Linked by Thom Holwerda on Fri 11th Jun 2010 21:27 UTC
Microsoft "Microsoft has fixed the distribution scope of a toolbar update that, without the user's knowledge, installed an add-on in Internet Explorer and an extension in Firefox called Search Helper Extension. Microsoft told us that the new update is actually the same as the old one; the only difference is the distribution settings. In other words, the update will no longer be distributed to toolbars that it shouldn't be added to. End users won't see the tweak, Microsoft told Ars, and also offered an explanation on what the mystery add-on actually does."
Permalink for comment 429980
To read all comments associated with this story, please click here.
RE[6]: Gotta love it
by vaette on Mon 14th Jun 2010 14:02 UTC in reply to "RE[5]: Gotta love it"
vaette
Member since:
2008-08-09

This is just an endless cycle isn't it?

Differences being, that .deb/.rpm/.tar.gz-packages are open. If I am in serious doubt, I can dissect the packages, see what's in /usr/share, /usr/bin, postrm and whatnot.

But you don't. Which makes the point rather moot.

Note also that the community at large indeed noted what Microsofts install package did and followed up on it, exactly what I assume is what you want to point out to be the great advantage of the OSS community.

To my knowledge, never did any Distro install any package that is not uninstallable through package management anymore, whereas Microsoft keeps distributing things that are not trivially removable (read: via Firefox's add-on manager) and which promote their proprietary wannabe standards. I don't want a f+cking web-install for whatever bogo technology or whatever, and I don't want a f+cking unasked-for extension without the possiblity to trivially remove it again.

It is removable by uninstalling the update in question though, which works just as well as uninstalling the "package" would under a Linux distro.

To my knowledge, distro-provided packages never extended the installations of other packages, except when those are add-on-packages

On the other hand this update applied to the Bing bar, which is an add-on to both IE and Firefox, so updating extensions in Firefox makes sense. The behaviour of updating the extension in Firefox even when the Bing bar is not installed in Firefox is, as already noted, a bug.

And seriously, how low is the possibility of a bug which installs this piece of dung into a remote application, following the rules of that application, and following the usual pattern of not being uninstallable? As this never happened in the Open Source World that I know, it is probably so small that not even a million chimps will reproduce this bug within the lifespan of our sun (http://www.ohloh.net/languages).

The update package was supposed to install the extension in Firefox, and the extension was designed to behave in that way, since it was supposed to be removed when the Bing bar extension was uninstalled from Firefox, rather than being uninstallable by itself. The bug was that it was added when any Bing bar was on the system, even if it wasn't in Firefox.

So: Stop believing in Microsofts philantropist interests and that this was a bug. It was not. It was intent. We can discuss whether this was wise or stupid, but not about whether it's a bug.

This is such bullshit that it gets tiring to go over it again; why would it be intentional?? It does nothing, nothing to help Microsoft, nothing to harm Microsoft, nothing in any direction. These claims about malicious intent are just paranoid fantasy unless you can come up with some kind of motive.

Reply Parent Score: 1