If your Internet browser uses the Java plugin by Oracle (which it probably does), then you know that you must download the free updates. Some of the updates are required so you can view websites that use the Java plugin to present the latest interactive features. Some games and websites won't work without the Java plugin. Some updates are necessary to fix vulnerabilities which hackers could use to steal your identity information or money; or use your computer to generate spam email.
A ZDNet article by Ed Bott describes a joint investigation by the author Professor Ben Edelman of the Harvard Business School. as "foistware' - deceptively installing software on your computer you may not want nor need. Hence, the software is foisted upon you. Their research concluded:
"1. When you use Java’s automatic updater to install crucial security updates for Windows, third-party software is always included. The two additional packages delivered to users are the Ask Toolbar and McAfee Security Scanner.
2. With every Java update, you must specifically opt out of the additional software installations. If you are busy or distracted or naive enough to trust Java’s “recommendation,” you end up with unwanted software on your PC.
3. IAC, which partners with Oracle to deliver the Ask toolbar, uses deceptive techniques to install its software. These techniques include social engineering that appears to be aimed at both novices and experienced computer users, behavior that may well be illegal in some jurisdictions.
4. The Ask.com search page delivers inferior search results and uses misleading and possibly illegal techniques to deceive visitors into clicking paid ads instead of organic search results.
The article explores in detail the Java update process and where users must opt out of installing the Ask Toolbar feature. Having used the Java plugin for many years, I can verify that the article accurately describes the situation. It is frustrating to have to un-check during every update the Ask Toolbar option,so it isn't installed on my computer.
It is frustrating to have to select during every update the option to notify me when a Java update is available, because the Java update automatically defaults every time to the "update automatically" option. (See #1 above.) A better user experience would be for the Java update installer to default to what I selected during for the last update. I guess this is Oracle being Oracle... intentionally user unfriendly.
Why Oracle built and manages its Java plugin updates in this manner:
"The reason, of course, is money: Oracle collects a commission every time that toolbar gets installed. And the Ask installer goes out of its way to hide its workings."
I don't use the Ask Toolbar, so I don't have experience with that or its installation process. After reading Bott's article I won't use it since the article describes in detail the severe shortcomings of both the Ask Toolbar installation process and the software itself. Bott concluded:
"This is sleazy stuff. If you have installed this software, it affects searches you run from the address bar in any browser, including Chrome. Installing the Java update on my main PC hijacked the default search provider in Chrome 24 (the current version) and redirected searches from the Google omnibox (the address bar) to Ask.com. At no point was I asked for permission to make these changes to the settings in Chrome."
I agree with Bott. This type corporate behavior -- foistware -- has to stop, and for all the reasons Bott and Edelman list. If you use the Java plugin and/or the Ask Toolbar, please share your experiences below.