EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

04.21.10

Microsoft’s Browser Ballot is Broken Again and Internet Explorer 8 is Critically Flawed

Posted in Antitrust, Europe, Microsoft, Security, Windows at 2:56 am by Dr. Roy Schestowitz

Voter
Poor man’s ballot?

Summary: Microsoft makes it difficult to install a Web browser other than its already-installed and already-flawed Internet Explorer 8

THE BROWSER BALLOT has already been through many changes since it was first introduced. Microsoft kept cheating or simply left some self-serving bugs in tact. We wrote about the subject in:

  1. Browser Ballot Critique
  2. Microsoft’s Fake “Choice” Campaign is Back
  3. Microsoft Claimed to be Cheating in Web Browsers Ballot
  4. Microsoft Loses Impact in the Web Despite Unfair Ballot Placements
  5. Given Choice, Customers Reject Microsoft
  6. Microsoft is Still Cheating in Browser Ballot — Claim

Rob Weir from IBM shows that Microsoft’s ballot, which it was forced to implement in order to avoid fines (a lot of the press still gets it wrong by characterising it as Microsoft fairness), is simply broken. See the screenshots in Weir’s blog as they are self explanatory.

A few weeks ago I wrote about Microsoft’s “browser choice” ballot page in Europe, which in its debut used a flawed algorithm when attempting to perform a “random shuffle” of the browser choices, a feature specifically called for in their agreement with the EU. This bug was fixed soon after it was reported. But I recently received an email from a correspondent going by the name “Skoon” who reported a more serious bug, but one that is seen only in the Polish-language translation of the ballot choice screen.

In other news, there is a major new flaw in Microsoft’s Internet Explorer 8. [via]

The cross-site scripting filter that ships with Microsoft’s Internet Explorer 8 browser can be abused by attackers to launch cross-site scripting attacks on websites and web pages that would otherwise be immune to this threat.

According to a presentation at this year’s Black Hat Europe conference, the issue introduces security problems at several high-profile websites, including Microsoft’s own Bing.com (screenshot), Google.com, Wikipedia.org, Twitter.com (screenshot) and just about any site that lets IE 8 users create profiles.

Yes, Microsoft’s browser is still lagging when it comes to security due to negligence and incompetence [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12]. But it’s not entirely surprising that while 4 governments encouraged their citizens to abandon Internet Explorer this year, the MSBBC continues to produce Microsoft adverts, including the many Internet Explorer endorsements that we find in the MSBBC [1, 2, 3, 4, 5, 6] on a regular basis (and occasionally report those for scrutiny). Our reader ThistleWeb has more to say about the MSBBC’s latest Infomercial:

I saw this promo piece in the BBC about the launch of Microsoft’s new Fix-it service and a few things spring to mind. The first is that Microsoft have a long track record of causing more problems than they fix when applying updates. They set Windows to download and apply all critical updates without user intervention. So when a user goes to shut down their PC they have no idea if they have to hang around for 15 mins so that Windows can apply it’s updates or not. Similarly they have no idea if those updates will cause a problem when they next start up their PC.

The second is that Microsoft have a history of abusing the term “critical” and slipping in programs like the Orwellian titled WGA (Windows Genuine Advantage). This was apparently a feature a large number of their customers were screaming out for and Microsoft being a listening, concerned company felt they had no choice but to provide; if you believe Micorosoft’s PR about it. WGA checks regularly if the copy of Windows it’s running on is licensed or unlicensed. If it deems that install of Windows to be unlicensed it causes no end of hassle for the user by disabling services, rebooting, nagware messages about “please contact Microsoft to buy a Windows product key”. It’s no advantage to customers, only to Microsoft. Yet this has been defined by Microsoft as a “critical” update. To me “critical” means “your PC is at immediate risk without this update”.

We have written about this before; in fact, Microsoft marks as “critical” anything that’s critical to Microsoft, not to the user. This is probably why one in two Windows PCs is still estimated to be a zombie.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email
  • Slashdot

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Microsoft Lost More Than 15 Million Web Domains in One Month!

    Microsoft's presence on the Web is being reduced to ridiculously low levels; sooner or later Microsoft will turn from 'king' of parked (unused) domains to master of nothing



  2. Links 23/9/2020: Lenovo's Deeper GNU/Linux Dive and Tor Browser 10/Tails 4.10

    Links for the day



  3. IRC Proceedings: Tuesday, September 22, 2020

    IRC logs for Tuesday, September 22, 2020



  4. The Latest Greenwashing Campaign by the EPO is Just 'Chinese Propaganda'

    When the EPO speaks of “innovation” and “clean energy transition” it means nothing but patents on batteries, in effect monopolies being granted in Europe (to a lot of Asian — not European — companies)



  5. Links 23/9/2020: Librem 14 Shipping in December, Linux Journal Returns, Istio 1.6.10 Released, Release Candidate 3 of LLVM 11.0

    Links for the day



  6. Welcome Back, Linux Journal!

    Linux Journal is coming back under the ownership/umbrella of Slashdot folks, who are sadly preoccupied and obsessed with Microsoft talking points and PR campaigns



  7. What the Efforts to Remove Dr. Stallman Reveal About the Agenda of Large Corporations (Looking to Absorb the Competition, Remove Freedom, Spread Proprietary Software in 'Open' Clothing)

    Richard Stallman's (RMS) positions and foresight are usually correct; at the moment we're losing access to key people whose leadership positions are essential for the independence of cornerstone projects



  8. Links 22/9/2020: Tails 4.11, Linux Lite 5.2 RC1

    Links for the day



  9. Minimalism for Maximisation of Productivity and Clutter Mitigation

    Unfortunately, GNU/Linux (especially the latter, Linux) embraces bloat and anti-features in pursuit of sales (appeasing large corporations, not users’ needs), reducing the modularity, reliability and productivity of computer systems in the name of helping “dumb” users (they keep telling us people are very dumb and those who disagree are “elitist” and “extremist” or even “neckbeards” — in effect insulting every person out there)



  10. IRC Proceedings: Monday, September 21, 2020

    IRC logs for Monday, September 21, 2020



  11. Post-Coronavirus Linux.com Became Nothing But a SPAM Site

    As per the Linux Foundation‘s very own brochure, scripted and fake ‘interviews’ are to be produced and then edited/negotiated (before publication) with the sponsor… in Linux.com as the platform. This is corruption (or marketing, one might call them de facto ads presented as fake ‘articles’).



