Fog Creek Software
Discussion Board




Half of Windows crashes not our fault, says MS

Today, Microsoft's "chief security strategist" admitted that Microsoft is responsible for as many Windows crashes as all the other Windows software developers in the world put together.

http://www.zdnet.com.au/newstech/security/story/0,2000048600,20277185,00.htm

What the hell was he thinking?

Seriously, it's inevitable that Microsoft would have some pretty serious crash "market share", simply because their products themselves are so staggeringly popular. And the rest of the article talks about what Microsoft is doing to improve its security and reliability record -- it's an interesting topic, I wish they'd covered that in more depth instead.

But even without the unfortunate timing of these remarks, as the article notes, coinciding with the latest high-profile worm, it's hard not to laugh at someone saying "only half of these crashes are our fault".

Daryl Oidy
Thursday, August 14, 2003

"Seriously, it's inevitable that Microsoft would have some pretty serious crash "market share", simply because their products themselves are so staggeringly popular. "

When will you people realize that popularity has nothing to do with crashes and exploits that windows suffers.  Poor programming is the problem.

I wonder if the ones they count as not their fault include the apps they have broken on purpose over the years in the spirit of competition.

That's ok.  Open standards etc are making Windows irrelevant.

Rodan
Thursday, August 14, 2003

Half the crashes are not Microsoft's fault.  It's the fault of the people who didn't patch their systems quickly enough!

T. Norman
Thursday, August 14, 2003

"Open standards etc are making Windows irrelevant"

Really? Since when is Windows irrelevant?  I have nothing against open standards, but the last thing they do, intrinsically is make Windows irrelevant. 

Grumble..I'm going to bed... After 12 hours of (fulfilling) .NET development, I gotta read this shit...  Please go back to /.

GiorgioG
Thursday, August 14, 2003

One day you'll be writing those windows forms for *GASP* Linux.

If anyone knows where lower tco went, let Redmond know.  They've been looking for it lately.

Rodan
Thursday, August 14, 2003

hgeez, come on people.  "cant we all just get along"

If theres one thing Ive learnt its that every operating system in the world is a bug filled pit of pestilence.  Ive had to work aournd bugs in linux, osx, mac classic, win9x, win2l, winNT, Im just currently fixing an application that has been broken by the latest winXP update.

they are all shit, and pointing your finger at a different operating system wont change that :)

FullNameRequired
Thursday, August 14, 2003

You know, I work with IBM's websphere.  It costs about 30k, and it has bugs galore.  It has huge bugs. It has enormous, tear your hair out, pound your head into your keyboard bugs.  Windows costs 100 bucks.  Want to show me a product that doesn't have bugs? or an operating system that doesn't have security holes?  The problem is, windows is used by a lot of non-computer savy people.  Most linux users understand computers reasonably well, so they're going to patch their systems and take basic security precations, yet they're still hacked.  I don't think we can blame microsoft for having the most idiots using their software.

vince
Thursday, August 14, 2003

And in few years we will have MS-Win Automobile version in use. Now think about changes it will make in professional hitman business. No more shooting and bombing. Just find some teen hacker, give him licence plate and tell him what to do: lock car and suffocate passengers, go over cliff, crash into wall or some big truck. And everything is done over internet. