Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.off-topic : Warning: Microsoft silently installing firefox extension : Re: Warning: Microsoft silently installing firefox extension Server Time
6 Sep 2024 13:19:54 EDT (-0400)
  Re: Warning: Microsoft silently installing firefox extension  
From: Chris Cason
Date: 9 Mar 2009 21:38:29
Message: <49b5c495$1@news.povray.org>
 
Darren New wrote:
> In any case, did it bring up the "you installed new plug-ins" window when 
> you started firefox the next time?  If not, this sounds like a bug in 
> firefox as well.

No. But rather than a bug in FF, more likely Microsoft used a means that avoids
this (which might be designed into FF, for all I know).

> I'm also trying to figure out why this is a problem at all. You install 
> software,

*Microsoft* installs software. *I* did not install it. Whether it came via
windows update or bundled with another program I can't be sure. I can be sure I
was never asked about it. This is the majority of opinion in articles around the
www. I can think of several ways a KB can be installed without the end-user
being asked, including (I suspect) the "quiet" switch which is provided for
times such as a network roll-out or when it's invoked from another software
package that bundles it.

I can't say whether or not the end-user is asked about it when it's installed
via automatic updates (where they are set to "automatically download and
install" but I would be surprised if they were asked - the purpose of auto
download and install of windows update items is to do exactly that.

> plug-in. When I install software, part of it can be start menu shortcuts, 
> system libraries, new menus in my word processor, etc. I just don't see what 

As a general rule, Microsoft has avoided directly installing stuff into programs
they don't own in the past. And in any event, if I install software from
manufacturer "X", I don't expect them to fiddle with the software from
manufacturer "Y" unless they ask me first. I'd be annoyed at any company - not
just Microsoft - if they did this, and have been so in the past. But this goes
beyond just ordinary annoyance because of *what* they installed.

> the problem is, really. It's not stealth, 

If I'm not told it's being done, it's stealth, at least insofar as modifying
another company's product (*especially* when that product is considered by
Microsoft as a competitor to one of their own programs).

> I can understand it wasn't mentioned other than "click-once functionality 
> improved" in the KB article, but the outrage seems way out of proportion.

The outrage is because there are millions of firefox users who use it BECAUSE IT
IS SAFER THAN IE. IE has been repeatedly demonstrated to be a disaster waiting
for a place to happen. Microsoft has an atrocious record on security, and those
of us who were working in the industry when they first introduced activex (I
was) recall just what a bloody disaster that was.

Consider this from the point of view of someone who uses FF for this reason: why
wouldn't we be outraged when microsoft then rams a piece of potentially buggy
software into our browser, which we are using primarily to avoid using their
buggy browser code??? The majority of us (those who use FF for this reason)
*DO NOT WANT* any Microsoft internet-related code running in FF, it's that simple.

My home network needs to be secure as I work for (and in some cases network
admin for) several firms to whom I have VPN or SSH access. I don't even allow IE
to access the blasted internet! I have a proxy, firefox knows about it, but
Windows and IE do *not*. I occasionally open it up on a separate port to allow
windows update to run, but that's it. I never under any circumstances use IE on
the open internet because of the serious flaws that to this day still are being
discovered and which sometimes lead to drive-by-downloads, trojan and virus
infections, keyloggers, and what have you.

I do not want ANY Microsoft components running inside my browser since they have
proven time and time and time again over the past 14 years that they simply
cannot be trusted to produce secure, well-designed code.

THAT is why I and many are pissed off this appeared in FF without our
permission. Their security record speaks for itself. If you wish to defend
Microsoft irregardless of their record, please do so elsewhere: this is not the
forum for it.

Please: no more replies, no more posts from you on this topic. It gets nowhere
and distracts from the real purpose of the thread.

-- Chris


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.