Forgot your password?
typodupeerror
Microsoft Mozilla Technology

Mozilla Unblocks Microsoft's .NET Addon 275

Posted by CmdrTaco
from the tag-yer-it dept.
bonch writes "Mozilla previously blocked the Firefox addons Microsoft included with .NET, citing security concerns. After talking with Microsoft, they have now unblocked the .NET Framework Assistant addon and are working on a way for enterprise users to unblock the Windows Presentation Foundation addon as well."
This discussion has been archived. No new comments can be posted.

Mozilla Unblocks Microsoft's .NET Addon

Comments Filter:
  • ...what we're all thinkin'.
  • by lseltzer (311306) on Monday October 19, 2009 @08:48AM (#29792653)

    MS09-054 [microsoft.com]

    FAQ for HTML Component Handling Vulnerability - CVE-2009-2529

    If I use Firefox, which Internet Explorer update do I need to
    install?

    If a computer system is configured for Automatic Update, the
    correct update will be downloaded and made available for installation depending
    on the Automatic Update configuration. In the event that a computer system is
    not configured for Automatic Update, users should verify which version of the
    Windows operating system and Internet Explorer is on their system and download
    the appropriate update.

    If I install this security update, do I need to disable the Windows
    Presentation Foundation Plug-in in Firefox to be protected from this
    vulnerability?

    No. Customers who have installed the security updates
    associated with this security bulletin are protected from this
    vulnerability.

    If I have not yet applied this security update, how do I disable the
    Windows Presentation Foundation plug-in in Firefox?

    If you have not yet
    applied this update, you can disable the Windows Presentation Foundation plug-in
    in Firefox to block this vulnerability. To do this, launch the Firefox browser,
    select the Tools pull-down menu, and then click Add-ons. Select
    the Plugins icon at the top of the Add-ons window. In the list of
    Plugins, select Windows Presentation Foundation 3.5.30729.1 and click
    Disable.

    If I uninstall the .NET Framework Assistant extension, does it disable or
    remove the Windows Presentation Foundation plug-in?

    If the .NET
    Framework Assistant extension is uninstalled it does not disable or remove the
    Windows Presentation Foundation plug-in. The .NET Framework Assistant and
    Windows Presentation Foundation plug-in are controlled through different screens
    in the Firefox Add-ons management window.

    • by jkrise (535370) on Monday October 19, 2009 @10:06AM (#29793569) Journal

      Why did it take 7 long months for Microsoft to issue this patch? Fixes using Registry hacking were available on theweb immediately then...

    • If I install this security update, do I need to disable the Windows Presentation Foundation Plug-in in Firefox to be protected from this vulnerability?
      No. Customers who have installed the security updates associated with this security bulletin are protected from this vulnerability.

      Uhm... "Protected from this vulnerability"?? What the hell?

      Somebody has to file a bug against FireFox that plugins/add-ons are even allowed to prevent user from disabling them.

      • Re: (Score:3, Insightful)

        by Stray7Xi (698337)

        Somebody has to file a bug against FireFox that plugins/add-ons are even allowed to prevent user from disabling them.

        There's a name for programs that prevent the OS from modifying their files, rootkits. Firefox is not a rootkit. Microsoft update installed the plugin by modifying the filesystem, it didn't use firefox API's.

        If you don't trust microsoft update, frankly you shouldn't be using windows.

      • Re: (Score:2, Insightful)

        by kantos (1314519)
        That too has been a focus of this whole fiasco, the fact that the plug-in exists isn't a problem, nor is the functionality it provides, which is critical to many enterprise FF users. The core of the whole thing and what has pissed most people off on both sides is that both MS and Mozilla took action without customer consent, effectively choosing for us. First MS for installing it, then Mozilla for disabling it. The resounding consensus has been: "Could you at least ask first?" By acting without consent both
      • Re: (Score:3, Interesting)

        by IntlHarvester (11985)

        Somebody has to file a bug against FireFox that plugins/add-ons are even allowed to prevent user from disabling them.