  12. Erosion of Free Speech and Tolerance of Opposing Viewpoints in Free Software Communities

    The concept of free speech is being reinvented by oversensitive people who nowadays expand the list of exclusions/exemptions (from scope of 'permissible' speech) to politics and criticism of large and highly abusive corporations



  13. Links 21/9/2020: PlasmaShell With Vulkan, Plasma Beta Review Day, OpenMediaVault 5.5.11

    Links for the day



  14. Guest Post: The Worrying State of Political Judgement in Free Software Communities

    A look at what Mozilla has become and what that teaches us about the Web and about software



  15. Links 21/9/2020: KTechLab 0.50.0, Linux 5.9 RC6

    Links for the day



  16. IRC Proceedings: Sunday, September 20, 2020

    IRC logs for Sunday, September 20, 2020



  17. Git is Free Software, GitHub is Proprietary Trap

    More and more people all around the world understand that putting their fruit of labour in Microsoft's proprietary (but 'free') prison is misguided; the only vault they have is for human beings, not code



  18. Daniel Pocock on Codes of Conduct and Their Potential Dangers in Practice

    In Debian we’ve already witnessed several examples where Codes of Conduct, if put in the wrong hands (in the Linux Foundation it’s corporate hands), can achieve the very opposite of their intended goal and its a true shame as well as a travesty for legitimate victims of real abuse



  19. Links 20/9/2020: Flameshot Screenshot Tool 0.8, Okular Improvements and More

    Links for the day



  20. Reminder: Vice Chair of the Linux Foundation's Board is an Oracle Executive Who Used to Work for Microsoft

    The Linux Foundation issued statements to the effect of opposing Donald Trump, but its current leadership (people from companies like Oracle, Microsoft and IBM) is a strong proponent of doing as much business as possible with Trump (even in violation of international law)



  21. [Meme] How to Hijack Linux and Free Software to Make Them Proprietary and Microsoft-Controlled

    Intel keeps outsourcing almost everything (that's not proprietary with back doors, e.g. ME) to Microsoft's proprietary software prison, known as GitHub; to make matters worse, Intel now uses the Microsoft-hosted Rust to develop in Microsoft servers, along with Microsoft, code that promotes Microsoft proprietary software (e.g. Hyper-V) and non-standard 'extensions'.



  22. DDOS Attacks Against Us Lately

    (Distributed) Denial-of-service attacks or DDOS attacks have slowed down the site, but we treat that as evidence of suppression and fear (of what's to come and what was recently published), or accuracy (in reporting) rather than inaccuracy



  23. [Meme] Windows as Dead Man Walking (Patches Accelerate the Death)

    Microsoft is squeezing whatever life is left in its “burning platform” (which is already exceeded in terms of market share by Android) that has a "burning" (bricked) WSL with barely any users and plenty of critical problems



  24. We Let Them Get Away With Murder, But They Make up for It by Banning Words

    The Microsoft propaganda machines (notably ZDNet this weekend) are busy portraying Microsoft as a “good company” for censoring words, never mind the actual, meaningful, substantial actions of Microsoft, which is boosting authoritarian people who imprison even babies (for the ‘crime’ of being on the ‘wrong’ side of the border)



  25. High-Profile and Invalid (Invalidated) European Patents Harm the Presumption of Validity of European Patents

    The EPO's 'printing machine' (over-producing patent monopolies) is harming the legal certainty associated with such patents, helping nobody but deep-pocketed monopolists and law firms



  26. Epitaph for (Death of) Patent-Centric Media: Litigation Giant Bird & Bird Nowadays Doing Ads as 'Podcasts' in Think Tank Site 'Managing IP'

    Publishers don't hesitate and openly revel in taking bribes as if it's a badge of honour or importance, allowing themselves to be profoundly corrupted in pursuit of quick cash; we discuss what's happening in sites that pretend to cover patent news (but actually drive agenda of litigation giants, to the detriment of actual innovators)



  27. IRC Proceedings: Saturday, September 19, 2020

    IRC logs for Saturday, September 19, 2020



  28. Links 20/9/2020: 4MLinux 34.0 Released, September Release and EndeavourOS for ARM

    Links for the day



  29. Video: Free Communication With Free Software - Daniel Pocock - FOSSASIA Summit 2016

    The 2016 FOSSASIA talk from Daniel Pocock (Debian) about Free software alternatives to Google, Microsoft Skype and so on (Microsoft started paying Debian in 2016)



  30. [Meme] Microsoft Downtime... Now in 'Linux' (Wait a Month for Microsoft to Restore Uptime)

    Microsoft’s utter failure that is "WSL2" is bringing the failures Windows is so notorious for (loss of work, lack of security, fatal patches) to so-called ‘Linux’; the timeframe for a fix says a lot about just how much Microsoft “loves” Linux…


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts