Feeds

IE uninstaller – was it broken deliberately?

DoJ expert Felten comes close to saying it was...

  • alert
  • submit to reddit

Internet Security Threat Report 2014

The transcript of Professor Felten's testimony as to what Microsoft did to the prototype removal program makes interesting reading, so we are including the full text of that part of the transcript so that readers may draw their own conclusions. David Heiner, a Microsoft lawyer, is asking the questions. Heiner: Dr. Felten, isn't it true that the Windows update feature is almost entirely nonfunctional after the prototype removal program is run? Felten: No, I don't believe that's the case. I should say--hang on. We are getting into an issue here that was one of the things that's changed since I filed my testimony, so let me talk about that for a minute. Heiner: Sir, the question is: isn't it true that the Windows update feature is almost entirely nonfunctional after the prototype removal program is run? It's a yes-or-no kind of question. Felten: Let me explain what the situation is with regard to that. In September, in early September, we provided Microsoft with the source code for the prototype removal program. And on the 4th of December, ten days ago, Microsoft modified some of the software that they distribute as part of the Windows update feature in a way that made it incompatible with the prototype removal program. (Expert's code gets 'broken') Specifically, it was modified in two ways. The first--the first way was that the software was made to download a file in an attempt to put that file into the same directory, into the Internet Explorer directory. Since that directory is no longer present, the attempt to download that file doesn't work. This is a very easy thing for Microsoft to fix. Simply put the file anywhere else. And we have verified that that fix works. there is another change that Microsoft made at this time, which is simply a bug in that the Microsoft code, at one point, fails to initialise a part of the Microsoft API called "com." This is a simple bug. So, Microsoft introduced those two changes after seeing our prototype removal program, and those two changes had the effect of making Windows update incompatible with the prototype removal program. We have verified that Microsoft could easily fix both of those changes, and we verified that by making modifications to the software so that it works again. but it's true that as Microsoft--if you look at the software that Microsoft is offering today, it doesn't work because of these incompatibilities that Microsoft introduced. The Court: Let's see if I understand that testimony. You are telling me that in the course of discovery in this case you provided the source code for your protocol, removal protocol? The Witness: Yes. That happened over the Labour Day weekend. The Court: Therefore, there appears to have been product changes by Microsoft? The Witness: The change was to--technically to an ActiveX control, which is a program that Microsoft provides for download. And as part of this Windows update feature, this program gets automatically downloaded to the user's PC. And there were changes to this file, and the changes had the effect of making the file incompatible with the prototype removal program. Heiner: Dr. Felten, isn't it true that the Windows update feature was entirely dysfunctional after the prototype removal program is run back in September 1998, the day you gave us the code, sir? Felten: No, that's not the case. After giving Microsoft the code--since giving Microsoft the code, I have run Windows update on my primary desktop PC, which is running a version--on which the prototype removal program has been run, so that is not the case. Heiner: Dr. Felten, isn't it the case that the Windows Update Web site was dysfunctional after the prototype removal program was run every day in September, October, and November 1998? Felten: No, I do not believe that to be the case. Heiner: Isn't it true that the search bar across the top of the Windows update site, which is essential functionality to that site, is totally dysfunctional after the prototype removal program is run? Felten: No, I know of no reason to believe that. I have used Windows update successfully myself several times since then without seeing any problem. ® Complete Register trial coverage

Providing a secure and efficient Helpdesk

More from The Register

next story
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Arab States make play for greater government control of the internet
Nerds told to get lost in last-minute power grab bid at UN meeting
Zippy one-liners, broken promises: Doctor Who on the Orient Express
Series finally hits stride, but Clara's U-turn is baffling
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
Apple SILENCES Bose, YANKS headphones from stores
The, er, Beats go on after noise-cancelling spat
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.