Mikemk wrote:I think web downloads have become so common as a method of privacy prevention. It used to be common (and there's probably still youtube tutorials) to download a trial installer, unpack it, and figure out how to install manually in such a way that it never asks you to upgrade or checks time limits. An integrated download+install makes that harder to do.
For totally free software (Flash, Java, most-if-not-all Browsers, free versions of AV and anti-Malware tools, etc), it's not as if there's any "30 day trial" aspect to them, for which they need to do something tricky to prevent "This was installed already, on <Date>" records to be hidden somewhere in the Registry, or else send a some unique but consistent machine ID back-to-base to match against previously
sent "I am installing on ID#<foo>" records as a way to pick up 'cheaters' that can't so easily be circumvented/negated for a 'perpetual trial period' or something.
Obviously vendors would like
to know about each and every installation (even if only for some kind of electronic 'demographic' collation of end-user samples), so that they can work out how best to monetise their 'free' products, and/or better convert them into the paid-for versions by properly targeted advertising/pesterware. But they should not take this for granted (or make it more than a token amount of difficulty to get around), lest they alienate the honest-but-somewhat-averse-to-comply users.
For example, right now I've got one machine (this one) connected up to the Internet and two more machines currently running (and doing their own thing, one is basically a media player and another is a development machine which is currently on at least test 468,092,106 of... an unknown number... through a scripted test cycle for some basic simulation I'm looking for an optimal solution for) which I don't
I have no interest in putting them online right now (one does not even have AV because it makes no sense, the other one is somewhat out of date, and will remain so until I make that my first priority the next time I connect it) and they have purposes that don't require them to be. It'd be nice
to have the PDF Reader on the development machine (because of some reference documents) but its not vital as it's actually better to open the same/similar documents on this machine's screen (for glancing reference, if not the ease of cut'n'pasting examples), so I don't bother to look for the stand-alone installer for said program from Adobe, on this machine, put it on a USB drive and plug that into the other...
I am not
inclined to string a spare ethernet cable in that machine's direction, plug it in (update its AV, as the very first action) fire up its browser to download the mini-bootstrap installer that then discovers (as I could have told it) that it needs to download whatever version of software is suitable for a 32-bit XP SP3 installation (probably it only cares about it not being 64-bit, and that it's generally Windows rather than any other of the possible OSes).
As it happens, I probably have
an Adobe Reader stand-alone installation executable (maybe not the most recent version, by several version-points, but good enough for what I need) on one of my USB sticks anyway
, because I've accumulated a number of such executables (and 32/64-bit versions of each, etc, where available) that I trust so that I can upgrade/repair both freshly installed and freshly repaired machines with trustworthy versions of such software even prior to being confident that they are problem-free enough to connect up to the Wild Wild Web initially/again.
And the companies who don't let me easily 'stock' their installers in an offline manner are thus effectively losing my business (and/or that of my 'customers'/'clients', as they might be termed if it were actually paid-for help that I give). I'm less likely to install (say) an AV program that demands
internet access to get its first (free, minimal) copy on the machine... although I have to admit that none of my favoured vendors in this field are quite
so bad as other vendors supplying other products.
So, anyway, although they may be getting more bang for their buck out of the rest of the (less paranoid) user-community who just go and unthinkingly drag down their mini-installer that provides the vendor with opportunities to better monetise the 'free' installation in some way, if they inconveniently hold back the availability of stand-alone installers then they've lost the opportunity for my 'sneaky' offline installation to eventually morph itself into a "Yes, please, I'd now like the deluxe paid-for subscription version" opportunity, by the end-user... or whatever it is that they're expecting by providing it 'free' in the first place, even if it's just brand-loyalty.
(Plus, particularly with security tools, it's nice to know that, with the software I'm installing in order to identify potential malware on a suspected infected system, I'm not subject to any sneaky falsification of the computer's own DNS/host records into sending us off through some .ru domain 'gateway' that provides me with a 'fixed' version of all the usual security tools by download. If it's on my stick, it's very likely a true version and the chances of the malware that is already there having the wherewithal to infect each and every tool and universally patch-them-to-'work'-on-the-fly anyway
is slimmer than that of a secret proxy/MITM server provides more and more carefully-tailored versions of 'false negative' versions, at the whim and as per the ability of the malicious maintainer. Not that I suggest that this is the main
reason, but it's another factor.)