Closed Bug 240136 Opened 17 years ago Closed 17 years ago

Firefox should not auto-import settings without user confirmation

Categories

(Firefox :: Migration, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: mozilla, Assigned: bugs)

References

Details

User-Agent:       Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.7b) Gecko/20040409 Firefox/0.8.0+
Build Identifier: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.7b) Gecko/20040409 Firefox/0.8.0+

i've seen cases where MSIE can get very damaged by web-related exploit content,
and this often makes web surfing on that system very difficult, if not impossible.
if firefox is to have the option of importing 'user settings and other
information' from MSIE, or other browsers, it would be VERY good if it asked
first. in my experience so far, in many cases, i have wanted firefox to be
completely ignorant of whatever settings MSIE currently has.

Reproducible: Always
Steps to Reproduce:
1. install fresh copy of firefox 0.8.0+ (2004-04-09) onto system with MSIE installed
2. run mozilla firefox, the first time it will import settings from MSIE without
prompting first.



Expected Results:  
prompt yes/no for importing previous browser settings
what are we importing that will cause problems for users?  I realize that
spyware etc can cause problems, but that isn't what we're importing.
(In reply to comment #1)
> what are we importing that will cause problems for users?  I realize that
> spyware etc can cause problems, but that isn't what we're importing.

i believe that even if there aren't any known problems with settings import from
other browsers, there probably will be in future.  it would be better if a
simple dialogue box popped up on first runtime and simply asked, would you like
to import settings?

that same dialogue then also doubles as a workaround to avoid some bug(s) we
don't even know about yet, in the mechanisms that obtain the saved configuration
information from the previous browser(s), if firefox just asks and we have a
chance to tell it not to attempt any importing at all.

If a problem appears with the import option causing stability problems etc,
FIXING that bug is the resolution, not adding a dialog that non-savvy users will
just click yes to anyway.

Adding UI to allow working around potential future bugs is just silly, IMO.
speaking from the perspective of users and contractors who do have more of a
clue than the people you're speaking of, like myself, i would find it extremely
handy when installing firefox on someone's system to get around certain settings
and problems that MSIE has stored, to have the option of not importing settings.  

maybe an example will help illustrate:  assume a certain website hacks up
(hijacks) a users MSIE's settings to change all their search/about page
settings, and even changes (via registry) what happens when someone uses http://
in their browser (a nasty type of redirection).  these changes force the user to
be hitting their site all the time, and they also may use a local file on disk
to display when nothing should be displaying.

so as it stands now, even if you didn't want those search settings set, they get
set anyway.  those people end up still going to the same hijacking search page
they never wanted to be at in the first place, at least until they get to the
configuration of firefox and walk through the various settings to find and
remove the traces of that site from their settings.

maybe i don't understand why it's such a big deal to add it: why not allow the
user to choose to say 'no' at that initial loadup?  it's one screen that then
bypasses a chunk of the first-time startup, and should carry on..?  why limit
firefox's install to the kind of mentality that leads to 'just people who will
hit yes anyway', as there are plenty of smart people using firefox too, who can
read just fine and know where to go to ask for more information if they're
unclear as to what is being asked.

thanks for your continued time on the matter, as i do feel this is an important
point for discussion.
you're arguing from the point of view of a THEORETICAL exploit, which might not
even fall under the type of information that we currently import.  And in fact,
it probably doesn't.

As I've stated before, the import should NOT allow importing of potentially
insecure settings.  To my knowledge it does not in any way.  If there is a
setting we should not be importing from IE, identify it and we can decide on
that.  Unsubstantiated paranoia doesn't justify adding a dialog.  One of the
design aims is to reduce dialogs to the absoluete minimum (reference the GNOME
HIG for reasoning if you're interested)

If you really want a workaround for this, create a profile manually from the
profile manager before first startup and the auto-import doesn't run.
i still maintain that it will be in fact more work to do it the way your team 
has decided to do it; as you play catch-up with the various new types of 
exploits that will come out, being automatically transferred to firefox upon 
its installation, you may eventually see why i desired an ability to stop 
firefox from attempting any import of settings i never wanted set in the first 
place.

i appreciate the dialogue anyway, but i can see this situation isn't going to 
change any time soon.  thanks for your time.
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → WONTFIX
like I've said multiple times, you're assuming that we're importing potentially
harmful settings (i.e. we're importing a pref that allows hijacking of
protocols, which we're not, and I don't think we would try)  Nothing factual is
in this bug, just speculation.  If we import something that is potentially
harmful, we should weigh the relative merits of importing that setting and
implement safeguards.  I honestly don't think that this will ever be an issue
based on what we do import, however.
Status: RESOLVED → VERIFIED
*** Bug 239586 has been marked as a duplicate of this bug. ***
I'm the poster of Bug#239586. Just noticed why there have been no response to my 
post.

