Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

MS Issued a Fix For Its Unwanted FireFox Extension

kdawson posted more than 5 years ago | from the unevenly-distributed dept.

Microsoft 266

As we discussed last February, and again a few days ago after the Washington Post noticed, Microsoft installed without permission a hard-to-remove Firefox extension along with a service pack for .NET Framework 3.5. Reader Pigskin-Referee lets us know that, as it turns out, Microsoft issued a fix a month ago; details here.

cancel ×

266 comments

Sorry! There are no comments related to the filter you selected.

So the WaPo reports a story a month obsolete? (5, Insightful)

Blakey Rat (99501) | more than 5 years ago | (#28223723)

And of course, since it's negative towards Microsoft, Slashdot dupes it a few dozen times. That's some quality journalism all-around. Oh, and it was an honest mistake in the first place, not some horrible malicious act.

Of course, if you read the Slashdot comments, you knew that Microsoft had already fixed it, since the comments are always about 10 times more on-the-ball than the actual posts. Sadly, I think the majority of visitors to this site never dive into the comments section and are probably fed a large spoon of bullshit every morning with their news.

Re:So the WaPo reports a story a month obsolete? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28223769)

I agree. It was a minor issue to begin with made to be a big deal. Typical chin beard loser journalism. Go ahead faggot mod me down.

Re:So the WaPo reports a story a month obsolete? (0)

Anonymous Coward | more than 5 years ago | (#28223771)

Not quite, the majority of the people here not only don't read the article, they don't bother to read the summary they are responding to. Some don't even read the comments when they reply.

Re:So the WaPo reports a story a month obsolete? (1)

xmousex (661995) | more than 5 years ago | (#28224983)

ahah so this isnt just a chat room!!
now where do you look for the article?

Re:So the WaPo reports a story a month obsolete? (5, Insightful)

Foofoobar (318279) | more than 5 years ago | (#28223789)

When a company like Microsoft 9 out of 10 times makes hostile gestures towards the open source community, are we supposed to run towards them with flowers and candy every time they screw up now and say 'we forgive you darling. lets go have buttsex on the veranda!'?

I dunno about you but I get screwed in the ass enough and I'm duct taping my shorts and sitting on the porch with a shotgun.

Re:So the WaPo reports a story a month obsolete? (4, Funny)

nizo (81281) | more than 5 years ago | (#28223821)

Where is my "+1 Insightful but gross" mod option?

Re:So the WaPo reports a story a month obsolete? (4, Interesting)

Beelzebud (1361137) | more than 5 years ago | (#28224077)

Is it too much to ask that if you have issues with MS that you bring up the legitimate issues and leave the BS alone?

Re:So the WaPo reports a story a month obsolete? (1, Insightful)

Anonymous Coward | more than 5 years ago | (#28224769)

Is it too much to ask that if you have issues with MS that you bring up the legitimate issues and leave the BS alone?

Yeah, but how would he feel a part of the community without that common enemy? Once again, yet another instance of fallacious "us vs. them" crap that humanity continues to be shackled by. People get off on malcontent, especially on Slashdot. Makes them feel alive to write scathing and illogical comments about a multinational corporation anonymously on a random Internet site.I guess its easier than actually doing something with your life.

Re:So the WaPo reports a story a month obsolete? (0)

Anonymous Coward | more than 5 years ago | (#28224829)

Bringing up legitimate issues and leaving out BS is in direct contravention of timothy and kdawson's contracts, or so it would seem

Re:So the WaPo reports a story a month obsolete? (2, Insightful)

Anonymous Coward | more than 5 years ago | (#28224255)

When the open source community 10 times out of 10 makes hostile gestures towards Microsoft.... ... well yeah, you can see how it goes.

For all Microsoft's faults, it does what it does because it's a business whilst many members of the FOSS community seems to purely rely on hatred for their reasoning.

How can the FOSS community expect to be taken seriously when it can't be mature itself and when Microsoft does something that isn't wrong it STILL attacks it? FOSS is a noble cause but the community is so often blinded by it's own bias that it's self-defeating. I guess that's what happens in an anarchy though.

Why not you know, when it does something right accept that it's done something right and encourage such behaviour rather than leave many big companies thinking the FOSS community is just a cesspool of hate not to be taken seriously?

Re:So the WaPo reports a story a month obsolete? (2, Funny)

Allicorn (175921) | more than 5 years ago | (#28224723)

They make great mice.

And I hate them for it!

Re:So the WaPo reports a story a month obsolete? (1, Insightful)

nicolas.kassis (875270) | more than 5 years ago | (#28224733)

Why is this rated informative, this is the same bullshit comment we see here every day. Look, business is business and FOSS folks are doing what they can to promote what they think is best. Microsoft does the same. In the end, it's healthy, it keeps MS in check and MS gives a few knocks to the FOSS folks that keep em coming up with new ways to push their stuff. Competition is good. All out assault on Microsoft is fair game. ( aside from pure slandering)

Re:So the WaPo reports a story a month obsolete? (2, Insightful)

Anonymous Struct (660658) | more than 5 years ago | (#28224939)

Not that I speak for the FOSS community or even care at all about this issue, but I just can't ever bring myself to have any sympathy for Microsoft. They worked so hard for so many years to build this reputation for themselves, and they deserve all of the spoils. My only regret is that the cost of their public image couldn't ever hope to outweigh the massive profits they've made through years of bad behavior. It's like seeing a bully get his ass kicked for no reason at all. Maybe he didn't do anything to deserve it (this time), but I'm not a good enough person to want to try and help him. I admit, that's probably some kind of personal failing, but I just don't care.

