I would like anyone that considers Microsoft to be a recent champion of Open Source to reflect on corporate doublespeak. It's plausible that this bug was engineered as an attack on Firefox.
By the looks of it took Firefox a few years to figure out what the repro was, they reported it to MS, it was (very) promptly fixed and they were warned that the syscall they were using isn't being used as intended and they should consider changes to FF for future use cases.
It's the AV that was calling TdhFormatProperty(), not FF. The problem was mostly on the AV side, not FF. FF itself was generating many events due to too many VirtualProtect() calls which in itself was only a smaller part of the problem.
I don't have proof. I'm presenting a theory based on circumstantial evidence. I think it says just as much to reject a theory without proof as it does to present a theory without proof. Let me break down the context in which I make put forward my theory.
* Corporate doublespeak is a well documented tactic in which a business will project a message when the truth is the opposite of the message. Sometimes they use euphemisms, ambiguity, or omissions. I am stating that we cannot take Microsoft's press releases about being Open Source friendly at face value.
* Five years ago Edge was rebuilt with a chromium backend and Microsoft had a large campaign to increase adoption of Edge.
* Reduced Firefox performance would make Edge compare more favorably. This error was clearly in Microsoft's favor.
* It is common for companies that own a platform to create advantages for their applications running on the platform.
* Microsoft has a long history in the browser wars, highlighted by an antitrust lawsuit in the late 90s. Their anticompetitive behavior regarding browsers was a key part of the lawsuit.
> I think it says just as much to reject a theory without proof as it does to present a theory without proof.
Except you don't have any proof, and the proof that opposes your wild speculation is:
- 5 years ago, a bug was opened on the FF issue tracker that over the years had a bunch of derailments.
- A month ago, someone _actually_ investigated, found an issue and reported it to Microsoft.
- Issue was promptly fixed
You're spreading FUD, and attacking _me_ for asking for proof when you made the accusation in the first place. If you want to discuss this reasonably, I'm happy to, but in order to do that, the slightest modicum of bait that points to any sort of effort is required, meanwhile to someone who has worked on software for a reasonably long time, seeing issues spin like this for years is par for the course, and it's great that someone fixed it.
Yes, it does. Stringing together a narrative and ignoring the proof that contridts your claims is conspiracy theory territory.
> Someone can make a statement like this solely based upon past behavior.
Yet all the evidence (the bug linked) implies nothing of the sort.
> They're merely stating that it is plausible.
I can state that it's _plausible_ that the US government conspired with Disney to fake the Moon landing as a show of power to the USSR in the 60's, but I'd expect to be asked for proof, and I'd expect to be accused of spreading absolute nonsense.
There's a difference between something not surprising you and a wild, totally baseless accusation. Ill happily eat my words if there is a shred of proof, but right now it's "company fixes old bug when it was reported to them"
What a weird take. If this bug was engineered as an attack on Firefox, then it seems like the project has been infiltrated by bad actors, because the bug comes from Firefox's codebase. Indeed, the developers themselves contradict your comment in the linked bug conversation:
> This problem has two sides: Microsoft was doing a lot of useless computations upon each event; and we are generating a lot of events. The combination is explosive. Now that Microsoft has done their part of the job (comment 82), we need to reduce our dependency to VirtualProtect.
Compare how many calls other browsers make (this is also quoted in the link): Firefox was generating up to 46 times more (costly) events than Chrome. It is a bit ludicrous to shame Microsoft for the whole situation.
> Firefox with normal configuration: ~14000 events, 98% of which are PROTECTVM_LOCAL;
> Firefox with the preferences from comment 83: ~6500 events, 95% of which are PROTECTVM_LOCAL;
> Edge: ~2000 events, 91% of which are ALLOCVM_LOCAL;
Inaction is a pretty low "bandwidth" form of action, and can sometimes produce the results you're looking for just as well, if not more effectively.
Microsoft has a storied history of anti-competitive views leaking to public eyes/ears, something like this is quite literally a matter of not organizing anyone.
Why would Microsoft attack Firefox specifically and not Chrome? Chrome is the bigger threat to their business. Firefox has become almost too small to care about - little revenue, small browser market share.
There's an argument that Microsoft's Edge use of Chromium and then the Surface Duo would cause 'don't bite the hand that feeds you" problems. Not agreeing with OP, but it would make sense.
Well no, but I also would question the inverse. Holding accountable companies that gain from possibly bad actions and asking the questions is helpful.
See: Microsoft's Supreme court case over their preference for IE and forced monopoly. While Microsoft 'won' the case, the outcomes were exactly what the case feared but "convenient" political climate helped them avoid travelling back to court of course. Microsoft took extreme steps to avoid being broken up in the 1990s however and it's arguable that one of their political mitigation methods, investing in Apple, actually had worse effects on them. (Prior to the iPhone in 2007, it was assumed that RIM and Microsoft would be the big two players in the smartphone space, Apple and Google have basically become the big two players in the Computing space mindshare)
We should at least be aware of it as an option. Many call this "healthy skepticism". It becomes unhealthy when you veer into blind optimism/pessimism/cynicism.
Very interesting point. They might have had the intentions of pushing everyone to use Edge, and it is not surprising after their so many consistent nags and misleading messages to think its the "better" browser compared to anything else.
If Microsoft were so good at software engineering that they could pull off such an attack on Firefox, then maybe they do deserve to have a monopoly. /s
slow walk.. or.. in comparison, have you contacted your local city government to fix obvious holes in the road recently? Around here, a two-year wait time to fix it is common.
Nowadays a lot of malicious acts are intentionally disguised as stupidity and incompetence. Not necessarily in this case, but that quote really is showing its age.
