Microsoft Turns HotMail into Honeypot to Cram Office 2010 Down Throats of the Unwary
August 30th, 2010 by Gordon Cook
John Wilson generously volunteered to copy edit my forthcoming issue. I wanted to send something editable and found that i could export my final copy from Mac’s Pages into word. Sent John the word attachment. Asked him to turn corrections on. He asked me whether i could read the document from something called skydrive. I could. He then did a marvelous edit asked me to check the result. SkyDrive did a redirect to a site called Windows Live where my document now resided. The problem was that I had to do a full registration accept a download of MSoft’s web based Office 2010 Suite and sign a EULA giving MSoft authorization to send me updates, special offer and news releases not only for office but also Bling. I refused. John stalwart trooper that he is managed to down load the file on his end and sent it. Word 2004 was unable to open it.
Therefore I called Sara Wedeman to the rescue. This woman is outstanding! In an hour she sent me the file duly openable and swollen from 3.5 to 21 megs But hey at least Johns work was not in vain. Meanwhile John and I tried to figure out what happened. It seems that hotmail has been turned into a honey pot to snare users for Office 2010.
Here is what John found out
I documented the whole process in real time, as it happened, in that set of e-mails to you. That will record my process, and what I *thought* was happening.
1) below describes the process
1) I just went back to your original attachment and went through the process step by step, taking screen-grabs which I will send to you separately.
It confirms what I thought - to wit: that I was signed into my hotmail account within the Windows Live environment (nothing out of order there: I would have activated Windows Live at some point in the past, in response to a hotmail prompt to do so)) Your attachment appeared as an icon in the body of the e-mail: this was the first time I had seen an attachment in this way, as opposed to being in the header of the e-mail as I would have in the case of the attachment being in the header, I clicked on the icon assuming this would launch the document locally on my PC.
What I did not see - remember this was my first experience of seeing an attachment presented to me in this way - was that there were 2 options for viewing the attachment - a) online, and b) download thus by clicking on the main part of the icon I took the view online option, ie this activated the javascript. [Cook’s Edge: well documented in the screen shot slide set below.]
To clarify here: by clicking on the icon of the page with the W for Word, I had activated the view online option- although it was my intention to view it locally, as I assumed that by clicking on that main document icon that I was opening the document locally.
Note that I have noticed recently - within the past week I think - that any image or video links within the body of a hotmail e-mail now appear as graphics at the top of the e-mail. But this is the first time I had come across an attachment in this way.
The above is a step by step guide through the process. I will send an e-mail after this one with screen grabs to fully illustrate this.
Conclusion:
This was activated by me when signed into hotmail & Windows Live, it was the first time I had been presented with an attached word doc in this way. When I clicked on that icon and found myself in SkyDrive, I assumed that I went there because that was YOUR intention. in other words I was quite oblivious to the process I was going through. I had no idea what SkyDrive was.
Earlier John wrote
I clicked on your attachment and, voila… I was in SkyDrive, I was downloading Windows Office 2010 Trial… I was saying to myself “no, surely Gordon would not have sent me to SkyDrive…”
I wasn’t even taking drugs… (never have, for the record)
The only option I seemed to have to view your attachment was to click on the link in the hotmail e-mail…(that java script)
SOLUTION: in future I will only correspond to you via my gmail account
There’s a bizarre TV advert that ran in the UK a few years back, “You’ve been Tangoed” - with this freaky Orange guy smacking people (when they take a sip of Tango)… and this was some kind of Microsoft Windows Live SkyDrive (head-f***) Tangoe’d experience….
John had documented what Microsoft does in a set of 18 screenshots view able on Flickr here. Each one is commented.. A slide show hi res version is here
He adds
The nub of it therefore relates to me being presented, for the first time in hotmail, with an attachment displayed in that way. What I assumed would be the link to download the attachment locally, turned out to be a javascript link to the online viewer, which in turn had an edit online option, which led to SkyDrive, etc, as described. All the while, I thought I was following a process to some online storage and editing option that you had initiated. In other words it runs counter to the normal expectation of downloading locally, to channel one into an online viewer & editor that is then integrated into SkyDrive - ie into the Windows Live cloud services.
Finally John ascertained that attachments viewed in hotmail now require the “Active View” feature.
Note the Active View feature to the right of the screen grab images.
See this Flickr image ms1, with a roll-over note now added to highlight the Active view feature
Here’s the hotmail Active View guide.
Note well the bottom bit, which explains (and confirms for our purpose) that ATTACHMENTS to e-mails require the use of Active view:
IMPORTANT NOTE:
Active Views can only be disabled for third party sources.
Example: Photos from a photo hosting site, online videos and shipping updates.
The attachments that are received as part of the emails at this time require the Active View in order to display, hence you cannot change the way they are displayed.