Re:So the WaPo reports a story a month obsolete? (3, Insightful)

mR.bRiGhTsId3 (1196765) | more than 5 years ago | (#28224281)

I know that its bad that Microsoft silently installs things that are difficult to remove, but I can't help but wonder, if the .NET plugin was actually hard to install, would we be seeing complaints about how Microsoft is leaving Firefox users out in the cold by not supporting the full .NET experience in Firefox.

Re:So the WaPo reports a story a month obsolete? (1, Interesting)

Shakrai (717556) | more than 5 years ago | (#28224457)

I know that its bad that Microsoft silently installs things that are difficult to remove

I'm upset about the silent install but could someone please clarify the "difficult to remove" bit? I "removed" it by going into "add-ons" and clicking "disable". Problem solved as far as I'm concerned.....

Re:So the WaPo reports a story a month obsolete? (3, Informative)

Fujisawa Sensei (207127) | more than 5 years ago | (#28224553)

I know that its bad that Microsoft silently installs things that are difficult to remove

I'm upset about the silent install but could someone please clarify the "difficult to remove" bit? I "removed" it by going into "add-ons" and clicking "disable". Problem solved as far as I'm concerned.....

Simple: disable != remove

Re:So the WaPo reports a story a month obsolete? (3, Informative)

Anonymous Coward | more than 5 years ago | (#28224655)

It still left .NET to your user agent string. To get rid of false user agent string, you have to enable the extension, install MS removal tool and uninstall the extension with it. Just disabling it or using removal tool to disabled extension will not stop your browser advertising .NET extension.

Re:So the WaPo reports a story a month obsolete? (4, Insightful)

Blakey Rat (99501) | more than 5 years ago | (#28224365)

You could save the teeth gnashing and anal rape metaphors for when you actually have an issue, instead of wasting it on complete non-issues. It might lower your blood pressure in the long run. But that's just my opinion.

Re:So the WaPo reports a story a month obsolete? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28223805)

Look out! The gays have Personal Identification Numbers and they know how to use Automated Teller Machines!

Re:So the WaPo reports a story a month obsolete? (5, Insightful)

gmack (197796) | more than 5 years ago | (#28223823)

It is not actually fixed. Even had it been removable in the first place it still would have been bad because they should not have installed it without permission.

Re:So the WaPo reports a story a month obsolete? (3, Insightful)

The Moof (859402) | more than 5 years ago | (#28224117)

Yea, but we've seen this MS story about this a few times. Where's the huge repeated outrage about the Sun extension [slashdot.org] that essentially pulled the same BS? There's even a portion of comments in that article defending Sun's decision to do it. Repeatedly visiting this one comes off as the usual MS bashing, like the GP pointed out.

Re:So the WaPo reports a story a month obsolete? (1)

DoofusOfDeath (636671) | more than 5 years ago | (#28224359)

Yea, but we've seen this MS story about this a few times. Where's the huge repeated outrage about the Sun extension [slashdot.org] that essentially pulled the same BS?

Because even virus writers aren't interested in targetting Java?

(ducks)

Re:So the WaPo reports a story a month obsolete? (5, Informative)

melstav (174456) | more than 5 years ago | (#28224709)

Since you dragged the other discussion into this, allow me to point out a comment in that very discussion [slashdot.org] which points out why it's nowhere near the same thing. (Like the fact that Sun announced months in advance that they were going to do it, and the fact that you can, in fact remove it.)

That comment is +5 insightful. You don't even have to drill down to find it. Just scroll a bit. Given that (some of) the comments are regularly more fair and balanced than the article summaries, you ought to at least skim the discussion before you decide whether this guy is bringing something useful to the discussion or just throwing more FUD onto the pile.

Re:So the WaPo reports a story a month obsolete? (1)

PitaBred (632671) | more than 5 years ago | (#28225029)

There seem to be quite a few posts in that article about the Sun extension being bad, how it should have been opt-in rather than opt-out. And the author of the post is obviously not happy with what happened. There were a few people defending Sun in that article, just like you're defending Microsoft.

Really... just because you have a hard-on for MS doesn't mean everyone does. There are quite a few Slashdot users that don't think EITHER of these actions were right.

Re:So the WaPo reports a story a month obsolete? (4, Insightful)

Xest (935314) | more than 5 years ago | (#28224333)

Yeah, you know that button you click when you install updates that has two radio options, one where you accept the terms and one where you don't?

That's where you gave permission.

If you didn't install it explicitly, the alternative is that you gave permission when you accepted automatic updates.

If you don't want these things on your system, then don't give permission. Don't give permission and then claim you never actually gave permission when you blatantly did because otherwise it wouldn't have installed in the first place.

Re:So the WaPo reports a story a month obsolete? (1, Insightful)

Chlorine Trifluoride (1517149) | more than 5 years ago | (#28224687)

People not accepting automated updates is the reason we have botnets.

Re:So the WaPo reports a story a month obsolete? (2, Insightful)

squallbsr (826163) | more than 5 years ago | (#28224807)

This is simply a case of:

Damned if you do, Damned if you don't.

Re:So the WaPo reports a story a month obsolete? (1)

Chlorine Trifluoride (1517149) | more than 5 years ago | (#28224859)

Actually, its a case of MS having a broken system. If the automated updates system held unimportant non-security updates, like IE8 and the extension, and displayed a message asking permission for them, then the problem would be averted.

Re:So the WaPo reports a story a month obsolete? (1)

lukas84 (912874) | more than 5 years ago | (#28224981)

They do. IE8 doesn't get automatically installed, unless you're using WSUS.

Re:So the WaPo reports a story a month obsolete? (0, Flamebait)

Kuciwalker (891651) | more than 5 years ago | (#28224527)

You did give permission, dipshit. They offered you the release notes and asked if you wanted to continue the install.

Re:So the WaPo reports a story a month obsolete? (4, Insightful)

mdm-adph (1030332) | more than 5 years ago | (#28223851)

Say what you will about people bashing on Microsoft, but this was not an "honest mistake." It was by design, and all Firefox extensions installed this way behave the same way.

Re:So the WaPo reports a story a month obsolete? (1)

maxume (22995) | more than 5 years ago | (#28224157)

It was a misunderstanding of the attitude at large of Firefox users. That they changed it is a reasonable indicator that they have some respect for those users.

Re:So the WaPo reports a story a month obsolete? (0)

Anonymous Coward | more than 5 years ago | (#28224947)

It was a misunderstanding of the attitude at large of Firefox users

Sort of like sticking meat in people's veggie wraps would be a "misunderstanding" of the attitude at large of vegetarians.

capcha: rephrase

Re:So the WaPo reports a story a month obsolete? (1)

oodaloop (1229816) | more than 5 years ago | (#28223867)

Sadly, I think the majority of visitors to this site never dive into the comments section

I thought conventional wisdom was that slashdotters go directly to posting after failing to RTFA and sometimes TFS. Or even TFT(itle).

What were we talking about again?

Re:So the WaPo reports a story a month obsolete? (1, Offtopic)

Blakey Rat (99501) | more than 5 years ago | (#28224399)

There's three sets of users:
1) Those who read the summaries only
2) Those who read the summaries and comments
3) Those who read the articles, summaries, and comments (extremely rare!)

Re:So the WaPo reports a story a month obsolete? (3, Funny)

YouWantFriesWithThat (1123591) | more than 5 years ago | (#28224509)

there also is a small subset that makes lists that don't include a "???"

Re:So the WaPo reports a story a month obsolete? (0)

Anonymous Coward | more than 5 years ago | (#28224799)

I usually skip to the comments without reading the summary.

Re:So the WaPo reports a story a month obsolete? (1)

Rasperin (1034758) | more than 5 years ago | (#28224931)

I tend to read only the comments, they are:

Score 5: Insightful
Score 4: Funny
Score 2: Informative

Re:So the WaPo reports a story a month obsolete? (5, Insightful)

ibookdb (1199357) | more than 5 years ago | (#28223945)

Has firefox fixed the bug where nobody can install extensions that are enabled by default without user intervention?

Re:So the WaPo reports a story a month obsolete? (0)

Anonymous Coward | more than 5 years ago | (#28224971)

A better question would be whether they've fixed the bug that the NoScript author discovered where he installed new filterlists to AdblockPlus because that one goes hand in hand with what you are asking, only is far scarier.

Re:So the WaPo reports a story a month obsolete? (1)

CarpetShark (865376) | more than 5 years ago | (#28224181)

And of course, since it's found something positive about Microsoft, the universe will cancel itself out.

There, fixed that for you.

Re:So the WaPo reports a story a month obsolete? (5, Insightful)

docbrody (1159409) | more than 5 years ago | (#28224283)

Oh, and it was an honest mistake in the first place, not some horrible malicious act.

Not really buying it. It may not have been some horrible malicious act... but it sure was not some 'innocent mistake.'

Sure, innocent mistakes happen at big companies (like the whole thing with Amazon de-ranking Gay and Lesbian books). But for a company that is a constant target of anti-trust suits, who is notorious for this kind of thing, you think by now that they would be more careful. Its hard to believe that someone internal at Micrsoft didn't realize what was this was doing and just say 'fuck it' - even if it was a low level developer, somebody had to know - at the very least the guy(s) who wrote the code. I mean come on, this took some work to do. Its not like the amazon issue where practically one click of a check box reclassified a whole genre of books... some one had to put finger to keyboard and code this out.

So I think its really really hard to call this an innocent mistake. Maybe not a 'horrible malicious act' but once again they are injecting their shit into other peoples shit.

Re:So the WaPo reports a story a month obsolete? (2, Informative)

Blakey Rat (99501) | more than 5 years ago | (#28224439)

But for a company that is a constant target of anti-trust suits, who is notorious for this kind of thing, you think by now that they would be more careful. Its hard to believe that someone internal at Micrsoft didn't realize what was this was doing and just say 'fuck it' - even if it was a low level developer, somebody had to know - at the very least the guy(s) who wrote the code.

