"Microsoft has integrated the driver userChoice Protection Driver,
short UCPD, into Windows 10 and Windows 11 systems recently. This
driver has just one purpose: to block access to UserChoice Registry
keys."
https://www.ghacks.net/2024/04/08/new-sneaky-windows-driver-ucdp-stops-non-microsoft-software-from-setting-defaults/
Allan Higdon <allanh@vivaldi.net> wrote:
"Microsoft has integrated the driver userChoice Protection Driver,
short UCPD, into Windows 10 and Windows 11 systems recently. This
driver has just one purpose: to block access to UserChoice Registry
keys."
https://www.ghacks.net/2024/04/08/new-sneaky-windows-driver-ucdp-stops-non-microsoft-software-from-setting-defaults/
Once someone figures out how to undo a Microsoft protection, sometime
later Microsoft counters by changing how to implement the protection.
UserChoice is a hash added to filetype and protocol handlers considered critical which are defined in the registry. Started in Windows 8.
Previously users, programs, and *malware* could change those handler assignments, but then MS added the hash which supposedly only Windows
knew how to create a valid string. If the UserChoice hash string was
invalid or deleted, Windows would delete it, revert to the default
handler, and create UserChoice again. Windows was protecting the
handler assignment. That meant users had to use the Windows Default
Apps wizard, or when using Open With (pick an app, and make it the
default), to change filetype or protocol handler assignments (not on all
of them, just those considered critical) which knew how to create a
valid hash string.
In the past, there was often an option within a program to change the
default handler associations to that program. That stopped working.
When the UserChoice protection showed up, you could enable the option in
a program to make it the default, but that didn't happen. Later the
apps updated to jump to the Default Apps wizard where you had to figure
out how to set defaults to that program.
Besides using a hash string for which Microsoft assumed only Windows
would know the algorithm, permissions were set on the UserChoice key to prevent casual change or delete. However, since Windows accounts in the Administrators security group have full permissions, and since the
majority of users log into admin accounts, this method really only
protected against tampering by guest/non-admin Windows accounts.
Well, someone came up with a way to defeat UserChoice. SetUserFTA is an example (mentioned in a linked article in the ghacks article). This
subverts the UserChoice protecting the handler assignment. The author figured out how Windows was generating the hash (I think he discovered
how to find the root key in a Windows installation used to generate the hash), and duplicated the hash algorithm in his program. So, Microsoft updated the protection to include protecting the UserChoice key.
Protect the protection.
I don't mind the protection on the protection using UserChoice. I
dislike programs that rudely change handler without asking you (aka the battle over associations). I don't mind an app taking me to the Default
Apps wizard to change a handler. I prefer apps, especially malware,
cannot willy-nilly programmatically change handlers. However, as noted
(and tested by you), anyone running under an admin-level Windows account
can run sc.exe to disable the service, and that includes malware.
Disabling the Task Scheduler event "UCPD Velocity" is mostly for thoroughness. The scheduled call to UCPDmgr.exe trying to use the
disabled service will generate an error in the event log.
Note: Even if you disable the service and scheduled event, Microsoft can still push out an update that reenables them, or redefines them (if you delete them instead of disabled them). You undo. They redo.
Next Microsoft will have to protect the service that protects the
UserChoice entries that protect the handler associations. Geesh. More security means less user choices. Security and convenience are the anti-thesis of each other: more of one means less of the other.
Not much nuisance to an end user. Just use the Default Apps wizard
you've had to use since Windows 8. More a nuisance to sysadmins trying
to deploy policies across lots of corporate workstations.
snip <
I'm not happy about the way clicking on a link in Settings can sometimes
open a website in Edge, but oh well. Going with W10 on this computer has required me to accept a lot of compromises, tweaks and workarounds.
On 10/04/2024 13:19, John C. wrote:
snip <
I'm not happy about the way clicking on a link in Settings can sometimes
open a website in Edge, but oh well. Going with W10 on this computer has
required me to accept a lot of compromises, tweaks and workarounds.
Lots of articles on how to remove Edge from Windows 10 as well as eg
Stop edge from opening links and use default browser (link may wrap)
 - https://answers.microsoft.com/en-us/windows/forum/all/stop-edge-from-opening-links-and-use-default/5b406294-46f1-44df-acb2-d366c0cb1816
And while I'm talking about it, has anybody checked out the extensions
which are available for Edge? They're a joke. There's almost nothing
there which is of any use.
On Thu, 11 Apr 2024 03:45:12 -0700, John C. wrote:
And while I'm talking about it, has anybody checked out the extensions
which are available for Edge? They're a joke. There's almost nothing
there which is of any use.
