×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft Update Slips In a Firefox Extension

kdawson posted more than 5 years ago | from the hitch-hiker dept.

Microsoft 803

An anonymous reader writes "While doing a weekly scrub of my Windows systems, which includes checking for driver updates and running virus scans, I found Firefox notifying me of a new add-on. It's labelled 'Microsoft .NET Framework Assistant,' and it 'Adds ClickOnce support and the ability to report installed .NET versions to the web server.' The add-on could not be uninstalled in the usual way. A little Net searching turned up a number of sites offering advice on getting rid of the unrequested add-on." The unasked-for extension has been hitchhiking along with updates to Visual Studio, and perhaps other products that depend on .NET, since August. It appears to have gone wider recently, coming in with updates to XP SP3.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

803 comments

malware.... (5, Insightful)

gchesney0001 (667278) | more than 5 years ago | (#26689717)

Remember Sony?

Re:malware.... (5, Funny)

ScrewMaster (602015) | more than 5 years ago | (#26689755)

Remember Sony?

Yes. Trying not to.

sony (5, Funny)

symbolset (646467) | more than 5 years ago | (#26689859)

Never forget.

Forgetting is key to getting caught again. You can only catch a cat in the same trap once.

Re:sony (5, Insightful)

MrNaz (730548) | more than 5 years ago | (#26689957)

Unless that cat is the American public and the time since the last time you caught them is greater than the time since the last episode of American Idol.

Dude (-1, Offtopic)

symbolset (646467) | more than 5 years ago | (#26690059)

When we're totally getting baked with the new BC Shit, we wanna either unplug the keyboard or like totally not post. OK? Cuz otherwise we like totally discount the other stuff we say, like way. K?

But stinky BC is the shizzle, proper.

Normal for Microsoft (4, Insightful)

Anonymous Coward | more than 5 years ago | (#26690295)

People think that Microsoft is a software company that is sometimes abusive. But it isn't, in my opinion. Microsoft is an abuse company that delivers abuse using software.

Re:malware.... (2, Informative)

houstonbofh (602064) | more than 5 years ago | (#26689767)

Remember Sony?

Unfortunately, for most people the answer is no... For me it is which time? The CD-ROM Trojan, or the secure thumb drive Trojan?

Re:malware.... (4, Funny)

creimer (824291) | more than 5 years ago | (#26689937)

No, no, no. The grandparent meant the original Sony Walkman [wikipedia.org]. :P

Re:malware.... (0)

Anonymous Coward | more than 5 years ago | (#26690365)

Are you sure he didn't mean "Sonny" ? That's what my grandparents always mean.

Re:malware.... (4, Insightful)

eebra82 (907996) | more than 5 years ago | (#26689901)

I wouldn't class Sony's rootkit 'malware' as much as it was a security risk. This is not even remotely close to how stupid Sony's decision was.

Having said that, I wonder if this update is stated anywhere in the ToA.

Re:malware.... (0)

Anonymous Coward | more than 5 years ago | (#26690077)

That woman hiding out in the abandoned building across town maybe ugly, fat, mentally challenged, have rotting teeth, and covered in sores but she is still a female. In the same respect SONY rootkit is still malware. Her and those associated with the developement and distribution of the SONY rootkit should change places in life as they are more deserving of her problems then she likely is.

Re:malware.... (5, Insightful)

Lendrick (314723) | more than 5 years ago | (#26690175)

Who's to say this thing isn't a security risk? Microsoft?

Of course, we don't *know* that this software is bad, but my policy with my own machine is that if I don't know what something does, it doesn't run on my computer, which is why my computer still runs smoothly even though I haven't reinstalled Windows for several years.

For those of you who are assuming it's probably safe (and admittedly, you're probably right), there's another good reason to get rid of it. Microsoft changing your browser string to indicate that this piece of software is installed in your browser. The purpose of this, most likely, is to increase the installed base for this software, and use that as an argument to ush whatever new web technology they're pushing. Now that non-IE browsers account for 30% of the total browsers on the internet, Microsoft is losing their stranglehold on web "standards", and they're pulling this crap to get it back.

