.prompt-for-pups

 

My doing these updates was prompted by Oracle’s update: “they rolled out a new set of updates for its products as part of the company’s quarterly Critical Patch Update, and Java received no less than 20 security-related fixes, all allowing a potential attacker to exploit flaws without the need to authenticate.” http://news.softpedia.com/news/20-Java-Security-Issues-Fixed-by-Oracle-451042.shtml

beware-when-updating-free-stuff-not-really

“Java is a programming language and computing platform first released by Sun Microsystems in 1995. There are lots of applications and websites that will not work unless you have Java installed, and more are created every day. Java is fast, secure, and reliable. From laptops to datacenters, game consoles to scientific supercomputers, cell phones to the Internet, Java is everywhere! It is free to download.” https://www.java.com/en/download/faq/whatis_java.xml

Devices running this set of tools are putting you and your digital relations in jeopardy if one does not update regularly. In this process, a probable stray dog, a PUP ran across the screen in the installation prompts. It was cute and I could have missed it if I was not aware of the unscrupulous practice.

beware when updating what not to do

It was a shopping basket of unwanted and unnecessary software dumped on the user’s computer. Beware when updating these free things come at a price. Companies using their screen time to install PUPs – Potentially Unwanted Programs as part needed security updates is wrong. CERTs article about the issue from the point of free software downloads is a good quick read. I had run into this free download problem a few months before while helping my daughter with a Minecraft download.

Preparation is everything. I was ready when helping my 9 year old because Minecraft is a safe kid’s game, but independent developers develop it. They are young people too. Many of their sites are unprotected with SSL meaning they do not have encryption. Their servers seem compromised with malware and other bot spawning chaos. I don’t think they are profiting from the junk attached to their sites.

Oracle bought JAVA as part of a $7.4 billion deal in 2009 to acquire Sun Microsystems. Java the programming language creates a virtual computer that runs processes within a device as a separate machine. This machine with in a machine is great because it allows programs to interact that normally cannot. Security is important in our connected systems. Programs that interact outside the normal security measure need special attention.

Unfortunately, we do not always pay as much attention as needed. This is why embedding programs that people may install unsuspectingly is wrong. One would think that Oracle a leader in the technology sector would not be doing such things for profit sakes. Other big players do it too. At its root, it creates a lack of respect for the industry.

Safe computing is a growing concern. Rarely does a day pass when there is not another breach. It is national and global concern. Keeping ones systems updated and running smoothly is key. Running the latest bug free software is each Internet user’s job #1. We are all using the same giant network of networks. Whether you call it cloud or client server computing one is only as secure as your own end. Let us lobby the big software companies to get rid of PUPs.

This is a version of the article published on LinkedIn earlier this week.