When Serious Software Imitates Malware
Have you noticed that some widely-used productivity software from major software companies has started behaving like malware? Since I mostly blog here about marketing, I have to ask at the beginning: is imitating malware good marketing?
It can’t be good marketing, can it? If brand reputation matters at all? I can only conclude that some people think it’s good for business in other ways, and that they consider us users a captive audience, so they expect to get away with it.
Common behaviors of actual malware include:
- unwanted pop-ups,
- changing settings when you’re not looking, and
- tricking you into doing something you didn’t intend or don’t want to do.
These things are bad enough when actual malware does them. When the software you rely on to do your work does these things, they seem worse. Too often, lately, I wonder: are Microsoft, Adobe, Apple, and (did I mention?) Microsoft — among others — deliberately imitating malware? Do they not realize how many users think decision-makers at those companies have sold their souls?
Perhaps, if I may nod toward Frasier (Season 4, Episode 17), you’d want to protest, “It’s not like they worship the devil.”
To which I might reply (with another nod), “They don’t have to. He worships them!”
I’ll give you some current examples. Then, just to clear the palate, I have a few recent examples of stellar behavior of another sort, by companies who apparently respect their customers.
Adobe
For years, the Adobe Acrobat Reader installation featured a somewhat obscure but visible checkbox which was checked by default — so unless you remembered to notice, you’d get a McAfee antivirus product installed too. (True confession: years ago, I used and liked McAfee.) If Adobe had made that checkbox unchecked by default, so the user had to take a positive action to get the extra software, it would not have resembled malware.
Lately, the Acrobat Reader installer has taken a turn for the worse — descended to a lower circle of hell, if you will. If you don’t want the McAfee Trojan horse as part of your Acrobat Reader installation, now you have to click on a link to open a different page, then unselect two boxes.
In the image below, the first page of the install wizard, there is no hint that you’re about to install McAfee, when you click “Download Acrobat Reader.” The only way to know that (except sad experience) is to click the “More download options” link I’ve highlighted below.
Clicking there gets you this page, where checkboxes are still checked by default, as I’ve highlighted.
Again, if the boxes for McAfee weren’t checked by default, they’d just be offering you a bad idea, not behaving like malware. But malware is as malware does.
Apple
Apple took heat a few years ago for secretly slowing the performance of older iPhones. And they’ve been determined for years to get you onto their cloud, the iCloud, by hook or by crook. But I’m more or less accustomed to those abuses now.
(I use other clouds, and I try to stay five or six generations behind the latest iPhone.)
The abuse which most annoyed me recently began in late 2022, when random, abundant, and often ludicrously placed commas began to appear in dictated text messages on my iPhone. This “Auto-Punctuation” is an added feature which Apple simply turned on, either when it first added the feature or in a later update. (I don’t know which.) At no point did they ask me if it was okay for their AI to start punctuating my texts like an unsupervised toddler who just discovered Sharpies. They just turned it on, because they know what’s good for me better than I do.
This bothers me more than it does some people. I’ve worked as an editor, taught college writing courses for a while, and could lecture at length on the proper use of commas and the admissible variations in that usage in different contexts. After this little iBlessing (AI blessing?) arrived, I was spending more time deleting absurd commas than I was dictating the message and proofing the words themselves. So I went hunting for a way to turn it off.
There’s a switch to do that in the settings, as there should be. It’s not under “Siri.” It’s under “General,” which is okay — but then you have to drill down to “Keyboard,” though it has nothing directly to do with a keyboard. Go there and scroll down far enough, and you’ll find a section entitled “DICTATION,” with a “Auto-Punctuation” switch you can turn off.
A decent respect for the user might have moved Apple to implement and deploy that feature differently, so it didn’t feel like malware.
If This Post Were a Pop Song, This Would Be the Bridge
There’s a separate genre of user abuse commonly practiced by major software companies. I’m not focusing on it here, because it feels a little different from malware. But I will mention it. I notice it most from Microsoft and Intuit, because I own PCs and work in a mostly-PC environment.
I wish we had tracked over the past several years how many hours we’ve spent at the office cleaning up the messes when Windows and QuickBooks updates break mission-critical things like our accounting. Windows has scheduled updates, but they often push updates off schedule too, when you’re not looking, presumably to fix what they didn’t test sufficiently in the previous update. For its part, Intuit pushes one update after another, often with no warning and no report that they’ve done it. If the repair costs, in terms of work time to clean things up, don’t exceed the cost of our annual QuickBooks licenses by a factor of ten, I’d be stunned.
I’m not content just to complain. I’ve slated our accounting system for probable replacement within the next few years, as soon as we’ve updated some other core systems.
I wonder: Does Intuit know how many customers have added “new accounting system” to their to-do list after finally losing patience with such abuse? Does Microsoft have any idea how many C-level corporate officers and how many senior IT professionals are looking for and dreaming of a new platform (sorry, not you, Apple) which is robust enough, can run the needed applications, and doesn’t update itself promiscuously and break things on a regular basis?
That can be a difficult evolution, which is how they’ve more or less gotten away with it so far. But does anyone in Redmond realize how many of us are now making smaller non-Microsoft choices when we can, and dreaming of much bigger non-Microsoft choices to come? Some of us fantasize about a hefty class action lawsuit too.
