Feeds

back to article Parallels pledges roll-back fix after silent 'trojan' freebie install triggers punter outrage

Parallels has promised to change the registration process of its virtualisation software for Macs after users complained that the technology introduced a "trojan-like" update functionality, intended to push a six month freebie trial of its new Access product. The release of Parallels Desktop 9 for Mac, the latest version of the …

COMMENTS

This topic is closed for new posts.
Bronze badge
Childcatcher

What Could Possibly Go Wrong?'

"I know, lets include a new feature in the next version that automatically and silently opens their machine up for remote connections..."

If you can't be a good example, then you'll just have to serve as a horrible warning. It's as if the people putting together spec on the project slept that class on what never to do.

2
0
Gold badge

Re: What Could Possibly Go Wrong?'

If you can't be a good example, then you'll just have to serve as a horrible warning. It's as if the people putting together spec on the project slept that class on what never to do.

Hmm, Computer Misuse Act? Malicious install of software without due authorisation?

0
0
Silver badge
Black Helicopters

I know this is like kicking a dead horse, but...

... when you read something like this, doesn't the NSA immediately come to your mind? I mean VMs, your machine silently opened for remote connections, stored passwords...

1
0
Silver badge

Re: I know this is like kicking a dead horse, but...

It would only be really ironic if the director of the NSA used a Mac, and installed parralels....

0
0

Takes me back to the late Nightees when lots of software used to do underhand things like this.

1
0
Anonymous Coward

I remember it like it was yesterday...

Oh right, because it *was* yesterday that Norton AV tried to stuff some additional crapware into its latest update.

And the day before that it was Adobe wanting to add a change of default browser to a Flash update.

And the day before that, Oracle wanted to include a browser tool bar, a change of home page, and a switch of default search engine into a Java point update.

And then, to rub salt in the wound, people complain that too many users don't patch their machines against security vulnerabilities... well, yeah, maybe if the security updates were more trustworthy...

WTH is wrong with the marketing people at these companies?

10
0
Anonymous Coward

What underhand things you do with your nighties is your affair chum

1
0
Silver badge

Re: I remember it like it was yesterday...

There's nothing wrong with the marketing people. The problem is that the engineers have to obey them.

0
0
Gold badge

Haven't had that problem.

"Oh right, because it *was* yesterday that Norton AV tried to stuff some additional crapware into its latest update.

And the day before that.."

...

"And the day before that..."

...

"And then, to rub salt in the wound, people complain that too many users don't patch their machines against security vulnerabilities... well, yeah, maybe if the security updates were more trustworthy..."

I haven't had to deal with this in about 15 years, this is by and large a Windows thing. You know what is updated when I update my Linux systems? Exactly what the updates say they are updating. On my Ubuntu system today, I updated flash, it updated flash. I updated Java a while ago, it updates Java. If I do only security updates, those are ONLY security updates, not adding or removing functionality or changing anything around (other than patching the security flaw(s)). I find my updates quite trustworthy.

3
0
Silver badge

Re: this is by and large a Windows thing

You're absolutely right, it is a Windows thing.

Meaning it only concerns about 90% of the desktop world.

Nothing to worry about then, I guess.

2
0

Re: Haven't had that problem.

"I haven't had to deal with this in about 15 years, this is by and large a Windows thing. "

Upvoted

However I do have two words for you- "Ubuntu lens"

The camel is at the tent flap..

And as a Parallels user, I now think it's time for me to install Little Snitch.

0
0
Bronze badge
FAIL

Unacceptable behavior for a software company

Hidden installs of software to personal private computers is just plain rude.

0
0
Unhappy

My guess is that that marketing people can start regarding other people as prey, and act accordingly. I wouldn't be surprised if some nerd in the office spoke up when told to implement this idea, and was advised to just do as he was told.

This abuse is not as bad as what Cisco Linksys did a couple of year ago, when they took customers' home routers hostage by abusing an auto-update facility, and then demanded network monitoring rights in exchange for returning some indirect control of the customer's property. That scandal will take some beating.

0
0
Anonymous Coward

Don't attribute malice to that which can be explained by stupidity

This will be another marketing director with too much power and not enough brain cells.

I'll bet there were a number of people who knew exactly how badly this would be received but for some reason they either didn't speak or weren't listened to.

Speaks volumes about their culture really.

1
0
Silver badge

I'm not entirely sure...

... that this wouldn't count as an offense under the UK Computer Misuse Act. I seem to recall that it is also an offense to perform an act on a computer that would impair its safety even if it is not deliberate, but merely reckless as to whether such an impairment is caused.

3
0
FAIL

Re: I'm not entirely sure...

I believe it would be as well - except that being a US company they would be outside the reach of UK police and so it's not worth reporting. However, it seems my purchase is with Parallels GMBH - ie a German company - which does change things a bit.

On the other hand, it's all completely OK. I logged a security issue and got this response. So that's OK then !

>> From the e-mail I understand that when you installed the Parallels Desktop along with

>> it the Parallels Access was installed and connected to the server automatic without

>> any permission and because of this you think this software as a Trojan.But for

>> your information Parallels Access is free software provided with Parallels Desktop 9

>> with 6 months of free subscription for remotely accessing your computer from you

>> iPad and the credentials that has been used is fully confidential and will not be shared

>> with anyone.

My response to that was "somewhat brusque".

I'm now off to raise another ticket, querying why my Parallels forum posts still haven't been posted after 2 days. I won't put that down to malice or censorship - just perhaps not actually having a moderator who's awake.

0
0
Bronze badge

What I really don't understand...

Is why do Mac users still pay for Parallels Desktop when VirtualBox is free? Sure, it's from that evil company after they devoured Sun, and it may lack one or two features, but eh, you can run Linux on it.

0
0
Bronze badge

Re: What I really don't understand...

I believe Virtualbox only allows you to emulate 128MB video card memory, good enough most app emulations but not so good for games or graphics based apps. I love VirtualBox, I once built a 3 node Oracle RAC clustered database using a 16GB OSX host machine and Virtualbox with Oracle's RHEL spin-off.

0
0
Bronze badge

Re: What I really don't understand...

"VirtualBox is free"

We've all worked in places where this very fact counts against a product.

0
0

Re: What I really don't understand...

> Is why do Mac users still pay for Parallels Desktop when VirtualBox is free?

Why buy cheese when chalk is free (dig it out of the ground) ?

Yes, at the basic level they do the same job, but they do it differently. Parallels has some features that, at a quick glance, VirtualBox does not.

For example ... To a certain extent (it's not perfect), Parallels can make your Windows programs appear very much like part of the Mac - ie instead of having a window with the virtual PC running in it, each Windows program has it's own windows intermingled with the Mac ones as if they were Mac programs.

I also note that VirtualBox has "experimental support for MacOS guests. Parallels 8 had full and supported support for MacOS guests* which was very useful for me when I upgraded my OS and had to keep a copy of my old system running for the handful of (old) applications that don't run on Mac OS 10.7 or later.

* Some caveats apply :(

Plus, when you've been using it for as long as some of us have (looooooong before VirtualBox and other upstarts were around) then there's a certain amount of inertia - it's a lot easier to upgrade than to start again with a different package. It's not that expensive either for what it is - the upgrade (they come every couple of years in general) has just cost me less that £40. So something like £20/yr or less - which isn't a lot of money (I can spend more than that on a single round of drinks). If it cost significantly more then I'd have seriously considered switching by now - but as it is, it's not worth the cash saving and I've more pressing demands on my time.

Sometimes "free" isn't the be all and end all. Parallels is "just a tool" for me - one of a long list which includes both free and paid for options. And it's one I've been using for around a decade - before that I used Connectix Virtual PC, until Microsoft bought it and stopped development of the Mac version.

0
0

Re: What I really don't understand...

I have Virtual Box also.

I can't get really old software like BeOS (and Haiku) to run under Parallels.

With Windows under Parallels I do turn the Mac integration off as it potentially exposes my computer to attack, but on the positive side one does get Macs advanced trackpad integration of you install the drivers and that's worth the cost of Parallels right there.

You get the same device support under supported Linux operating systems too..

Cannot abide the low level of trackpad gestures on non Mac systems since I got my Mac.

Seems a bit trite but Apple trackpad features are quite liberating.

1
0
This topic is closed for new posts.