Expert questions randomness of browser ballot
But the bug isn't 'nefarious', just poor quality coding.
An expert has questioned just how random the Windows browser ballot really is.
Microsoft last week began issuing the browser ballot via Windows Update, giving those running Internet Explorer as their default browser the option of installing an alternative. The move is part of Microsoft's antitrust settlement with the EU.
The browser ballot screen offers the choice of the five leading web browsers, supposedly in random order, with a selection of lesser browser available if the user scrolls to the right.
Last week, bloggers began to notice that Internet Explorer was appearing more frequently in fifth position in the browser ballot than anywhere else, sparking conspiracy theories that Microsoft had rigged the ballot because it knew users were more likely to click on the browser that appeared on the right-hand side of the screen.
However, in a detailed blog post exploring the code used to generate the browser ballot, IBM's Rob Weir claims the issue is caused by a flawed method of randomising the selection.
"There are four well-known approaches [to creating a random shuffle]: two good solutions, one acceptable ("good enough") solution that is slower than necessary and one bad approach that doesn't really work," Weir writes. "Microsoft appears to have picked the bad approach."
"But I do not believe there is some nefarious intent to this bug," Weir adds. "It is more in the nature of a 'naive' algorithm, like the bubble sort, that inexperienced programmers inevitably will fall upon when solving a given problem. I bet if we gave this same problem to 100 freshmen computer science majors, at least one of them would make the same mistake."
Weir claimed that when accessed via Firefox, the browser ballot is more likely to put Internet Explorer in one of the first three positions and Safari in fifth.
Microsoft was unavailable for comment at the time of publication.
How to choose an AI vendor
Five key things to look for in an AI vendorDownload now
The UK 2020 Databerg report
Cloud adoption trends in the UK and recommendations for cloud migrationDownload now
2021 state of email security report: Ransomware on the rise
Securing the enterprise in the COVID worldDownload now
The impact of AWS in the UK
How AWS is powering Britain's fastest-growing companiesDownload now