Bonum Certa Men Certa

Microsoft is Again “Sabotaging” Free Software on Windows (and Why Windows is the Least Secure Platform)

Firefox search



Summary: Microsoft has once again pushed its own code into Firefox, without any consent from the users

Putting Free software only on Windows is not a smart decision. On Windows, Microsoft is in total control and Microsoft does abuse this control all the time.

When it comes to Mozilla Firefox, Microsoft is routinely tinkering with it without permission (assuming one runs it on Windows). The word “sabotaging” first came up here, with additional coverage in:



Microsoft is doing it yet again. Microsoft boosters are among the first report on it: (and yes, Ars Technica has at least two Microsoft boosters as well)

i. Microsoft hides mystery Firefox extension in toolbar update

As part of its regular Patch Tuesday, Microsoft released an update for its various toolbars, and this update came with more than just documented fixes. The update also installs an add-on for Internet Explorer and an extension for Mozilla Firefox, both without the user's permission. As you can see in the Windows Update screenshot above, Microsoft does not indicate that the update will install anything for either browser. It's also not really clear what the installed extension actually does.


ii. Is Microsoft pushing stealth updates to users again? This time, it's toolbars ...

I’m getting numerous reports from readers claiming that Microsoft is back to pushing stealth updates to Windows users via Windows Update. This time, the update seems related to its browser toolbars.

Readers started reporting this issue to me yesterday, when Firefox users started noticing that Extensions window was opening up when launching the browser and showing something new - Search Helper Extension.


When it comes to Microsoft's security patches, there is a lot of secret behaviour such as the above. Microsoft claims to be handling 34 flaws this week, but there are actually more because of secret patches.

Ars Technica writes about Richard A. Clarke's new book, which blames Microsoft for national and international security problems (Windows has a huge number and proportion of zombie PCs).

Who wrote those lines? Steve Jobs? Linux inventor Linus Torvalds? Ralph Nader? No, the author is former White House adviser Richard A. Clarke in his new book, Cyber War: The Next Threat to National Security and What to Do About It.

[...]

Money talks

Why has the national response to this problem been so slow? Lack of consensus on what to do and fear of the "R-word"—government regulation, Clarke contends. Then there's Reason Number Five on his list, which basically boils down to "Microsoft."

"Some people like things the way they are," Clarke obliquely observes. "Some of those people have bought access." Microsoft, he notes, is a prominent member of OpenSecrets.org's "Heavy Hitters" political donor list. Most of the list's stars are trade associations. "Microsoft is one of only seven companies that make the cut."

The software giant's largesse has shifted from Republicans back in the Clinton antitrust days to Obama, he continues, but the agenda is always clear: "Don't regulate security in the software industry, don't let the Pentagon stop using our software no matter how many security flaws it has, and don't say anything about software production overseas or deals with China."

Clarke tries to be fair. He notes that Microsoft didn't originally intend its software for critical networks. But even his efforts at fairness are unflattering. Microsoft's original goal "was to get the product out the door and at a low cost of production," he explains. "It did not originally see any point to investing in the kind of rigorous quality assurance and quality control process that NASA insisted on for the software used in human space-flight systems."

But people brought in Microsoft programs for critical systems anyway. "They were, after all, much cheaper than custom-built applications." And when the government launched its Commercial Off-the-Shelf program (COTS) to cut expenses, Microsoft software migrated to military networks. These kind of cost cutting reforms "brought to the Pentagon all the same bugs and vulnerabilities that exist on your own computer," Clarke writes. Floating i-brick

The former White House advisor cites the 1997 USS Yorktown incident as a consequence. The Ticonderoga-class ship's whole operational network was retrofitted with Windows NT. "When the Windows system crashed, as Windows often does, the cruiser became a floating i-brick, dead in the water."

In response to this "and a legion of other failures," the government began looking into the Linux operating system. The Pentagon could "slice and dice" this open source software, pick and choose the components it needed, and more easily eliminate bugs.


"Never mention Windows and security in the same breath," writes Sam Varghese in the headline of another new article. It refers to the dishonest "damage control" from Microsoft after Google's mass-desertion, as seen last week.

If I had a dollar for every time Microsoft was forced to defend the abysmal security of its Windows operating system, I would probably be lying on a beach in the Bahamas and sipping a cocktail right now, with my financial future secured.

The latest defence, from Windows communications manager Brandon LeBlanc, has as many holes as Windows does in its security armoury.

As my colleague Jake Widman reported earlier today, LeBlanc took issue with a story stating that Google was moving its internal workstations away from Windows to OSX and GNU/Linux due to Windows' poor security.

In his response, LeBlanc talks of security issues with the Mac and Google too. That isn't the point - no system or company is perfect.

We are talking here about the relative security of various operating systems - and Windows is, without any doubt, the worst. Put it up against OpenBSD, Solaris, NetBSD, FreeBSD, GNU/Linux, OpenSolaris, or any other, Windows comes out last when it comes to security.


"Being virus and malware-free" is another new article about escaping Windows (like Google did, for security reasons). The haven from security problem really is seen as a reason to embrace software freedom, not just an afterthought or excuse.

