New default browser setting protection in OS X 10.10

Web browsers on OS X have always been able to set themselves as the default browser. Traditionally, this have been done through a prompt dialog or toolbar but programs could really do whatever they’ve wanted to without asking for permission. New in “Yosemite”, the system now tries to protect users from third‐party programs who wants to change their default settings unintentionally or maliciously. There have, however, been nothing stopping bad actors or malicious software from sneakily changing this setting without asking the user.

The incentive for changing this setting, either in good faith or maliciously is to increase usage of one browser over any other browser. Web browser vendors and malicious third‐parties who hijack settings alike earn money from product placements (including the browser’s default search engine(s), default favorites, etc.)

Starting with OS X 10.10 “Yosemite”, the setting for changing the default web browser have been moved out of the Safari browser and into System Preferences where it belongs. Users can choose their preferred default browser there from a drop‐down of installed browsers.

Any program trying to change the setting on the user’s behalf will trigger this confirmation dialog:

Dialog prompting “Do you want to change your default browser?”

“Do you want to change your default browser to Safari or keep using a competing product? Your default browser opens when you click links in places like email messages, documents, and other apps. [Keep Competitor] [Use Safari]”

For the more technically inclined, the protection happens when an application tries to change the URL handler for http: in Launch Services. The request to change the protocol is intercepted by the dialog asking the user to confirm the change. Attempts at maliciously changing the URL handler without first requesting it are simply reverted and ignored.

This should sound very familiar to anyone familiar with Windows 8. The mechanism used there functions in much the same way. The difference being that Mac tries to explain the consequences of changing the default, and Windows instead displaying a list of all installed options without explaining what it means. Windows’ design likely being influenced by the 2009 anti‐competitive agreement between Microsoft and the European Commission.

The Opera browser’s — my employer, by the by — network installers will display these system dialogs after successfully installing themselves. Giving the user a clear option to choose Opera as their default browser while still respecting their decision. For older versions of Windows and Mac without this setting protection, an option is made available in the installers.

It is possible to bypass the protection built‐in to OS X. It is not trivial to achieve and I’m not going to share any details on this. I wholeheartedly support Apple’s effort and intention of protecting users from unintentionally or maliciously having their settings changed.

Next, I’ll take a closer look at how the protection mechanism’s dialog and UIAgent is used to aggressively promote Safari to users who have already made their choice about using a non‐Apple supplied browser.

Leave a Reply

Your email address will not be published. Be courteous and on-topic. Comments are moderated prior to publication.