Archive for May 23, 2023

Tuesday, May 23, 2023

Microsoft Still Anti-Competitive

Thomas Germain (via Hacker News):

An April Windows update borked a new button in Chrome—the most popular browser in the world—that let you change your default browser with a single click, but the worst was reserved for users on the enterprise version of Windows. For weeks, every time an enterprise user opened Chrome, the Windows default settings page would pop up. There was no way to make it stop unless you uninstalled the operating system update.


This petty chapter of the browser wars started in July 2022 when Google quietly rolled out a new button in Chrome for Windows. It would show up near the top of the screen and let you change your default browser in one click without pulling up your system settings.


Mozilla’s Firefox has its own one-click default button, which worked just fine throughout the ordeal.


In response, Google had to disable its one-click default button; the issue stopped after it did.

Tom Warren (via Hacker News):

Microsoft has now started notifying IT admins that it will force Outlook and Teams to ignore the default web browser on Windows and open links in Microsoft Edge instead.


While this won’t affect the default browser setting in Windows, it’s yet another part of Microsoft 365 and Windows that totally ignores your default browser choice for links. Microsoft already does this with the Widgets system in Windows 11 and even the search experience, where you’ll be forced into Edge if you click a link even if you have another browser set as default.


“This change is designed to create an easier way for Outlook and Microsoft Teams users to reduce task switching across windows and tabs to help stay focused,” says Katy Asher, senior director of communications at Microsoft[…]


Microsoft tested a similar change to the default Windows 10 Mail app in 2018, in an attempt to force people into Edge for email links. That never came to pass, thanks to a backlash from Windows 10 testers. A similar change in 2020 saw Microsoft try and force Chrome’s default search engine to Bing using the Office 365 installer, and IT admins weren’t happy then either.


Update (2023-06-27): Microsoft (Hacker News):

If you have a Microsoft 365 Personal or Family subscription, browser links from the Outlook app will open in Microsoft Edge by default, right alongside the email they’re from in the Microsoft Edge sidebar pane.


Ultimately though, if this experience isn’t right for you, you can turn off this feature the first time it launches in Microsoft Edge, and then in Outlook settings at any time after that.

Update (2023-08-31): Microsoft (via Hacker News):

In the European Economic Area (EEA), Windows system components use the default browser to open links.


That shows such complete and utter contempt for the wishes of their users. The user has actively selected a browser as the one they want to use by default, but windows only uses it in the EEA because they were forced to.

Tom Warren (via Hacker News):

I thought I had malware on my main Windows 11 machine this weekend. There I was minding my own business in Chrome before tabbing back to a game and wham a pop-up appeared asking me to switch my default search engine to Microsoft Bing in Chrome. Stunningly, Microsoft now thinks it’s ok to shove a pop-up in my face above my apps and games just because I dare to use Chrome instead of Microsoft Edge.

This isn’t a normal notification, either. It didn’t appear in the notification center in Windows 11, nor is it connected to the part of Windows 11 that suggests new features to you. It’s quite literally a rogue executable file that has somehow appeared in c:\windows\temp\mubstemp and is digitally signed by Microsoft.

Tom Warren (via Hacker News):

Microsoft will start unbundling Teams from its Microsoft 365 and Office 365 productivity suites in EU markets in October. The move is designed to avoid further antitrust scrutiny, after the European Commission opened a formal antitrust investigation into Microsoft’s bundling of its Teams software with the Office productivity suite last month.

Update (2023-09-11): Daniel Aleksandersen (via Hacker News):

Microsoft published a blog post on the Windows Insider Blog in late August with a vague statement saying that “Windows system components” were to begin respecting the default web browser setting. Windows 10 and 11 regularly bypass this setting and force-open links in Microsoft Edge instead. In my extensive testing, I haven’t found any changes in the new Windows Insider version.

2022 App Store Transparency Report

Apple (MacRumors):

Today, Apple announced that in 2022, the App Store prevented over $2 billion in potentially fraudulent transactions, and rejected nearly 1.7 million app submissions for failing to meet the App Store’s high standards for privacy, security, and content.


In 2021, Apple terminated over 802,000 developer accounts for potentially fraudulent activity. In 2022, that number declined to 428,000 thanks in part to new methods and protocols that allow the App Store to prevent the creation of potentially fraudulent accounts. Additionally, nearly 105,000 Apple Developer Program enrollments were rejected for suspected fraudulent activities, preventing these bad actors from submitting apps to the App Store.


In the last 30 days alone, Apple blocked close to 3.9 million attempts to install or launch apps distributed illicitly through the Developer Enterprise Program, which allows large organizations to deploy internal apps for use by employees.

Nick Heer:

Apple also says it stopped “more than one” app that “the potential” for credential theft. But how many is that? Is it two? Is it fifty? A bigger number would be more fitting for the apparent objective of this kind of report — to explain why iOS software distribution ought to be permitted only through the Apple-administered App Store instead of third-party stores — so the use of “more than one” is conspicuous.


Again, the unspoken rationale for these news releases — which Apple started publishing around the time European regulators began looking into its App Store-only iOS software distribution policy — is that Apple is uniquely suited to protecting its users from fraud and abuse. But it has also repeatedly struggled with preventing pretty obvious scams. I do not think its failure to achieve a perfect success rate is an indication that App Store protections are ineffective, but the company’s own statistics are also not necessarily painting a complete picture.

The more interesting numbers would be the false positives—how many apps were incorrectly rejected and how many developers gave up because of such rejections—and the false negatives—how many bad apps were not caught until after they were in the store or are still in the store.

Rob Jonson:

Chatter was rejected about 8 times for spam before finally being accepted with this REDACTION


Apple says it prevented over $2 billion in potentially fraudulent transactions. And this is only the transactions that got caught. How about the transactions that didn’t get caught? How much did they cost victims, who trusted the App Store? At Apple’s scale, even with 99% accuracy there would be a lot of mistakes.

James Thomson:

I think it says something about the scale of the App Store that Apple terminates more than a thousand developer accounts for fraud, per day.

Jeff Johnson:

It says the App Store is very profitable for scammers, otherwise they wouldn’t try so hard and so much.

Juli Clover (PDF, data, Hacker News, Slashdot):

Apple today published an inaugural App Store Transparency Report, something that the company agreed to provide to developers as part of a 2021 lawsuit settlement.


Developers appealed 18,412 app removals in total, and Apple restored just 616 apps. Apple says that apps that are appealed were typically pulled from the App Store for fraud or illegality, which is why the rejected appeal number is so high.


There are 36,974,015 registered developers, and in 2022, Apple terminated 428,487 developer accounts. According to Apple, developers are removed from the Apple Developer Program “for a number of reasons,” but most commonly because of accounts that are connected with other terminated developer accounts. 3,338 developers appealed their App Store bans, and Apple reinstated just 159 accounts.

Ryan Jones:

26% of app submissions are rejected (1.6 of 6.1M)

They say how many submissions were approved after rejection, but because there are multiple submissions per app we don’t know how many apps were eventually approved.

Basically, people go to the App Store wanting to download 1 specific app = No more browsing

And they redownload 2x as often as download = must be the major apps mostly, like Fb, Ig, banks, etc