Slashdot Mirror
MS Issued a Fix For Its Unwanted FireFox Extension
As we discussed last February, and again a few days ago after the Washington Post noticed, Microsoft installed without permission a hard-to-remove Firefox extension along with a service pack for .NET Framework 3.5. Reader Pigskin-Referee lets us know that, as it turns out, Microsoft issued a fix a month ago; details here.
it should NOT allow unsigned / unblessed extensions to be installed in the first place. signed extensions like the windows driver signing is the appropriate fix here.
But for a company that is a constant target of anti-trust suits, who is notorious for this kind of thing, you think by now that they would be more careful. Its hard to believe that someone internal at Micrsoft didn't realize what was this was doing and just say 'fuck it' - even if it was a low level developer, somebody had to know - at the very least the guy(s) who wrote the code.
Had to know what? That there's an magical unspoken rule not to install extensions that way?
Look, Firefox offers the ability to install add-ons for all users. That's a feature provided by the design of Firefox. The only "horrible" thing Microsoft did was make use of that particular Firefox feature. Now it turns out that a lot of Firefox users don't like that feature, and don't agree with how it works. Microsoft says "oops" and changes the way they install the add-on so it doesn't use that feature.
Where is there any maliciousness here? At all? No.
Comment of the year
I know that its bad that Microsoft silently installs things that are difficult to remove
I'm upset about the silent install but could someone please clarify the "difficult to remove" bit? I "removed" it by going into "add-ons" and clicking "disable". Problem solved as far as I'm concerned.....
Simple: disable != remove
If someone is passing you on the right, you are an asshole for driving in the wrong lane.
It still left .NET to your user agent string. To get rid of false user agent string, you have to enable the extension, install MS removal tool and uninstall the extension with it. Just disabling it or using removal tool to disabled extension will not stop your browser advertising .NET extension.
Scott Hanselman put up a nice post today outlining the whole story. He points out why it turned out this way, how to uninstall it and even put up the source code so you can see their evil ways for those who were too lazy to unzip the xpi.
http://www.hanselman.com/blog/HowToRemoveTheNETClickOnceFirefoxExtension.aspx
Since you dragged the other discussion into this, allow me to point out a comment in that very discussion which points out why it's nowhere near the same thing. (Like the fact that Sun announced months in advance that they were going to do it, and the fact that you can, in fact remove it.)
That comment is +5 insightful. You don't even have to drill down to find it. Just scroll a bit. Given that (some of) the comments are regularly more fair and balanced than the article summaries, you ought to at least skim the discussion before you decide whether this guy is bringing something useful to the discussion or just throwing more FUD onto the pile.
The tags on MSDN are user-contributed.
kdwason is awful
It's Firefox, not FireFox.
Even when disabled it still adds itself to your browser's user-agent string.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
WGA checks that your version of Windows is legitimate, this is a different issue.
If you are not willing to activate your version of Windows to confirm that it is genuine then yes, it will keep asking.
This is more of an issue with Windows in general than it is anything to do with Windows updates and I agree, I'm not a fan of it. Legitimate users should not have to deal with software phoning home to Microsoft.