Linked by Thom Holwerda on Fri 11th Jun 2010 21:27 UTC
Microsoft "Microsoft has fixed the distribution scope of a toolbar update that, without the user's knowledge, installed an add-on in Internet Explorer and an extension in Firefox called Search Helper Extension. Microsoft told us that the new update is actually the same as the old one; the only difference is the distribution settings. In other words, the update will no longer be distributed to toolbars that it shouldn't be added to. End users won't see the tweak, Microsoft told Ars, and also offered an explanation on what the mystery add-on actually does."
Order by: Score:
Gotta love it
by darknexus on Sat 12th Jun 2010 03:21 UTC
darknexus
Member since:
2008-07-15

Microsoft screws up, everyone jumps on them. Microsoft fixes something and nobody really cares. Granted, this is a mistake that should never have happened, but sometimes they do.

Reply Score: 5

RE: Gotta love it
by UltraZelda64 on Sat 12th Jun 2010 03:37 UTC in reply to "Gotta love it"
UltraZelda64 Member since:
2006-12-05

So we should forgive them ASAP just because they knowingly went too far, probably on purpose, and then decided to backtrack after they likely received a backlash? Sorry, but no.

They already made this same "mistake" once before. The second time "fixing" it doesn't earn them any more respect. If anything, the opposite.

After they've gone for a decent amount of time not tampering with people's own personal software installations, then they can be commended. Until then, they're still guilty and should be watched closely. I sure as hell don't trust them.

Edited 2010-06-12 03:50 UTC

Reply Score: 8

RE[2]: Gotta love it
by vaette on Sat 12th Jun 2010 19:53 UTC in reply to "RE: Gotta love it"
vaette Member since:
2008-08-09

That's just precious. Why would Microsoft "on purpose" install a piece of software that gives them no advantage at all since it does nothing?

I have no idea what made you such a bitter suspicious person, but I think you need to try to get a bit more perspective.

Reply Score: 2

RE[3]: Gotta love it
by UltraZelda64 on Sat 12th Jun 2010 20:31 UTC in reply to "RE[2]: Gotta love it"
UltraZelda64 Member since:
2006-12-05

I have no idea what made you such a bitter suspicious person, but I think you need to try to get a bit more perspective.

Companies like...

...wait for it...

...Microsoft.

Pay more attention to their actions, read some of their history and past "news" stories they'd rather you not know about, and maybe you too will realize that they can't (or shouldn't) blindly be trusted. At least not completely. IMO, no business should be 100% blindly trusted, but that's beside the point; this just applies to some companies more than others. Microsoft is certainly on this list of companies to watch out for.

Edited 2010-06-12 20:50 UTC

Reply Score: 2

RE[4]: Gotta love it
by darknexus on Sun 13th Jun 2010 02:24 UTC in reply to "RE[3]: Gotta love it"
darknexus Member since:
2008-07-15

To watch out for, certainly, just as you have to watch out for a convicted felon once they're released from jail to make sure there's no relapse back into crime. However, the chance is often given and there are actually people who change. I think the same can be applied to companies too. Are Microsoft a shining example of perfection? Hell no, and given how large they are it's doubtful they will ever be. But is anyone or anything perfect when you boil right down to it? A healthy dose of caution is always best, but there's no sense living in the past. If everyone thought like you seem to, that "Oh, well this is what happened before", we'd never have developed anything in the first place, since many successful efforts begin with a failed attempt. WE, as a species, would've just said oh well that failed and never attempted anything again.

Reply Score: 2

RE[5]: Gotta love it
by UltraZelda64 on Sun 13th Jun 2010 03:16 UTC in reply to "RE[4]: Gotta love it"
UltraZelda64 Member since:
2006-12-05

"However, the chance is often given and there are actually people who change. I think the same can be applied to companies too."

The point is--so far--that they haven't changed a bit. What's it been, not even ONE freakin' year and they're back at it a second time? Hell, it's barely even been half a year. It takes longer than that for respect to be earned--or at least it should, and if not, you're probably too gullible. And Microsoft shot their chance just now by doing it again. At this rate, within the next year they'll probably be at it yet again.

"A healthy dose of caution is always best, but there's no sense living in the past."

This isn't the past. This is NOW. They *just* did this again, for the second time, in less than a year. Just now.

Why doesn't Microsoft just adopt "Oops! I Did It Again" as their theme song? They seem to never learn. As much as sometimes they really do seem like they're "getting it" lately they always revert to their old ways or just plain do something dumb.

Microsoft has a long way to go before they can be considered even remotely trustworthy, and little incidents like these only set them back.

Edited 2010-06-13 03:20 UTC

Reply Score: 2

RE[6]: Gotta love it
by contextfree on Sun 13th Jun 2010 04:52 UTC in reply to "RE[5]: Gotta love it"
contextfree Member since:
2009-06-01

Did what again? What did they do that actually harmed users in any way?

Reply Score: 2

RE[3]: Gotta love it
by Jokel on Mon 14th Jun 2010 18:23 UTC in reply to "RE[2]: Gotta love it"
Jokel Member since:
2006-06-01

Hmmm... what makes you so sure it does nothing?

Have you seen the source? Do you know what exactly this code does? If not - you are only guessing what this code does...

Given the history Microsoft has, it is very unlikely this was "just" a bug. As a matter of fact - how likely it is a "bug" can target a specific application and installs without any hiccup? I would say the suggestion it is a "bug" is very, very, very, very unlikely.

Keep an eye on Firefox thats has this "bug" installed. I would not surprise me to see strange things going to happen after a while. Especially keep an eye on performance, search actions, and an "out of the blue" virus or something...

Reply Score: 1

RE[2]: Gotta love it
by MollyC on Mon 14th Jun 2010 06:37 UTC in reply to "RE: Gotta love it"
MollyC Member since:
2006-07-04

Um, this was a bug. A harmless one at that.

You suggest otherwise, that this wasn't a bug, but was instead done for some evil purpose. What is the evil purpose? If you can't provide a motive then you have no case. Every prosecutor knows that.

Reply Score: 3

RE[3]: Gotta love it
by phreck on Mon 14th Jun 2010 10:11 UTC in reply to "RE[2]: Gotta love it"
phreck Member since:
2009-08-13

I am curious how to fly so blind as to produce a bug that installs some unasked for extensions to a non-microsoft-owned nor -supported software.

As I understand it, this is a bit like when chimps finally author the next Shakespeare novel.

Reply Score: 2

RE[3]: Gotta love it
by lemur2 on Mon 14th Jun 2010 11:31 UTC in reply to "RE[2]: Gotta love it"
lemur2 Member since:
2007-02-17

MollyC:

Um, this was a bug. A harmless one at that.


Maybe so, but it is not the point.

phreck:
a bug that installs some unasked for extensions to a non-microsoft-owned nor -supported software


Exactly.

Now that is the point. What is more is that it silently installs, without user permission to do so. Even though in this case the software that was installed was harmless, it still illustrates the existence of a mechanism.

Who owns any given Windows machine, after all? With my own personal machines, all running Kubuntu, there is no doubt about it ... I own the machines. They are in my control.

If I were running Windows instead, that clearly would not be the case.

Edited 2010-06-14 11:32 UTC

Reply Score: 3

RE[4]: Gotta love it
by vaette on Mon 14th Jun 2010 12:54 UTC in reply to "RE[3]: Gotta love it"
vaette Member since:
2008-08-09

You install software updates on Ubuntu just like you do on Windows, and the .deb packages run arbitrary scripts, just like installers on Windows. And, of course, nothing forces these scripts to be bug-free or the package description from not mentioning some key information.

Reply Score: 1

RE[5]: Gotta love it
by phreck on Mon 14th Jun 2010 13:18 UTC in reply to "RE[4]: Gotta love it"
phreck Member since:
2009-08-13

Differences being, that .deb/.rpm/.tar.gz-packages are open. If I am in serious doubt, I can dissect the packages, see what's in /usr/share, /usr/bin, postrm and whatnot.

I can also explicitly cherry pick which parts of my operating system shall be updated, which should receive security updates, and which shall be strictly pinned.

Three more key-differences:

* Microsoft has a hypocritical past, most Linux/Bsd/etc.-Distros have not, so ppl just have a smaller treshold for Microsoft-Misdoings

* To my knowledge, never did any Distro install any package that is not uninstallable through package management anymore, whereas Microsoft keeps distributing things that are not trivially removable (read: via Firefox's add-on manager) and which promote their proprietary wannabe standards. I don't want a f+cking web-install for whatever bogo technology or whatever, and I don't want a f+cking unasked-for extension without the possiblity to trivially remove it again.

* To my knowledge, distro-provided packages never extended the installations of other packages, except when those are add-on-packages


edit:
And seriously, how low is the possibility of a bug which installs this piece of dung into a remote application, following the rules of that application, and following the usual pattern of not being uninstallable? As this never happened in the Open Source World that I know, it is probably so small that not even a million chimps will reproduce this bug within the lifespan of our sun (http://www.ohloh.net/languages).

So: Stop believing in Microsofts philantropist interests and that this was a bug. It was not. It was intent. We can discuss whether this was wise or stupid, but not about whether it's a bug.

Edited 2010-06-14 13:35 UTC

Reply Score: 1

RE[6]: Gotta love it
by vaette on Mon 14th Jun 2010 14:02 UTC in reply to "RE[5]: Gotta love it"
vaette Member since:
2008-08-09

This is just an endless cycle isn't it?

Differences being, that .deb/.rpm/.tar.gz-packages are open. If I am in serious doubt, I can dissect the packages, see what's in /usr/share, /usr/bin, postrm and whatnot.

But you don't. Which makes the point rather moot.

Note also that the community at large indeed noted what Microsofts install package did and followed up on it, exactly what I assume is what you want to point out to be the great advantage of the OSS community.

To my knowledge, never did any Distro install any package that is not uninstallable through package management anymore, whereas Microsoft keeps distributing things that are not trivially removable (read: via Firefox's add-on manager) and which promote their proprietary wannabe standards. I don't want a f+cking web-install for whatever bogo technology or whatever, and I don't want a f+cking unasked-for extension without the possiblity to trivially remove it again.

It is removable by uninstalling the update in question though, which works just as well as uninstalling the "package" would under a Linux distro.

To my knowledge, distro-provided packages never extended the installations of other packages, except when those are add-on-packages

On the other hand this update applied to the Bing bar, which is an add-on to both IE and Firefox, so updating extensions in Firefox makes sense. The behaviour of updating the extension in Firefox even when the Bing bar is not installed in Firefox is, as already noted, a bug.

And seriously, how low is the possibility of a bug which installs this piece of dung into a remote application, following the rules of that application, and following the usual pattern of not being uninstallable? As this never happened in the Open Source World that I know, it is probably so small that not even a million chimps will reproduce this bug within the lifespan of our sun (http://www.ohloh.net/languages).

The update package was supposed to install the extension in Firefox, and the extension was designed to behave in that way, since it was supposed to be removed when the Bing bar extension was uninstalled from Firefox, rather than being uninstallable by itself. The bug was that it was added when any Bing bar was on the system, even if it wasn't in Firefox.

So: Stop believing in Microsofts philantropist interests and that this was a bug. It was not. It was intent. We can discuss whether this was wise or stupid, but not about whether it's a bug.

This is such bullshit that it gets tiring to go over it again; why would it be intentional?? It does nothing, nothing to help Microsoft, nothing to harm Microsoft, nothing in any direction. These claims about malicious intent are just paranoid fantasy unless you can come up with some kind of motive.

Reply Score: 1

RE[7]: Gotta love it
by phreck on Mon 14th Jun 2010 15:13 UTC in reply to "RE[6]: Gotta love it"
phreck Member since:
2009-08-13

"This is just an endless cycle isn't it? "
Indeed.

Just this one:

It is removable by uninstalling the update in question though, which works just as well as uninstalling the "package" would under a Linux distro.

a) No need to quote "package". It is a common concept in the Linux world (which Windows lacks)
b) The update information found on my system is cryptic. I would have to look through e.g. 70 entries just for 2010-05-27. Not a single one includes a clear changelog, but only links to external resources. Really? This is slightly different from looking into local changelogs. And no, you don't have to quote changelog now. It is a common concept, once again. In plain text.
c) No, update management under windows is not equal to package management under linux, where dependencies are tracked recursively. So I don't really know whether removing some update breaks something else, or not. The probability might be low, but is not non-existent. And again, I may not choose beforehand what shall be updated, and what not.


Lifting up your quoted "package", my impression is you don't really have a grasp about how different updates are in the linux world. Personally, I live with both worlds. The one at work, the other at home. The one that is not proprietary works better for me. But that's of course unfounded.

Edited 2010-06-14 15:15 UTC

Reply Score: 1

RE[4]: Gotta love it
by bornagainenguin on Mon 14th Jun 2010 15:15 UTC in reply to "RE[3]: Gotta love it"
bornagainenguin Member since:
2005-08-07

lemur2 exclaimed...

Who owns any given Windows machine, after all? With my own personal machines, all running Kubuntu, there is no doubt about it ...


Yes, there is certainly no doubt that Canonical owns those machines! ;)

--bornagainpenguin

Reply Score: 2

RE[5]: Gotta love it
by lemur2 on Tue 15th Jun 2010 00:32 UTC in reply to "RE[4]: Gotta love it"
lemur2 Member since:
2007-02-17

lemur2 exclaimed... " Who owns any given Windows machine, after all? With my own personal machines, all running Kubuntu, there is no doubt about it ...
Yes, there is certainly no doubt that Canonical owns those machines! ;) --bornagainpenguin "

Unlike the mechanism whereby, without the ownser's permission, Microsoft can install software on a Windows machine, which has been admirably illustrated by this toolbar incident, there is no mechanism at all whereby Canonical can install software on my machines. Canaonical have no permissions at all on my machines.

Reply Score: 2

Comment by marcp
by marcp on Sat 12th Jun 2010 17:56 UTC
marcp
Member since:
2007-11-23

Hmm, glad I can say that I don't really care what they do, because I don't use their OS.

However, I would be very mad If I were Windows user. I'd probobly sue them, or just stop using their products.

Reply Score: 3

RE: Comment by marcp
by UltraZelda64 on Sat 12th Jun 2010 18:19 UTC in reply to "Comment by marcp"
UltraZelda64 Member since:
2006-12-05

However, I would be very mad If I were Windows user. I'd probobly sue them, or just stop using their products.

By agreeing to Microsoft's EULA to be "allowed" to use their OS in the first place you would have probably waived that right... so you'd be screwed if you wanted to sue. You'd be forced to go to Plan B, stop using their products. Don't you just love how Microsoft weasels their massive monopolistic corporate ass out of everything? And of course, Microsoft is not the only company to do so, not even close, just to make that clear. But they were certainly one of the first to jump on this proprietary/licensed software idea and make it common.

Edited 2010-06-12 18:23 UTC

Reply Score: 2

RE[2]: Comment by marcp
by marcp on Sat 12th Jun 2010 22:10 UTC in reply to "RE: Comment by marcp"
marcp Member since:
2007-11-23

Hmm, that's a good point. Should I mention I don't use *any* proprietary software just to make sure my rights are satisfied. And by *any* I mean *none*, because I always try to choose from the liberal licenses, like ISC, BSD. GPL, etc.

Reply Score: 2

RE[3]: Comment by marcp
by darknexus on Sun 13th Jun 2010 02:31 UTC in reply to "RE[2]: Comment by marcp"
darknexus Member since:
2008-07-15

Hmm, that's a good point. Should I mention I don't use *any* proprietary software just to make sure my rights are satisfied. And by *any* I mean *none*, because I always try to choose from the liberal licenses, like ISC, BSD. GPL, etc.


Interesting. Does that mean you've never used an ATM machine? How about gone to the doctor? Or flown on an airplane? I take it you don't drive a car either, or ride on any other type of motor vehicle for transport?
I really hate when people say they *only* ever use one certain type of product or license, because in reality that's not true. Just about everything is powered by software these days, and a good majority of it will never be free as it takes time and paid experts in the respective fields to develop. Sort of a bigger picture when looked at that way, eh?

Reply Score: 2

RE[4]: Comment by marcp
by UltraZelda64 on Sun 13th Jun 2010 03:51 UTC in reply to "RE[3]: Comment by marcp"
UltraZelda64 Member since:
2006-12-05

"Does that mean you've never used an ATM machine?"
Well, if someone really didn't want to use an ATM because it's closed, they could always go inside and talk to someone personally and have them do it for them.

"How about gone to the doctor?"
What the hell are you talking about? Since when was anyone allowed to get on their doctor's computer and goof around? Last I checked those were off-limits to patients and typically run by the secretary.

"Or flown on an airplane?"
If you bought an airplane personally and literally fly it yourself, I can somewhat see what you're saying. Kind of, but not really. But if someone is simply going on a plane trip, they're passengers, just on the thing to get from point A to point B; the plane is owned by some else, and being completely operated by the pilot(s).

"I take it you don't drive a car either, or ride on any other type of motor vehicle for transport?"
This might be the only example you really have a halfway decent point on. And even then, I can respond by saying two things:

1) Something like a car is something that *must* be safe, and really should have its various components properly debugged. It's not something you want to have a half-ass program running on that needs a Patch Tuesday update every month and be written by a company that places all blame for their own software bugs on the user (*ahem*). Nor should it be modified, which could introduce new bugs or even complete failure. And why would any hacker even care? As long as they step on the gas and it goes, it's working completely as expected. Chances are if it's not taking off as fast as you'd like, it's not the computer or the software... it's probably the engine.

2) A car is NOT a general-purpose computer, and was never meant to be. At best, various components that once used to be as basic as can be are now monitored and controlled by a simple computer. The various systems serve their own specific purposes, which are typically clear, and do their job. What is there that seriously needs to be modified? I don't think anyone cares how the hell their car's software for braking works as long as the action of braking works as it is supposed to and the brake lights come on so they don't get pulled over.

In the end, a potentially dangerous vehicle for transportation should *not* be compared to an open general-purpose computing platform.

Edited 2010-06-13 04:04 UTC

Reply Score: 3

RE[5]: Comment by marcp
by darknexus on Sun 13th Jun 2010 07:18 UTC in reply to "RE[4]: Comment by marcp"
darknexus Member since:
2008-07-15

I didn't say the OP *needed* to modify anything, but it is an apt comparison. He said he used *only* free software. However, if the OP uses any of the things I asked about, that is demonstrably not true. My point is that principals are put aside for convenience, even by these supposed users of 100% free and only free software. Thus, I hate when people say stupid things like that, things that can be demonstrably proven false. Yet people like that look down on computer users of any proprietary software, when there's no real difference between them and the people they seem to hate. I hate the smug superiority and the false sense of elevation these people give off. So bottom line: No one has the ability to use *only* free software, even if that's all you use on your general purpose computer. So people need to stop telling falsehoods.

Reply Score: 2

RE[6]: Comment by marcp
by UltraZelda64 on Sun 13th Jun 2010 08:39 UTC in reply to "RE[5]: Comment by marcp"
UltraZelda64 Member since:
2006-12-05

I'll just say that while I completely get your point, your examples were just not very good. I agree with your argument that it's kind of ironic when someone says they "never" do something or use whatever (especially when they may in fact do so without realizing it), but to be fair, it should have been pretty clear that the person was specifically referring to general-purpose computers. If the OP owns a car and drives, I highly doubt he/she ever considered the car a computer or wanted to use (or program) it as such.

Why not just interpret what the OP said as something like:

"...I don't use *any* proprietary software [on my computers] just to make sure my rights are satisfied."

A little more to the point and descriptive and most likely what he meant. Let's just leave appliances out of it and it makes perfect sense. It should be clear this person is not talking about his VCR, microwave, washing machine, dryer, car or whatever else... he's referring to his personal computers; desktop PCs, laptops, netbooks, etc. The things that are built to be re-programmable. I'm sure the OP did NOT mean what you interpreted it as.

Basically, what I'm saying is, you're probably just getting upset over a misinterpretation of what the OP originally said. Don't take it like he's trying to be a hypocrite just for the hell of it to spread lies or something. ;)

Anyway... I'm outta here. Why the hell am I here wasting my time clearing up a miscommunication between two random people on the Internet anyway? LOL. Man, I must be bored.

Edited 2010-06-13 08:44 UTC

Reply Score: 2

RE[7]: Comment by marcp
by marcp on Sun 13th Jun 2010 09:28 UTC in reply to "RE[6]: Comment by marcp"
marcp Member since:
2007-11-23

"A little more to the point and descriptive and most likely what he meant. Let's just leave appliances out of it and it makes perfect sense. It should be clear this person is not talking about his VCR, microwave, washing machine, dryer, car or whatever else... he's referring to his personal computers; desktop PCs, laptops, netbooks, etc. The things that are built to be re-programmable. I'm sure the OP did NOT mean what you interpreted it as.

Basically, what I'm saying is, you're probably just getting upset over a misinterpretation of what the OP originally said. Don't take it like he's trying to be a hypocrite just for the hell of it to spread lies or something"

And this is exactly what I meant. Darknexus seems to have a problem of some sort with interpreting other people's words, because he probobly sees in black and white scheme only [linux enthusiasts and 'bad, commercial apps world, while most of the ppl here knows that linux is just a friggin' tip of the iceberg]. I'd probobly say I was talking about the computers but isn't it OBVIOUS on osnews.com? plus - darknexus' argument about closed source appliances works other way round too: there are plenty of stuff with opensourced code used in cars, microwaves, vcrs and so on [but that was NOT my point. I was referring to the things i HAVE an influence on and I was talking about PCs].
Keep it real darknexus and don't let yout false sense of your intellectual self-reliability and self-esteem to mess with the real meaning of other people's words. I'm not playing a role in your play, I don't even use linux as my main OS of choice ...

P.S your argument about my presumed superiority is completely ridiculous. I don't feel superior to anyone or anything because I don't need to. Besides - how on earth the OS you use would make you superior in any way ...? that's simply beyond me.

Edited 2010-06-13 09:36 UTC

Reply Score: 2

RE[3]: Comment by marcp
by nt_jerkface on Mon 14th Jun 2010 22:24 UTC in reply to "RE[2]: Comment by marcp"
nt_jerkface Member since:
2009-08-26

Hmm, that's a good point. Should I mention I don't use *any* proprietary software just to make sure my rights are satisfied.


Well you must use an abacus then because most hardware is hard encoded with proprietary software.

If you want a fully open source computer then you'll have to go to the garage and build one from scratch. That way you can fully meet the rights that Stallman sanctimoniously declared for you while on the crapper.

Reply Score: 2

RE[4]: Comment by marcp
by marcp on Tue 15th Jun 2010 18:10 UTC in reply to "RE[3]: Comment by marcp"
marcp Member since:
2007-11-23

You're so late to comment on this. I've already explained everything - plus - one of the guys got my words properly without passing it through his own stream of consciousness.

I put OSS where I CAN put it, I can't replace BIOS, firmware and so I CAN'T do it. There is NO OpenSource Hardware yet so I CANNOT go this way. Capish?

Reply Score: 2

RE: Comment by marcp
by contextfree on Sun 13th Jun 2010 04:49 UTC in reply to "Comment by marcp"
contextfree Member since:
2009-06-01

What would be the grounds for your lawsuit? What damages would you claim?

Reply Score: 3

Business as Usual
by Digihooman on Mon 14th Jun 2010 06:14 UTC
Digihooman
Member since:
2010-05-01

This is just the jolly big corporation from Redmond letting you know they are still around and they control your browser. You can expect them to pop up anytime you access their internet, all in the name/game of improving the user experience, of course.

Reply Score: 1