Don't be a part of it. Remove this plugin, then go into about:config and change your browser string back so it doesn't falsely advertise that you have it installed.

Oh, and as far as Firefox goes... why is the uninstall button grayed out? This feels like a UI issue to me; principals of user-friendliness dictate that I ought to be in control of whether or not I can uninstall an add-on. Even having code in the browser that allows someone to take that freedom away from me is a bad thing. (Of course, is it really Firefox's fault? Is there a technical reason that Firefox *can't* uninstall the plugin?)

Re:malware.... (5, Informative)

mR.bRiGhTsId3 (1196765) | more than 5 years ago | (#26690257)

Firefox cannot uninstall plugins that are installed to "sensitive" areas, like the actual Program Files folder. Skype does this also. It shouldn't prevent you from disabling the add-on though.

Re:malware.... (4, Interesting)

Lendrick (314723) | more than 5 years ago | (#26690359)

Interesting... Would it be possible to change Firefox in such a way that it refuses to recognize those plugins that it can't install?

Re:malware.... (4, Informative)

Thinboy00 (1190815) | more than 5 years ago | (#26690311)

If you install something (e.g. an extension) via apt or (I assume) rpm on Linux, Firefox can't uninstall it since it isn't running as root. In that scenario, the button is grayed out with no explanation. But, of course, you can always ask apt/rpm to remove the offending software, or not install it in the first place...

First (-1, Offtopic)

skeptictank (841287) | more than 5 years ago | (#26689719)

Post!

Re:First (0, Offtopic)

UngodAus (198713) | more than 5 years ago | (#26689729)

!First. Fail!

Re:First (4, Funny)

Anthony_Cargile (1336739) | more than 5 years ago | (#26690035)

!First. Fail!

...not first, fail not? ugh, this is why I prefer using the bitwise oprtator (~) instead, although in /. lore this is instead in jokes used to mean "home", per the bash usage instead of the one's complement.

Or, I just need to get out more. After asking why all the guys were buying wings and beer on the same day in throngs at the grocery store, I found out the last super bowl was indeed not 32.

second (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#26689733)

FUCK YOU MICRO$SUCK

Huh! (5, Insightful)

ScrewMaster (602015) | more than 5 years ago | (#26689737)

This definitely goes into the "WTF?" category.

Illin with the panicillin? (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#26689873)

Is she illin with the panicillin?
Is she reelin in the panicillin?
Is it feelin with the panicillin?
Are you steelin in the panacillin?

Panka Panka

Is she liable no suitifiable no not on trial but so suitifiable
Is she viable no suitifiable pliable style is so suitifiable
so reliable no suitifiable shes not on file but so suitifiable
im on the dial its so suitifiable its like im liable but more suitifiable

Re:Huh! (2, Interesting)

carlzum (832868) | more than 5 years ago | (#26690185)

Exactly, this could have been touted as proof that MS was serious about .NET interoperability. Instead they chose to install it silently and make it difficult to remove, making the update a nuisance to FF users.

Allowed scope of updates (5, Insightful)

Statecraftsman (718862) | more than 5 years ago | (#26689751)

Microsoft gives us updates all the time and we trust them to fix bugs and security holes. Firefox not coming with their extension is not in the scope of bugs and security holes they should fix. When they overstep their bounds like this ON TOP of an application(esp. a free software application) what might they be doing in their proprietary code under the application? Whatâ(TM)s next, an OpenOffice extension to make sure Microsoft never has an $ where their s is?

Re:Allowed scope of updates (4, Insightful)

schon (31600) | more than 5 years ago | (#26689861)

Microsoft gives us updates all the time and we trust them to fix bugs and security holes.

What you mean "we", Kemosabe?

Re:Allowed scope of updates (5, Interesting)

zobier (585066) | more than 5 years ago | (#26689963)

It is totally unacceptable for Microsoft to interfere with any of the 3rd party software I have installed on my computer whether via their update mechanism or otherwise. If I ever find any of these shenanigans going on I will raise a formal complaint with the appropriate government competition bureau, I encourage others to do the same.

Re:Allowed scope of updates (3, Informative)

TheSeer2 (949925) | more than 5 years ago | (#26690079)

There is an option that you have to check to allow updates to things other than Windows.

Re:Allowed scope of updates (5, Insightful)

whoever57 (658626) | more than 5 years ago | (#26690267)

There is an option that you have to check to allow updates to things other than Windows.

Which most people assume means things like MS Office and other MS components that are not part of a bare Windows install. I can't imagine anyone thinking this means 3rd party software.

Re:Allowed scope of updates (1)

Thinboy00 (1190815) | more than 5 years ago | (#26690345)

Well, just to play devil's advocate, my box running Ubuntu periodically prompts me for updates on all sorts of 3rd party software (some sort of outgrowth of synaptic/apt AFAICT). (Obviously Canonical Ltd. != M$)

Re:Allowed scope of updates (1)

Shelled (81123) | more than 5 years ago | (#26690135)

Not only do you force feed users a Microsoft extension, you piss them off about a third party & competitive application. Two business cases with one stone. I think it's brilliant.

Re:Allowed scope of updates (2, Interesting)

Thinboy00 (1190815) | more than 5 years ago | (#26690357)

I hope someone, preferably the U.S. or E.U., sues them for anticompetitive practices (again).

Why get upset? Firefox users avoid proprietary sw? (0)

aksansai (56788) | more than 5 years ago | (#26690153)

I'm seriously confused as to why this is upsetting considering that the average Firefox user installs plugins to assist in rendering media types (I'm picking on Flash) that could potentially be exploited far more than an extension that Microsoft produced because they realize that there is a huge established base of Firefox users on their Windows operating system.

I think this one is a win for the Firefox community in the sense that instead of being greeted with "your browser ain't IE, yo" that they are using the fundamental openness of Firefox to be able to reach users who, like me, think IE is the best waste of disk space on my Windows machines. Let Microsoft continue to develop for Firefox and realize how much of a pair of pants it can hand over to its beloved IE.

Or, continue to bitch and moan over its attempt to reach the Firefox customers to the point where they say, "Screw it - give them the ol' your browser is not supported" line.

Re:Why get upset? Firefox users avoid proprietary (3, Insightful)

Fritzed (634646) | more than 5 years ago | (#26690251)

You are (purposely?) missing the entire point. The average Firefox may CHOOSE to install flash, but that is their choice. If Microsoft wants to make a Firefox extension, then they need to put it in the directory just like everyone else.

Re:Why get upset? Firefox users avoid proprietary (5, Insightful)

Mad Merlin (837387) | more than 5 years ago | (#26690299)

Maybe because...

  • nobody asked for this extension
  • the extension makes a point of not letting you remove or disable it
  • the extension doesn't help you in any way whatsoever
  • it's Microsoft

Just one of those is enough to make something bad.

Re:Why get upset? Firefox users avoid proprietary (3, Insightful)

pallmall1 (882819) | more than 5 years ago | (#26690301)

I'm seriously confused as to why this is upsetting considering that the average Firefox user installs plugins to assist in rendering media types...

What part of "can't uninstall" confuses you?

Re:Why get upset? Firefox users avoid proprietary (5, Insightful)

Nutria (679911) | more than 5 years ago | (#26690339)

I'm seriously confused as to why this is upsetting considering that the average Firefox user installs plugins ...

The point isn't that MSFT is creating FF plugins.

The point is that MSFT is silently forcing plugins without telling us what they do.

This whole thing would have been a non-issue if they had

  • added a sentence on why this plugin is useful, and
  • enabled the Uninstall button.

But MSFT is too arrogantly stupid to do that.

Re:Allowed scope of updates (1)

bit01 (644603) | more than 5 years ago | (#26690219)

When they overstep their bounds like this ON TOP of an application(esp. a free software application) what might they be doing in their proprietary code under the application?

