Re: [CGUYS] Forced to Bing Against Their Will
On Jun 10, 2009, at 10:36 PM, mike wrote: As far what Tom is talking about, he can blame MS as he always does, but it's more of an ISP problem. Even if MS begs them to do this, they have to agree. Attempted obscuration (of course). Nevertheless it is M$ at the heart of this dirty deed. Just like Bush blaming a few bad eggs for the crimes he perpetrated. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
I'm surprised you don't think MS was at the heart of the Bush 'crimes'hmm, maybe you do. On Thu, Jun 11, 2009 at 6:12 PM, t.piwowar t...@tjpa.com wrote: On Jun 10, 2009, at 10:36 PM, mike wrote: As far what Tom is talking about, he can blame MS as he always does, but it's more of an ISP problem. Even if MS begs them to do this, they have to agree. Attempted obscuration (of course). Nevertheless it is M$ at the heart of this dirty deed. Just like Bush blaming a few bad eggs for the crimes he perpetrated. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** * * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Gates didn't have enough money for Bush to squander. Why use one guy when you can use a whole country? On Jun 11, 2009, at 9:20 PM, mike wrote: I'm surprised you don't think MS was at the heart of the Bush 'crimes'hmm, maybe you do. On Thu, Jun 11, 2009 at 6:12 PM, t.piwowar t...@tjpa.com wrote: On Jun 10, 2009, at 10:36 PM, mike wrote: As far what Tom is talking about, he can blame MS as he always does, but it's more of an ISP problem. Even if MS begs them to do this, they have to agree. Attempted obscuration (of course). Nevertheless it is M$ at the heart of this dirty deed. Just like Bush blaming a few bad eggs for the crimes he perpetrated. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http:// www.cguys.org/ ** * * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http:// www.cguys.org/ ** * * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
I'll be honest, I have not been really been following this thread. Today, however, I noticed that if a person typed an incorrect web site address or forgot the .com .org etc at the end Bing was used to help them find the correct site. I do not find this in and of itself bad. However, if these are considered hits on Bing it is at best misleading. It seems in most of the cases I witnessed it was a typo not a true search and Bing would not have been the search engine chosen if it was. Is this what was meant by the title of this thread? Steve * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Jun 10, 2009, at 8:43 PM, Stephen Brownfield wrote: I'll be honest, I have not been really been following this thread. Today, however, I noticed that if a person typed an incorrect web site address or forgot the .com .org etc at the end Bing was used to help them find the correct site. I do not find this in and of itself bad. However, if these are considered hits on Bing it is at best misleading. It seems in most of the cases I witnessed it was a typo not a true search and Bing would not have been the search engine chosen if it was. Is this what was meant by the title of this thread? I have read that this is considered to be a bad thing as it opens users to cross-site scripting attacks. http://www.darkreading.com/security/app-security/showArticle.jhtml? articleID=211201335 I see M$ would rather goose Bing's numbers than keep its customers safe. A typical, dangerous M$ dirty trick. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
I think the difference here is live.com is gone for searching...people might not realize they are by default being pushed to bing instead of live now. As far what Tom is talking about, he can blame MS as he always does, but it's more of an ISP problem. Even if MS begs them to do this, they have to agree. On Wed, Jun 10, 2009 at 6:34 PM, t.piwowar t...@tjpa.com wrote: On Jun 10, 2009, at 8:43 PM, Stephen Brownfield wrote: I'll be honest, I have not been really been following this thread. Today, however, I noticed that if a person typed an incorrect web site address or forgot the .com .org etc at the end Bing was used to help them find the correct site. I do not find this in and of itself bad. However, if these are considered hits on Bing it is at best misleading. It seems in most of the cases I witnessed it was a typo not a true search and Bing would not have been the search engine chosen if it was. Is this what was meant by the title of this thread? I have read that this is considered to be a bad thing as it opens users to cross-site scripting attacks. http://www.darkreading.com/security/app-security/showArticle.jhtml ?articleID=211201335 I see M$ would rather goose Bing's numbers than keep its customers safe. A typical, dangerous M$ dirty trick. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** * * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Did that security hole ever get compromised? That's the argument from the mac side, macs have big security holes that are never compromised so that equals good security, I hadn't seen that this extension caused one security problem. Perhaps it did and it didn't come up in my searches? On Mon, Jun 8, 2009 at 9:43 PM, John Duncan Yoyo johnduncany...@gmail.comwrote: The problem is that M$ did something that opened a security hole in non-M$ software that people use to avoid their own shoddy product because of similar security holes intrinsic to IE. I don't trust IE due to it's history and only use it for updates and when It can't be avoided. -- John Duncan Yoyo ---o) * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** * * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