        This whole scandal brings up an interesting point. For "Plug-ins", Firefox has no obvious way to disable the feature. However, because MS's stuff was an "Add-on", people are angry there isn't a one-click UI. (The difference between the two is some technical nonsense which is of no interest to the end user.)

        So the moral of the story is if you want to make it hard to uninstall, write a plug-in (like Apple/Adobe) and not an add-on.

        Anyway, if anyone knows of an easy way to permanently disable Apple's crappy Qui

    • If I use Firefox, which Internet Explorer update do I need to install?

      Now that's just plain funny. It's like saying that I need to make sure my car doors are locked when I'm using public transport.

      • Re: (Score:3, Insightful)

        by TJamieson (218336)
        Nope.

        If I use Firefox, which Internet Explorer update do I need to install?

        Replace Firefox with Honda Civic and Internet Explorer with Ford Focus.

        "If I use Honda Civic, which Ford Focus update do I need [to install]?"

  • Question is... (Score:2, Insightful)

    by Anonymous Coward
    Will they allow users to uninstall it normally at any point?
  • by tokul (682258)
    Enterprise users are working on removing those f##ked up plugins completely.
  • by dschuetz (10924)

    Mozilla should block the plugin simply on the grounds that a user can't uninstall it from within the approved Mozilla add-ons panel. That should be the case for any plugin that doesn't play by the rules, no matter who it's from or what its use is.

    If I can't delete it, it's malware. Oh, wait, I *can* delete it, if I google for some crazy instructions that involve registry editing? Isn't that how I delete malware?

    • by sakdoctor (1087155) on Monday October 19, 2009 @09:07AM (#29792819) Homepage

      'Ubuntu firefox modifications' plugin also can't be deleted from within firefox.
      I'm not arguing for or against your proposal, just that it would need to be consistently applied.

      • by SanityInAnarchy (655584) <ninja@slaphack.com> on Monday October 19, 2009 @09:36AM (#29793179) Journal

        It can, however, be removed via the package manager.

        Can the .NET addon be removed at all, without hacking the registry?

        No, using the package manager is not even remotely comparable to hacking the registry.

        • by BrentH (1154987)
          Well, although I appreciate Ubuntu's motives for the plugin, I'm going to disagree here: forcing users to use a (complicated, and potentially dangerous) application to remove such a thing is not so great. Although the registry is perhaps a little more complicated than synaptic, they're certainly equally dangerous tools if you don't know what you're doing.
          • by ryanov (193048)

            But if you let people remove it from Firefox, then how does that information get back to APT? That seems like that could be MORE confusing.

        • by bendodge (998616) <bendodge@NospAM.bsgprogrammers.com> on Monday October 19, 2009 @11:54AM (#29795049) Homepage Journal

          Actually, the most recent version (not sure of the number) has the normal Uninstall button enabled, and overall it seems to be behaving pretty well.

      • by Thyamine (531612)
        I think that's what he's saying. It's not Microsoft bashing, but a need for consistent rules. If something cannot be uninstalled by the user, then it's along the lines of malware. Certain OS upgrades can't be uninstalled which is understandable, but for a browser? That's just lazy or hubris on the part of the company to assume no one would _ever_ want to uninstall _their_ addon.
      • Re: (Score:3, Informative)

        by Arancaytar (966377)

        Note that that one's bundled with the Launchpad package. I downloaded the binaries directly from Mozilla to get the Minefield trunk, and I see no Ubuntu addon listed in there.

        In this case, MS added the plugin to the self-installed version of Firefox, not a version of Firefox they distributed (not that they'd likely be able to cut a branding agreement the way Ubuntu did, so MS would have to distribute it under a different name).

      • Not really (Score:3, Insightful)

        by pizzach (1011925)

        That flies in the face of the difference in expectations.

        • When Windows users install Firefox, they get it by going to the Mozilla Firefox corporate homepage, not the Microsoft homepage.
        • The program is not included with Windows.
        • Windows does not have it in an application repository.
        • MS does not take care of security updates for their "distribution".
        • You do not download Firefox from MS servers at any point or time.
    • Re: (Score:2, Insightful)

      by Jimmy_Slimmy (1499943)

      Parent says it all.