No, that's probably not the problem this time (though it is true that vendors get up to all sorts of shenanigans). The problems are:

  1. Not informing the user/developer precisely what the addon does, and does not, do so the user can make an informed choice about whether to install it.
  2. Not giving the user an obvious means of avoiding the firefox addon if they don't want it.
  3. Not using the standard install/uninstall mechanism so the user can uninstall it in the obvious way if they decide they don't want it after testing.

Software packages interact in different ways all the time eg. shared default file types/extensions cause endless mischief. That's unfortunately common and no vendor should be blamed for it directly however the user must be given the information and the tools to make and effect informed choices.

---

Adopt an astroturfer [wikipedia.org]. Make their life hell.

Re:Allowed scope of updates (1)

Tablizer (95088) | more than 5 years ago | (#26690291)

[whats] next, an OpenOffice extension to make sure Microsoft never has an $ where their s is?

Time to kick Microsoft in the S.
   

NOT Unsuspecting... (4, Informative)

eWarz (610883) | more than 5 years ago | (#26689773)

The add-on is automatically installed when you install the latest version of the .net framework. Microsoft Update does NOT automatically install this add-on. In order for it to be installed you had to explicitly choose to install the .net framework.

YES Unsuspecting... (5, Insightful)

Anonymous Coward | more than 5 years ago | (#26689813)

The .NET framework is not required for Firefox to run. Why would any sane person assume installing a totally unrelated framework would scribble all over Firefox?

Re:NOT Unsuspecting... (5, Insightful)

flydpnkrtn (114575) | more than 5 years ago | (#26689817)

It most definitely IS unexpected, because I was never notified anywhere that a MICROSOFT update would entail installing an addon to a completely NON-Microsoft product.

Just because I installed the .NET framework, I'm subject to whatever else MS wants to do to my computer? Nay, sir, nay.

Re:NOT Unsuspecting... (2, Insightful)

nemesisrocks (1464705) | more than 5 years ago | (#26689969)

I was never notified that an ADOBE product would entail installing an addin to a completely NON-Adobe product. Get with the times. Companies install addons to "complementary" products (web browsers, office suites, etc).

Re:NOT Unsuspecting... (2, Insightful)

flydpnkrtn (114575) | more than 5 years ago | (#26689997)

I'm pretty sure that during the install for Adobe Reader you're given the option to install the browser plugin or not (maybe the most you have to do is go into "Custom install)... with the .NET addon all that happened as far as I can see is that I installed pending updates, rebooted, and bam the addon was there

Do you see how that's a different situation than installing an app that adds a browser plugin?

Re:NOT Unsuspecting... (1)

gmuslera (3436) | more than 5 years ago | (#26690015)

Is a Microsoft update, they own the operating system so think that have the right over anything running there. Their release notes should include "turn back and bend over while we install this" somewhere.

Re:NOT Unsuspecting... (3, Insightful)

at_slashdot (674436) | more than 5 years ago | (#26690173)

Why are you so amazed? Your control over your computer is illusory when you use closed-source programs -- especially ones that call back home and install "updates"

Re:NOT Unsuspecting... (1, Insightful)

renegadesx (977007) | more than 5 years ago | (#26690297)

[root@localhost ~]# apt-get update apt-get: ET phone home

Yeah, damn those closed source OS's

Re:NOT Unsuspecting... (1)

Omniscientist (806841) | more than 5 years ago | (#26690221)

First of all, no one is forced to install the .NET framework. Most of the larger commercial applications, if not all of them, have no .NET dependencies, including Office.

Second of all, why is this so horrible when installing Adobe Reader (post-Firefox install) does the same thing?

Firefox certainly doesn't rely on .NET, but that's the whole point of a "plugin". You see, you can extend a product to support additional technologies if it has a pluggable framework. There is .NET content for the web, and the same update we're talking about (which addresses ClickOnce) also adds functionality for XBAP's.

However, I do think that the Firefox extension should be a separate feature in the .NET 3.5 setup; one that we can switch off either during install time or afterward, like any MSI feature.

Dodgy Pool (1)

UngodAus (198713) | more than 5 years ago | (#26689783)

Honestly, had they mandated silverlight, and included this in the silverlight install, I think they may have gotten it to most of the users that they would need to have it anyway, and pissed less people off in the process. Welcome to the new (steve) microsoft, same as the old (bill) microsoft.

The Microsoft icon. (1, Funny)

Anonymous Coward | more than 5 years ago | (#26689791)

Ya know, since Bill is long gone, I think the Microsoft icon could use an upgrade. I have an idea. It has to do with a chair, Steve Ballmer, and his ass.

Re:The Microsoft icon. (1)

MrNaz (730548) | more than 5 years ago | (#26689975)

I don't see how a picture of Steve Ballmer standing on a chair and mooning all PC users would be relevant.

On second thoughts, it'd clearly show us how much he values our custom.

Laughing behind our fscking backs. (0)

Anonymous Coward | more than 5 years ago | (#26689797)

This is unequivocal proof of a conspiracy to deliberately install unrequested code on computers. Note that there is no intent beyond this. In other words, the unrequested add-ons are not being installed as an means to reach some other end, and they do not do anything questionable with respect to privacy, security, or any other issue. Rather the end is simply to put unrequested code on computers, just so that the conspirators can laugh behind everyone's backs knowing that they have put unrequested code.

Equal Opportunity Offender... (3, Insightful)

creimer (824291) | more than 5 years ago | (#26689805)

Yea, more spyware. Now on FireFox instead of Internet Explorer. :P

Re:Equal Opportunity Offender... (1)

symbolset (646467) | more than 5 years ago | (#26689915)

Don't worry. IE has so many holes they're no longer news-worthy.

Re:Equal Opportunity Offender... (4, Funny)

Spy der Mann (805235) | more than 5 years ago | (#26690149)

Don't worry. IE has so many holes they're no longer news-worthy.

Wait. You mean IE has non-hole parts?

Re:Equal Opportunity Offender... (1)

symbolset (646467) | more than 5 years ago | (#26690307)

I didn't mean to imply that. Sorry. I don't know of any non-hole parts of IE. Maybe somebody else can help you there.

XP SP3? (3, Informative)

Malc (1751) | more than 5 years ago | (#26689841)

Are you sure? Did you actually mean .Net 3.5 SP1? That's what just installed it on my machine. I've never seen XP SP3 install it.

Re:XP SP3? (2, Informative)

Culture20 (968837) | more than 5 years ago | (#26689983)

Updates for XP SP3. I got it installed with .Net 2.0 SP2

Re:XP SP3? (2, Informative)

Malc (1751) | more than 5 years ago | (#26690179)

.Net 2.0 SP2 is an update to .Net 2.0, not XP SP3. It's the same installer binary for whatever version of Windows you have (64/32-bit differences aside)

A good sign! (4, Insightful)

dclozier (1002772) | more than 5 years ago | (#26689847)

Although it's not the best approach that could have been taken it is a good sign. If Microsoft can no longer ignore Firefox then all those sites that still require IE to function will begin to follow.

Re:A good sign! (3, Insightful)

markdavis (642305) | more than 5 years ago | (#26689923)

Yeah, well, so the sites will use some proprietary .NET stuff. I don't see such a plugin for non-MS operating systems. I would rather those sites that WERE ignoring Firefox code in something that not only works on all browsers but on all platforms as well.

Re:A good sign! (2, Insightful)

Firehed (942385) | more than 5 years ago | (#26690011)

All what sites? Aside from internal corporate web apps, has this been a real problem in the last five or so years? I remember having some issues back when Firefox was still having issues picking a proper name (pre-1.0 days), but I honestly don't think I've seen a public site with serious issues since around Firefox 1.0.

There's still some stuff out there with wonky stylesheets, of course, but that almost never is SO bad that it causes a site to be unusable.