[in robotic voice] Edge extensions not needed -- Edge already perfect
as shipped -- resistance futile
On Thu, 11 Apr 2024 03:45:12 -0700, John C. wrote:
And while I'm talking about it, has anybody checked out the extensions
which are available for Edge? They're a joke. There's almost nothing
there which is of any use.
[in robotic voice] Edge extensions not needed -- Edge already perfect
as shipped -- resistance futile
John C. wrote:
M$ should have learned from the EU when they tried to shove IE down
everybody's collective throats by using the exact, same excuse that the
program was too "highly integrated into the system".
The EU agreement regarding IE as browser was not adjudicated on
'integration into the system' but a "Choice Screen"[through the Windows Update engine]enabling users of Windows XP, Windows Vista and Windows 7
to choose which web browser(s) they want to install in addition to, or instead of, Microsoft's browser Internet Explorer.
 - the extent of integration was only considered in the preliminary
review by the EU. Integration was eventually not challenged, the focus
and final agreement was on 'choice' for users(and only those in the
European Economic Area).
The Choice option was limited to 5 yrs(ended in 2014), thereafter the 'Choice' feature was removed, but continuing the user's ability to
install a browser of their choice and configure it as default. The
second part of the EU/MSFT agreement was to allow OEM computer
manufacturers to install other available browsers and turn IE Explorer
off(a marginal few chose to do so). The ability to turn IE off did not
need to be added to the O/S, it already existed in the o/s(at OEM and
end user level) before and after the agreement.
I predict that eventually, the same thing is going to happen to them for
forcing Edge on everybody.
Doubtful, since choice still exists. Also unlikely that the EU will ever revisit something similiar regarding Edge(or akin to your
premise/perceived excuse via integration into the o/s) nor Microsoft o/s included apps defaulting to use Edge.
The excuse given by M$ was (paraphrased) that Explorer was too tightly integrated into the Windows OS. They integrated it like that so that
they could use that excuse.
Regardless, I always detest it whenever Edge opens up.
I also detest the way the program continually updates in the
background like W10 itself. It's possible to turn all of that off,
and I will eventually do so. It's also possible to completely
uninstall Edge, another W10 update could reinstall it.
In the mean time: https://www.theverge.com/23935029/microsoft-edge-forced-windows-10-google-chrome-fight
https://www.lifewire.com/experts-worry-microsoft-forcing-edge-on-us-is-just-the-beginning-5210142
https://finance.yahoo.com/news/microsoft-forcing-people-latest-browser-154232700.html
https://www.inc.com/jason-aten/microsoft-is-trying-to-force-you-to-use-its-software-like-its-1998-all-over-again.html
Just a bunch of bashing by those that don't know they do have choices.
John C. wrote:
The excuse given by M$ was (paraphrased) that Explorer was too tightly
integrated into the Windows OS. They integrated it like that so that
they could use that excuse.
explorer.exe is the desktop manager. Seems obvious why it would also be
a file manager. Back in Win 9x days (when using 2 kernels: Win9X and MS-DOS), you could replace the desktop manager with your choice. I
haven't bothered since then to see if anyone still bothers trying to
come up with their own replacement desktop manager (rather than just add
to the existing one).
Or do you say "Explorer" meaning instead Internet Explorer? That was "integrated" because it provide many libs that other programs could use called HTA (HTML Applications). In the same way C runtimes and libs
were provided, and then .NET Framework, DirectX, and so on, apps didn't
have to start from scratch to get all those functions. (https://en.wikipedia.org/wiki/HTML_Application)
Regardless, I always detest it whenever Edge opens up.
What else do you have that has been coded to support the
microsoft-edge:// URI scheme? ANY program can define its own protocol scheme. Norton has done it, so have other programs. When the URI
scheme is called, the handler for it gets used.
https://textslashplain.com/2022/07/18/edge-url-schemes/
Lots of URI schemes are either defined by IANA, or are private for use
by particular programs.
https://en.wikipedia.org/wiki/List_of_URI_schemes https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml
No program must use a registered or well-known URI scheme. Any program
can define a URI scheme that is unique to its use. Whether that is Microsoft, or someone else, ANYONE can define a URI scheme to specify whatever handler for it they want to use.
Go into Default Apps, and click on "Choose default apps by protocol".
Scroll down to see a whole bunch or URI schemes defined for Microsoft
and MS, including MICROSOFT-EDGE (URL:microsoft-edge). When scrolling through the list, you might find you have installed non-Microsoft
software that has added their own URI scheme. I remember decades ago
when Symantec added some to facilitate calling their HTAs.