So Apple is guilty of some of the crimes that the Redmond Menace is guilty of. Both are sinners and deserve a time out for it. Agreed, but that was in answer to Tom's assertion that Apple would NEVER do such a thing, when, in fact, it already has. The problem is that M$ did something that opened a security hole in non-M$ software that people use to avoid their own shoddy product because of similar security holes intrinsic to IE. So you say, but yet, no one has actually been able to show what this supposed security hole actually was. So far, it's just been a lot of talk. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Since we have pirate day, can we have l33t speak day...Jeff already has a good start. On Tue, Jun 9, 2009 at 7:53 AM, Jeff Wright jswri...@gmail.com wrote: The web has been largely a OMG!!! M$ hAx0red FF!!!1! * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Note how blasé WFBs are about product defects. But there is a big difference here. If M$ wants to have gross defects in its own products that is their business, but when they go insert defects into competitor's products that is something completely different. That's a drive-by shooting. I'm sorry, but you're going to have to establish first that this *is* a product defect before blathering on about it. The prodcut is working fine and the only question was whether or not this should have been a machine level install or a user level install. So far, all we've gotten are prank calls to the fire department. I'm sure you can do better. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
A real example please. Bonjour is not what you claim it to be. Actually, it is. I know, I know, your programming won't allow you to admit that. I don't blame you personally. Here, chew on these: http://cyberinsecure.com/apples-safari-downloads-websites-resources-without-asking-for-permission/ http://blogs.zdnet.com/open-source/?p=2157 http://www.itworld.com/security/53730/apple-pushes-mobileme-surprise-xp-vista * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Jun 9, 2009, at 2:34 AM, mike wrote: Did that security hole ever get compromised? That's the argument from the mac side, macs have big security holes that are never compromised so that equals good security, I hadn't seen that this extension caused one security problem. Perhaps it did and it didn't come up in my searches? You keep trying to change the subject. The issue is that this vulnerability was inserted into a competitor's product by M$. By doing so it removed a major advantage of using the competitor's product. This is particularly important because this is the very same competing product that was at the center of M$'s anti-trust conviction. Looks to me like M$ has unilaterally declared the consent agreement void. Sort of like North Korea declaring the Korean Armistice Agreement void. (Now I suppose you will spring to the defense of Kim Jong-il.) * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
You keep trying to change the subject. The issue is that this vulnerability was inserted into a competitor's product by M$. Sorry, but you haven't established yet that there actually is a vulnerability. Repeating it does not make it so. By doing so it removed a major advantage of using the competitor's product. This is particularly important because this is the very same competing product that was at the center of M$'s anti-trust conviction. Looks to me like M$ has unilaterally declared the consent agreement void. Nope, not the same product. It may be based on the same rendering engine and I know how easily confused you can get, but it's a completely separate product from Netscape. Netscape was owned by the evil AOL (weren't they supposed to own the Internet by now?), Firefox is owned by Mozilla, a non-profit. Just in case you're *really* confused, Safari and Chrome are differrent products too, even though they share code as well. (Now I suppose you will spring to the defense of Kim Jong-il.) Nah, he seems like much more of a Mac guy. Feelings of inadequacy, vain, crushing central authority, conformity at all costs and so on. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Sun, Jun 7, 2009 at 11:33 PM, Jeff Wright jswri...@gmail.com wrote: I do wonder if this is going to wake the forces of Anti-trust again. I expect the EU to go after them for and who knows about the current US administration. Seriously? This is pretty meaningless stuff in the end, especially since they corrected the issue. It's the EU they take this portion of law enforcement seriously. They already told MS not to do similar things. Yeah it should get some attention at least a phone call. I never asked Apple to install Bonjour on my system when I installed iTunes. Should we sue them too or just let me get on with the uninstalling? Bonjour is a component of iTunes. ,Net isn't a component of Firefox. -- John Duncan Yoyo ---o) * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Jun 8, 2009, at 8:53 AM, John Duncan Yoyo wrote: Bonjour is a component of iTunes. ,Net isn't a component of Firefox. Good point. This is the discovery mechanism that iTunes uses to share music on the subnet. If the iTunes installer starting dropping patches into other applications without warning, this would be another thing, but they do not do that. This M$ intrusion and Sony's root-kit exploit are the only cases I know of where a major software company had the balls to try something like this. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Jun 8, 2009, at 8:53 AM, John Duncan Yoyo wrote: It's the EU they take this portion of law enforcement seriously. They already told MS not to do similar things. Yeah it should get some attention at least a phone call. I think the new administration will bring a return to law and order. They are already making strong moves against botnets and spammers. http://www.crn.com/security/217702111 * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Bonjour is a component of iTunes. ,Net isn't a component of Firefox. That's some mighty fine hair splitting. Bonjour is not a component of Windows. .Net is. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Bonjour is not a component of iTunes, it is used by iTunes and by many other programs. On Mon, Jun 8, 2009 at 5:53 AM, John Duncan Yoyo johnduncany...@gmail.comwrote: Bonjour is a component of iTunes. ,Net isn't a component of Firefox. -- John Duncan Yoyo ---o) * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** * * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Good point. This is the discovery mechanism that iTunes uses to share music on the subnet. Except that I have no need for this and Apple thinks it below them to even deign to ask the lowly user if they don't want to install Bonjour. If the iTunes installer starting dropping patches into other applications without warning, this would be another thing, but they do not do that. It already does this with Bonjour. It installs a networking component directly into Windows without any prior warning. That's taking pages from the Real Player handbook. This M$ intrusion and Sony's root-kit exploit are the only cases I know of where a major software company had the balls to try something like this. **cough** SAFARI **cough** The Annoyances page that John links to has a comment from the author about MobileMe doing the same thing. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
It's the EU they take this portion of law enforcement seriously. They already told MS not to do similar things. Yeah it should get some attention at least a phone call. Ring! MS: Hello? DOJ: We hear that you installed a .Net component into Firefox and made it impossible for the user to uninstall it. MS: Yeah, we screwed up on that. The user could always have disabled the add-on. DOJ: NOT GOOD ENOUGH! We hear that there might be some vague and undefined security issue! MS: Yeah, OK, we did that in February. We posted a correction for it in May so that the user could uninstall it without being an admin. DOJ: But...but... MS: Are we good now? DOJ: But...but MS: Ok, gotta run. Windows 7 and all. Click. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
They will bring in their own version of law and order would be a better way to say it. To keep it in tech, Obama is (again) about to break another campaign promise and bring in an ex lobbyist and google exec into the admin, to be the new deputy CTO. Some reports say he is leaving google for the position, others say he was already leaving google. New boss, same as the old boss.. On Mon, Jun 8, 2009 at 7:49 AM, t.piwowar t...@tjpa.com wrote: On Jun 8, 2009, at 8:53 AM, John Duncan Yoyo wrote: It's the EU they take this portion of law enforcement seriously. They already told MS not to do similar things. Yeah it should get some attention at least a phone call. I think the new administration will bring a return to law and order. They are already making strong moves against botnets and spammers. http://www.crn.com/security/217702111 * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** * * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Jun 8, 2009, at 11:54 AM, Jeff Wright wrote: Except that I have no need for this and Apple thinks it below them to even deign to ask the lowly user if they don't want to install Bonjour. You are not installing Bonjour. You are installing iTunes. To do that you had to download iTunes and run the installer. In the process you read and assented to lots of conditions. Nobody is forcing you to use iTunes. There are lots of alternatives. By your rules, every application would have to display a list of every component to let you decide one by one which ones you want. That would be silly and would make writing the software very expensive because it would have to work under so many different configurations. There is nothing wrong with iTunes being of a single piece, take it or leave it. This is very different than the operating system vendor pushing down updates that modify third-party software. Worse yet, the modifications bypass security features of that third-party software that are a major competitive feature of that software. What I think makes it criminal is that M$ is a convicted monopolist and Mozilla is a direct competitor in this market. M$'s prior conviction was largely due to their previous assault on Mozilla. Now they want to knife the baby a second time! Let me put it another way. What makes this wrong is the same reasoning that bans convicted child molesters from areas around schools and playgrounds. They can't be trusted. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
