The solution of asking users if they want to install these plugins is horrible.
The average user has no idea what a browser plugin is. Adding an option (or even worse another screen in the installer) for this will only result in users accepting the default anyway and also feeling confused/stupid/scared for not understanding it.
This for-nerds-by-nerds hyper-configurable approach is a big waste of time. Normals just want sensible defaults. This is the big idea we're pushing with Ninite and it's frustrating to see someone fail to grasp this so publicly.
Every installer I've used that had any user-friendly implicit settings, also had an "advanced" mode where you could override them, in addition to the button that just installed the software with default settings. Why can't it be put there?
Putting the option in an advanced pane would be as good as not having it. The sort of people who would see it are the same ones that already keep an eye on their browser plugins and uninstall ones they don't like.
I guess my real issue here is that this guy is picking the wrong fight. It's not about consent to install, it's about good or bad software.
Most of the stuff he calls out is probably a win for average users. They can click a link to a song and buy it right away, for example. It's good software.
I get the feeling this guy would be fine with things like the Yahoo or Ask toolbars (bad, horrible, terrible software) because if users stay on their toes while installing stuff they could opt out. Normal people just take the defaults though, and get stuck with a crapped up computer.
Adding choices to the installer feels like the smug, nerdy, you-need-my-help-to-use-computers approach.
While I don't think making installers more complex is the answer, I disagree with your first paragraph. I pay general attention to what installers do but I don't scrounge around my computer looking for changes. I especially don't go to the menus-deep plugin list unless I want to do something like reset flash.
I agree that putting it on the advanced pane would be as good as not having it.
But I disagree that it's good software. Especially in the case of Windows Live, this is Microsoft forcing proprietary extensions in in lieu of actually developing tools for the open web. And in the case of Apple, I think the assumption that people want third-party tools adding hyperlinks to web pages is faulty. Mozilla puts out a solid product, and I haven't heard a lot of people complaining that it needs more tacked-on features.
What it comes down to is that software packages that modify other software packages are bad software. Packages should be self-contained.
The goal of self-contained packages is a good one. I love that this isolation is getting enforced through sandboxing on new platforms like iOS.
Sort of off the main point, but I think Apple's thing just makes it easier for publishers to link into iTunes (those funny phobos.apple links), not rewrite song references it finds or anything like that. Custom protocol handlers like itms:// pop up some terrifying warnings by default and should probably be worked around.
I'd consider plugins that rewrite content as bad software.
What do the Microsoft plugins have to do with developing tools for the open web or not? The plug-ins you're complaining about:
* The Windows Live Sign-in Assistant enables you to automatically sign in to Windows Live websites when you're already signed in with, say, Messenger on your PC, something that's a net win for Messenger users and which really has no web-reasonable implementation. Why is this evil, exactly?
* The Office Live plugin allows users to open documents saved on SkyDrive from their browser in the Office clients. This also works with Office Live Workspaces (for users of that older product) and Sharepoint. Again, why is this evil?
I'm pretty sure that if there were a way to make these things work without needing to use plugins, that's something the team would pursue. But there isn't, so to make the experience of Windows Live and Office users better, these plugins get installed with those products. This seems to be pretty intuitive to me.
There's nothing wrong with plugins. The problem is when I apply a plugin to one package (in these cases the core OS) and it silently adds a plugin to another package.
It's that asking users about something like this is only a solution for the most advanced users and a burden for everyone else. If something is generally useful it should be bundled without question, and if it's junk or obtrusive it should not. This should be judged from the average, non-technical user's perspective.
In my opinion these examples are mere annoyances compared to the evil of the skype plugin. It actively monitors and modifies all of your browsing so it can inject those green skype "call" buttons in unexpected places. Now that I call evil.
Funny thing though. Some people that aren't as aware have nothing but praise about this plugin. I once built a web app that displayed customer phone numbers. The client using the app called me one day to thank me for integrating skype into the app. I had to convince him I was a good developer even though I didn't put Skype into his app.
Googler here. I can raise this on the internal [eng-misc] mailing list, but I can't replicate his results: I have Chrome installed with no unwanted plugins in Firefox, and when I downloaded Google earth, I get:
Google Earth Plugin
File: npgeplugin.dll
Version: 1.0.0.1
GEPlugin
I'm sure I didn't ask for it.
And while you are at it, please stop putting Google Earth icon on my desktop after every update. I deleted it for a reason (no icons except Recycle Bin on the desktop). Same about start menu entry (I moved it into another folder. Stop recreating the original location).
My Firefox currently has a plugin named "Windows Activation Technologies". I assume this was installed by Microsoft; presumably it's not spying on me logging my data although I don't of course know that for sure. But there is no option to uninstall it, so by your definition that is indeed evil.
I don't know if you've ever tried to uninstall the quicktime plugin for firefox to stop it opening mp4 files in quicktime. It's not easy, and it's far from trivial. There's many unrelated steps and it's making me seriously consider dropping iTunes for Foobar.
He has a legitimate concern, but calling it evil is a bit trollish.
I’ve been ignoring Dotzler since his blog post on the IE7 beta, way back, which was essentially “Microsoft sucks, Microsoft sucks and can’t innovate, nothing of value in IE7, hmm here are some IE7 features I hope we clone at Mozilla.”
I guess a nice way to put it is, he’s rabidly devoted.
my 78 year old grandfather recently upgraded his copy of firefox and mysteriously the Yahoo toolbar was installed, and his default search engine and homepage were set to yahoo. firefox should stop being evil.
The Yahoo toolbar gets installed almost every time I update Java or Flash. It drives me crazy because (a) I want to update frequently to stay secure, but (b) I don't want to get a bunch of crap bloatware and it seems like they use a different "gotcha" technique every few months so I always get duped.
It's infuriating because it makes (some) users want to avoid these updates which are, presumably, in the interest of the entire community.
Can't they get their ad-revenue somewhere else besides critical security patches???
The Java update system prompts me to install the Yahoo! toolbar each and every time. You can click "no" but you need to be diligent. It's infuriating - I don't want the toolbar!
In that case you should consider Secuna PSI. It's a lightweight tool which monitors installed software, patchlevels and known vulnerabilities. It's also free as in beer.
If updates are available, it will offer direct links to updates which are just that. Even for Adobe Flash.
As a bonus you get another nerdmetric for your machine with regard to security :)
Nope. It's the worst on Windows, but it's bad everywhere (except my iPhone).
Linux package managers are pretty good, but if you try to get other software things get weird. Installing Dropbox on Ubuntu is surprisingly bad. You have to click through all these info screens and then have it download the proprietary daemon part. That's one of the reasons we made http://ninite.com/linux
I use a Mac, and we're working on a version for those too. The whole drag from a disk image to the applications folder is really confusing for a large number of users. And anything that makes you click through a .pkg installer is a pain too.
The iPhone isn't perfect, either, though. It spits you back out on to the homescreen, which is quite aggravating if you had wanted to install something else. At least with multitasking it no longer loses your spot in the App Store app /too/.
this is not default behaviour, so it's something besides firefox itself -- Google is the default search entity for every firefox install/upgrade I've ever used, and there's certainly no yahoo toolbar.
More importantly, your talking about apple's and oranges. He's referring to installing unrelated software that installs browser plugins, like Office, iTunes, or Google Earth or Chrome. If you download a Yahoo! branded firefox, you'll expect to get a Yahoo! branded firefox. If you install iTunes, it shouldn't go around installing other software.
> So iTunes shouldn't install software [without your knowledge or consent, or through deceitful means], that makes listening to and buying music easier?
lol. Yeah if they would add a single extra step to the install process and Firefox would protect itself a little better, that all sounds reasonable. ;)
Correct me if I'm wrong, but doesn't Firefox already alert you on startup of newly installed Plugins? I mean, I don't imagine Mozilla wants to stop people from installing addons/plugins. Rather, they don't want them doing it behind a users back. If I installing something and specifically request it to install a plugin, I've already given it permission. Should Firefox handle installation, or should it be the OS? Do we really want Mozilla asking us every time to install something when we've already given our permission to install something?
> Correct me if I'm wrong, but doesn't Firefox already alert you on startup of newly installed Plugins?
Eh sorry I don't know the answer, been a Safari/Chrome user for a while.
From an end user POV, I think it would be okay to have both the OS permissions grab and a warning from Firefox that new plugins have been installed.
You've already granted the original app (iTunes) permission to install whatever, but it wouldn't be much more of a hassle to have Firefox popup a confirmation box that new stuff has been installed (assuming it doesn't, or at least it didn't on the OP's system).
Not sure who voted you down, but that's the exact same behavior that they call out in the article. And with exactly as much proof. Comment was spot-on.
These plugins have been installed by something running with root-level privileges on that machine. It's pretty hard to protect against that since it could (theoretically) replace firefox.exe entirely.
There are things you could do but it'd turn into a ridiculous arms race; it would be much easier if these companies just stopped doing it.
Why couldn't they store a hash of the plugins of a given profile on the server, and check that at startup? It wouldn't be much different than their already existing malware checks.
This would work reasonably well. It is still circumventable by "attackers" (eg by replacing or patching firefox.exe, modifying /etc/hosts, etc), but the bar is higher.
On the other hand, it also requires Mozilla running and maintaining a service, which is a pretty resource intensive solution for such a minor feature.
Also some users do not like their browsers phoning home for any reason whatsoever, so they would want a way to disable the feature. Of course, once there's a disable switch, attackers can flip it as easily as users.
Do unix-style software repositories solve this problem? I mean, is there anything preventing package updates from modifying other parts of the OS as part of an update?
The system I'm most familiar with is Gentoo's Portage; that implements file collision checks so packages can't straight-up modify existing bits of the system, but often plugins are separate packages which executables enumerate somehow so this kind of thing certainly could be done. I assume apt and other things would be fairly similar.
I suspect the biggest advantage there (which isn't fundamentally to do with the repo system) is that you can complain to Ubuntu or whoever and they're rather more likely to put a stop to something like this than Microsoft or Apple are.
In practice, there is nothing you can really do to prevent software running as root from installing whatever it wants. If you are going to install software using a company's installer, you'd better trust that company. Linux and BSD package managers can avoid this issue by replacing the original installer completely, but often times a package is just a thin wrapper around the company's own installer, in which case the problem is doubly hidden.
Apple, Microsoft, Google, etc have a reasonable expectation the user who is installing their software wants it to work properly with Firefox. Does Mozilla offer any officially blessed way for third party applications to install extensions? Why is it even possible to silently install extensions in the first place?
> Why is it even possible to silently install extensions in the first place?
It isn't possible for a normal user-level program like Firefox to prevent other programs from messing with its storage. Those programs would just modify whatever on-disk state necessary to install their plugins.
The reason most browsers offer blessed ways to install plugins silently is because developers who are going to install plugins silently are going to do so one way or another. It's better to offer a maintainable, supportable, stable way than have developers hack something that doesn't really work.
No browser fanboyism intended but on a related note, Firefox is showing me popup ads on Justin.tv. It does not happen anywhere else (chrome). Surprising!
I agree entirely with the sentiment, it would be one of the reasons I don't use Windows if I didn't have better reasons already. However, when you agreed to the EULA you gave permission to Microsoft to make any changes at likes at any time it chooses. I don't have the other two bits of software but I expect you gave them the same permission via the EULA too.
The average user has no idea what a browser plugin is. Adding an option (or even worse another screen in the installer) for this will only result in users accepting the default anyway and also feeling confused/stupid/scared for not understanding it.
This for-nerds-by-nerds hyper-configurable approach is a big waste of time. Normals just want sensible defaults. This is the big idea we're pushing with Ninite and it's frustrating to see someone fail to grasp this so publicly.