Had to know what? That there's an magical unspoken rule not to install extensions that way?

Look, Firefox offers the ability to install add-ons for all users. That's a feature provided by the design of Firefox. The only "horrible" thing Microsoft did was make use of that particular Firefox feature. Now it turns out that a lot of Firefox users don't like that feature, and don't agree with how it works. Microsoft says "oops" and changes the way they install the add-on so it doesn't use that feature.

Where is there any maliciousness here? At all? No.

Re:So the WaPo reports a story a month obsolete? (2, Insightful)

TurboNed (1370389) | more than 5 years ago | (#28224961)

<sarcasm>Obviously the maliciousness must exist somewhere. Let's blame Mozilla for having an idiotic feature that Microsoft could take advantage of in this way.</sarcasm>

Seriously, I don't ascribe this to maliciousness on anyone's part. Microsoft failed to test this in all circumstances in a way that's not uncommon for them (limited user account usability fail), but if that's "malicious" then so was the entire release and lifetime of their exceedingly popular OS. You know, Windows XP. The one that everybody loves so much because it doesn't suck?

Yeah, it's a huge pile of limited user account usability testing fail. *shrug* If somebody's going to claim the Firefox extension thing is malicious, they'd better not be claiming that Microsoft is being malicious/anti-competitive/monopolistic/whatever by giving XP the End of Life notice. Both products suffer from the same problem, and MS is trying to move past them both.

Re:So the WaPo reports a story a month obsolete? (4, Interesting)

billcopc (196330) | more than 5 years ago | (#28224591)

It's bad because the entire philosophy behind Firefox addons is freedom of choice. How hard would it have been for Microsoft to prompt the user whether they want this thing or not ?

In simpler words: My computer, my decision.

Re:So the WaPo reports a story a month obsolete? (3, Interesting)

shutdown -p now (807394) | more than 5 years ago | (#28224951)

On a side note, why does Sun's JDK installer bugs me to also install OpenOffice (checked by default), and every single Google desktop application has a "set Google to default search engine", and often also "install Google toolbar for IE", also checked by default?

It's just the established software culture these days. From that perspective, installing a browser plugin which you won't ever see (until you navigate to a website that uses it) is relatively benign - compared to installing a 200Mb Office suite.

Re:So the WaPo reports a story a month obsolete? (4, Insightful)

Strilanc (1077197) | more than 5 years ago | (#28224601)

Everyone seems to be ignoring the fact that uninstallable extensions shouldn't even be allowed by firefox. I remember installing SiteAdvisor, then it was bought by McAfee and they set the "screw you no uninstalls" bit. Not appropriate at all.

If it can't be uninstalled, then it shouldn't be an extension.

Re:So the WaPo reports a story a month obsolete? (1)

TurboNed (1370389) | more than 5 years ago | (#28225009)

It can be uninstalled. For all users. As Administrator.

Re:So the WaPo reports a story a month obsolete? (2, Insightful)

whoever57 (658626) | more than 5 years ago | (#28224641)

And of course, since it's negative towards Microsoft, Slashdot dupes it a few dozen times.

/. dupes stories all the time, why would you assume that this was a malicious act against MS?

Oh, and it was an honest mistake in the first place, not some horrible malicious act.

Microsoft makes deliberate anti-open source moves all the time and is a convicted monopolist, why would you assume that is was a mistake? Or are you a MS employee with inside information?

Re:So the WaPo reports a story a month obsolete? (0)

Anonymous Coward | more than 5 years ago | (#28224715)

Why doesn't the EU share your sentiment about microsoft's honesty?

Re:So the WaPo reports a story a month obsolete? (1)

MobileTatsu-NJG (946591) | more than 5 years ago | (#28225055)

Of course, if you read the Slashdot comments, you knew that Microsoft had already fixed it, since the comments are always about 10 times more on-the-ball than the actual posts.

Unfortunately you have to dig all the way back to 2005 to understand the +5 flying chair jokes.

We need an new abbreviation (3, Funny)

selven (1556643) | more than 5 years ago | (#28223795)

LATFDBS - Look At The Date Before Submitting

Re:We need an new abbreviation (1)

Chlorine Trifluoride (1517149) | more than 5 years ago | (#28224737)

What about DLkP - Don't Let kdawson Post.

Yeah, a fix (5, Insightful)

mysidia (191772) | more than 5 years ago | (#28223839)

Now there is an 'uninstall' button, but if you press it, the app is only uninstalled for the user who clicked the button, not other users on the computer; there's still no ready means of permanently opting out system wide.

And they also indicate with every update of the .NET framework it may get re-installed for all users when Windows Presentation components are updated...

Their fix is even more sly possibly. Now you have the false illusion of being able to remove it....

And this still doesn't 'fix' the whole issue of installing components / editing the contents of a third party app a user installed without that user's permission.

Re:Yeah, a fix (2, Informative)

colfer (619105) | more than 5 years ago | (#28223929)

And you must enable it in order to uninstall it.

To properly update the .NET Framework Assistant, this update must be applied while the extension is enabled in Firefox. To remedy the result of installing this update while the extension was disabled, uninstall the update, re-enable the extension, and reinstall the update.

Re:Yeah, a fix (1)

Blakey Rat (99501) | more than 5 years ago | (#28224581)

Now there is an 'uninstall' button, but if you press it, the app is only uninstalled for the user who clicked the button, not other users on the computer; there's still no ready means of permanently opting out system wide.

Maybe what Microsoft should do is install the add-on into the "All Users" folder, so that if one user removes it then it's removed for all users on the computer!

Oh wait, that's exactly what they did that people are throwing a hissy-fit over.

Seriously, knowing how Windows permissions work, what is your "solution" for this problem? Either Microsoft puts it in the All Users folder, and people throw a hissy-fit, or they do what they're doing now and install it individually for all users, which means you can't disable it for all users at once. That is the way Windows works. (And Linux, and OS X, and all multi-user OSes.)

So, pray-tell, what the hell should they be doing?

Re:Yeah, a fix (2, Insightful)

rootofevil (188401) | more than 5 years ago | (#28224689)

first, since that update wnt out over windows update, this one should too.

or perhaps just not install it in the first place, thats also a perfectly good option. submit it to mozilla to present in the addons section. you know, like nearly ever addon out there.

but hey, if you want to excuse their behavior, go right ahead.

Re:Yeah, a fix (1)

poetmatt (793785) | more than 5 years ago | (#28225021)

No, people got pissed because it was installed in the first place without any notification. In my case it was installed without any security updates. I didn't ask for a plugin to install a vulnerability without any confirmation.

If they did all users for the plugin installation has absolutely 0 to do with that.

Re:Yeah, a fix (1)

TurboNed (1370389) | more than 5 years ago | (#28225035)

Well, an opt-in install for the addon would be nice. Other than that, I totally agree with you.

Better idea yet (4, Insightful)

Todd Knarr (15451) | more than 5 years ago | (#28223869)

Instead of installing it and letting you uninstall it if you don't want it, how about they don't install it and make it an optional thing you can choose to install?

Re:Better idea yet (0)

Anonymous Coward | more than 5 years ago | (#28224033)

No - that would be too perfect of a world. We can't have that...now can we?

Re:Better idea yet (1)

Ephemeriis (315124) | more than 5 years ago | (#28224311)

Instead of installing it and letting you uninstall it if you don't want it, how about they don't install it and make it an optional thing you can choose to install?

That'd be the best solution... When IE8 gets downloaded and queued for installation you're asked if you really want to install it. You can choose not to. And then the updates continue on their merry way.

Why not have the update ask for user input before installing this component?

Is it wrong... (1, Funny)

Anonymous Coward | more than 5 years ago | (#28223933)

that the only reason I have Slashdot on my RSS is for the witty comments only? I used to actually read the article but now, I don't even bother looking at the headline.

If it's wrong, I don't want to be right!

Question? Who fucking cares? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28223947)

Seriously. Who gives a shit?

So Firefox gets one more useless extension? So what?

It's not like Firefox is stable and doesn't suck down resources like a money honey.

Jesus.

Get a fucking life.

Re:Question? Who fucking cares? (2, Insightful)

Anonymous Coward | more than 5 years ago | (#28224273)

"You use a browser I don't like, therefore it's okay if someone messes with it without your permission!"

And yes, that IS exactly what you're saying, and yes, saying it DOES prove you beyond all possible doubt to be the craven idiot you so rightly fear yourself to be.

And no, you weren't just trolling to get a rise out of those oh-so-predictable Slashbots. And finally, yes, that IS what you were about to say in your pathetically futile defense.

Re:Question? Who fucking cares? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28224843)

Uh, no, numb-nuts.

I use Firefox. That's how I know what a crap browser it is.

The flaming retards at Slashdot are so shitty at coding that you can barely even read this website in IE. Not that I would anyways.

Maybe if your view wasn't obstructed by a mountain of cum-stained wads of toilet paper you be able to see that your phony outrage reeks of shit - just like you.

Seriously, nobody gives a shit about this because it doesn't fucking matter.

Install certainly isn't for the "common" user (4, Insightful)

JimMcc (31079) | more than 5 years ago | (#28224045)

Sure, they've come out with an uninstall process. But who here thinks that Ma and Pa PC User have a chance in hell of correctly performing the necessary steps? For that matter, who thinks that the common user of a PC will even be aware of the issue in the first place?

Yes FF allows add-ons. Yes, MS has every right to create an add-on for FF. What really worries me is when a company creates an add-on for the product of their primary competitor which threatens the stability and security of their competitor's product. At a minimum this is dirty pool. To me it just looks like MS continuing to wallow in the sewage of unfair competition.

Re:Install certainly isn't for the "common" user (1, Insightful)

Anonymous Coward | more than 5 years ago | (#28224323)

Maand Pa PC User doesn't give a shit about extra functionality added to their browser for several reasons.

First off the plugin doesn't add anything malicious, it isn't a security hole, and it doesn't do anything without the user's consent (You need to 'Click' for 'ClickOnce' to work, strangely enough)

Second off, they don't think it's an outrage that some company tries to increase interoperability with their favorite browser (FF) and they actually want it to happen, because they get pissed every time some thing doesn't work in FF as they think it should (such as click once)

Third off, it doesn't fucking matter because 20 other companies do it already (Adobe's Flash, Sun's Java VM, etc.) and only a fucking retard would care only because it's MS. These people need to get a grip.

Re:Install certainly isn't for the "common" user (1)

BobMcD (601576) | more than 5 years ago | (#28224421)

Oh, AC, how I love your objectivity... You're always such a breath of fresh air...

Re:Install certainly isn't for the "common" user (1, Insightful)

Anonymous Coward | more than 5 years ago | (#28224731)

The difference in Java/Flash and this is two fold:

1. You explicitly install these FOR the functionality provided to the browser.
2. You can choose not to install the browser addons
    2a. With the last version of Java I installed you could
    2b. Flash requires you pick what browser you want it installed for the last time I checked also.

Installing something by default (as an update no less) without notifying me and providing the solution of "oh you can just uninstall it by deleting this reg key, this folder, and change this in about:config" pisses me off, not that I'm not capable, but WHY should I have to when I didn't ASK for the addon to begin with? This is what pisses me off about it....

Re:Install certainly isn't for the "common" user (2, Insightful)

initdeep (1073290) | more than 5 years ago | (#28224367)

Who the Hell thinks ma and pa PC user are using Firefox?
The majority aren't.
You may have turned your parents onto it, and I've tried with mine, but the reality is it's still an IE world, webpages are still designed to work in IE, and .Net is a widely used set of tools that more and more webpages are taking advantage of.
having this installed into firefox for all users when the person ELECTS to download the .NEt framework because they've been told they need it for a certain webpage or program to work correctly is just common sense.

versus the more slashtard oriented view of making "Ma and Pa PC User" go download the required .Net framework for their needs, and then go download a firefox extension to make it work properly in the alternative browser that their geek son/daughter/relative told them was so much better.

yeah.
So much better, and more annoying, and less useful.

But instead we get something like this that actually makes FF useful for the same places the user already downloaded the .Net framework for......

And since the extension was to allow click-once support for .net enabled websites, i'm gonna go out on a limb here and say that those "Ma and Pa PC Users" will LIKE having it installed so their webpages work correctly and function the way they expect.
Just like they do in IE.

So in reality, despite what slashtards want to think, most people simply won't care, don't want to uninstall it, and in the real world, are probably glad it's there when they need it without having to go search for it and then download and install it.

let the modding down for the truth begin.

Re:Install certainly isn't for the "common" user (1)

shutdown -p now (807394) | more than 5 years ago | (#28225001)

But who here thinks that Ma and Pa PC User have a chance in hell of correctly performing the necessary steps?

Why would they need to? The extension doesn't do anything to impact their performance, privacy, and so on.

... add-on for the product of their primary competitor which threatens the stability and security of their competitor's product.

It does all that? Wow. And I just thought that it lets you do the same things you can do with Java applets, more or less (by the way, did you ever see Sun's JRE prompt you when installing the plugin for running them?).

Who bicapitalizes Firefox? (0, Redundant)

Nimey (114278) | more than 5 years ago | (#28224059)

Seriously? And why?

Firefox (1, Troll)

r45d15 (1543669) | more than 5 years ago | (#28224075)

It's Firefox not FireFox, by now it should be clear to everyone including whoever wrote the title.

FlameBait (0)

Anonymous Coward | more than 5 years ago | (#28224495)

firefox, firefox, firefox, ...

Now how about Java Quick Starter? (5, Insightful)

Anonymous Coward | more than 5 years ago | (#28224125)

Okay, now tell me how to get rid of the similarly-uninstallable "Java Quick Starter" that nobody seems to be mad about because it's not Microsoft?

Re:Now how about Java Quick Starter? (3, Insightful)

xenolion (1371363) | more than 5 years ago | (#28224321)

Um you answered your own question there; Its not Microsoft.

Re:Now how about Java Quick Starter? (0)

Anonymous Coward | more than 5 years ago | (#28224837)

He was asking how to get rid of it...

Re:Now how about Java Quick Starter? (1)

shutdown -p now (807394) | more than 5 years ago | (#28225037)

He was asking how to get rid of it...

Of what, of Sun? He's a bit late to the party.

Or of Microsoft? That... well... is an outstanding issue. I hear they're actively working on it [slashdot.org] , but it's been 5 years already, and it's not even 50% done.

~

Re:Now how about Java Quick Starter? (1)

YesIAmAScript (886271) | more than 5 years ago | (#28224835)

My understanding is you turn that off in the Java control panel.

And that thing drives me crazy too. It has some kind of bug such that it install two copies of itself in my Firefox. Both without explicit permission.

main problem is with firefox.... (1, Informative)

Anonymous Coward | more than 5 years ago | (#28224199)

it should NOT allow unsigned / unblessed extensions to be installed in the first place. signed extensions like the windows driver signing is the appropriate fix here.

Microsoft.. (5, Insightful)

Anonymous Coward | more than 5 years ago | (#28224265)

Knowing them, it will leave about 50% of the junk that the addon installed. And 100% of the registry keys they used for it.

The HORROR! (1, Insightful)

malevolentjelly (1057140) | more than 5 years ago | (#28224291)

Wait, what's the big problem? It sounds to me like they decided to give Firefox support for what is basically .NET's equivalent of Java WebStart. It means you're using a Windows platform... which you are if you're bitching about this. They didn't alter the code for firefox, or anything-- they installed an extension.