All a site, like Microsoft, or help links in Windows have to use is an ms-edge:// URI scheme, and that will call the Edge web browser. There
have been attempts to redirect ms-edge URI to https:, so you could try
those. That is, there are redirector tools that will make
microsoft-edge:// URLs open in the default web browser instead of Edge.
Note that any redirector is working only on the URI scheme. It is still possible a program calls the Edge program to load a URL instead of
relying on a URI scheme to pick a handler.
I also detest the way the program continually updates in the
background like W10 itself. It's possible to turn all of that off,
and I will eventually do so. It's also possible to completely
uninstall Edge, another W10 update could reinstall it.
Oh, you mean like how Mozilla lets you disable updates, but then nags
you about updating disabled?
For disabling updates to MS Edge, read:
https://winaero.com/how-to-disable-updates-in-microsoft-edge/
I have the WinAero Tweaker tool, so I can just disable there instead of having to following the above instructions. In short, a firewall rule
blocks MicrosoftEdgeUpdate.exe from connecting out.
Unlikely any update from Microsoft is going to hunt around the rules in
the Windows Firewall, or whichever one you use, looking for a block on
the MicrosoftEdgeUpdate.exe program. However, more likely is that
Microsoft will change the program file that connects out to get an
update, so the firewall rule on the old .exe won't apply to the new .exe file.
Another method is to define a group policy that disables updates to
Edge. However, Home edition users of Windows don't have the Group
Policy Editor (gpedit.msc). All policies are registry entries, so they
can still be defined by editing the registry. The Winaero article also mentions the registry setting, but doesn't supply .reg files to make it
easy to enable/disable the policy.
If you /look/, there are lots of online articles on how to disable
updates to MS Edge. For example, some will mention disabling the
"Microsoft Edge Update Service (edgeupdate)" you see in services.msc.
Alas, as you mention, it is possible for a later date to reenable (if
you disabled it) or redefine the service (if you deleted it). That
service runs the MicrosoftEdgeUpdate.exe program that the firewall rule
will block.
Of course, when you decide to update MS Edge, you'll have to remember
how to undo what you did before to disable updates.
In the mean time:
https://www.theverge.com/23935029/microsoft-edge-forced-windows-10-google-chrome-fight
https://www.lifewire.com/experts-worry-microsoft-forcing-edge-on-us-is-just-the-beginning-5210142
https://finance.yahoo.com/news/microsoft-forcing-people-latest-browser-154232700.html
https://www.inc.com/jason-aten/microsoft-is-trying-to-force-you-to-use-its-software-like-its-1998-all-over-again.html
Just a bunch of bashing by those that don't know they do have choices.
"Any color they customer wants as long as it is black" (attributed to
Henry Ford, but never said by him). Didn't stop customers from painting their cars. Just they didn't want to bother doing so. MS wants you to
use Edge. Yeah, how's that a big surprise? Every vendor wants you
using their stuff. How is this a big surprise?
Don't know about you, but I always want a secondary or backup web
browser that is configured very minimally. If I have problems visiting
a site using my primary web browser (Firefox), I have the secondary one
to check if the problem is with my primary web browser. I want a second opinion on web surfing ills. MS Edge is better than Google Chrome.
There are more security features in Edge than in Chrome. Some features missing in Chrome, like change focus to a newly opened tab, that require installing an add-on are built into Edge. For sites that won't render propertly using Firefox's Gecko engine, I can try using Edge's Blink renderer. For example, I cannot submit a review for Walmart purchases
when using Firefox no matter how much I neuter Firefox, but I can when
using a Chrome variant, like Edge. There are sites that are
deliberately coded to work with Blink (Chrome) that won't work with
other rendering engines (Gecko in Firefox). The same for sites that
don't work 100% when using Firefox's JS script interpreter versus V8 in [variants of] Chrome.
I want a backup or secondary web browser that uses a completely
different rendering engine and script interpreter than in Firefox. When Microsoft switch from their EdgeHTML rendering engine and Jscript
interpreter to Blink and V8, and supported Chrome add-ons, I got rid of Chrome (and a lot of remnant file and registry cleanup), and move to MS Edge-C as my secondary web browser. More secure, more configuration.
If you want more, there's Vivaldi.
No one web browser is 100% usable everywhere. Two using different
rendering engines and script interpreters give you a better chance of compatibility.
On 4/13/2024 8:01 PM, VanguardLH wrote:
Just a bunch of bashing by those that don't know they do have choices.
They have fewer practical choices.
My browser is frequently met with "the frozen screen and you
should update your browser", on pages which are not rich in
content in any way.
