FYI: If the latest Windows 11 really wants to use Edge, it will use Edge no matter what

The days of redirecting microsoft-edge: links to a non-Microsoft browser are over


Updated Microsoft Windows 11 build 22494 prevents links associated with the Microsoft Edge browser from being handled by third-party applications, a change one developer argues is anticompetitive.

Back in 2017, Daniel Aleksandersen created a free helper application called EdgeDeflector to counter behavioral changes Microsoft made in the way Windows handles mouse clicks on certain web links.

Typically, https:// links get handled by whatever default browser is set for the system in question. But there are ways to register a custom protocol handler, for operating systems and web browsers, that defines the scheme to access a given resource (URI).

Microsoft did just that when it created the microsoft-edge: URI scheme. By prefixing certain links as microsoft-edge:https://example.com instead of https://example.com, the company can tell Windows to use Edge to render example.com instead of the system's default browser.

Microsoft is not doing this for all web links – it hasn't completely rejected browser choice. It applies the microsoft-edge:// protocol to Windows 10 services like News and Interest, Widgets in Windows 11, various help links in the Settings app, search links from the Start menu, Cortana links, and links sent from paired Android devices. Clicking on these links will normally open in Edge regardless of the default browser setting.

When the microsoft-edge:// protocol is used, EdgeDeflector intercepts the protocol mapping to force affected links to open in the user's default browser like regular https:// links. That allows users to override Microsoft and steer links to their chosen browsers.

This approach has proven to be a popular one: Brave and Firefox recently implemented their own microsoft-edge:// URI scheme interception code to counter Microsoft's efforts to force microsoft-edge:// links into its Edge browser.

But since Windows 11 build 22494, released last week, EdgeDeflector no longer works.

This is on top of Microsoft making it tedious to change the default browser on Windows 11 from Edge: in the system settings, you have to navigate to Apps, then Default apps, find your preferred installed browser, and then assign all the link and file types you need to that browser, clicking through the extra dialog boxes Windows throws at you. Your preferred browser may be able to offer a shortcut through this process when you install it or tell it to make it your default.

The Register has asked Brave and Mozilla whether their respective link interception implementations for the microsoft-edge:// URI scheme still work.

In an email to The Register, a Mozilla spokesperson confirmed the Windows change broke Firefox’s Edge protocol workaround.

“People deserve choice,” the spokesperson said. “They should have the ability to simply and easily set defaults and their choice of default browser should be respected. We have worked on code that launches Firefox when the microsoft-edge protocol is used for those users that have already chosen Firefox as their default browser.

"Following the recent change to Windows 11, this planned implementation will no longer be possible.”

Brave CEO Brendan Eich told The Register his Windows 11 testers haven't yet provided an update, but allowed that Aleksandersen's post seems pretty dire. "[Microsoft] must figure [that the] antitrust Eye of Sauron is looking at [Google, Facebook, and Apple] only," he observed.

In an email to The Register, Aleksandersen said the change affects both Brave and Firefox.

"No program other than Microsoft Edge can handle the protocol," he said. "I’ve tested Brave (stable release) and a version of Firefox with the patch to add the protocol. They’re not allowed to support it either."

Microsoft isn’t a good steward of the Windows operating system. They’re prioritizing ads, bundleware, and service subscriptions over their users’ productivity

"Microsoft hasn’t blocked EdgeDeflector specifically. Windows is just bypassing the normal protocol handling system in Windows and always uses Edge for this specific protocol."

According to Aleksandersen, the latest Windows 11 build allows only the Edge browser to handle the microsoft-edge:// protocol.

"No third-party apps are allowed to handle the protocol," he wrote in a blog post on Thursday. "You can’t change the default protocol association through registry changes, OEM partner customizations, modifications to the Microsoft Edge package, interference with OpenWith.exe, or any other hackish workarounds."

Aleksandersen says Windows will force the use of Edge even if you delete it, opening an empty UWP window and presenting an error message rather than falling back on the default browser.

The change to Windows means EdgeDeflector will not receive any further updates unless this behavior is reverted, said Aleksandersen.

"These aren’t the actions of an attentive company that cares about its product anymore," said Aleksandersen. "Microsoft isn’t a good steward of the Windows operating system. They’re prioritizing ads, bundleware, and service subscriptions over their users’ productivity."

Aleksandersen advises those opposed to the change to raise the issue with their local antitrust regulator or to switch to Linux.

Ironically, as Aleksandersen tells it, vendor-specific URI schemes took off in February 2014 after Google introduced a googlechrome:// scheme for its mobile apps as a way to counter Apple's anticompetitive insistence that Safari should handle certain links on iOS devices.

"Microsoft just turned the racket on its head and changed more and more links in its operating system and apps to use its vendor-specific URL scheme," he said in a post last month.

Gavel

Microsoft on trial: The mega antitrust battle, 1998 to 2000

FROM THE ARCHIVE

The Register asked the US Justice Department whether it's aware of this change and, if so, whether it's concerned, given Microsoft's prior conviction for abusing its market dominance. The DoJ declined to comment.

"Microsoft’s use of the microsoft-edge:// protocol instead of regular https:// links is in itself an antitrust issue," Aleksandersen told The Register. "This annoyed me so much that I created EdgeDeflector to fight back on its monopolistic and user-hostile behavior".

"I believe Microsoft clearly doesn’t fear antitrust regulators.

"They’re putting up more barriers and are being more aggressive now than they were in the past when they were hit with antitrust fines. (E.g. removing the default browser settings from Windows Setting, making it more difficult to programmatically change the default browser, prompting the user to 'choose Edge' after every system update, hiding/unpinning other browsers from your taskbar.)

"On top of this, they’re using these horrid microsoft-edge:// links in very prominent places in the OS to bypass the default browser setting entirely."

Microsoft did not respond to a request for comment. ®

Updated to add on November 12

Microsoft considers users being able to open microsoft-edge: URLs in a non-Edge browser a bug, and has addressed that. The release notes for Windows 11 build 22000.346, issued to Insider beta and release preview channels on Friday, states:

We fixed an issue where OS functionality could be improperly redirected when microsoft-edge: links are invoked.

So there you go, Microsoft really does want you living on the Edge.


Other stories you might like

  • Zuckerberg sued for alleged role in Cambridge Analytica data-slurp scandal
    I can prove CEO was 'personally involved in Facebook’s failure to protect privacy', DC AG insists

    Cambridge Analytica is back to haunt Mark Zuckerberg: Washington DC's Attorney General filed a lawsuit today directly accusing the Meta CEO of personal involvement in the abuses that led to the data-slurping scandal. 

    DC AG Karl Racine filed [PDF] the civil suit on Monday morning, saying his office's investigations found ample evidence Zuck could be held responsible for that 2018 cluster-fsck. For those who've put it out of mind, UK-based Cambridge Analytica harvested tens of millions of people's info via a third-party Facebook app, revealing a – at best – somewhat slipshod handling of netizens' privacy by the US tech giant.

    That year, Racine sued Facebook, claiming the social network was well aware of the analytics firm's antics yet failed to do anything meaningful until the data harvesting was covered by mainstream media. Facebook repeatedly stymied document production attempts, Racine claimed, and the paperwork it eventually handed over painted a trail he said led directly to Zuck. 

    Continue reading
  • Florida's content-moderation law kept on ice, likely unconstitutional, court says
    So cool you're into free speech because that includes taking down misinformation

    While the US Supreme Court considers an emergency petition to reinstate a preliminary injunction against Texas' social media law HB 20, the US Eleventh Circuit Court of Appeals on Monday partially upheld a similar injunction against Florida's social media law, SB 7072.

    Both Florida and Texas last year passed laws that impose content moderation restrictions, editorial disclosure obligations, and user-data access requirements on large online social networks. The Republican governors of both states justified the laws by claiming that social media sites have been trying to censor conservative voices, an allegation that has not been supported by evidence.

    Multiple studies addressing this issue say right-wing folk aren't being censored. They have found that social media sites try to take down or block misinformation, which researchers say is more common from right-leaning sources.

    Continue reading
  • US-APAC trade deal leaves out Taiwan, military defense not ruled out
    All fun and games until the chip factories are in the crosshairs

    US President Joe Biden has heralded an Indo-Pacific trade deal signed by several nations that do not include Taiwan. At the same time, Biden warned China that America would help defend Taiwan from attack; it is home to a critical slice of the global chip industry, after all. 

    The agreement, known as the Indo-Pacific Economic Framework (IPEF), is still in its infancy, with today's announcement enabling the United States and the other 12 participating countries to begin negotiating "rules of the road that ensure [US businesses] can compete in the Indo-Pacific," the White House said. 

    Along with America, other IPEF signatories are Australia, Brunei, India, Indonesia, Japan, South Korea, Malaysia, New Zealand, the Philippines, Singapore, Thailand and Vietnam. Combined, the White House said, the 13 countries participating in the IPEF make up 40 percent of the global economy. 

    Continue reading
  • 381,000-plus Kubernetes API servers 'exposed to internet'
    Firewall isn't a made-up word from the Hackers movie, people

    A large number of servers running the Kubernetes API have been left exposed to the internet, which is not great: they're potentially vulnerable to abuse.

    Nonprofit security organization The Shadowserver Foundation recently scanned 454,729 systems hosting the popular open-source platform for managing and orchestrating containers, finding that more than 381,645 – or about 84 percent – are accessible via the internet to varying degrees thus providing a cracked door into a corporate network.

    "While this does not mean that these instances are fully open or vulnerable to an attack, it is likely that this level of access was not intended and these instances are an unnecessarily exposed attack surface," Shadowserver's team stressed in a write-up. "They also allow for information leakage on version and build."

    Continue reading
  • A peek into Gigabyte's GPU Arm for AI, HPC shops
    High-performance platform choices are going beyond the ubiquitous x86 standard

    Arm-based servers continue to gain momentum with Gigabyte Technology introducing a system based on Ampere's Altra processors paired with Nvidia A100 GPUs, aimed at demanding workloads such as AI training and high-performance compute (HPC) applications.

    The G492-PD0 runs either an Ampere Altra or Altra Max processor, the latter delivering 128 64-bit cores that are compatible with the Armv8.2 architecture.

    It supports 16 DDR4 DIMM slots, which would be enough space for up to 4TB of memory if all slots were filled with 256GB memory modules. The chassis also has space for no fewer than eight Nvidia A100 GPUs, which would make for a costly but very powerful system for those workloads that benefit from GPU acceleration.

    Continue reading
  • GitLab version 15 goes big on visibility and observability
    GitOps fans can take a spin on the free tier for pull-based deployment

    One-stop DevOps shop GitLab has announced version 15 of its platform, hot on the heels of pull-based GitOps turning up on the platform's free tier.

    Version 15.0 marks the arrival of GitLab's next major iteration and attention this time around has turned to visibility and observability – hardly surprising considering the acquisition of OpsTrace as 2021 drew to a close, as well as workflow automation, security and compliance.

    GitLab puts out monthly releases –  hitting 15.1 on June 22 –  and we spoke to the company's senior director of Product, Kenny Johnston, at the recent Kubecon EU event, about what will be added to version 15 as time goes by. During a chat with the company's senior director of Product, Kenny Johnston, at the recent Kubecon EU event, The Register was told that this was more where dollars were being invested into the product.

    Continue reading

Biting the hand that feeds IT © 1998–2022