How about just notifying us of seperate components that have nothing to do with itunes being installed? I realize to you Apple doing this is A-ok double plus whatever you say, but some of us don't like it apple or MS. On Mon, Jun 8, 2009 at 9:56 AM, t.piwowar t...@tjpa.com wrote: On Jun 8, 2009, at 11:54 AM, Jeff Wright wrote: Except that I have no need for this and Apple thinks it below them to even deign to ask the lowly user if they don't want to install Bonjour. You are not installing Bonjour. You are installing iTunes. To do that you had to download iTunes and run the installer. In the process you read and assented to lots of conditions. Nobody is forcing you to use iTunes. There are lots of alternatives. By your rules, every application would have to display a list of every component to let you decide one by one which ones you want. That would be silly and would make writing the software very expensive because it would have to work under so many different configurations. There is nothing wrong with iTunes being of a single piece, take it or leave it. This is very different than the operating system vendor pushing down updates that modify third-party software. Worse yet, the modifications bypass security features of that third-party software that are a major competitive feature of that software. What I think makes it criminal is that M$ is a convicted monopolist and Mozilla is a direct competitor in this market. M$'s prior conviction was largely due to their previous assault on Mozilla. Now they want to knife the baby a second time! Let me put it another way. What makes this wrong is the same reasoning that bans convicted child molesters from areas around schools and playgrounds. They can't be trusted. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** * * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
You are not installing Bonjour. You are installing iTunes. To do that you had to download iTunes and run the installer. In the process you read and assented to lots of conditions. Nobody is forcing you to use iTunes. There are lots of alternatives. Ah, how very lawyerly of you Thomas. Didn't you read the very long, dry and fine print before you installd this program? Tsk, tsk. If this were a mortgage, they would call it predatory lending. By your rules, every application would have to display a list of every component to let you decide one by one which ones you want. That would be silly and would make writing the software very expensive because it would have to work under so many different configurations. There is nothing wrong with iTunes being of a single piece, take it or leave it. OK, I'll leave it. Songbird is looking promising. Let me put it another way. What makes this wrong is the same reasoning that bans convicted child molesters from areas around schools and playgrounds. They can't be trusted. Here, let me put it in a way that is connected to reality: people who get their panties all wadded up over something so trivial, as well as moot, shoudn't be taken seriously at all. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
I get it. I is sort of like robbing a bank because you are short on cash and then giving the money back after you have a job. Happens all the time. Rght. Or, like a major OS update from Apple that (twice!) deletes entire hard drives, which requires a later update so it doesn't and in the menatime, force their customers to resort to using a non-white computer and have all the glitterati mock them for it. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
And people wonder why you aren't on the radio anymore. Only you could link a software glitch to being in favor of child molesting. You need serious help...get some. On Mon, Jun 8, 2009 at 2:03 PM, t.piwowar t...@tjpa.com wrote: On Jun 8, 2009, at 1:26 PM, Jeff Wright wrote: Here, let me put it in a way that is connected to reality: people who get their panties all wadded up over something so trivial, as well as moot, shoudn't be taken seriously at all. I had expected you would rise to the defense of child molesters. I was right. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** * * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Let me put it another way. What makes this wrong is the same reasoning that bans convicted child molesters from areas around schools and playgrounds. They can't be trusted. But yet, you'll continue to trust another company which has such shitty QA *on their own OS on their own hardware*, that you have to skip iterative releases and major upgrades for fear of major snafus. Talk about trust issues. You're the guy who doesn't catch the other person falling backwards in the team-building games. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Jun 8, 2009, at 5:50 PM, Jeff Wright wrote: But yet, you'll continue to trust another company which has such shitty QA *on their own OS on their own hardware*, that you have to skip iterative releases and major upgrades for fear of major snafus. I see things as they are. WFBs can't get their brains around the fact that I'm not a MFB. When Apple screws up I am not afraid to say so. I don't automatically swallow whatever Apple (or M$) dishes out. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Mon, Jun 8, 2009 at 11:54 AM, Jeff Wright jswri...@gmail.com wrote: Good point. This is the discovery mechanism that iTunes uses to share music on the subnet. Except that I have no need for this and Apple thinks it below them to even deign to ask the lowly user if they don't want to install Bonjour. If the iTunes installer starting dropping patches into other applications without warning, this would be another thing, but they do not do that. It already does this with Bonjour. It installs a networking component directly into Windows without any prior warning. That's taking pages from the Real Player handbook. This M$ intrusion and Sony's root-kit exploit are the only cases I know of where a major software company had the balls to try something like this. **cough** SAFARI **cough** The Annoyances page that John links to has a comment from the author about MobileMe doing the same thing. So Apple is guilty of some of the crimes that the Redmond Menace is guilty of. Both are sinners and deserve a time out for it. Hey mom Steve did it first no Steve did. The problem is that M$ did something that opened a security hole in non-M$ software that people use to avoid their own shoddy product because of similar security holes intrinsic to IE. I don't trust IE due to it's history and only use it for updates and when It can't be avoided. -- John Duncan Yoyo ---o) * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Why am I not surprised? An even better forced upgrade for IE6 users would be a mandatory upgrade to IE7 or IE8. Neither is great, but IE6 is so full of security problems that it's not even clear it's really supported anymore. Besides, consider all of the folks out there with XP who are suddenly going to feel orphaned when windows7 gets released in October, and all too many software providers move on to 7, if you think Binging against your will is bad, imagine paying money to upgrade to be compatible. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Sat, Jun 6, 2009 at 6:26 PM, t.piwowar t...@tjpa.com wrote: Why am I not surprised? http://www.pcworld.com/article/166024/ microsoft_tries_to_force_you_to_use_bing.html?loomia_ow=t0:s0:a41:g26:r10:c0.023904:b24935762 This isn't nearly so bad as M$'s stealth Firefox plugin for *Microsoft .NET Framework Assistant 1.0*http://msdn.microsoft.com/en-us/library/cc716877.aspxthat enabled one click in Firefox. It was installed in January as part of a M$ tuesday patch. I just heard about it this week. The basic problem is that it gave Firefox the same kinds of security hole that Explorer has. Users weren't told that it was being installed and thought that they were safely running Firefox and were exposed to risks that they were using Firefox to avoid. http://ffextensionguru.wordpress.com/2009/02/08/how-to-remove-microsoft-net-spyware-extension/ -- John Duncan Yoyo ---o) * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
An even better forced upgrade for IE6 users would be a mandatory upgrade to IE7 or IE8. Neither is great, but IE6 is so full of security problems that it's not even clear it's really supported anymore. Windows 2000 tops out at IE6. It's a solid and stable OS and is what the 7-year old Dell PCs I give to staff and other non-profits are licensed for, so yes, people still use it. It's fine for the low-end stuff they'll be using it for: office apps, email and web-surfing. They're free to replace it with their own version of XP, but the cert on the PC is for 2000. FWIW, in addition to OpenOffice 3.1, I install and Firefox on these computers and also set the user up as a limited-rights user, not the admin, so they're not exposed by IE6's security issues and running an OS as an admin, the single biggest security issue for Windows users prior to Vista. Besides, consider all of the folks out there with XP who are suddenly going to feel orphaned when windows7 gets released in October, and all too many software providers move on to 7, if you think Binging against your will is bad, imagine paying money to upgrade to be compatible. You can get IE8 for XP. Considering how widely XP is in use (and how XP SP3 will be supported by MS until 2014), it will be more than several years before any XP user will *need* to upgrade their system to Win7. They may want to, I will, or they could buy a new system that comes with Win7, which will be out on October 22. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
-Original Message- The basic problem is that it gave Firefox the same kinds of security hole that Explorer has. [citation needed] **My note: Logging on as the admin would have enabled the uninstall, which makes me wonder what all the sturm and drang was about, since LUA users (Least-privileged User Account) typically aren't permitted to install or uninstall software.