It sounds to me like years of opensource Stockholm Syndrome has made freetards deathly frightened of platform integration and compatibility. Do you freak out when Java WebStart support is installed, also?

From the team perspective, they probably viewed it as a positive gesture--while they were updating the clickonce support on IE, they figured they would provide it on Firefox as well to give users a wider range of choice as to what their browser is.

From an enterprise perspective, you probably want to use things like ClickOnce on your company Intranet; that way web applications don't have to be cludged together in either archaic standard javascript or wacky inconsistent non-standard "modern" javascript... you can make consistent interfaces for things like electronic timesheets and such. Chances are, they don't want you removing it unless you know what you're doing. Of course, there's also some tin-foil hat linux moron who is going to remove the extension with their user-level permissions because it says "Microsoft" on it, then complain about the lack of .NET web application to support. Or worse... "WHY ISN'T THIS WRITTEN IN HTML 5? IT'S A WORKING DRAFT SORT OF. HOW ABOUT WxPython?!" One might even surmise that it being user-level monkey-able might make it more open to exploitation than it would be in IE.. (GreaseMonkey, anyone?)

The fact of the matter is, it's platform integration. Nothing more. For most users, ClickOnce is simply convenient. It just bridges them to support for secure sandboxed .NET applications that might be convenient if provided. For wingbats on slashdot, it's A GROSS INVASION OF THEIR OMG PRIVACY THAT THEY DEMAND FOR THEIR PIRATED COPY OF WINDOWS XP.

Since most of you are using a supported platform, your web browser is rather connected to the security and integration of the platform. Thus, it is Microsoft's territory, in the same way Firefox gets updated and extended if you are using Ubuntu or OpenSuSE. Of course, Firefox's biggest security hole is probably Firefox itself, but that's unimportant.

The point being is its a goddamn platform integration plugin and you people are probably afraid of your own shadows. The idea that any of you can use hideously insecure linux or mac systems, then turn around and freak out at a sandboxed .NET application starter is just awkward.

Re:The HORROR! (4, Insightful)

Todd Knarr (15451) | more than 5 years ago | (#28224387)

The objection isn't to them providing support in Firefox. It's in their forcing the add-on into Firefox without asking the user whether they want it or not, when established convention is that the user elects to install add-ons and that if the user hasn't elected to install something it doesn't get installed. This is made especially annoying by the fact that many Firefox users use it precisely because it doesn't support things like .Net.

Re:The HORROR! (1)

malevolentjelly (1057140) | more than 5 years ago | (#28224599)

This is made especially annoying by the fact that many Firefox users use it precisely because it doesn't support things like .Net.

Basically, this is the anti-compatibility mindset. I would wager more users would like this functionality without knowing what it is than would specifically like to see their browser non-integrated with their platform for what I will assume is spiritual reasons.

How else do you offer subtle and clever backend technology to non-technical users? Microsoft is accepting Firefox into the Windows software ecosystem. If you're afraid of this, it's time to hop on over to Chrome, so you can go through the joys of being non-native all over again.

You installed the .NET service pack, right? We all know these updates are not "automatic".. you just update without reading what it does. On my system it calls these things "Recommended" or "Optional".

Re:The HORROR! (1)

TypoNAM (695420) | more than 5 years ago | (#28224831)

Last time I checked Microsoft never documents what updates actually do. They just give very vague one-liners and expect you, the user, to know exactly what the hell they're talking about. Also people install .NET service packs to fix .NET application issues, not to all of a sudden have .NET support in Firefox.

Re:The HORROR! (2, Interesting)

DigitalSorceress (156609) | more than 5 years ago | (#28224923)

I very deliberately set up my FireFox to NOT use Flash, Shockwave, Acrobat, etc... and not have any content type plugins. I browse the web with that and with NoScript installed, and ONLY allow trusted sites to run JavaScript on my browser. IF I run into a site that needs more (YouTube for videos, other sites where I HAVE TO have Flash and really need to use the site, etc...), THEN I fire up IE Tab or a copy of IE for it. The idea being that I will control who executes what on my browser as much as it is possible.

This helps keep me virus and malware free. The idea that MS just silently installs something is truly annoying. I DON'T WANT compatibility - I want some measure of security and control. If I want compatibility, I have other options.

The .NET service pack is part of the .NET framework, and there are LOTS of reasons to install it other than for browser-ish things. Try installing AdAware without it nowadays...

I'm personally very disgusted with the whole thing and the fact that they fixed it does NOT excuse the initial behavior.

Re:The HORROR! (0, Flamebait)

malevolentjelly (1057140) | more than 5 years ago | (#28225047)

I very deliberately set up my FireFox to NOT use Flash, Shockwave, Acrobat, etc... and not have any content type plugins. I browse the web with that and with NoScript installed, and ONLY allow trusted sites to run JavaScript on my browser. IF I run into a site that needs more (YouTube for videos, other sites where I HAVE TO have Flash and really need to use the site, etc...), THEN I fire up IE Tab or a copy of IE for it. The idea being that I will control who executes what on my browser as much as it is possible.

Ah, so you basically represent a level of paranoia that encroaches on functionality and usability. Since you represent about a hundredth of a percent of users, I recommend you manually scrape the extension out of the system and keep the tin-foil hat tightly so that the government doesn't read your thoughts while you're doing it... and watch out for chemtrails, too.

Re:The HORROR! (0)

Anonymous Coward | more than 5 years ago | (#28224645)

Maybe firefox shouldn't allow plugins to be installed without user intervention... Didn't they learn anything from activex? I'm surprised more spyware isn't trying to add its own plugins into firefox.

Re:The HORROR! (0)

Anonymous Coward | more than 5 years ago | (#28224749)

You downloaded and installed the framework. My expectation would be anything that uses the framework would work without having to do anything else. Seems nice to me.

Re:The HORROR! (1)

BobMcD (601576) | more than 5 years ago | (#28224523)

I disagree.

To me, the difference is:

A) This plugin is being installed without consent. I'm not talking about the EULA version of the word, but the common definition.

B) At least some people use Firefox on Windows expressly so that it won't be compatible with the OS underneath. I recommend it to Windows people all the time for exactly this reason. Firefox is 'just a browser' and it 'just works' without requiring all this deep integration that isn't really necessary to do 99.5% of all the things one would use a browser to do.

By combining A and B you're removing one of the key things that makes Firefox a better choice, without informing the user that you have done so.

That's not quite the same as a Java Quickstart.

Also, it isn't as if Sun has a vested interest in making Firefox behave more like IE, so that comparison is really pretty weak to begin with...

Re:The HORROR! (1)

malevolentjelly (1057140) | more than 5 years ago | (#28224771)

B) At least some people use Firefox on Windows expressly so that it won't be compatible with the OS underneath. I recommend it to Windows people all the time for exactly this reason. Firefox is 'just a browser' and it 'just works' without requiring all this deep integration that isn't really necessary to do 99.5% of all the things one would use a browser to do.

Firefox is drastically more secure on Windows than Linux or Mac because it plays well with the Window security model. Just because the application looks and acts non-native doesn't mean it's not decently native.

This argument is simply retarded. The MOST non-native browser I can think of, Safari, is also the most insecure browser you can run on the Windows platform. A lack of integration is not what secures browsers.

Another example: Chrome is (probably more) secure on Windows specifically because it is catered to the NT 5+ kernel's security model.

Non-integration != Security

Furthermore, the EULA definition and the *intent* are irrelevant. You have to separate Microsoft the supported platform ecosystem and Microsoft the imaginary monster dreamed up by Stallman. The company operates like a hundred tiny companies, I guarantee you the .NET team was doing this to improve usability for people using the growing Firefox browser. The IE team more likely than not had no hand in this.

Re:The HORROR! (1)

BobMcD (601576) | more than 5 years ago | (#28224885)

Non-integration != Security

That's an oversimplification of the issue, and isn't exactly intellectually honest.

In the security world, browser breaches happen because the attackers successfully make assumptions about the target machine.

Re:The HORROR! (1)

malevolentjelly (1057140) | more than 5 years ago | (#28224975)

In the security world, browser breaches happen because the attackers successfully make assumptions about the target machine.

Browser security has more to do with proper sandboxing than obscurity. It's all about memory management and privilege level. The Windows platform has better anti-exploit code in that respect than any other platform, anyway.

ClickOnce applications are probably more securely sandboxed than firefox in general.

Re:The HORROR! (0, Flamebait)

ratboy666 (104074) | more than 5 years ago | (#28224825)

So, I'm a "wingbat freetard". In two words "fuck you".

This, of course, doesn't affect me. I wouldn't be arsed to comment about it, except for YOUR particular comment. Just to let you know -- we "wingbat freetards" also go crazy if a Firefox extension modifies ANOTHER extension with permission (Noscript vs Adblock). (Grrr... Don't presume that you know what's better for me. If you make that assumption, prepare to be flamed.)

On the other hand -- this is the most brilliant troll I have seen in months! Congratulations, I responded!

I wouldn't have bothered replying, except that Slashdot doesn't have a Troll+1 moderation (Troll-1 isn't applicable here; this one is pure genius).

Going to be around for a long time (0)

pembo13 (770295) | more than 5 years ago | (#28224473)

This is going to be around on machine for quite some time still.

Not good enough! (0)

Anonymous Coward | more than 5 years ago | (#28224615)

If Microsoft wanted to play nice, it would've offered it as a "really cool thing to install in Firefox", not something that the user has no choice but to install unless they want to leave their system vulnerable.

Wiping Microsoft wipes the extension (3, Interesting)

Anonymous Coward | more than 5 years ago | (#28224639)

This Anonymous Coward will be removing this extension by wiping Microsoft of his machine and installing Linux. After 25 years of developing commercial applications for Microsoft platforms, I'm done.

This is an outrage! (0)

Anonymous Coward | more than 5 years ago | (#28224681)

I personally am astounded to think that Microsoft would have the nerve to release an application that uninstalls MY firefox addons!

And the rest of the story... (5, Informative)

Anonymous Coward | more than 5 years ago | (#28224693)

Scott Hanselman put up a nice post today outlining the whole story. He points out why it turned out this way, how to uninstall it and even put up the source code so you can see their evil ways for those who were too lazy to unzip the xpi.

http://www.hanselman.com/blog/HowToRemoveTheNETClickOnceFirefoxExtension.aspx

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?