Re:A good sign! (2, Interesting)

glwtta (532858) | more than 5 years ago | (#26690239)

If Microsoft can no longer ignore Firefox then all those sites that still require IE to function will begin to follow.

Is that really still a problem, though? I'm pretty sure that particular knee-jerk needs to be updated a bit.

I'm sure half a dozen people will jump in here with their favorite examples of IE-only sites, but chances are they will be quite obscure. I spend a fair amount of time online, and it hasn't really entered my mind in the last 2-3 years that I'm using some kind of "fringe" browser.

Now, internal corporate apps are another matter entirely; then again, they only have a 50/50 chance of ever working in their "supported" environment to begin with (ahh fond memories of having to install a VM with some extremely specific, and extremely ancient java version just to sign the company "ethics pledge" or whatever).

Scumware, eh? (5, Informative)

dmomo (256005) | more than 5 years ago | (#26689863)

One hint that this "extension" is unwanted garbage is that when you Google (google: Microsoft Framework Assistant) for it and the top links are pages about how to remove it. Then the first link from your site (microsoft.com) is also a forum that mentions getting rid of it...

Anyway, here's how to remove it.

http://www.robertnyman.com/2009/01/26/microsoft-force-installs-firefox-extension/ [robertnyman.com]

Re:Scumware, eh? (3, Insightful)

Dwedit (232252) | more than 5 years ago | (#26689921)

That doesn't matter at all. Type in any .DLL file you can think of, and you will see all the "Remove Spyware Now!" type sites that catalog DLL files. Buried in the actual relevant content of the site, hidden beneath all the "Spyware is dangerous, you may have spyware" boilerplate content is a row in a table telling you that the DLL file you searched for is safe. You can't just trust results like that.

Re:Scumware, eh? (5, Insightful)

Kral_Blbec (1201285) | more than 5 years ago | (#26690075)

It does matter because the sites are different. The ones that come up for Microsoft Framework Assistant are forum postings, articles and blogs instead of autogenerated bull-honky.

Re:Scumware, eh? (1)

Compholio (770966) | more than 5 years ago | (#26690313)

That doesn't matter at all. Type in any .DLL file you can think of, and you will see all the "Remove Spyware Now!" type sites that catalog DLL files.

Usually I see a link to download it from dll-files.com ...

Microsoft will never learn (3, Insightful)

chrome (3506) | more than 5 years ago | (#26689875)

Microsoft just can't resist the urge to use it's position as the marketplace leader for desktop OSes to be a dick.

Server 2003 as well (0)

Anonymous Coward | more than 5 years ago | (#26689899)

This showed up on my Server 2003 machine too.

but... (5, Insightful)

powerspike (729889) | more than 5 years ago | (#26689929)

It's Funny, i have had the same issue with apple update, i find it requesting to install updates for programs that weren't installed in the first place, seems like the same thing but different company...

Re:but... (5, Insightful)

spectecjr (31235) | more than 5 years ago | (#26690119)

Except in Apple's case, it's somewhat worse... after all, why the fuck would they install MobileMe or Bonjour on my system when I install iTunes?

Why the FUCK do they think I want their networking system along with their player?

Bonjour [wikipedia.org]

Grrrrrrrrrrrrrrrrrrrrrr. Weak. At least the .NET extension is within the realms of making sense.

Re:but... (2, Insightful)

guruevi (827432) | more than 5 years ago | (#26690237)

Because some iTunes' features are built around those technologies. Eg. if you have wireless speakers or another library/machine/appliance you want to share your music with, Bonjour will auto-detect it and list it in iTunes. Here Microsoft is including spyware targeted at their competition (Firefox) in their own updates in order to make Firefox look bad. It's like Apple including an update to Microsoft Office so that information on every document gets sent to them or including an Internet Explorer extension to send out personal or system information to the pages they're visiting.

Re:but... (3, Insightful)

EvilIdler (21087) | more than 5 years ago | (#26690271)

I don't understand the hatred for Bonjour. It's a discovery protocol, used by Macs for ages. All it does is to make it possible to find other computers. Adobe seem to be using it in their latest products, so you'll be seeing it more. It's not as if Windows programs historically have been satisfied with just one version of a DLL, anyway ;)

Re:but... (1)

Microlith (54737) | more than 5 years ago | (#26690283)

Such as?