It is sad that the Firefox team has decided not to fix this problem. I can see 
that we are now going to be like Micro$oft which dictates its software users 
what options to have what options not to have.

I'm not a novice user and I want the ability to say NO to the importing dialog. 
I don't care what Firefox imports I just want to set/config those settings 
manually and cleanly. Why do you force advanced users to get what you decide 
novice users should have? Are you happy when you install a new program X for the 
first time and you see it automatically imports things (junk included) you don't 
know (or even if you know) from other similar software Y installed and you can't 
stop it? In fact, I can't think of any software that imports settings from other 
similar software installed on the computer. Tell me some if you know, apart from 
Firefox.

Also, why import from IE? Why not import from Opera? What about Opera users who 
never uses IE on the computer and want to try Firefox? I won't get any thing 
imported from Opera so their newly installed Firefox won't work?

It is not just about the dangerous stuff that Firefox could import. I agree with 
yossarian that at least we should be able to prevent that ourselves without 
having to wait for Firefox team, who plays catch up with things that could 
happen because of automatic importing feature, to fix problems that cause by 
other broswer in Firefox for us.

Another reason for me is that I want to unzip Firefox to my home dir on the LAN 
and I don't want it to import junk from IE set by the admin of that workstation. 
I think this reason is also true for people running Firefox on USB harddrive 
without installing it to the machine first. They wouldn't want junk from IE on 
that machine imported to their USB Firefox.

Please reconsider the decision. I know and you know it's not that hard to make 
that dialog stoppable. If you insist automatic import for novice users, what 
about delaying it for 2-3 seconds (with or without a counting down number) so 
that advanced users can click "Cancel" before the import starts?

Thanks for listening.

Cheers,
Rob.
if you create a profile manually, the auto-import doesn't happen.  We do
actually support migration from Opera as well, I'm not 100% sure on the logic
used to decide where the auto-import happens from.

The workaround for "advanced" users is to create a profile before startup, and
import manually.  That is the extent of what we're doing here.  If we get
substantial feedback from 0.9 indicating that this is a Bad Thing(tm) then
obviously we will reconsider.  However, since users converting from another
non-Mozilla/Netscape Windows browser have about a 95% chance of being IE users,
the seamless, automatic migration of certain settings is a welcome bonus. 
Adding an unnecessary dialog to the first time startup for all of those users
simply isn't justified by the edge cases mentioned here.
*** Bug 240823 has been marked as a duplicate of this bug. ***
Ok, creating a profile manually does help. For those who wonder how to do, run 
"firefox.exe -P".

Do we have a list of Firefox's command line options? I've searched but couldn't 
find one. I got from the search that there is -fullscreen, -P, but I would like 
to know the rest.

Thanks.
As a suggestion how about solving this from the point of view of the
administrator how about having a question asking weither to import settings in
the Custom/Advanced section of the installation routine. Normal users won't see
it, admins can know it's there.
It seems to be that there should be a way to explicitly tell Firefox not to
import settings.  Firefox is very handy to deploy in environments where IE has
been compromised.  At the very least, those people do not want Firefox to import
some bread crumb homepage set by some IE spyware to notify a site of the
victim's IP address.  Yeah, you can evade it, but it shouldn't be a bigger
hassle than installing a new browser.

At the least, importing should be an installer option.  Looking through
bugzilla, there are numerous import bugs, some of which appear critical.  All of
this says to me that the importer should be seperated as an extension, perhaps
the first official Firefox extension.  I, personally, do not want anything
imported from IE, and would disable the installation of an importer just out of
asthetics.  I feel most Firefox users would do the same--the exception would be
the new users, who wouldn't disable anything.
*** Bug 223314 has been marked as a duplicate of this bug. ***
*** Bug 244868 has been marked as a duplicate of this bug. ***
I'm the author of <strike><a
href="show_bug.cgi?id=244868">Bug#244868</a></strike> . Most people here have
been complaining about security issues. Mine was an interface issue. If we don't
consider the security aspects, there's still a very annoying UI aspect that'll
make all unaware users (meaning: even advanced users) believe that Firefox has
crashed (lockup). When importing the IE favorites, there is no indication
whatsoever that this is happening, no popup stating that Firefox may appear
frozen, no import status bar. This isn't just an annoyance; from the user's
perspective, this is just plain bad design. Anyone that's taken User Interfaces
101 knows the importance of psychology and impressions: it's not how long it
takes, it's how long the user thinks it's taking. As long as there's some kind
of indication, a status bar, anything that lets the user know what's happening,
he won't care how long it takes. The assumption is always that if the software
didn't say something would be happening, that nothing's supposed to happen, so
"why the h311 is this piece of s*1t software frozen"? We all know
Mozilla/Firefox is a good piece of software, so why even give a chance for
people to believe otherwise?
(In reply to comment #17)
> I'm the author of <strike><a
> href="show_bug.cgi?id=244868">Bug#244868</a></strike>...

Actually, Emmanuel Gravel is the author of bug 223314, not 244868.  I'm the
author of 244868.  My issue is more of standard UI stuff:  a program shouldn't
change anything without confirmation/permission.  I know we're talking about the
initial setup here instead of anything I've previously configured, but as others
have noted in the duplicate bug reports, Firefox should not assume that the user
wants the program to look like IE.  I'm closer to Joe Sixpack than a developer
and Firefox's automatically configuring itself to look like IE irritates me.  I
have to dig around through the directory tree to delete various files (which I'm
guessing at) to get Firefox back to its default state.  I like Firefox so much
(even as a beta), that I only use IE for those few sites Firefox can't handle. 
It's been so long since I've really USED IE that I'm not even sure what settings
I have set there or why I set them that way.  Making Firefox look like IE is not
only of no use to me, it's also a hassle.

Also, one of the comments here says that the import routine doesn't
automatically run if you create a profile first.  I'm pretty sure that's not
correct.  I usually create a new profile before starting up Firefox and I
believe it still automatically migrates IE's settings.  Just prior to reporting
my duplicate bug, I had installed without a profile because the profile manager
wouldn't create a profile in a new directory with this build.  I'll try creating
a profile with a new build and see if I'm remembering correctly.
I'd like to see this bug reopened. Just a simple prompt on first start would do:

Firefox has detected that you have an install of [Internet
Explorer|Mozilla|Opera]. Would you like us to import your bookmarks and settings
for you? If you choose no, you can always do this later by choosing Import from
the File menu.

[Yes] [No]
I'm reopening this bug because the initial WONTFIX was based on the premise of
an exploit, whereas the other requests are based on people not wanting
auto-import for other reasons.
OS: Windows 98 → All
Hardware: PC → All
Status: VERIFIED → UNCONFIRMED
Resolution: WONTFIX → ---
--> Migration
Assignee: firefox → bugs
Component: Preferences → Migration
(In reply to comment #18)
> Also, one of the comments here says that the import routine doesn't
> automatically run if you create a profile first.  I'm pretty sure that's not
> correct.  I usually create a new profile before starting up Firefox and I
> believe it still automatically migrates IE's settings.  Just prior to 
reporting
> my duplicate bug, I had installed without a profile because the profile 
manager
> wouldn't create a profile in a new directory with this build.  I'll try 
creating
> a profile with a new build and see if I'm remembering correctly.

I just confirmed that setting up a profile before the initial startup of a 
Firefox build does NOT stop the migration utility from automatically running.  
I uninstalled the previous Firefox version and deleted all mozilla/firefox 
directories.  Downloaded and installed the trunk (w/ installer) version 
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a2) Gecko/20040528 
Firefox/0.8.0+ on XP.  Told it not to run Firefox at the end of the install 
routine, went to the Profile Manager icon in the Program Group and set up my 
profile in a custom directory.  Upon starting Firefox with that profile 
selected, Firefox immediately migrated my IE settings.
Per Ben's UE docs at:
http://www.mozilla.org/projects/firefox/ue/migration/

I'm confirming this bug, because there should be a prompt to import settings.
The user should be given a choice on first-run from where to import, or not to
import anything at all.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: blocking1.0?
Summary: firefox auto-import of settings from previous browsers, without prompting first → Firefox should not auto-import settings without user confirmation
I agree that the installer should be prompted about what to import. I just
installed the 0.9RC and the IE bookmarks and history that exist on my PC were
imported automatically and now I've lost the bookmarks, etc. I had in Firefox
0.8. andI'm stuck with my son's bookmarks. IE is the default browser on the
family PC (if that makes a difference). Suggesting I create a new profile after
I've lost my bookmarks is ignoring the problem.
branch and trunk fixed. 
Status: NEW → RESOLVED
Closed: 17 years ago17 years ago
Resolution: --- → FIXED
Flags: blocking1.0?
I have a comment about migrating from Firefox 0.8 to Firefox 0.9rc on Windows XP:

I am very disappointed that upon the installation of 0.9rc, all useless IE
settings and bookmarks were migrated into Firefox 0.9rc. I am very upset that
none of my settings of the default installation of 0.8 appeared in 0.9rc. 

Not only the *imported settings from IE are useless* (like bookmarks Windows
Update, Customise IE, Windows Media, etc), but *Firefox 0.9rc misses those
bookmarks that are in fact useful in the new installation* (MozillaZine forums,
Latest Builds, etc). 

I can only hope that the final Firefox 0.9 will in fact *import settings from
Firefox 0.8*, and will *never import settings from IE without a conformation*. 
You need to log in before you can comment on or make changes to this bug.