We have all experienced software products that usefully offer to install browser tool bars and extensions which will enhance our web experience. In most cases, you can politely decline the add-on or uninstall it later (if you happened to miss the pesky 6pt opt-in box).
我们拥有所有经验丰富的软件产品,可提供有用的安装浏览器工具栏和扩展的信息,这些信息和软件将改善我们的网络体验。 在大多数情况下,您可以礼貌地拒绝该附加组件或稍后将其卸载(如果您碰巧错过了令人讨厌的6pt选择框)。
Unfortunately, a dangerous precedent is being set by companies surreptitiously installing Firefox add-ons. The worst culprit is Microsoft and the .NET Framework 3.5 Service Pack 1. Most people will receive SP1 as an automatic update, so there is no obvious download or installation. Behind the scenes, the update will install a Firefox add-on named the “Microsoft .NET Framework Assistant”. Microsoft — this looks bad. Very bad…
不幸的是,秘密安装Firefox附加组件的公司正在树立危险的先例。 最糟糕的罪魁祸首是Microsoft和.NET Framework 3.5 Service Pack1。大多数人会收到SP1作为自动更新,因此没有明显的下载或安装。 在幕后,此更新将安装名为“ Microsoft .NET Framework Assistant”的Firefox加载项。 微软-这看起来很糟糕。 很坏…
1. No information The user is not informed about the add-on prior to, during, or after installation.
1.没有信息在安装之前,期间或之后,不会通知用户有关加载项的信息。
2. No authorization The user can not decline the add-on installation.
2.没有授权用户不能拒绝附加安装。
3. No uninstallation The add-on can not be uninstalled via the Firefox Add-on dialog. According to Brad Abrams’ blog, this was a mistake rather than a malicious choice, but it makes you wonder what other mistakes they made in the code? download movies
3.无法卸载无法通过Firefox的“附加组件”对话框来卸载附加组件。 根据布拉德·艾布拉姆斯(Brad Abrams)的博客所述 ,这是一个错误而不是恶意的选择,但这使您想知道它们在代码中还犯了什么错误? 下载电影
(Note that Brad’s post links to a patch. Manual removal instructions are also provided, although it involves risky registry tampering.)
(请注意,Brad的帖子链接到补丁程序。尽管其中涉及危险的注册表篡改,但也提供了手动删除说明。)
4. Additional security risks The extension enables ClickOnce support. This allows additional software to be installed with minimal user intervention. One of the primary reasons users switch browsers is to avoid the malware issues that plagued IE; how many people want an add-on which circumvents Firefox security?
4.其他安全风险该扩展启用ClickOnce支持。 这样可以以最少的用户干预安装其他软件。 用户切换浏览器的主要原因之一是避免困扰IE的恶意软件问题。 有多少人想要一个可绕过Firefox安全性的附加组件?
5. Microsoft is a competitor At best, this is incompetence. At worst, it’s a serious conflict of interest. Although I do not believe Microsoft intended to sabotage Firefox, this add-on could do anything. Microsoft had the opportunity to make a competing browser slow, unstable, or unreliable — even if that was not their intention.
5.微软是竞争对手充其量,这是无能。 最糟糕的是,这是严重的利益冲突。 尽管我不认为Microsoft打算破坏Firefox,但此附加组件可以做任何事情。 微软有机会使竞争的浏览器变得缓慢,不稳定或不可靠,即使这不是他们的意图。
I suspect this is a case of developer naivety and can only assume the add-on bypassed quality assurance checks because few people were aware of its existence. The company has been working hard to rebuild user trust, but actions like this will not help.
我怀疑这是开发人员的幼稚案例,只能假设附加组件绕过了质量保证检查,因为很少有人知道它的存在。 该公司一直在努力重建用户信任度,但是这样的操作无济于事。
Unfortunately, Microsoft is not the only offender. Take another look at the Add-on dialog above — Sun helpfully installed a “Java Quick Starter” extension with the Java VM. There was no information during installation, it could not be declined, and it can not be uninstalled from the Firefox add-on dialog (an option is hidden deep in the Java Control Panel applet – Advanced > Miscellaneous > Java Quick Starter).
不幸的是,微软并不是唯一的犯罪者。 再看一下加载项上面的对话框-太阳有益安装了“Java快速入门”扩展了Java虚拟机。 安装过程中没有任何信息,无法删除,也无法从Firefox附加对话框中将其卸载(“ Java控制面板”小程序中的一个选项隐藏在深处-“高级”>“杂项”>“ Java快速入门”) 。
Microsoft and Sun — by all means create Firefox extensions, but there is no need to be unscrupulous. Tell the user, provide opt-outs, or simply release them through the normal Mozilla channels.
Microsoft和Sun –绝对可以创建Firefox扩展,但是不必放任不管。 告诉用户,提供退出,或只是通过正常的Mozilla渠道释放它们。
See also: What is a Web Browser? No One Knows!
另请参阅: 什么是Web浏览器? 没人知道!
翻译自: https://www.sitepoint.com/microsoft-sabotage-firefox/
相关资源:nea-weather:新加坡天气服务的家庭助理自定义组件-源码