** http://blogs.msdn.com/brada/archive/2009/02/27/uninstalling-the-clickonce-su pport-for-firefox.aspx http://tinyurl.com/aqm4l9 We added this support at the machine level in order to enable the feature for all users on the machine. Seems reasonable right? Well, turns out that enabling this functionality at the machine level, rather than at the user level means that the Uninstall button is grayed out in the Firefox Add-ons menu because standard users are not permitted to uninstall machine-level components Update (5/2009): We just release an update to .NET Framework 3.5 SP1 that makes the Firefox plug in a per-user component. This makes uninstall a LOT cleaner.. none of the steps below are required once this update is installed. http://www.microsoft.com/downloads/details.aspx?displaylang=enFamilyID=cecc 62dc-96a7-4657-af91-6383ba034eab http://tinyurl.com/cbx4me In .NET Framework 3.5 SP1, the .NET Framework Assistant enables Firefox to use the ClickOnce technology that is included in the .NET Framework. The .NET Framework Assistant is added at the machine-level to enable its functionality for all users on the machine. As a result, the Uninstall button is shown as unavailable in the Firefox Add-ons list because standard users are not permitted to uninstall machine-level components. In this update for .NET Framework 3.5 SP1 and in Windows 7, the .NET Framework Assistant will be installed on a per-user basis. As a result, the Uninstall button will be functional in the Firefox Add-ons list. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Jun 7, 2009, at 8:45 AM, John Duncan Yoyo wrote: This isn't nearly so bad as M$'s stealth Firefox plugin for *Microsoft .NET Framework Assistant 1.0*http://msdn.microsoft.com/en-us/library/cc716877.aspxthat enabled one click in Firefox. It was installed in January as part of a M$ tuesday patch. I just heard about it this week. The basic problem is that it gave Firefox the same kinds of security hole that Explorer has. Users weren't told that it was being installed and thought that they were safely running Firefox and were exposed to risks that they were using Firefox to avoid. Oh my, I missed that one. And I imagine it came wrapped in some kind of click-through license that absolves M$ of all responsibility for anything they do to your computer. It is also interesting that M$ has disabled the ability to uninstall this invader. One has to go to great lengths to get it out of FireFox. Yet one more reason why only fools run Windows. Are the IT fools who agreed to absolve M$ for its sins also protected by the click-through license or can we fire the bunch of them? * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Yet one more reason why only fools overreact to non-issues resolved last month. FTFY. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Orphaned? Apple won't even let you run new versions of safari on 'old' versions of OSX. By the time 7 comes out, XP will be 8 years old...just how long should MS continue to babysit customers who still want software they used a crowbar to go from 98 to get working on XP and now want to work flawlessly on 7? Which version of linux are you running? On Sun, Jun 7, 2009 at 12:49 AM, Art Clemons artclem...@aol.com wrote: Why am I not surprised? An even better forced upgrade for IE6 users would be a mandatory upgrade to IE7 or IE8. Neither is great, but IE6 is so full of security problems that it's not even clear it's really supported anymore. Besides, consider all of the folks out there with XP who are suddenly going to feel orphaned when windows7 gets released in October, and all too many software providers move on to 7, if you think Binging against your will is bad, imagine paying money to upgrade to be compatible. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** * * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Which version of linux are you running? Slackware-current with the 2.6.29.4 kernel * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Sun, Jun 7, 2009 at 10:19 AM, Jeff Wright jswri...@gmail.com wrote: -Original Message- The basic problem is that it gave Firefox the same kinds of security hole that Explorer has. [citation needed] There is this quote from annoyances.org http://annoyances.org/exec/show/article08-600: “This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC. Since this design flaw is one of the reasons you may’ve originally choosen to abandon IE in favor of a safer browser like Firefox, you may wish to remove this extension with all due haste.” There was a discussion of this on Security Now! this week- http://twit.tv/sn199. The most upsetting part is the failure of M$ to either ask permission for or notify that it added to a third party program. Some other links. http://startupearth.com/2009/05/31/microsoft-sabotaging-firefox-with-sneaky-net-updates/ -- John Duncan Yoyo ---o) * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Sun, Jun 7, 2009 at 10:19 AM, Jeff Wright jswri...@gmail.com wrote: Update (5/2009): We just release an update to .NET Framework 3.5 SP1 that makes the Firefox plug in a per-user component. This makes uninstall a LOT cleaner.. none of the steps below are required once this update is installed. http://www.microsoft.com/downloads/details.aspx?displaylang=enFamilyID=cecc 62dc-96a7-4657-af91-6383ba034eabhttp://www.microsoft.com/downloads/details.aspx?displaylang=enFamilyID=cecc%0A62dc-96a7-4657-af91-6383ba034eab http://tinyurl.com/cbx4me In .NET Framework 3.5 SP1, the .NET Framework Assistant enables Firefox to use the ClickOnce technology that is included in the .NET Framework. The .NET Framework Assistant is added at the machine-level to enable its functionality for all users on the machine. As a result, the Uninstall button is shown as unavailable in the Firefox Add-ons list because standard users are not permitted to uninstall machine-level components. In this update for .NET Framework 3.5 SP1 and in Windows 7, the .NET Framework Assistant will be installed on a per-user basis. As a result, the Uninstall button will be functional in the Firefox Add-ons list. So we should forgive them for monkeying with Firefox because it took them a quarter to respond to their own screw up?? I think not. I have no problem with the availability of the component it is that they decided that they would install it on my machine in the first place, in a program that they didn't write. -- John Duncan Yoyo ---o) * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
I was thinking...great lengths seems to be hitting the 'uninstall' button in the extensions of firefox for that extension. Whew...I'm tuckered out after that ordeal. I had to *restart* firefox too. On Sun, Jun 7, 2009 at 8:36 AM, t.piwowar t...@tjpa.com wrote: On Jun 7, 2009, at 8:45 AM, John Duncan Yoyo wrote: This isn't nearly so bad as M$'s stealth Firefox plugin for *Microsoft .NET Framework Assistant 1.0*http://msdn.microsoft.com/en-us/library/cc716877.aspxthat enabled one click in Firefox. It was installed in January as part of a M$ tuesday patch. I just heard about it this week. The basic problem is that it gave Firefox the same kinds of security hole that Explorer has. Users weren't told that it was being installed and thought that they were safely running Firefox and were exposed to risks that they were using Firefox to avoid. Oh my, I missed that one. And I imagine it came wrapped in some kind of click-through license that absolves M$ of all responsibility for anything they do to your computer. It is also interesting that M$ has disabled the ability to uninstall this invader. One has to go to great lengths to get it out of FireFox. Yet one more reason why only fools run Windows. Are the IT fools who agreed to absolve M$ for its sins also protected by the click-through license or can we fire the bunch of them? * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** * * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
There is this quote from annoyances.org http://annoyances.org/exec/show/article08-600: Yes, I saw that. That's where I found the MSDN blog that describes the why and that an update is out. Unfortunately, the Annoyances page, which all other pages seem to quote verbatim, doesn't offer any details, just that it's bad. If it's that bad, they should be able to provide some proof, a link to a published exploit or a MS page with the security alert or any site with *any* details, to back up their claim. As of right now, it's FUD. There was a discussion of this on Security Now! this week- http://twit.tv/sn199. The most upsetting part is the failure of M$ to either ask permission for or notify that it added to a third party program. Looks like the malice or incompetence rule can be invoked here. They corrected the behavior which allowed the user-level install, so I won't assign malice. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Jun 7, 2009, at 4:23 PM, mike wrote: I was thinking...great lengths seems to be hitting the 'uninstall' button in the extensions of firefox for that extension. Whew...I'm tuckered out after that ordeal. I had to *restart* firefox too. If you had bothered to check before posting you would know that M$ disabled that uninstall button. The URL cited even included a screen shot to illustrate this. Of course we all know that WFBs don't have to check anything, they already know everything. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Jun 7, 2009, at 2:25 PM, John Duncan Yoyo wrote: “This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC. Since this design flaw is one of the reasons you may’ve originally choosen to abandon IE in favor of a safer browser like Firefox, you may wish to remove this extension with all due haste.” This is really, really clever. When a competitor has a feature that provides a significant advantage, you write a patch or plugin for their software that removes the advantage. Wow! This lifts competition to an entirely new level. I guess one could call this tactic a drive-by shooting. So should Mozilla now retaliate by issuing patches that introduce horrible bugs into IE or W7? * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Not for Tom, this may be too much of a clear thinking post for him to handle. There seems to be a lot of mis-information and hype being spread around about this. See: http://voices.washingtonpost.com/securityfix/2009/05/microsoft_update_quietly_insta.html Is this truly a vulnerability? Can software run from a single click on a website without the user's knowledge? Is this a bad MS design? The MS developer at: http://blogs.msdn.com/brada/archive/2009/02/27/uninstalling-the-clickonce-support-for-firefox.aspxtalks about the problem of not being able to uninstall it which now MS has fixed with a download which can be manually installed. So there is a fix to the uninstall, but if it is NOT uninstalled does this make Firefox vulnerable? I further found a previous version of this extension written as a legitimate FF extension at: https://addons.mozilla.org/en-US/firefox/addon/1608 The developer provided a way to test his extension at: http://www.softwarepunk.com/ffclickonce/testing.html I tested the MS version of this extension which is installed by default automatically (not the updated one from MS which was referred to in the blog site above, nor the FF developers version) by clicking on the link at: http://www.softwarepunk.com/clickonce/tester/deploy/publish.htm and you still get a dialogue that you are about to run an application with the ability to choose to cancel the operation. With that I can't see how this is a vulnerability unless there is a way to bypass this dialogue. I also did a search in Secuia's database and found this software but there are no vulnerability reports. I have sent a request to Secunia to ask if this is a vulnerability or at least has serious potential. I'm not saying that there isn't at least the potential for a vulnerability here but until someone can create a proof of concept of this vulnerability I'm not convinced. Also my test above does not confirm this vulnerability. Let's not create more hype about this without getting additional facts. There are plenty of real threats out there that we should focus on as well. On Sun, Jun 7, 2009 at 3:15 PM, t.piwowar t...@tjpa.com wrote: On Jun 7, 2009, at 4:23 PM, mike wrote: I was thinking...great lengths seems to be hitting the 'uninstall' button in the extensions of firefox for that extension. Whew...I'm tuckered out after that ordeal. I had to *restart* firefox too. If you had bothered to check before posting you would know that M$ disabled that uninstall button. The URL cited even included a screen shot to illustrate this. Of course we all know that WFBs don't have to check anything, they already know everything. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** * * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Sun, Jun 7, 2009 at 6:15 PM, t.piwowar t...@tjpa.com wrote: On Jun 7, 2009, at 4:23 PM, mike wrote: I was thinking...great lengths seems to be hitting the 'uninstall' button in the extensions of firefox for that extension. Whew...I'm tuckered out after that ordeal. I had to *restart* firefox too. If you had bothered to check before posting you would know that M$ disabled that uninstall button. The URL cited even included a screen shot to illustrate this. Of course we all know that WFBs don't have to check anything, they already know everything. They fixed that recently. It uninstalls and turns off now. I think that fix is how it floated up in the public consciousness again. -- John Duncan Yoyo ---o) * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Sun, Jun 7, 2009 at 4:49 PM, Jeff Wright jswri...@gmail.com wrote: Looks like the malice or incompetence rule can be invoked here. They corrected the behavior which allowed the user-level install, so I won't assign malice. So I should trust them because they are only incompetent and not malicious? I do wonder if this is going to wake the forces of Anti-trust again. I expect the EU to go after them for and who knows about the current US administration. -- John Duncan Yoyo ---o) * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
I do wonder if this is going to wake the forces of Anti-trust again. I expect the EU to go after them for and who knows about the current US administration. Seriously? This is pretty meaningless stuff in the end, especially since they corrected the issue. I never asked Apple to install Bonjour on my system when I installed iTunes. Should we sue them too or just let me get on with the uninstalling? * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
On Jun 7, 2009, at 9:11 PM, John Duncan Yoyo wrote: So I should trust them because they are only incompetent and not malicious? Incompetent vs. malicious. That is a tough call. Or are the maliciously acting like they are incompetent when they really are not? So many choices! In either event they are not to be trusted. That's a much easier decision! * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
[CGUYS] Forced to Bing Against Their Will
Why am I not surprised? http://www.pcworld.com/article/166024/ microsoft_tries_to_force_you_to_use_bing.html? loomia_ow=t0:s0:a41:g26:r10:c0.023904:b24935762 * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
t.piwowar wrote: Why am I not surprised? http://www.pcworld.com/article/166024/microsoft_tries_to_force_you_to_use_bing.html?loomia_ow=t0:s0:a41:g26:r10:c0.023904:b24935762 * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** * That's why I use Firefox and, hate IE with a passion. Christopher * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Oddly, Bing is so good I'm not sure it would even be _necessary_ to force anyone to use it. I'm really glad to see *someone* can compete head-on with Google. On Sat, Jun 6, 2009 at 6:26 PM, t.piwowar t...@tjpa.com wrote: Why am I not surprised? http://www.pcworld.com/article/166024/ microsoft_tries_to_force_you_to_use_bing.html?loomia_ow=t0:s0:a41:g26:r10:c0.023904:b24935762 * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Forced to Bing Against Their Will
Why am I not surprised? http://www.pcworld.com/article/166024/microsoft_tries_to_force_you_to_u se_bing.html?loomia_ow=t0:s0:a41:g26:r10:c0.023904:b24935762 So, if this was intentional, why only IE6? What's the sense of that? I don't know what the national stats are, but IE6 is only about 15% of IE visits to my site. Why not glitch IE7 (80%)? Even better, why not glitch all the versions? * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *