Slashdot Mirror

← Back to Stories (view on slashdot.org)

MS Issued a Fix For Its Unwanted FireFox Extension

Posted by kdawson on from the unevenly-distributed dept.

As we discussed last February, and again a few days ago after the Washington Post noticed, Microsoft installed without permission a hard-to-remove Firefox extension along with a service pack for .NET Framework 3.5. Reader Pigskin-Referee lets us know that, as it turns out, Microsoft issued a fix a month ago; details here.

37 of 266 comments (clear)

  1. So the WaPo reports a story a month obsolete? by Blakey+Rat · · Score: 5, Insightful

    And of course, since it's negative towards Microsoft, Slashdot dupes it a few dozen times. That's some quality journalism all-around. Oh, and it was an honest mistake in the first place, not some horrible malicious act.

    Of course, if you read the Slashdot comments, you knew that Microsoft had already fixed it, since the comments are always about 10 times more on-the-ball than the actual posts. Sadly, I think the majority of visitors to this site never dive into the comments section and are probably fed a large spoon of bullshit every morning with their news.

    --
    Comment of the year
    1. Re:So the WaPo reports a story a month obsolete? by Foofoobar · · Score: 5, Insightful

      When a company like Microsoft 9 out of 10 times makes hostile gestures towards the open source community, are we supposed to run towards them with flowers and candy every time they screw up now and say 'we forgive you darling. lets go have buttsex on the veranda!'?

      I dunno about you but I get screwed in the ass enough and I'm duct taping my shorts and sitting on the porch with a shotgun.

      --
      This is my sig. There are many like it but this one is mine.
    2. Re:So the WaPo reports a story a month obsolete? by nizo · · Score: 4, Funny

      Where is my "+1 Insightful but gross" mod option?

      --
      I Am My Own Worst Enemy
    3. Re:So the WaPo reports a story a month obsolete? by gmack · · Score: 5, Insightful

      It is not actually fixed. Even had it been removable in the first place it still would have been bad because they should not have installed it without permission.

    4. Re:So the WaPo reports a story a month obsolete? by mdm-adph · · Score: 4, Insightful

      Say what you will about people bashing on Microsoft, but this was not an "honest mistake." It was by design, and all Firefox extensions installed this way behave the same way.

      --
      It is by my will alone my thoughts acquire motion; it is by the juice of the coffee bean that the thoughts acquire speed
    5. Re:So the WaPo reports a story a month obsolete? by ibookdb · · Score: 5, Insightful

      Has firefox fixed the bug where nobody can install extensions that are enabled by default without user intervention?

      --
      The Internet Book Database
    6. Re:So the WaPo reports a story a month obsolete? by Beelzebud · · Score: 4, Interesting

      Is it too much to ask that if you have issues with MS that you bring up the legitimate issues and leave the BS alone?

    7. Re:So the WaPo reports a story a month obsolete? by The+Moof · · Score: 3, Insightful

      Yea, but we've seen this MS story about this a few times. Where's the huge repeated outrage about the Sun extension that essentially pulled the same BS? There's even a portion of comments in that article defending Sun's decision to do it. Repeatedly visiting this one comes off as the usual MS bashing, like the GP pointed out.

    8. Re:So the WaPo reports a story a month obsolete? by mR.bRiGhTsId3 · · Score: 3, Insightful

      I know that its bad that Microsoft silently installs things that are difficult to remove, but I can't help but wonder, if the .NET plugin was actually hard to install, would we be seeing complaints about how Microsoft is leaving Firefox users out in the cold by not supporting the full .NET experience in Firefox.

    9. Re:So the WaPo reports a story a month obsolete? by docbrody · · Score: 5, Insightful

      Oh, and it was an honest mistake in the first place, not some horrible malicious act.

      Not really buying it. It may not have been some horrible malicious act... but it sure was not some 'innocent mistake.'

      Sure, innocent mistakes happen at big companies (like the whole thing with Amazon de-ranking Gay and Lesbian books). But for a company that is a constant target of anti-trust suits, who is notorious for this kind of thing, you think by now that they would be more careful. Its hard to believe that someone internal at Micrsoft didn't realize what was this was doing and just say 'fuck it' - even if it was a low level developer, somebody had to know - at the very least the guy(s) who wrote the code. I mean come on, this took some work to do. Its not like the amazon issue where practically one click of a check box reclassified a whole genre of books... some one had to put finger to keyboard and code this out.