      Just because Mozilla caves, do not shut up. Make MicroSloth play by the rules.

      Please: Post how to make Microsloth get out of my Firefox.

      Mod parent up.

      • To my limited knowledge, MS' C# developers are people who can be reasoned with.

        They are simply not used to give their users choices.

        Though reasoning with them now would leave FireFox vulnerable in future to the managerial decisions by MS'. And we all know how far-sighted they are. (It's the same as a Mono/C# on Linux loophole.)

    • by xigxag (167441) on Monday October 19, 2009 @09:18AM (#29792937)

      Oh come on. As anyone who's following this story is aware, Mozilla has an "approved" method of installing plugins without using the add-ons panel [mozilla.org]. So pick your bone with them.

    • by aetherworld (970863) on Monday October 19, 2009 @09:25AM (#29793027) Homepage

      Is this a failed attempt at trolling?

      It's a PLUGIN, not an ADD-ON. There is no way to uninstall ANY Plugins in Firefox. You can disable Add-Ons, you can uninstall Add-Ons and you can disable Plugins. But you cannot uninstall Plugins from within Firefox. Firefox simply loads all files in a specific Internet Plugins folder (not a Firefox-only plugin folder) and if it detects a plugin, it uses it.

      Delete the file and you're good to go.

      • by bloobloo (957543)

        It's because it's confusing to the end user. What is the difference between a plugin and an add-on? Unless you know, they just seem like synonyms for something that gets added to the browser to perform a new task.

      • Re: (Score:3, Informative)

        by CSMatt (1175471)

        Plugins are add-ons in the Mozilla universe. The term "add-on" is used by Mozilla to mean extensions, themes, and plugins. Saying "plugin" instead is merely being more specific as to what type of add-on is being discussed.

    • Re: (Score:3, Interesting)

      by sosume (680416)

      > If I can't delete it, it's malware.

      It's a component of your OS. Whether it's crucial to you is an entirely different discussion - if you want your OS to be as bare as possible, Windows is not for you. MS has decided that it is needed on every system so they can make certain assumptions on system usage and updates. Would you like to be able to delete, say, your kernel executable? Is that malware too?

    • Re: (Score:2, Informative)

      by CNeb96 (60366)

      I can't comment on MS's plugin because I don't know how it works, but Firefox does support extensions which are not displayed to the user. If they are installed in locations besides the profile directory (ie are not a normal extension a user chooses to install). I don't think Mozilla's policy is quite that clear cut about when you should or shouldn't make something viewable by the user.

      https://developer.mozilla.org/en/Install_Manifests#hidden [mozilla.org]

      "hidden

      Firefox 1.0 - 3.5 A boolean value that when true makes the

    • You don't have to google for crazy instructions and edit the registy to uninstall the Microsoft .NET Framework Assistant 1.1 add-on. Just launch the add-ons dialog in FF, go to the Extensions Tab, select the .NET add-on and click the Uninstall button or the Disable button if you just wish to disable but not to uninstall it. These 2 options are available for this add-on just like the other add-ons. For the WPF Plugin, select the Plugin Tab, select the Windows Presentation Foundation plug-in from the list and
    • by poetmatt (793785)

      there's ongoing discussion on how the issue is that people can drop something in the folder and it will be included when the program is run. The issue is that there is no opt-in requirement, so MS has done the same thing that other programs have done in the past.

      Thankfully, this time something was done about it, without MS simply removing it in an update as of yet.

    • by c (8461)

      > Mozilla should block the plugin simply on the grounds that a user can't
      > uninstall it from within the approved Mozilla add-ons panel.

      That's not a bad rule for a personal desktop, but there are certain occasions where plugins are installed from outside Mozilla, and hence Mozilla shouldn't have a means to uninstall them (i.e. Ubuntu Firefox changes are installed via the package manager, not Mozilla, or plugins installed site-wide by a system admin).

      The real problem is that Mozilla has some sort of mec

  • by BarMonger (884208) on Monday October 19, 2009 @08:58AM (#29792757)

    Now I'll admit that there are only a few posts above mine, but already they are generally negative. Which I don't get.
    Isn't this a good thing?

    Microsoft releases a couple of Firefox plug-ins.
    A security vulnerability was discovered in the plug-ins.
    Mozilla disables the plug-ins.
    Microsoft and Mozilla has a talk about the the vulnerability and it appears that one of the plug-ins aren't vulnerable.
    The plug-in is re-enabled.

    As far as I can tell, this is the system working properly.

    • by lunatic1969 (1010175) on Monday October 19, 2009 @09:02AM (#29792779)
      The system isn't working perfectly. Mozilla is taking Microsoft's word that these plugins, which install in their software without notice, don't have any vulnerabilities and are working just fine. Microsoft's plugins should be required to behave as every other responsible plugin. It shouldn't install with stealth, there should be a way to easily disable, and there should be a way to easily uninstall.
      • by BarMonger (884208) on Monday October 19, 2009 @09:14AM (#29792901)

        Mozilla is taking Microsoft's word that these plugins, which install in their software without notice, don't have any vulnerabilities and are working just fine.

        Just like every other plugin on the market. Apparently the .Net plug-in isn't vulnerable, the WPF one is.
        I know we like to bash Microsoft here, but the plug-in safety process (in FF) seems to work fine.
        How do you know that there aren't unknown vulnerabilities in another plug-in somewhere?

        Microsoft's plugins should be required to behave as every other responsible plugin. It shouldn't install with stealth, there should be a way to easily disable, and there should be a way to easily uninstall.

        You disable it by going to Tools > Add-ons > .Net plugin -> click either 'Disable' or 'Uninstall'
        I works fine for me, I just uninstalled the plugin.

        And Microsoft aren't the only ones who install by stealth. I don't remember installing Nokias 'PC Sync2 synchronisation' extension. It just installed itself with some other software.

        • Re: (Score:3, Interesting)

          by mcgrew (92797) *

          And Microsoft aren't the only ones who install by stealth.

          Bonnie and Clyde weren't the only ones to rob banks, either. So does that mak bank robbery OK? The former head of NASDAQ ran a Ponsi scheme for decades, does that make fraud ok? Personally, if I find a vendor doing any kind of stealth installation, I no longer use that vendor's wares. That's why I no longer buy anything with Sony's name on it, and why I'm running Linux at home. As well as why I won't deal with a host of other vendors.

          Too bad there ar

      • by plague3106 (71849)

        Mozilla is taking Microsoft's word that these plugins don't have any vulnerabilities and are working just fine.

        How exactly is that different from any other plugin?

        Microsoft's plugins should be required to behave as every other responsible plugin.

        Isn't it the way FF handles plugins the reason it can't be uninstalled? It sounds like a globally installed extension, and if that behavior is a problem, why does FF allow for such extensions to begin with?

    • If you're the default Free Tech Support Guy for a friends and family circle, and you've mandated Mozilla apps as a condition of said support, then you might get a bit tired of getting worried calls asking about their "internets popup point net problem".

      Granted, that's pretty much what you signed up for, but it does worry Joe and Josephine User when their internets start acting up. Yes, Mozilla, I'm looking at you here [mozillazine.org].

    • Re: (Score:3, Insightful)

      by Culture20 (968837)

      Now I'll admit that there are only a few posts above mine, but already they are generally negative. Which I don't get. Isn't this a good thing?

      Microsoft releases a couple of Firefox plug-ins.
      A security vulnerability was discovered in the plug-ins.
      Mozilla disables the plug-ins.
      Microsoft and Mozilla has a talk about the the vulnerability and it appears that one of the plug-ins aren't vulnerable.
      The plug-in is re-enabled.

      As far as I can tell, this is the system working properly.

      I bolded two things I don't agree with. You skipped an important statement: Microsoft forcibly installed said plug-in, and prevented its removal.

      • by Rary (566291) on Monday October 19, 2009 @09:51AM (#29793371)

        Microsoft forcibly installed said plug-in, and prevented its removal.

        The first statement is debatable, since the plugin is a part of the .NET Framework, and people can choose not to install the .NET Framework — although I realize newer versions of Windows have it preinstalled, so there's less of a choice there, which is why I say it's debatable.

        However, the second statement is just wrong. It's not Microsoft who prevented removal of the plugin, it's Mozilla. Firefox does not provide a mechanism for removing any plugins.

        • by natehoy (1608657)

          It's also debatable because .NET is a required component to run certain software, like the control panel for some video cards, a lot of freeware/shareware, and many Microsoft software packages. I'm perfectly fine having .NET out there to run software packages I've specifically installed. I was not informed that .NET would be adding stuff to my Firefox install, and I was never given an option not to.

          I do have a problem with Microsoft assuming (without asking me) that I also want to enable non-Microsoft sof

      • by socsoc (1116769)
        So does Sun and Adobe.
        • by natehoy (1608657)

          Except Java and Acrobat ask me if I want to install Firefox plugins during install. Microsoft didn't.

          • Re: (Score:3, Informative)

            Except Java and Acrobat ask me if I want to install Firefox plugins during install.

            Except they do not.

            In fact, Java, at least, also does a system-wide plugin install [mozillazine.org], meaning that it cannot be uninstalled from Firefox extension manager; not sure about Adobe Reader, but I think it does that too.

      • by natehoy (1608657)

        Obviously, they meant "release" in the Klingon/rabid dog sense, as in "Release the Hounds!".

        Not "release" in the software sense as in "publish the software and let people know it's available for download or sale."

        Oh, and another thing that was missed, and I feel is important: Microsoft assumed that I wanted the .NET experience within Firefox and installed it without asking or even telling me about it.

        If, during Windows Update, Microsoft had made "Mozilla Firefox Plugin for (Microsoft Service here)" a Recom

    • "The system isn't working perfectly. Mozilla is taking Microsoft's word that these plugins, which install in their software without notice, don't have any vulnerabilities and are working just fine. Microsoft's plugins should be required to behave as every other responsible plugin. It shouldn't install with stealth, there should be a way to easily disable, and there should be a way to easily uninstall."

      That, plus you have to remember that this plugin was being installed without user's knowledge in the first place. Where I come from, anything which installs something on your machine without the knowledge or consent of either the owner or the admin is generally considered a Bad Thing (tm). It would have been nice for Microsoft to have been upfront about installing the plug-in in the first place, and the security hole was a glaring example of why.

      • Re: (Score:2, Insightful)

        by plague3106 (71849)

        That, plus you have to remember that this plugin was being installed without user's knowledge in the first place.

        You mean just like dozens of other plugins?

      • by Rary (566291)

        That, plus you have to remember that this plugin was being installed without user's knowledge in the first place.

        Unfortunately, that's how plugins work. I just checked, and the install of Firefox that I'm using right now has 8 plugins in it. I expected two of them (Quicktime and Flash). All the rest just came along as part of something else.

        That's how the Firefox plugin system works. It would be nice if Firefox provided a message to the user saying "I've detected a new plugin", but it doesn't. That's something to complain to Mozilla about, not Microsoft.

        • by natehoy (1608657)

          Dang, you're right. I just went in again, and got the following that I expected or wasn't surprised too much by:

          - Java (expected, Java asked me during install, I said YES).
          - Shockwave Flash (expected, I installed Flash and it asked me if I wanted the Firefox plugin and I said YES.
          - Virtual Earth 3D plugin (expected, I installed Virtual Earth and it asked what browsers I wanted support in).
          - Microsoft Office 2003 (Benefit of doubt, this is a corporate install and maybe my com

  • by kaaposc (1515329) on Monday October 19, 2009 @08:59AM (#29792759)
    Mozilla: Do you have any identification?
    Microsoft: *waving hand* We do not need any identification.
    Mozilla: You do not need any identification.
    • These are not the addons you're looking for

    • I'll add notice of just how FAST this was!

      (Other times: "Breaking News! Code Red Security Breach!" MS: "Yah, after my 2 week golf trip.")

      But no, Firefox blocks some weird piece of .NET on a weekend, and it's reversed as soon as SomeBorg gets back to his desk at 6AM on Monday.

  • My firefox install has only just (about 20mins ago) popped up and told me it's disabled the add-on and would like to restart.

  • by 140Mandak262Jamuna (970587) on Monday October 19, 2009 @09:21AM (#29792983) Journal
    Why would Microsoft submit its extension to Mozilla and follow the standard operating procedures as far as the dot net thingie is concerned? The user base and use cases for Mozilla/Firefox has always been, you get extensions from one authorized source. That is mozilla.org. If Microsoft wants an enabler they should just submit it to mozilla.org. Installing it in stealth mode is not expected from mozilla user base.

    Further, why is Mozilla.org is allowing a mode where any Tom Dick or Harry can drop in a bunch of files in the install directory and suddenly all the users get the extension on by default? Since it is in the instal dir, individual users cant even disable them or uninstall them. The existence of such a mode itself is a big security hole. If IE has a hole and allows a drive by download of a file into Firefox install dir, boom, you get a vulnerability in Firefox. Already there are reports that installing an HP printer gives and unwanted, unasked for and unpermitted extension added to Firefox. Now every software you install is going to want to add a tool bar or an extension to Firefox.

    I wish Firefox will just disallow such a way of installing extensions. The cardinal rule, as for as Firefox is concerned, is that the users rule. They control their browser, they decide which extensions are allowed, which scripts are allowed to run, which user agent string is sent out, whether or not to allow java, applet, or javascript or flash or silverlight or whatever. For corporate deployment, the Mozilla team might allow a script based instal on all machines in a corporate network using proper authentication procedures, like Corportate IT dept has local sysadmin privilege, so they come in and install an extension, and even disable its uninstall option, but that is all done outside the browser using the standard corporate deployment procedures. Allowing anyone to dump cruft in a particular folder and suddenly everybody gets the cruft is totally against the expectations of the standard mozilla firefox user.

    • by Culture20 (968837)

      why is Mozilla.org is allowing a mode where any Tom Dick or Harry can drop in a bunch of files in the install directory and suddenly all the users get the extension on by default? I wish Firefox will just disallow such a way of installing extensions.

      I wish I had a pony. Mozilla can't prevent what the OS or other programs do with Firefox on your PC. Also, allowing a mode where a sysadmin can drop in a bunch of files in the install directory and suddenly all the users get the extension is a *good* thing for enterprise... usually.

      • They could prevent unauthorized plugins and addons from running without a digital signature from a trusted key... but the the problem with that is that with the source available that would last all of a about 20 minutes before someone hacked that bit out and rebuilt the browser. It might even fork the project.

    • Re: (Score:3, Insightful)

      by LordKronos (470910)

      How exactly do you propose to stop a process from doing so when it is running outside the scope of firefox? Whatever files Firefox updates to indicate an extension has been installed can also be modified by an outside process. Want to make the file digitally signed? Well, Firefox has to get the signing key from somewhere, but then the other app could just go and get it from the same place. Want to move stuff like this off the local system and have it stored in some network repository...well, no, almost nobo

      • How exactly do you propose to stop a process from doing so when it is running outside the scope of firefox?

        Uhmm, chmod, write in ~/.firefox/, then...

        Oh, wait, doh! Epic fail.

    • by Rary (566291)

      Why would Microsoft submit its extension to Mozilla and follow the standard operating procedures as far as the dot net thingie is concerned? The user base and use cases for Mozilla/Firefox has always been, you get extensions from one authorized source.

      Extensions, yes. Plug-ins, no.

      The Mozilla Team made a technical distinction between extensions and plug-ins for a reason. Extensions are, for the most part, centrally managed, while plug-ins are intended to be externally managed. The point of a plug-in is that it is installed and uninstalled by an external application (ie. not Firefox).

      This is useful functionality, however it would be nice if Firefox would warn the user when it detects a new plug-in that wasn't there the last time Firefox was run.

    • I have some problems with your post, namely how you keep using the term "extension" without clarifying whether you mean Extensions or Addons (which include Extensions and Plugins).

      Plugins have always been managed by external programs, since back in the early Netscape days. Mozilla's plugin manager won't install a plugin for you, just tell you where to go to download it. And yes, there is a common directory for plugins.

      To be honest, I'm not sure if there is for extensions or if the installer that installs

  • by tgd (2822) on Monday October 19, 2009 @09:26AM (#29793039)

    Seriously -- I have FAR more of an issue with Firefox disabling a plugin *that I want there* and not providing a way to re-enable it (or at least any obvious way).

    Microsoft may choose to say that Firefox integration is part of the .NET framework, and if I choose to have a problem with it, I can uninstall it. But where does the Mozilla organization get off disabling an extension I have, and may be using, without any ability to opt out?

    The double standard on this would be funny if people weren't so serious about it.

    • by Churla (936633)

      You're new around here... aren't you?

      Although I agree with your point. One lesson people should have learned from the UAC debacle in Vista is that if you have a security feature which will disable or prevent something from running make sure that the user has an easily accessible way to override that decision should they so choose.

    • by TypoNAM (695420) on Monday October 19, 2009 @10:46AM (#29794157)

      Simply enter the address 'about:config' and then do a search for blocklist.

      There, you'll see a setting called 'extensions.blocklist.enabled'. Set it to False if you don't want Mozilla to decide what plugins/add-ons you shouldn't use. Restart Firefox after making changes to take effect.

      Sure it isn't obvious for majority of users, but then again on Windows it isn't obvious what registry entries to hack in order resolve issues either. Firefox does have its own (evil?) registry too.

  • by Nexus7 (2919)

    First the summary says Mozilla have unblocked the ".Net Assistant" add-on. Then it says Mozilla is working on a way to block a "Windows Presentation Framework" add-on _AS WELL_. As well (meaning "in addition to") what? The first item mentioned was unblocked, not blocked. Typo, or incorrect sentence construction, or what? It's 2 lines, can't we get it right?

    Or is this a way to make readers RTFA?

    • by Nexus7 (2919)

      I see they've fixed it now. Without making a note of it either. In most forums, you edit your post, and it'll say "Edited on xxx. Reason:...". Perhaps the editors should be held to a higher standard?

  • Mike Shaver (Score:3, Insightful)

    by socsoc (1116769) on Monday October 19, 2009 @09:50AM (#29793343)
    Didn't Mike Shaver [slashdot.org] spend hours yesterday defending FF's stance in the original article? Now they've backtracked from blocking an already patched vulnerability, but he's still sleeping! We require your insight!
    • by glassware (195317)

      Does anyone know what the plugin actually does? Why would .NET need an assistant? Why would that assistant only need to run when I'm using Firefox?

      Something completely left aside is that so many programs love to install "assistants", "launch helpers", "watchdogs" and "update managers" nowadays. I'm getting really tired of having every program install something that runs every time windows starts, or whenever I launch my browser.

      There is no reason for a .NET assistant that I am aware of.

  • How can I block it back?
  • I think Slashdot as a community needs to take a step back, relax, and reconfirm: its just a browser.
    if your OS is modifying the functionality of your favorite browser in a way you dont like, or forcing you to do things you dont like, then change your operating system.
    similarly, if your browser isn't performing to your expectations, or disabling functionality you want, change your browser

    for a real treat, try changing both at the same time! but for god sake stop with the asinine speculation and quit try
  • I am confused. What sites use .NET under Mozilla's Web browsers?

Little known fact about Middle Earth: The Hobbits had a very sophisticated computer network! It was a Tolkien Ring...

Working...