Recent Techrights' Posts

Sounds Like IBM is Preparing for Mass Layoffs/Redundancies in Red Hat, Albeit in "PIP" (Performance Improvement Plan) or "Relocation" Clothing
This isn't the "old" IBM; they're applying pressure by confusion and humiliation
Gemini Links 17/04/2025: Role of Language and Back to Mutt for E-mail
Links for the day
Microsoft's Attack Dogs Have Failed. Now What?
It would be utterly foolish to assume that Microsoft has any intention of changing
All Your "Github Projects" Will be Gone One Day (Just Like Skype)
If you have code you wish to share and keep, then start learning how to do so on your own
Fedora Already Lost Its Soul Under IBM
Fedora used to be very strict compared to many other distros and it had attracted very bright volunteers
Links 17/04/2025: Calling Whistleblowers at Microsoft, Slop Doing More Harm Everywhere
Links for the day
 
Links 18/04/2025: "Fentanylware (TikTok) Exodus Continues", Chinese Weapons Allegedly in Russia Already
Links for the day
Gemini Links 18/04/2025: Price of Games and State of Tinylog
Links for the day
"Sayonara" (さよなら), Microsoft
Windows had fallen below iOS in some countries
Links 18/04/2025: Layoffs at Microsoft Infosys and Qt Becoming Increasingly Proprietary (Plus Slop)
Links for the day
Google News is Dying
treating MElon's algorithmic/biased site as a source of verified news
To Understand Who's Truly Controlling You Follow the Trail of Censorship (or Self-Censorship)
Do not let media steal and steer the narrative; CoCs are not about "social justice", they're about corporate domination
Microsoft is Still Attacking GNU/Linux and the Net
Microsoft bribed the government using money that did not even exist
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, April 17, 2025
IRC logs for Thursday, April 17, 2025
Gemini Links 18/04/2025: Pinephone Pro and Linux is too Easy
Links for the day
Links 17/04/2025: Russian Bot Farms Infect TikTok (Which US Government and SCOTUS Decided to Block January 19), US Hardware Stocks Crash Due to Tariffs
Links for the day
Gemini Links 17/04/2025: Sticking to Free Software, Smolnet, and Counting the Reals
Links for the day
Open Source Initiative (OSI) Privacy Fiasco in Detail: In Conclusion and Enforcement Action Proceeds Against OSI at the California Privacy Protection Agency (CPPA)
There's too much to cover in one single part
When You Fail to Filter Your Clients You End Up SLAPPing Reporters on Behalf of Bad People From Microsoft in Another Continent
“American Psycho”
Links 17/04/2025: LayoffBot and Tesla Cheats Buyers
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 16, 2025
IRC logs for Wednesday, April 16, 2025
Trump Authority (CA) With a Trump NSA is All About Security, But Whose?
A "turnkey tyranny", as the NSA whistleblower Thomas Drake loved to call it
Confirming IBM Shutdowns and Layoffs Today
It's not over yet
Gemini Links 16/04/2025: The 2010s Are Calling and Why "Tools Will Not Liberate Us"
Links for the day
You Should Probably Self-Host Your E-mail and Never Use a Web Browser for Mail
Does anyone still believe Gmail is "free"?
Links 16/04/2025: Cliff Lynch RIP, More Attacks on Science (NASA)
Links for the day
StatCounter Shows the Market Share of Vista 11 is Decreasing in Ukraine This Year
Microsoft abandoning Vista 10 users would be a victory for Vladimir Putin
Google Promotes Fake Articles (LLM Slop) Instead of Originals, Relaying Microsoft's Linux FUD Emanating From Microsoft LLMs
Shame on Google for participating in the slopfest
In Some Countries the Largest OEMs Already Dump Microsoft Windows
Windows at 18.9%, Android 60.2%
The "Gold" Rule: Taking Money for Reputation Laundering and Openwashing Under the "Linux" Banner
Seller of expensive toilet paper, Jim Zemlin
LLM Slop Says Slop is "coming for white-collar jobs. Microsoft’s layoffs are just the start"
Look what the Web has become
Microsoft Down From 100% to 10% in Myanmar/Burma
only about 4% of Web requests in Myanmar/Burma come from Vista 11, soon to be the only "supported" version of Windows
Reporting Facts About Violence Against Women Deserves Awards, Not Frivolous Lawsuits and Threats
What is Microsoft's stance on women's safety?
Linux.com as Spamfarm of the Linux Foundation, Partner of the Gates Foundation
They no longer publish articles
When Fedora Said It Was Looking to Integrate "AI" It Meant Promoting Microsoft's Proprietary Spyware and GPL-Violating Slop
When they say "AI" they mean Microsoft
Slopwatch: The Typical Slopfarms and the 'Brian Fagioli Dilemma'
To the Web and to society (exposed to the Web) LLMs are a net negative
It Used to be IBM, Now It's Microsoft (Why You Need to Fire Microsofters or CIOs Working for Microsoft)
Typically the only effective solution is to identity and remove Microsofters from one's project/organisation (before they can bring more Microsofters in)
IBM Closes Offices and Labs in the United States to Open New Ones in India
It's not layoffs per se; they're substituting/swapping veteran employees for lesser-paid ones
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 15, 2025
IRC logs for Tuesday, April 15, 2025
Gemini Links 16/04/2025: IndieWeb Carnival, Tinylog RFC, "Focus, the Web and Gemini"
Links for the day