Silverlight Sneakiness

Today Scott Barnes of Microsoft posted an article to his blog about the new automatic updating feature in Silverlight. He says:

We are sneaky and I love it, but in a good way. You see with Silverlight RC1, one of things you may not of noticed is the “Silverlight Configuration”.

screenshot of silverlight dialog with automatic updates recommended

Choice is a great thing is it not šŸ™‚

Now obviously Scott is being snide here, but I have to ask: why is this something to be proud of? Automatically updating software without notification is a bad idea, albeit not a new one: Windows Update in Vista does the same thing. IT organizations hate this kind of thing: there is nothing worse than having your help desk inundated with calls because your internal app stopped working when someone releases a new security patch. I hope the Silverlight team at least has some way for IT deparments to turn this behavior off (on Windows and Mac).

But making Automatic Updates a silent default as Silverlight now appears to do is an even worse idea – I’m surprised it got past the lawyers, honestly. Vista asks users on first-use whether or not they want this behavior, so at least there is some notion of an opt in. Of course, its also very unfortunate that neither the Silverlight dialog nor the Vista dialog shown below actually warn you of the possible consequences of enabling Automatic Updates. Instead, they use boldfaced text and the “(Recommended)” tag to make it seem like you’d be foolish to choose anything else. But that seems par for the course when you have a corporate culture that is proud of being “sneaky”.

Vista Update SettingsĀ Dialog

Finally, of course, I can’t resist engaging in a little taunting: is Microsoft so insecure about Silverlight upgrade adoption that they feel they have to sneak in updates through the back door like this? Flash Player has the absolute best upgrade adoption curve in the history of the computer industry, and we don’t have to resort to such sliminess to achieve it.

~ by Andrew Shebanow on 01Aug07.

Posted in Rich Internet Applications
Tags:

12 Responses to “Silverlight Sneakiness”

  1. Let me guess, you were one of those people that was first in line to lament how insecure Microsoft software is last time they got bit by a worm that spread using a vulnerability for which a patch had been available for weeks.

    It’s extremely easy for anyone technically knowledgeable to go in and turn Silverlight’s automatic updates off. The default is also the most secure option for people who *aren’t* technically knowledgeable to know when they need to upgrade themselves.

    If you’re in a situation where your helpdesk has to support Silverlight-based applications and you’re worried about an automatic update breaking your code, I’d hope you have an IT department competent enough to disable the automatic updates by policy and deploy them manually. And if your network administrators aren’t, is that really Microsoft’s fault?

    Timothy Fries said this on 01Aug07 at 15:09

  2. Timothy, did you actually read what I posted?

    First, I have no problem with the automatic download of updates, or with notification to the user that the updates are available and asking the user whether or not they want to install. My objections are to silently choosing notification-less updates, and with not explaining the ramifications of notification-less updates.

    Second, as for your claim that it is “extremely easy for anyone technically knowledgeable…”, well, you’re just proving my point. Microsoft isn’t asking users what they want, so only the technically knowledgable will be able to make these updates safer.

    Third, on the issue about IT updates, the question is whether Microsoft provides a way, on both Windows and Mac, for the Silverlight update policy to be controlled by IT. I’m well aware of the Windows capabilities in this regard, and want to make sure that Silverlight supports the same mechanisms.

    ashebanow said this on 01Aug07 at 15:18

  3. Well It could of been worse, we could of put Google ToolBar as default when you download Silverlight Runtime.. hehe.. (ie context, Flash Player kind of tricks folks into downloading Google Toolbar unless they uncheck the box… “Oh but we gave you choice though..”)

    Glass houses dude, glass houses..


    Scott Barnes
    Developer Evangelist
    Microsoft.

    Scott Barnes said this on 01Aug07 at 16:45

  4. Instead of trying to spin the conversation like a politician, why don’t you address the salient points?

    ashebanow said this on 01Aug07 at 16:49

  5. […] though, Silverlight is here to stay, Flash is here to stay and I for one would love guys like Andrew (Adobe) to shift focus away from remarks like the below and focus more on the future of Flash instead […]

    MS MossyBlog : Silverlight vs Flash ( Will this dribble ever end?) said this on 01Aug07 at 18:15

  6. When you make one, i’ll address it šŸ™‚


    Scott / Microsoft.

    Scott Barnes said this on 01Aug07 at 18:31

  7. […] though, Silverlight is here to stay, Flash is here to stay and I for one would love guys like Andrew (Adobe) to shift focus away from remarks like the below and focus more on the future of Flash instead […]

    Silverlight vs Flash ( Will this dribble ever end?) - Noticias externas said this on 01Aug07 at 19:18

  8. […] course, every time Microsoft tries to do something on users’ computers automatically, not everyone is happy. For that matter, when you have a bunch of technically competent people being caught off guard of […]

    TechZealotry » Silverlight Update Mechanism Testing said this on 01Aug07 at 19:40

  9. Nothing wrong without automatically updating plugins, once installed earlier. Of course, when it gets pushed via Windows Update is not very nice. But I don’t mind at all to get automatic updates if I have earlier installed Silverlight. The same does Flash Player anyways.

    Weyert de Boer said this on 01Aug07 at 20:01

  10. ‘Flash Player has the absolute best upgrade adoption curve in the history of the computer industry’.

    I’d love to hear the statistics, could you elaborate and quantify please? Also I’d like to see comparisons against PDF Reader version upgrades by version as well. Because that thing sh!ts me to tears…

    Steven Nagy said this on 01Aug07 at 20:41

  11. Steven,

    Flash stats are here:

    http://www.adobe.com/products/player_census/flashplayer/version_penetration.html

    The numbers are mind-blowing.

    I don’t know that Adobe publishes any data on Reader upgrade rates. It certainly isn’t as high as Flash, in no small part because the upgrade software isn’t nearly as sophisticated.

    ashebanow said this on 02Aug07 at 09:43

  12. This Scott Barnes dude is real smart. He has landed this job at Microsoft where he presumably gets paid bug bucks just to talk bull and bait flash/adobe.

    Now if only he could construct grammatically correct sentences in his posts, he could be more readable.

    I guess Microsoft is desperate to burn all the money in their bank. Well SB is laughing his way to the bank šŸ™‚

    anon said this on 02Aug07 at 19:17

Comments are closed.

 
%d bloggers like this: