![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
babysimon![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-userinfo.gif){kind=small}
ms_katonic mentions that Microsoft have added a little bonus to the .NET framework via Windows Update. It's a Firefox extension that enables the use of Microsoft's technology. Others have been talking about this for some time, but that was the first I heard of it.So, what's the damage?
Well, obviously a lot of people are concerned that Microsoft would install an addon of any nature without asking. To my mind that's somewhat rude of them, but not atypical of the Windows desktop, which often feels like a battleground for warring corporate interests anyway. There's a certain amount of panic over the fact that OMG you can't uninstall it, but really that's more of a limitation of Firefox - any addon installed system-wide gets its "Uninstall" button greyed out (c.f. the "Ubuntu Firefox modifications" and many others). However, Microsoft could certainly have made the uninstall process easier.
But that's not really the point - the point is, how dangerous is ClickOnce? Which really boils down to: is it sandboxed? Well, yes and no. Wikipedia says "ClickOnce employs CAS (Code Access Security) to ensure that system functions cannot be called by a ClickOnce application from the web, ensuring the security of data and the client system in general.". That's a sandbox, this is not ActiveX, so we're fine, right?
Looking a little deeper though, the picture is more worrying. Yes, there's a sandbox, but it's perfectly possible for an application to request privilege elevation, all the way to the user's privilege level - the user will just be prompted with a single dialog. For reference, here's the dialog for a signed application which requires no privilege escalation and just wants to add itself to the Start Menu, and here's the dialog for an unsigned application which requires privilege escalation in order to add your machine to a botnet.
In case you're having trouble telling them apart, the difference is in the shape of the icon in the lower left hand corner.
The trouble is, there's a large segment of the population for whom either dialog may as well say "If you want to tech the tech, you need to tech the tech with the teching tech tech. Tech the tech? Yes / No". And they have the right to expect their machine won't get compromised either, especially after that nice friend or family member installed Firefox for them and told them they were now safe.
So yeah, remove the addon if you're running Windows. But by being the sort of person who removes the addon, you're pretty much the sort of person who's perfectly safe with it installed. Ah well.