      So I think its really really hard to call this an innocent mistake. Maybe not a 'horrible malicious act' but once again they are injecting their shit into other peoples shit.

    10. Re:So the WaPo reports a story a month obsolete? by Xest · · Score: 4, Insightful

      Yeah, you know that button you click when you install updates that has two radio options, one where you accept the terms and one where you don't?

      That's where you gave permission.

      If you didn't install it explicitly, the alternative is that you gave permission when you accepted automatic updates.

      If you don't want these things on your system, then don't give permission. Don't give permission and then claim you never actually gave permission when you blatantly did because otherwise it wouldn't have installed in the first place.

    11. Re:So the WaPo reports a story a month obsolete? by Blakey+Rat · · Score: 4, Insightful

      You could save the teeth gnashing and anal rape metaphors for when you actually have an issue, instead of wasting it on complete non-issues. It might lower your blood pressure in the long run. But that's just my opinion.

      --
      Comment of the year
    12. Re:So the WaPo reports a story a month obsolete? by YouWantFriesWithThat · · Score: 3, Funny

      there also is a small subset that makes lists that don't include a "???"

    13. Re:So the WaPo reports a story a month obsolete? by Fujisawa+Sensei · · Score: 3, Informative

      I know that its bad that Microsoft silently installs things that are difficult to remove

      I'm upset about the silent install but could someone please clarify the "difficult to remove" bit? I "removed" it by going into "add-ons" and clicking "disable". Problem solved as far as I'm concerned.....

      Simple: disable != remove

      --
      If someone is passing you on the right, you are an asshole for driving in the wrong lane.
    14. Re:So the WaPo reports a story a month obsolete? by billcopc · · Score: 4, Interesting

      It's bad because the entire philosophy behind Firefox addons is freedom of choice. How hard would it have been for Microsoft to prompt the user whether they want this thing or not ?

      In simpler words: My computer, my decision.

      --
      -Billco, Fnarg.com
    15. Re:So the WaPo reports a story a month obsolete? by Strilanc · · Score: 4, Insightful

      Everyone seems to be ignoring the fact that uninstallable extensions shouldn't even be allowed by firefox. I remember installing SiteAdvisor, then it was bought by McAfee and they set the "screw you no uninstalls" bit. Not appropriate at all.

      If it can't be uninstalled, then it shouldn't be an extension.

    16. Re:So the WaPo reports a story a month obsolete? by Anonymous Coward · · Score: 3, Informative

      It still left .NET to your user agent string. To get rid of false user agent string, you have to enable the extension, install MS removal tool and uninstall the extension with it. Just disabling it or using removal tool to disabled extension will not stop your browser advertising .NET extension.

    17. Re:So the WaPo reports a story a month obsolete? by melstav · · Score: 5, Informative

      Since you dragged the other discussion into this, allow me to point out a comment in that very discussion which points out why it's nowhere near the same thing. (Like the fact that Sun announced months in advance that they were going to do it, and the fact that you can, in fact remove it.)

      That comment is +5 insightful. You don't even have to drill down to find it. Just scroll a bit. Given that (some of) the comments are regularly more fair and balanced than the article summaries, you ought to at least skim the discussion before you decide whether this guy is bringing something useful to the discussion or just throwing more FUD onto the pile.

    18. Re:So the WaPo reports a story a month obsolete? by shutdown+-p+now · · Score: 3, Interesting

      On a side note, why does Sun's JDK installer bugs me to also install OpenOffice (checked by default), and every single Google desktop application has a "set Google to default search engine", and often also "install Google toolbar for IE", also checked by default?

      It's just the established software culture these days. From that perspective, installing a browser plugin which you won't ever see (until you navigate to a website that uses it) is relatively benign - compared to installing a 200Mb Office suite.

    19. Re:So the WaPo reports a story a month obsolete? by AmiMoJo · · Score: 3, Interesting

      The license agreement didn't mention anything about installing a Firefox plugin. I never agreed to having it installed.

      It isn't like people have that much of a choice about security updates anyway. You can either accept their terms or be vulnerable to exploits. Switching to Linux isn't an acceptable option, MS has a moral and possibly legal duty to fix security problems in the software they provide and I pay for and those updates should not interfere with my other software.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    20. Re:So the WaPo reports a story a month obsolete? by DeVilla · · Score: 3, Insightful
      My problem is not with the feature in firefox. My problem is not that that MS used. My problem is that Microsoft used it without asking. My problem is that Microsoft used it, without asking, to add something to my machine that made my 'secure' browser significantly less secure. My problem is that I did not know it happened and because of how they slipped it in, it was very difficult to fix.

      To be clear, if they had asked up front "Can we install this for all users on the system?" and if they would have honored my inevitable response (NO!) then we would be ok. They damaged my web browser without asking. I would open a problem to Mozilla about it being possible, but this was the operating system subverting the security of an application. An App can't really defend itself against a malicious OS.

    21. Re:So the WaPo reports a story a month obsolete? by AnalPerfume · · Score: 3, Insightful

      Say what???? Firefox users install addons they want via the addon manager in Firefox itself. They don't expect third parties to use other tricks to install addons, and grey out the "uninstall" option. They specially don't expect third parties from competing products which are losing market share to do this. This is NOT a misunderstanding on behalf of Firefox users.

      Microsoft have nothing but contempt for those people who choose not to use Microsoft products. How many more examples do you need to see to understand that Microsoft can't stand ANY competition. They want ALL of the market, not just a share of it.

      My guess is that you fall into one of the following categories:

      1 - Someone with their heads in the sand, intentionally finding other ways to look when decades of evidence is staring you in the face. A worried Microsoft shareholder perhaps?
      2 - A Microsoft astroturfer trying to earn a living by defending Microsoft and passing the blame in vintage Microsoft fashion.....yes, you guessed it, it's them dumbass users again. Of course they're dumbasses, they don't use Microsoft products, right? If they don't use Microsoft products they deserve to be fucked with.
      3 - A comedian who makes jokes which can be read as serious.
      4 - A troll looking for responses.

      From what I understand of the functionality of this plugin, it helps display sites done with Microsoft drugs like .net which is fine as it stands. If Microsoft were genuine about playing well with others, they could easily have done what everyone else does and have it on the addons section of Mozilla's site along with all the other addons. They could have a banner available for .net developers to put on their site saying "This .net addon will improve your .net experience in Firefox, click here to install".

    22. Re:So the WaPo reports a story a month obsolete? by RobDude · · Score: 3, Insightful

      They didn't screw up.

      If you don't trust Microsoft....if you don't want Microsoft messing around with your computer - DON'T LET MICROSOFT.

      Install Linux and be done with it. Or go to the Mac store and buy a mac.

      EVERYONE who experienced this problem had the .Net Framework installed and had automatic updates turned on.

      The add-on couldn't be removed from FireFox in EXACTLY THE SAME WAY that countless others can't be removed. When they are installed for 'all users' on the machine, individual users can't remove it.

      Just like all of these others....
              * Java
              * VLC Player
              * Adobe Acrobat
              * QuickTime
              * Google Talk
              * iTunes
              * Hulu
              * Picasa

      The 'fix' was released weeks ago - long before everyone got their panties in a wad over it. And when I mentioned that in the last anti-ms thread here I was modded flamebait.

      The worst part is that lots of people are going to honestly think they 'made Microsoft' change their mind by their complaining. No, sorry Kid, MS had the update long before you even NOTICED.

    23. Re:So the WaPo reports a story a month obsolete? by Propaganda13 · · Score: 4, Funny

      You must be new here. The majority of people here on Slashdot are meme scripts.

      signed,
      The You Must Be New Here Meme Script

  2. We need an new abbreviation by selven · · Score: 3, Funny

    LATFDBS - Look At The Date Before Submitting

  3. Yeah, a fix by mysidia · · Score: 5, Insightful

    Now there is an 'uninstall' button, but if you press it, the app is only uninstalled for the user who clicked the button, not other users on the computer; there's still no ready means of permanently opting out system wide.

    And they also indicate with every update of the .NET framework it may get re-installed for all users when Windows Presentation components are updated...

    Their fix is even more sly possibly. Now you have the false illusion of being able to remove it....

    And this still doesn't 'fix' the whole issue of installing components / editing the contents of a third party app a user installed without that user's permission.

  4. Better idea yet by Todd+Knarr · · Score: 4, Insightful

    Instead of installing it and letting you uninstall it if you don't want it, how about they don't install it and make it an optional thing you can choose to install?

  5. Install certainly isn't for the "common" user by JimMcc · · Score: 4, Insightful

    Sure, they've come out with an uninstall process. But who here thinks that Ma and Pa PC User have a chance in hell of correctly performing the necessary steps? For that matter, who thinks that the common user of a PC will even be aware of the issue in the first place?

    Yes FF allows add-ons. Yes, MS has every right to create an add-on for FF. What really worries me is when a company creates an add-on for the product of their primary competitor which threatens the stability and security of their competitor's product. At a minimum this is dirty pool. To me it just looks like MS continuing to wallow in the sewage of unfair competition.

    1. Re:Install certainly isn't for the "common" user by Anonymous Coward · · Score: 3, Insightful

      Exactly which web pages have you visited that require the .NET framework? I have never encountered one.

      Programs don't count. I use Firefox to browse the web. Having .NET installed because a certain program required it doesn't mean I want to visit the 3 websites that require .NET using Firefox.

  6. Now how about Java Quick Starter? by Anonymous Coward · · Score: 5, Insightful

    Okay, now tell me how to get rid of the similarly-uninstallable "Java Quick Starter" that nobody seems to be mad about because it's not Microsoft?

    1. Re:Now how about Java Quick Starter? by xenolion · · Score: 3, Insightful

      Um you answered your own question there; Its not Microsoft.

  7. Microsoft.. by Anonymous Coward · · Score: 5, Insightful

    Knowing them, it will leave about 50% of the junk that the addon installed. And 100% of the registry keys they used for it.

  8. Re:The HORROR! by Todd+Knarr · · Score: 4, Insightful

    The objection isn't to them providing support in Firefox. It's in their forcing the add-on into Firefox without asking the user whether they want it or not, when established convention is that the user elects to install add-ons and that if the user hasn't elected to install something it doesn't get installed. This is made especially annoying by the fact that many Firefox users use it precisely because it doesn't support things like .Net.

  9. Wiping Microsoft wipes the extension by Anonymous Coward · · Score: 3, Interesting

    This Anonymous Coward will be removing this extension by wiping Microsoft of his machine and installing Linux. After 25 years of developing commercial applications for Microsoft platforms, I'm done.

  10. And the rest of the story... by Anonymous Coward · · Score: 5, Informative

    Scott Hanselman put up a nice post today outlining the whole story. He points out why it turned out this way, how to uninstall it and even put up the source code so you can see their evil ways for those who were too lazy to unzip the xpi.

    http://www.hanselman.com/blog/HowToRemoveTheNETClickOnceFirefoxExtension.aspx

  11. Spaz down, Sparky by Benfea · · Score: 5, Insightful

    While I have my criticisms of Microsoft, I'm hardly a basher. Despite having lots of familiarity with Macs and a tiny bit of familiarity with LINUX, I use Microsoft operating systems exclusively.

    Two things are worth mentioning here. One is that practically any palooka can show up and start one of these threads. Someone probably saw the article in the WP (or an article about the article in WP) and started a thread without doing research and finding out that this is actually an old issue, an issue that was already mentioned back in February on this site, and that Microsoft had issued a fix a month ago. Bone-headed posts happen a lot around here. That doesn't make these threads part of a sinister conspiracy against Microsoft.

    The other thing worth mentioning is that frankly, this is worth mentioning again. While the disabled uninstall button was obnoxious, to me the greater wrong here was sneaking in an extension to a competitor's browser through an automatic OS update without informing the user.

  12. But what's the difference? by tepples · · Score: 3, Insightful

    but could someone please clarify the "difficult to remove" bit? I "removed" it by going into "add-ons" and clicking "disable". Problem solved as far as I'm concerned.....

    Simple: disable != remove

    What is the significant practical difference between an add-on that doesn't get loaded because it's disabled and an add-on that doesn't get loaded because it's removed?