John C. wrote:
The excuse given by M$ was (paraphrased) that Explorer was too tightly integrated into the Windows OS. They integrated it like that so that
they could use that excuse. I clearly remember reading that this was the case. That it wasn't adjudicated on that excuse is another issue. I was
only saying that this was a reason M$ gave publically.
On my own site I'm now seeing mostly Chrom*. Though there also
seems to be a lot of spoofing. I see MacOSX10 with Edge. I also see
someone from Belarus with "Trident 7, like Gecko". :)
The second worst thing about Chrome,
after the spying, is the nonsensical forced UI designed for cellphone screens. I can only guess that far more people are on cellphones now
than on computers; and that when they occasionally sit down to a
computer their eyes search frantically for hamburger menu icons.
Thanks for your reply, VanguardLH. And as for browsers, I also have
Firefox and Vivaldi installed. I use Vivaldi to access a local store's website and that's about all I use it for.
Paul wrote:
VanguardLH wrote:
Just a bunch of bashing by those that don't know they do have choices.
They have fewer practical choices.
My browser is frequently met with "the frozen screen and you
should update your browser", on pages which are not rich in
content in any way.
 I just got that yesterday in a strange scenario. I was downloading
MSI drivers and a BIOS update. There was a "billboard" saying that they recommend downloading via Chrome or Edge. That looks to me like
some kind of conspiring strategy to kill Mozilla. Google and MS conspiring?
I don't know. It's also a kind of false advertising, leading people to believe that only Chrome or Edge works properly.
 On my own site I'm now seeing mostly Chrom*. Though there also
seems to be a lot of spoofing. I see MacOSX10 with Edge. I also see
someone from Belarus with "Trident 7, like Gecko". :)
  The primary reason I updated to Win10 was broken webpages. Now
I still see a lot of broken pages. Far too many are broken without script. It's gradually turning into a kiosk Internet where we're expected to
be leaking personal info constantly while we watch ads.
 I had installed Ungoogled Chromium as a backup for FF, but after
setting it up I decided that it was just too messed up. No menu. No
titlebar. No bookmarks menu. Precious few settings of any kind.
   The second worst thing about Chrome,
after the spying, is the nonsensical forced UI designed for cellphone screens. I can only guess that far more people are on cellphones now
than on computers; and that when they occasionally sit down to a
computer their eyes search frantically for hamburger menu icons.
  So after years of using 2 browsers, I now have only one. FF. All
the Chrom* versions are shit. I have no intention of even looking at
Edge. Uninstalling that was one of the first things I did. IE doesn't
seem to work, even though the WebBrowser control works just fine.
(On XP I liked to make IE the default and then block it from going
online, as a way to prevent local webpages from wandering. My
Registry actually says in HKLM that IE is in charge of HTML files, but nothing loads if I double-click iexplore.exe.)
The FF variants are not useful. Some, like Pale Moon, are outdated.
Others, like Waterfox, seem to offer nothing that's not in Firefox.
Someone should have developed a Google-free Chrome with proper
settings and a Desktop UI by now. The fact that no one has seems
to point to how much Google have always been able to dupe the
geeks, ever since they climbed over each other to get a gmail
"invitation".
On Sun, 14 Apr 2024 07:59:56 -0500, John C. <r9jmg0@yahoo.com> wrote:
Thanks for your reply, VanguardLH. And as for browsers, I also have
Firefox and Vivaldi installed. I use Vivaldi to access a local store's
website and that's about all I use it for.
Has your opinion of Vivaldi changed since you upgraded to Win10?
You posted the following in the ACF newsgroup in August.
"Vivaldi is WAY faster at rendering websites than Firefox. Not only
that, but it's able to correctly render websites that Firefox has a
problem with.
IMO at least, Vivaldi is the Firefox replacement that I've been looking
for. Even if it is Chromium based."
John C. wrote:
The excuse given by M$ was (paraphrased) that Explorer was too tightly   Maybe you're thinking of the 90s cases? In one of those
integrated into the Windows OS. They integrated it like that so that
they could use that excuse. I clearly remember reading that this was the
case. That it wasn't adjudicated on that excuse is another issue. I was
only saying that this was a reason M$ gave publically.
MS were claiming they couldn't make IE removable. That was
the famous case of inventing Active Desktop with integrated
IE in order to "cut off Netscape's air supply".
 I remember reading a Wired article from that time. MS had
reporters in and showed how they intended to make Windows
itself reliant on a browser window. The reporter rightly guessed
that it would spell doom for Netscape. Personally I loved it. It
allowed me to design my own custom folder windows by writing
an HTML file.
