I’ve shyed away from writing about the controversy over OS X’s 10.4.7’s "dashboardadvisoryd", which, it seems, checks your installed Dashboard Widgets every few hours against the ones available at Apple.com, to see if they are legitimate. The reason I’ve held back from writing is simply that it wasn’t initially clear what was going on, and what Apple’s response to the controversy would be.
However, now things seem pretty clear. And, while I don’t think that Apple is doing anything that seriously invades anyone’s privacy, the decision to add this feature has been handled badly by the company in a way that reveals something about its priorities.
Many users have a dislike of features that contact companies without permission, which is what dashboardadvisoryd does. It’s not like Software Update, which is optional: you don’t get a choice about it, and there’s no Apple-sanctioned method of turning it off. As JC over at MacGeekery points out, you’re actually giving away less information than you do visiting Apple’s home page with Safari, but this misses the point: the lack of documentation over what dashboardadvisoryd is doing.
Documenting features that involve network traffic isn’t just a courtesy to the technically curious: it’s an essential if your machines are being used in an environment where security and performance are key. Network traffic that’s unknown – where the purpose of it and the contents of it are not documented – tends to ring alarm bells for anyone who takes security very seriously. It’s not the kind of thing that network managers like to see.
Apple could have avoided this issue had it taken its release notes seriously and linked to documentation for dashboardadvisoryd that showed what it was, what it contained, and how to turn it off if you want. Unfortunately, it allowed an incomplete set of release notes to appear that didn’t actually fully explain the new feature. Hopefully, it will learn a lesson from this and start to document its products in a way that’s more helpful.