PUPs are not our furry cuddly little animals in the IT world. PUP stands for ‘Potentially Unwanted Programs’
PUPs represent a way for software vendors to make money when you download and install their programs. In fact, for free software, it can be a significant source of revenue. It is part of what allows free software to be free, so let’s not be too hard on these vendors, but it is something to be aware of. Vendors often get paid for each download, or each install, of whatever extra software they might get you to install along with theirs.
PUPs work because they’re sneaky. The vendors won’t admit to this. They will say the options are there for you to make whatever choices you want. In a sense, they are right, but there are several issues that make them appear less than completely above-board.
The software being offered is typically unrelated to the software you are downloading and installing.
The option to install the unrelated software is explicitly hidden in some way. Perhaps it is an option that requires scrolling down (most people don’t), or it is hidden in a set of “Advanced” or “Custom” options that most people never see.
The option to install the unrelated software is passively hidden by making the other options that people are looking for, like an “Install” button, bigger and more eye-catching. In their quest to just get things done, people gloss over what’s on the screen and just click the big button to move on.
The option to install the unrelated software defaults to “yes”. Unless the user reads carefully and unchecks a box the software is installed.
As a result, it is very easy to install software you do not need and do not want.
There is nothing “potentially” unwanted about it.
The latest in PUP sneakiness; before I even downloaded
I was downloading an update to Adobe Flash from the Adobe website, I was presented with this screen:
Pretty standard, but in my rush to install the update, I just clicked the “Install now” button. I was surprised when two additional installations were queued in addition to the Flash update.
So, I looked closer. I was PUPped!
This download is a mainstream component, Adobe Flash. I was downloading it directly from the vendor’s site, not via some third party download site. And last but not least this was an update, not a new install.
In the past, those factors could be relied on to be a sign of safety. A sign that perhaps we didn’t need to be quite as vigilant.
Clearly that is not the case. Vigilance is always required.
- Only download directly from the original vendor.
- Check for options before the download.
- Check for options during the install.
- Never choose Default; always choose Custom or Advanced or whatever else it might be called.
To be clear, this is certainly not limited to Adobe or Adobe Flash. I simply used this as an example of something I personally experienced. Many software downloads suffer from this type of tack-on revenue opportunity.
Vendors do this because it works. Vigilance, and making explicit choices of our own, is how we avoid installing programs we never really wanted in the first place.
ITConnexx, your information center for solving problems, and making people happy. Contact us at firstname.lastname@example.org or 800-797-0345 should you require the services of a trusted partner in IT.