Really, all I've seen have been updates for Apple software (or software otherwise distributed by Apple.)

Is this the Windows version of Software Update?

Java does this, too (3, Informative)

RockMFR (1022315) | more than 5 years ago | (#26689939)

Some of the recent updates for Java SE have included "Java Quick Starter". And for those with Ubuntu, there are a number of things that show up in the Add-ons list that are not explained well.

Re:Java does this, too (1, Informative)

Anonymous Coward | more than 5 years ago | (#26689999)

Sun offers steps to disable the Java Quick Starter [java.com], though. And those unexplained Ubuntu extensions can be removed by uninstalling the "ubufox" package (if I recall correctly; I haven't been using Ubuntu for a long time now.)

Re:Java does this, too (3, Informative)

Whiney Mac Fanboy (963289) | more than 5 years ago | (#26690123)

WTF? Do you understand why this is an issue?

Some of the recent updates for Java SE have included "Java Quick Starter". And for those with Ubuntu, there are a number of things that show up in the Add-ons list that are not explained well.

Neither of the examples you cite update an independently installed third party software without giving you an easy way of uninstalling.

FFS.

Re:Java does this, too (1)

gparent (1242548) | more than 5 years ago | (#26690289)

They still fuck around with stuff they shouldn't be fucking around with.

At least the Microsoft update gives me functionality I actually desire (ClickOnce).

Profiling, anyone? (0)

Creepy Crawler (680178) | more than 5 years ago | (#26689981)

Since this is a rather nasty "Payload" for firefox, what is its performance vs ACID and other rendering tests before and after the plugin?

I mean, hasnt anybody profiled it to see its raison d'etre?

Re:Profiling, anyone? (1, Informative)

Anonymous Coward | more than 5 years ago | (#26690037)

The "raison d'etre" of the plug-in when installing latest the .NET framework is to provide support for "Click-Once" deployment of web-enabled applications via Firefox. This is no different than the Java SE installing it's plug-in for Java applets, or Adobe Reader installing it's plug-in for viewing PDFs directly within the browser. It has no effect on the browser at all unless you try to open a Click-Once application link specifically. This also isn't new; the plug-in has been available on Windows Update for at least half a year.

Re:Profiling, anyone? (1)

gparent (1242548) | more than 5 years ago | (#26690275)

Are you blind? The purpose of the plugin is written in the summary, the article, and in the plugin description.

Re:Profiling, anyone? (2, Insightful)

Creepy Crawler (680178) | more than 5 years ago | (#26690349)

Then I assume that you have the source for the plugin, no?

If you dont have the source, how can you be sure what exactly it's attaching to? I know if I was Microsoft, I'd attach to parts of the rendering engine and screw around with things. It'd be an easy way to make Firefox seem slower and buggier. And, why disable the "Uninstall" button? Looks rather fishy to me.

I mean, if Firefox is prone to crashing at random times on random websites, wouldnt you think users would go back to IE?

Any real reason to nuke it? (1)

Dotren (1449427) | more than 5 years ago | (#26690025)

Has anyone noticed a performance hit to Firefox or anything? Any critical need to remove it?

Not that I'm happy that it was put on my system and that it can't be removed through the accepted addon system with Firefox, but I'm wondering if its really worth the trouble and for what reasons other than the standard "MS is evilllll", "They're spying on us", or what is sure to become a new spin on a popular internet meme "Microsoft raped my web browser".

Re:Any real reason to nuke it? (0, Troll)

pavera (320634) | more than 5 years ago | (#26690043)

Well it changes the user agent.. I assume to say firefox is IE, thus making firefox's market share look smaller, making firefox appear less relevant to pointy haired bosses everywhere.

Re:Any real reason to nuke it? (2, Informative)

terranwannabe (533181) | more than 5 years ago | (#26690097)

More like appending the version of the .NET CLR to the UA string, so that ClickOnce or XBAP applications can install through Firefox instead of requiring IE. I can testify (looking at my UA right now) that it does not change anything else and leaves the Firefox name intact. Of course, to find this out you might have to research or think about your answer instead of assuming evil behavior on Microsoft's part...

Re:Any real reason to nuke it? (2, Insightful)

whoever57 (658626) | more than 5 years ago | (#26690369)

Of course, to find this out you might have to research or think about your answer instead of assuming evil behavior on Microsoft's part...

Given the ample, well documented evidence of bad behavior by MS, failing to consider evil behavior by MS is a clear example of "fool me once, shame on you, fool me twice....". Just because the "evil behavior" is not so obvious yet, doesn't mean that there is not such a motive behind this action.

Fucking Microsoft (1)

kpainter (901021) | more than 5 years ago | (#26690027)

I saw this thing today while trying to fix an ailing Vista laptop. WTF!? And I couldn't get rid of it. I was thinking that my GF's son somehow got this thing installed but maybe it wasn't his fault afterall. God, I hate Microsoft.

Re:Fucking Microsoft (1)

mR.bRiGhTsId3 (1196765) | more than 5 years ago | (#26690321)

The disable button still works. Or do you not trust the open source firefox code to be able to properly disable plugins?

So actually (1)

guruevi (827432) | more than 5 years ago | (#26690065)

it's slipping spyware/crapware into a competitor's product? That's even worse than Sony and many others (where you can usually opt out or at least you know where it's coming from). Microsoft is stooping very, very low these days. They deserve another conviction... soon.

Re:So actually (1)

JoeCommodore (567479) | more than 5 years ago | (#26690263)

You mean 'usually opt out' like those CDs that had auto installers that surreptitiously disabled CD recording programs? Both of these are too scummy but what those hidden CDs programs did was a lot worse, disabling others legitimate software.

Re:So actually (0)

Anonymous Coward | more than 5 years ago | (#26690343)

It's not spyware, but if you read the summary before spouting your anti-MS bullshit, you'd know that. It allows ClickOnce functionality, that's it, that's all, nothing more, nothing less.

If by 'slip' (1)

eigenstates (1364441) | more than 5 years ago | (#26690129)

You mean call it out specifically in the install of .NET, I think you may have a point there.

However, it is sad that it is needed at all, even if for acceleration purposes. It means that .NET relies on something only specifically available before in IE. Uncool. No uninstall- unforgivable. My guess is that they will fix it.

And rootkit comparisons? Jesus. Nothing close.

firefox security hole? (2, Insightful)

enter to exit (1049190) | more than 5 years ago | (#26690199)

Firefox installed this without me allowing it too

it seems very for malware to be installed like this

Maybe I'm looking at this the wrong way, but shouldn't Firefox stop extensions being installed this way?

Re:firefox security hole? (1)

terranwannabe (533181) | more than 5 years ago | (#26690211)

You need local admin privileges to install Framework 3.5 SP1. And remember - if an application masquerades with local admin privileges, it can do WHATEVER it wants.

Re:firefox security hole? (1)

mdmkolbe (944892) | more than 5 years ago | (#26690353)

Unless what it wants requires SYSTEM privileges. SYSTEM is a higher level than Administrator on Windows (which can be rather annoying when I need to do something requiring SYSTEM privileges).

Two Questions: (1)

tokyoahead (743189) | more than 5 years ago | (#26690213)

a) Why is it possible? I think there should be at least a warning from FF if an add-on is installed w/o user interaction. b) What's next? will MS include FF in the "Mailicious software removal tool" if it detects that your FF is running without the MS-Alien in its belly...

MICROSOFT DRM? (0)

Anonymous Coward | more than 5 years ago | (#26690241)

Wtf is this under my Firerfox 3 Add-ons under plug-ins.....2 of them are listed.

Microsoft DRM
DRM Netscape Network Object

Microsoft DRM
DRM Store Netscape Plugin

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...