Yeah, those are probably rhetorical questions. And it’s possible that Microsoft breaks QuickBooks more than Intuit breaks QuickBooks. But back to serious software imitating malware.
The Devil Worships Microsoft
Here’s a sampling of Microsoft’s ongoing offenses on my PCs:
Skype
The other day, Skype, which had apparently updated itself (or maybe it was Windows 10) on a machine where I rarely use it, started popping up an alert every minute or two, unrelated to anyone I ever call, and filled with the chatter of strangers. It was like a social media platform from hell. I found a way to turn it off, but what sort of demonic mind conjured the idea of turning it on without asking the user?
Forgive me if I seem to be answering that question when I ask, Did you know Microsoft bought Skype back in 2011 or so?
OneDrive
Almost every time a key file goes missing for someone around the office, it’s because Word has tricked the user into saving it on OneDrive. As more and more people know, OneDrive is a highly intrusive cloud product. We avoid it at my office and home, to Microsoft’s evident dismay, and despite the fact that saving a file from an Office app to anywhere but OneDrive now requires extra clicks.
Without these ongoing abuses, we might forget how painful it was to discover, a few years ago, that Microsoft had disabled the autosave functions in Word and Excel, for files stored locally, and the only way to get autosave now is to save your documents on OneDrive.
Now I get a switch in my toolbar:
If I try to turn on AutoSave, it tries to move me to OneDrive. Maybe my mindset is too literary, but the phrase “Faustian bargain” comes to mind when I see that switch. I’ve learned to control-S a lot more often.
Teams usually is an unwanted pop-up
Meanwhile, besides its much-discussed vulnerabilities when executable malware files are dropped into chats, have you noticed Microsoft Teams mimicking malware? I use Teams occasionally for meetings with people who prefer it, and it works well enough, but I don’t want it to start every time I restart my computer. I certainly don’t want it popping up spontaneously between restarts. I want it to start when I start it, full stop. So I tweak its settings, tell Windows not to start it automatically … and enjoy a brief respite until the next Microsoft update resets my settings and sucks me back into a slow-motion game of Microsoftware whack-a-mole.
This business of Microsoft changing your settings from what you want them to be, to what Microsoft wants them to be, might be a trick they learned from Apple. In any case, Microsoft seems to have perfected it over the years in the settings controlling software updates. When they’re not simply undoing my preferred settings, they’re moving or removing the possibility of changing back to the settings I prefer.
Malware is as malware does — but some parts of Microsoft know how to do better. I recently chose SQL Server and Visual Studio — both Microsoft products — for a new, mission-critical software project. I’ve had no such complaints with those products in about a quarter-century of using them.
It must be that Microsoft chooses to be evil, at least with Windows, Teams, Office, and OneDrive.
I Promised Some Corporate Good Examples
I collected these good examples lately because they show uncommonly sound customer-focused behavior. They happen to show it in ways unrelated to software companies imitating malware.
I’ve worked at a company or two which sold online subscriptions to useful and legitimate digital products. We earnestly hoped you’d forget your subscription was about to renew automatically, when the time came, and not notice that it had renewed. Understandably, we wanted you to keep paying us, not to cancel your subscription. It’s a common enough approach, but I didn’t like it.
Here are some better practices from my inbox.
- When one of the domains I register at GoDaddy.com is about to auto-renew, they send me an e-mail telling me which domain and for how much. Was that so hard?
- I have a subscription for a product from MTN OPS, but it doesn’t have to be a monthly subscription. It’s trivial for me to go online and adjust the subscription to every 45 days (for 30 days worth of product) or even skip the next shipment. They facilitate this by e-mailing me several days in advance to tell me my product will ship soon, and making it easy to adjust or delay shipment from that e-mail.
- I did some digital marketing for a thriving former startup called Madluvv, for years until they needed more than I could do as a side hustle. For old times’ sake, I’ve stayed on their mailing list for cosmetic products I myself will never use (simply because I’m an old-fashioned guy who doesn’t use makeup). On May 1, several days before Mother’s Day, I got an e-mail which began, “We understand that Mother’s Day can be a sensitive time for some individuals. If you would like to take a break from receiving our Mother’s Day-related emails, please opt-out below.” Then there was a big button: “Click here to opt out.” The e-mail continued with some marketing, addressing “those who are still looking for a gift” — but my point is, they cared about the customer first. I sent the CEO a few words of praise.
Respecting the customer is good marketing. If you can’t do that, there may be something amiss with your product or your business model.
It’s Not Just Adobe, Apple, and Microsoft
I’ve singled out certain products here by Adobe, Apple, and Microsoft, but there are other products and other companies out there behaving badly. I simply chose the examples which are most visible to me from day to day.
Some companies get it. Other companies, or at least key parts of other companies, don’t care. I’d like to believe, and I actually do believe, that those who care will ultimately have a competitive advantage over those who, for example, choose to blur the line between their software and malware.
I won’t hold my breath, but I like to believe that.
Photo credit: Guido Jansen on Unsplash
View Comments
Five Reasons to Manage Microsoft Ads Separately from Google Ads
Five reasons why most advertisers are smart to manage Microsoft Ads separately from...