Jeff, I promise this one will be short! And any MacOS fans reading, I am not dissing your OS! I am simply pointing out that this problem has no easy solution :-)
A couple of days ago I wrote about the problems we face with usability versus security when installing software. Lucky for me, the experts over at Slashdot have come up with the answer -- just do what MacOS X does!
I will preface what I am about to say with the following: I do not own a Macintosh and I have never installed nor used iTunes. I would be very happy to hear from people who have installed and used iTunes on the Macintosh, because maybe they can explain what the experience is like.
Anyway, from what I can tell:
· iTunes connects to the internet
· iTunes reads and writes files to your disk
· iTunes can be installed by typical end-users
· iTunes is very popular (and therefore likely to be executed by eager users)
How then is the design of MacOS any more secure than Windows XP?
· NakedCelebrity.exe connects to the internet
· NakedCelebrity.exe reads and writes files to your disk
· NakedCelebrity.exe can be installed by typical end-users
· NakedCelebrity.exe is very popular (and therefore likely to be executed by eager users)
Now MacOS X may be a great operating system, but I don't see how they magically solve this problem. They still have to deal with the same two problems:
· End users want to install software
· You don't need to run as root / Administrator to do massive amounts of damage
Whatever steps OS X makes you go through to install iTunes (type in your password, reboot in single-user mode, stand on your head and spin three times, etc.) the user would just as happily go through to install NakedCelebrity.exe (or a Trojan pretending to be iTunes).
Oh, and in order to download iTunes from Apple, you have to have script enabled in your browser... which means I won't be downloading it any time soon.