  Bill Gates and his gang had gone overboard in
thinking that Desktops would now be on the Internet. He was
way off and before his time, simultaneously. But the browser
integration was fun, and HTAs are still useful for lightweight
applets.
 In the later case there was talk of breaking up MS. It came
close, backed by the Feds and something like 20 attorneys
general. But then Bush Jr became president and the case was
dropped. Bush promised to stop hassling corporations and
start auditing the tax returns of those low income people who
were taking the country to the cleaners. :)
 There was also a case that I don't remember clearly now.
I seem to remember that MS had to provide a Media
Player-free option in the EU.
Windows was updated to disable IE use and open Edge unless for a
specific url if configured to 'Allow IE mode' for sites that requires IE
and optionally Edge's IE mode option to add a url to specifically use IE mode.
- IE mode is supported until 2029
The HKLM reg key you referenced is a place-holder or orphan.
- Care to provide that HKLM key full registry path name?
The browser choices for htm, html are shown in:
Settings/Apps/Default Apps/Choose defaults by file type
or
Settings/Apps/Default Apps/<choose any installed browser>/<then scroll
down for the htm, html current default>
The primary reason I updated to Win10 was broken webpages. Now
I still see a lot of broken pages. Far too many are broken without script. >> It's gradually turning into a kiosk Internet where we're expected to
be leaking personal info constantly while we watch ads.
Too true. I fear that the internet may suffer the same fate as cable TV. Check out the 1989 movie "How to Get Ahead in Advertising".
You might want to take a look at Vivaldi. If I ever give up on Firefox, that's what I'll go with. It's an un-Googled Chrome browser. Today I was
able to install every extension that I'm using in Firefox into Vivaldi.
That is, they're all ported to the Chrome based browsers. Only one
Firefox extension wasn't available, and I decided that life would
continue without it.
Yes. So I venture into Microsoft's ugly-ass and barely functional
Metro forest, find default apps, find filetypes, got to .7z, for example,
and the only choice is Hamster. Hamster? I don't remember ever installing anything called Hamster. I certainly don't have it now. I do have 7-Zip,
but I can't choose it.
To use another program, the installed program
has to have set the requisite Registry values to show up as
a possible default program. Or I can go to right-click ->
Open With, which offers only the mysterious Hamster program
for .7z files.
On 4/14/2024 10:37 PM, John C. wrote:
   I'll look that up. I've never heard of it. But my 4 streaming accounts should be good for something besides showing me a repeating list of   The primary reason I updated to Win10 was broken webpages. Now
I still see a lot of broken pages. Far too many are broken without
script.
It's gradually turning into a kiosk Internet where we're expected to
be leaking personal info constantly while we watch ads.
Too true. I fear that the internet may suffer the same fate as cable TV.
Check out the 1989 movie "How to Get Ahead in Advertising".
what I've already watched. :)
   I see people getting acclimated quickly. With Win10, for example, people are already talking passively. This past week there's talk of
MS showing Win11 ads on Win10. But almost no one says, "This is nuts!
How do I stop it?" They just whine that MS are mistreating them, as
though their computer belongs to MS. With websites people are also
becoming passive. Pretty much the only voice I find in support of the citizenry over corporatocracy is Tim Berners-Lee. He writes an article periodically about his invention being ruined, but few are listening.
You might want to take a look at Vivaldi. If I ever give up on Firefox,
that's what I'll go with. It's an un-Googled Chrome browser. Today I was
able to install every extension that I'm using in Firefox into Vivaldi.
That is, they're all ported to the Chrome based browsers. Only one
Firefox extension wasn't available, and I decided that life would
continue without it.
 Does it also have a menu bar and title bar?
For me the hamburger menu
on Chrom* was the dealbreaker. Even menubar extensions don't work.
I just read the Wikipedia page on Vivaldi. It sounds interesting, exceptFrom this article:
for one mention of a spyware function to send home a user I
Though
I don't really want a lot of customizations. I mostly just want a
functional GUI, designed for a Desktop, with a Desktop menu bar, and the basic settings options. But these days I'm also dependent on NoScript.
There so much script on pages -- with some sites loading script from a
dozen sources -- that I don't see any solution aside from NoScript. I just can't disable script 100% like I used to.
| Sysop: | Keyop |
|---|---|
| Location: | Huddersfield, West Yorkshire, UK |
| Users: | 508 |
| Nodes: | 16 (3 / 13) |
| Uptime: | 230:37:30 |
| Calls: | 9,983 |
| Calls today: | 1 |
| Files: | 13,833 |
| Messages: | 6,359,733 |
