Sneaky Microsoft Add-On Put Firefox Users At Risk 333
CWmike writes to mention that the "Windows Presentation Foundation" plugin that Microsoft slipped into Firefox last February apparently left the popular browser open to attack. This was among the many things recently addressed in the massive Tuesday patch. "What was particularly galling to users was that once installed, the .NET add-on was virtually impossible to remove from Firefox. The usual 'Disable' and 'Uninstall' buttons in Firefox's add-on list were grayed out on all versions of Windows except Windows 7, leaving most users no alternative other than to root through the Windows registry, a potentially dangerous chore, since a misstep could cripple the PC. Several sites posted complicated directions on how to scrub the .NET add-on from Firefox, including Annoyances.org."
Re:Sabotage? (Score:3, Interesting)
Re:Not true (Score:5, Interesting)
That may not be entirely true. Have a look at this:
http://adblockplus.org/blog/the-return-of-net-framework-assistant [adblockplus.org]
Re:Sabotage? (Score:4, Interesting)
Given that Nintendo is legally required to warn you prior to updating your Wii that such updates break homebrew, I cannot possibly imagine that Microsoft is allowed to break your software without your consent.
Re:Sabotage? (Score:5, Interesting)
Or the idea of NSA 'agents' running around shooting up everything in sight (because the CIA isn't the big Boogie Man anymore). Real life: Bunch of bureaucrats overseeing a bunch of pastyfaced nerds and cubicle rats busy doing signal intercepts and codebreaking. Though the bandwidth and internet access is great, I hear...
Re:except Windows 7 (Score:1, Interesting)
What was particularly galling to users was that once installed, the .NET add-on was virtually impossible to remove from Firefox. The usual "Disable" and "Uninstall" buttons in Firefox's add-on list were grayed out ...
As is the add-on "Ubuntu Firefox Modifications"; that you get - whether you want it or not - when installing Ubuntu.
Re:except anything but Windoze (Score:3, Interesting)
Re:Sabotage? (Score:4, Interesting)
Not surprisingly this comment is sitting here unmoderated
Only for half an hour. An hour later, it is up to +5. I guess the "nucleation" for moderations is the slow step, it has seemed to me that most moderations are done on posts already moderated once. Looking over my comments, I usually notice that most of my posts are unmoderated, the ones that are are usually moderated more than once. I don't really think my posts are either +5 great or +0 meh. Most people with mod points must be lazy and don't browse in full.
Re:Almost (Score:2, Interesting)
I have automatic windows updates disabled and it was installed on my machine. To tell you the truth I found half a dozen microsoft addins and plugins installed stealthly
Re:Almost (Score:3, Interesting)
Isn't this like corporate espionage? (Score:2, Interesting)
Placing an "add-in" in a competitor's product to render it more vulnerable to attacks and crashes seems like more the DOJ needs to investigate into Microsoft. Because it is hard to remove or disable, it could also be considered malware of some type. There might even be a class action lawsuit against Microsoft for Firefox users. If so sign me up, as that add-in caused my Firefox to crash more often and caused me to lose productivity and gave me emotional and psychological damage. I suffer from schizo affective disorder and the add-in caused crashes and lockups that activated my disorder and made it worse. That makes me more sensitive than normal people.
It took a registry hack and deletion of hidden files to get rid of it, but my Windows XP crashes every three days now since I removed it. Automatic updates of Dotnet frameworks add it back in for some reason.
Re:Sabotage? (Score:4, Interesting)
Ok, seriously. Why Algol-60?
Re:Sabotage? (Score:5, Interesting)
Ok, seriously. Why Algol-60?
Because it is one of the three languages that started it all, and one that affected all existing mainstream languages most. Curly braces of C, and the block construct that they represent, began their life as "begin .. end" in Algol-60.
Because it is at the same time a very beautiful language - especially considering the time when it was designed - and one with some very advanced constructs, not found even in many modern languages, that can pose significant challenge to implement efficiently, especially in an otherwise constrained environment such as sandboxed CLR. To list a few such features: computed goto, label variables/function arguments and the associated nonlocal goto, arbitrarily nested functions with variable capturing, and call-by-name. Challenges are fun.
Because it's a very important milestone in history of CompSci in general, and language design in particular (in case it's not quite obvious yet, I'm a language design geek), a piece of it that I wish to preserve. Apparently, I'm not alone in that, either - there's also GNU Marst [gnu.org] - curiously enough, written by another Russian dude.
Because Simula-67 (the first OOP language ever, and the ultimate ancestor of virtually every statically typed OO language today, including C++, Java and C#) is a strict superset of Algol-60, and I wanted to go after it next.
And, of course, just for fun. I mean, this is Slashdot, right? We routinely get people installing KDE2 on NetBSD running on toasters with 7-segment indicators here; I think my little fetish is relatively benign in contrast.
(To bring the above references to Algol-60 language features into some context for those not familiar with the subject, the final Algol-60 language spec is here [masswerk.at]; it's a fairly short read.)
After all everybody her on SlashDot knows that Algol-68 is the most recent version!
Algol-68 is an entirely different language from Algol-60. It's not evolutionary, but a complete, ground-up redesign, by very different people. It's also a very interesting one, and important in its own right, since C borrowed a lot of things from it, down to keywords (VOID, INT, SHORT, LONG, STRUCT and UNION are all Algol-68 keywords with virtually the same meaning they have retained in C).
It would be fairly interesting thing to implement as well, but in many ways it's a much more rationally designed language than Algol-60, dropping some overly exotic and complicated features, and, consequently, implementing it is less of a challenge (I guess they had had enough real-world experience writing compilers by then to conclude that some features of Algol-60 looked good on paper only...).
Re:Sabotage? (Score:3, Interesting)
I mean browsing in full while moderating: actually reading those posts which haven't been modded up yet so that you can spot good ones deserving a mod. Such as the one in question.
Mozilla is on top of it, though (Score:5, Interesting)
This screen capture of a dialog [photobucket.com] I saw tonight demonstrates that Mozilla is paying attention and doing something about it, though:
Re:except Windows 7 (Score:3, Interesting)
Remember - if MS like your product, or if it poses a threat to them, they'll either kill you off in court or they will buy / steal the technology (Doublespace) and still tie you up in legal knots.
Nowadays, they screw around with other company's products, and there's (effectively) nothing that anyone can do.
Remember - anyone who can afford to buy the judge can get whatever "legal" ruling they want!