Why the EU's "browser ballot" is a bad idea

After a legal wrangle that's lasted almost a year, Microsoft and antitrust investigators from the European Union have signed off on a ballot screen concept designed to Windows users the opportunity to download alternatives to Internet Explorer. While I believe that browser diversification is a good thing, I feel the approached used here is a flawed one, and will make Windows user more vulnerable to malware.

After a legal wrangle that's lasted almost a year, Microsoft and antitrust investigators from the European Union have signed off on a ballot screen concept designed to Windows users the opportunity to download alternatives to Internet Explorer. While I believe that browser diversification is a good thing, I feel the approached used here is a flawed one, and will make Windows user more vulnerable to malware.

So why is it a bad idea? Well, let's think about how it'll work. Following a Windows Update that will be sent out during the first quarter 2010, users living in one of the 30 countries in the European Economic Area (EEA) will be presented with a screen. That screen will consist of two pages, and on those two pages will be links to download a dozen browser (I know, a dozen ... hard to come up with that list cold). Users will be encouraged to download and install third-party applications from websites not controlled by Microsoft.

Anyone else notice the similarity between this browser ballot screen mechanism and tricks that malware writers user to sucker users into downloading bad stuff? I mean, a popup appears on your system out of the blue (for most people, it will be out of the blue) that encourages you to download and install stuff that you might have never heard of before.

Does that sound like a good idea to you?

To me, it sounds like a bad idea for at least two reasons. First, it's encouraging people to do something that tech types are always telling people not to do - click on links that appear in random popups (my advice is always close the popup using ALT+F4 and get on with the rest of your life). Secondly, how long will it be before malware scumbags are either cloning the screen, changing the links to point to dodgy locations and feeding it to Windows users, or repurposing the idea and pushing popups along a similar theme?

The bottom line is that people shouldn't be downloading and installing stuff they don't know about and understand. Depressingly, this is exactly what the ballot screen will encouraging millions of Windows users to do. Given that, I'm shocked and disappointed to see companies that claim to put security first, supporting this idea simply because it gives them a land-grab opportunity.

Thoughts?

[UPDATE: This in from Mozilla:

If you look at the principles we laid out when this whole thing got started, as well as the statements Mozilla has made after the settlement, you'll see that the browser ballot was not Mozilla's idea and Mozilla neither pushed for it nor celebrated it when it was confirmed. Mozilla has always been afraid of unintended or unforeseen consequences related to the ballot. Mitchell said that explicitly on several occasions.

At Mozilla, we were focused on ensuring that Microsoft didn't use Windows to undo users choices once they had switched to another browser. That was our primary focus and the part of the settlement that Mozilla celebrated. It was the EC and other browser vendors that pushed hard on the ballot solution and celebrated the ballot's inclusion.

Mitchell Baker "The most basic aspect of a remedy should be to stop Microsoft from subverting the choice to use a browser other than IE."

Mitchell Baker: "Enabling more people to understand the choices available to them can have some very beneficial results. It is also complex and this aspect of a remedy must be very carefully crafted. The chances for creating a difficult user experience or unintended consequences are real, and so there is a level of concern about the details of what a remedy would look like among even those who support the principle."

Mitchell Baker: "While the ballot mechanism represented by the choice screen has received the most attention, Mozilla is most pleased with the core principles Microsoft will be adopting that protect the choices a person has already made. These principles won't be obvious to a person using Windows. That's the point - once a person has chosen an alternative browser, IE should not keep reappearing. These principles are expressed in several components of the commitments and together should result in a greater respect for individual human decisions."

http://blog.lizardwrangler.com/2009/12/16/european-commission-microsoft-settlement/

http://blog.lizardwrangler.com/2009/06/11/ec-principles-synthesis/]

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All