Sneaky Microsoft plug-in puts Firefox users at risk

[Knife Party]

That's how it's supposed to be on paper. Reality, on the other hand, has shown us that Firefox simply keeps on springing leaks like no tomorrow.

Except that the thing is that you don't have to be (entirely) dishonest to paint a dishonest picture, especially when the masses of fanboys are willing to swallow whatever propaganda Mozilla tosses out at them.

Mozilla tries to sell Firefox as a more secure product than it really is, not by hiding security problems, but by shifting the attention elsewhere and telling people that's what they should be looking at. Multiple critical security vulnerabilities that keep popping up nonstop every few months? It's all cool, we'll just play whack-a-mole and fix them as fast as we can. Nothing to worry about, we're definitely the most securest browser ever!

And it's really sad when the fanboys buy this, hook, line, and sinker.

I don't know what's going wrong at Mozilla. But I think it may be worthwhile for them to take a step back and re-examine the fundamental way they do things, instead of continuing to leak security problems like crazy while stringing the gullible masses along with lame excuses like "we're open-source!" and "let's blame M$!".

Eice, let me ask you a question. What's with this persistence of your 'trolling type' to continue coming into these threads and talking complete cr*p? I'm not being rude, i'm just stating an obvious fact that you contribute absolute nothing in its purest sense to this discussion, except the opportunity to spread FUD, hate speech and irrationality....

Sure I understand you mention some valid points, but 'hey', which company doesn't play the whole 'i'm the best' game? Stop going off topic, why do you have to mention "what's going wrong at Mozilla" ?

Stop the senseless ranting and do yourself a favour and get out of the thread.

I for one wish you'd be warned or locked from this thread, this is coming a common occurance on Neowin; you simply can't read a thread without someone coming along and having to go completely go........off.....topic.....like.....this.

now back on topic -> I for one am not happy about this supposed 'solution' from MS and can't be bothered with people saying 'it can be uninstalled so what's the biggie'? Simply to put it, the argument behind such a comment is weak at best, I for one stand by the principle of privacy and consent from the user, so I don't take kindly to this MS 'crapware' if you ask me. Its Mozilla browser; really just either looks like foul play on MS's behalf or their complete idiotic mentality of thinking everybody wants their little 'solutions' to 3rd party software. I for one say 'No thanks'.

[toadeater]

typical MS basher

There goes your credibility.

you can clearly uninstall , within two clicks

Your attachment didn't work. Show me how to remove the plugin in two clicks.

also to add to the point , we clearly "authorized" installation of .NET ....so

No, I didn't authorize it. It was a silent auto update and there was no mention of a plugin that would infect Firefox. Firefox is not MS software, MS has no right to interfere with third party software.

Face it, MS was wrong for infecting a third party software without any warning or authorization. I am surprised Mozilla hasn't done anything about it. But I also blame Mozilla for making it so easy for malware to be silently installed. If MS can do it, some other update could do it too.

[rtk]

And it's off the block list, https://bugzilla.mozilla.org/show_bug.cgi?id=522777#c136

Nice weekend of needless drama Mozilla.

[Ci7]

nevermind

[tunafish]

There goes your credibility.

Your attachment didn't work. Show me how to remove the plugin in two clicks.

No, I didn't authorize it. It was a silent auto update and there was no mention of a plugin that would infect Firefox. Firefox is not MS software, MS has no right to interfere with third party software.

Face it, MS was wrong for infecting a third party software without any warning or authorization. I am surprised Mozilla hasn't done anything about it. But I also blame Mozilla for making it so easy for malware to be silently installed. If MS can do it, some other update could do it too.

See the thing is, it should be upto firefox to see hey theres this plugin and it's trying to install it into me, maybe i should prompt the user, rather than just full on accept the plugin.

Thing is if a browser can pickup a plugin like that and install it like that without any prompts what so ever, then errrrrr major flaw if you ask me.

So at the end of the day firefox is at fault for not detecting the plugin and prompting the user like it normally does when installing a plugin........

If anything it shows their plugin system needs a good look over.

Also you going on about "infected", seriously

Oh and in other news my company will not be deploying firefox ever again, so yer mozilla good one. The people above me have spoken.

[Ricardo Gil]

This was discussed some time ago, and someone jumped infuriated on the suggestion that it could introduce a new extra attack vector.

Well, there you go.

Yeah, I totally remember that thread. You were right dude.

[nullie]

Didn't read the discussion much, but now the plugin has been blocked and unblocked, I think it was very irresponsible of Mozilla to issue a block so hastily. There are some people out there relying on the plugins functionality and some people have the technical know-how of protecting themselves against attack if needed. It should be users choice to use a plugin whether or not it has a potential security problem so as not to break their applications.