MS Issued a Fix For Its Unwanted FireFox Extension 266
As we discussed last February, and again a few days ago after the Washington Post noticed, Microsoft installed without permission a hard-to-remove Firefox extension along with a service pack for .NET Framework 3.5. Reader Pigskin-Referee lets us know that, as it turns out, Microsoft issued a fix a month ago; details here.
Re:Yeah, a fix (Score:3, Informative)
main problem is with firefox.... (Score:1, Informative)
it should NOT allow unsigned / unblessed extensions to be installed in the first place. signed extensions like the windows driver signing is the appropriate fix here.
Re:So the WaPo reports a story a month obsolete? (Score:3, Informative)
But for a company that is a constant target of anti-trust suits, who is notorious for this kind of thing, you think by now that they would be more careful. Its hard to believe that someone internal at Micrsoft didn't realize what was this was doing and just say 'fuck it' - even if it was a low level developer, somebody had to know - at the very least the guy(s) who wrote the code.
Had to know what? That there's an magical unspoken rule not to install extensions that way?
Look, Firefox offers the ability to install add-ons for all users. That's a feature provided by the design of Firefox. The only "horrible" thing Microsoft did was make use of that particular Firefox feature. Now it turns out that a lot of Firefox users don't like that feature, and don't agree with how it works. Microsoft says "oops" and changes the way they install the add-on so it doesn't use that feature.
Where is there any maliciousness here? At all? No.
Re:So the WaPo reports a story a month obsolete? (Score:4, Informative)
I know that its bad that Microsoft silently installs things that are difficult to remove
I'm upset about the silent install but could someone please clarify the "difficult to remove" bit? I "removed" it by going into "add-ons" and clicking "disable". Problem solved as far as I'm concerned.....
Simple: disable != remove
Re:So the WaPo reports a story a month obsolete? (Score:3, Informative)
It still left .NET to your user agent string. To get rid of false user agent string, you have to enable the extension, install MS removal tool and uninstall the extension with it. Just disabling it or using removal tool to disabled extension will not stop your browser advertising .NET extension.
And the rest of the story... (Score:5, Informative)
Scott Hanselman put up a nice post today outlining the whole story. He points out why it turned out this way, how to uninstall it and even put up the source code so you can see their evil ways for those who were too lazy to unzip the xpi.
http://www.hanselman.com/blog/HowToRemoveTheNETClickOnceFirefoxExtension.aspx
Re:So the WaPo reports a story a month obsolete? (Score:5, Informative)
Since you dragged the other discussion into this, allow me to point out a comment in that very discussion [slashdot.org] which points out why it's nowhere near the same thing. (Like the fact that Sun announced months in advance that they were going to do it, and the fact that you can, in fact remove it.)
That comment is +5 insightful. You don't even have to drill down to find it. Just scroll a bit. Given that (some of) the comments are regularly more fair and balanced than the article summaries, you ought to at least skim the discussion before you decide whether this guy is bringing something useful to the discussion or just throwing more FUD onto the pile.
Re:Spaz down, Sparky (Score:1, Informative)
The tags on MSDN are user-contributed.
Re:So the WaPo reports a story a month obsolete? (Score:1, Informative)
kdwason is awful
Nitpick (Score:2, Informative)
Re:So the WaPo reports a story a month obsolete? (Score:3, Informative)
Even when disabled it still adds itself to your browser's user-agent string.
Re:So the WaPo reports a story a month obsolete? (Score:3, Informative)
WGA checks that your version of Windows is legitimate, this is a different issue.
If you are not willing to activate your version of Windows to confirm that it is genuine then yes, it will keep asking.
This is more of an issue with Windows in general than it is anything to do with Windows updates and I agree, I'm not a fan of it. Legitimate users should not have to deal with software phoning home to Microsoft.