Dear Adobe: This is NOT okay

According to, Adobe Flash is installed on over 96% of computers.

That’s why I was astonished at the most recent Flash update to 10.1. This morning I was prompted to update Flash because of a security issue via the latest update of Firefox. No problem, however, this was the first clue that Adobe was starting to abuse their place as a popular browser plugin:


See that? By default, “Include in your download” – McAfee Security Scan Plus. I’ve used McAfee. I’m not fond of their software. I don’t want it. I just want Flash. No problem… I unchecked “Include in your download” and downloaded Flash player.

So then I downloaded the Adobe Download Manager (let’s not get into the pet peeve of downloading a downloader), and to my surprise:


Flash Player at least asked me to accept the license terms. Not only did McAfee Security Scan Plus download and install automatically when I specifically unchecked that option – it installs quickly and automatically with no confirmation. Almost like they knew I would say no if given the chance.


So Adobe, here’s my list of grievances:

  1. Attempting to include third-party software by default, especially when it isn’t related to what I actually want (and you know that), is unethical.
  2. Browser plugin runtimes are to be treated as sacred. We as developers use them to bring great experiences to the web, and in turn, get users to install your product. It is imperative that our users trust your runtime. You have disrespected us, disrespected the users we serve, and destroyed that trust by making such a move.
  3. Waiting until version 10 and 96% browser plugin market penetration to do this is unacceptable. Being the #1 rich content plugin comes with an industry-wide responsibility.
  4. Including the download anyway, when I specifically unchecked the option, turns a previously respected Flash runtime into malware.

Please reconsider this delivery model. This is not about Flash in particular, but it is about users being able to trust the applications we deliver to them. The more we leave users with a bad taste in their mouths after updates, the less they’ll update… and that ultimately hurts us all.

3 thoughts on “Dear Adobe: This is NOT okay

  1. Rex

    I agree with you 100%. Unfortunately I suspect this is not just a case of sleazy greed, but a calculated tactical move to try and *partially* backfill/compensate for Flash’s near-comical reputation for security vulnerability. Average Joe has read or heard at least once from a major news outlet that having Flash on your computer is so dangerous he might as well install the viruses himself and mail his credit cards to a Russian hacker. So when Average Joe sees that Flash comes with a free version of a recognizable security name, he appreciates that they take his security so seriously and downloads it.

    1. Brandon Post author

      I did consider that, but the one thing that doesn’t fit is that the option is set by default, and no confirmation is involved. If it were an optional add-on, then Average Joe could appreciate it and install it… and it definitely wouldn’t be a bad thing as far as the industry goes being able to get a free security solution from a reputable source. But right now, I’m not sure that Average Joe (OK, maybe Below-Average Joe) even knows what the heck just happened before the thing is already running on his PC, which leads to a level of user trust almost as comical as their security reputation in the first place. 😦 If they remove the by-default behavior, this whole issue goes away.

  2. Pingback: mcafee+adobe 1 , me 0 « some kind of high tech poop

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s