05.31.09
Microsoft Accused of “Sabotaging Firefox”
Summary: Microsoft changes Mozilla’s software without permission from the users and the aim is self promotion
THE FIRST self-explanatory report is this one:
Microsoft Sabotaging Firefox With Sneaky .NET Updates?
Sabotage may be a strong choice of word, but it immediately came to mind with the news of Microsoft’s latest .NET update.
The Microsoft .NET Framework 3.5 Service Pack 1, unleashed in February, forces an undisclosed Firefox extension on Windows users, called “Microsoft .NET Framework Assistant 1.0″, and it does so without asking the users permission.
It is not an unusual development and this was also entered into Slashdot and into Stefano Forenza’s Web site.
The Washington Post used much gentler words (Melinda Gates is in charge, so it’s wise to be cautious) and so did this Web site.
A routine security update for a Microsoft Windows component installed on tens of millions of computers has quietly installed an extra add-on for an untold number of users surfing the Web with Mozilla’s Firefox Web browser.
Here at Techgeist, we do not like it when software does stuff to other software without asking. The problems are made that much worse when it’s the operating system doing the dirty work. So we are all pretty angry at Microsoft right now. As part of a service pack for the .Net Framework, which they rolled out as a critical update via Windows Update, Microsoft also installed the “.Net Framework Assistant” add-on onto users’ Firefox installations.
The story in short: Microsoft uses its Windows Update franchise (monopoly) for unwanted/uninvited intrusion that’s justified by a EULA people cannot refuse. Moreover, Microsoft shoves its software down people’s throats to advance its business by interfering with rival software. █
the11thplague said,
May 31, 2009 at 3:03 pm
Stefano Forenza’s Web site… nice site, I didn’t knew about it before!
Thanks for the tip.
pcolon said,
May 31, 2009 at 3:33 pm
Was the Mozilla team contacted beforehand in reference to the Firefox modification?
Updates, including security patches, do not occur without asking in the GNU/Linux distros I use. These forced modifications to the os and extended applications is reason enough for discontinuing the use of microsoft products and services altogether.
Roy Schestowitz said,
May 31, 2009 at 3:34 pm
I haven’t come across any official response from Mozilla.
aeshna23 said,
June 1, 2009 at 8:36 am
I attempted to remove this addon from my installation of Vista 7 following the directions given at http://www.annoyances.org/exec/show/article08-600.
I could not follow those directions. There appears to be no longer be any reference to this add-on in the firefox configuration options (steps 5-7). I hope I’m not being paranoid in wondering why Microsoft would make it so difficult to remove this add-on.
Bogdan Bivolaru said,
June 2, 2009 at 7:03 am
Well… where are the antitrust regulators?
European Commision? US?
Roy Schestowitz Reply:
June 2nd, 2009 at 7:38 am
Steve and Neelie might discuss this over dinner and candlelight.
suresh said,
June 2, 2009 at 8:55 am
Mozilla should take a leaf out of GNU Icecat’s book which is more concerned about privacy and spyware.
Joe said,
June 2, 2009 at 5:35 pm
You can follow http://support.microsoft.com/default.aspx/kb/963707
to remove it.
However, unlike Microsoft, AVG will ask you if you want to add their extension to FF. Kinda niffty how they did it in the first place.
Btw, I had some malware/payware that infected IE and FF but not Chrome. Perhaps you should keep that just in case and/or a copy of FF in portable app guise.
Roy Schestowitz Reply:
June 2nd, 2009 at 6:01 pm
I’d love to try Chrome at some stage.
Is there any response from Mozilla?
alex said,
June 3, 2009 at 7:59 am
I wish I had time to look at this in detail as it starts to slip toward copyright infringing to me.
Juan Pablo Angamarca said,
June 5, 2009 at 3:29 pm
So typical of Microsoft… that’s got so stop!
PaulGaskin said,
June 6, 2009 at 12:54 pm
This is really outrageous. They’ve changed the way millions of Firefox installations on Windows will function without asking permission, nor notifying users.
This .net extension will undoubtably cause pop-ups, crashes and become a security problem. This was a desperate and probably illegal act by Microsoft.
They should face the full force of the law for compromising people’s computers and illegally interfering with a business competitor.
Roy Schestowitz Reply:
June 6th, 2009 at 2:01 pm
I was not able to find any response from Mozilla. Is there such a thing? Is Mozilla too shy to complain? It’s already part of the Opera-led motion in Europe (with ECIS IIRC).
Roy Schestowitz Reply:
June 7th, 2009 at 3:18 am
I’ve finally found a response from Mozilla:
“dealing with the .NET ClickOnce add-on”
http://shaver.off.net/diary/2009/06/02/dealing-with-the-net-clickonce-add-on/
pcolon Reply:
June 7th, 2009 at 3:37 pm
Thanks for the update. IMO Mozilla has tested this fix as much as possible since there is a vested interest. But that doesn’t rule out the fact that microsoft can modify, without user consent, a third party application running in a windows environment.
Many people elected to use Firefox instead of IE thinking Mozilla and the owner of the computing device would be the only party to modify Firefox’s behaviour.
Bogdan Bivolaru Reply:
June 8th, 2009 at 12:29 am
Let me get this straight:
I need to install patch #2 just to remove something that shouldn’t be installed in patch #1 (without users’ consent)…
That doesn’t sound like easy removal (as any patch from MS can break my system in lots of unexpected ways) and doesn’t sound like they stopped pushing patch #1 down the users throat.
This message is like ‘We keep doing crimes, but we help those injured as a result of our actions.’
What about stopping the patch #1, isn’t it still pushed down the channel?
Roy Schestowitz Reply:
June 8th, 2009 at 12:37 am
It’s malicious. Like AARD.
Yuhong Bao Reply:
June 11th, 2009 at 10:37 pm
“It’s malicious. Like AARD.”
Well, MS’s intention with this add-on was to add .NET integration to Firefox so that .NET powered web apps can work. MS did not deliberately made it uninstallable, it was a side effect of how it was installed.
In comparison, AARD was an attempt to prevent Windows 3.1 from running on DR-DOS (thus sabotaging it), there is no other way to explain it, period.
Yuhong Bao Reply:
June 11th, 2009 at 10:45 pm
“uninstallable”
I mean non-uninstallable.
“In comparison, AARD was an attempt to prevent Windows 3.1 from running on DR-DOS (thus sabotaging it), there is no other way to explain it, period. ”
Not only that, it was clearly deliberately obfuscated code. Andrew Schulman disassembled it and says so.
buck said,
June 7, 2009 at 11:59 pm
Another reason not to use Windows.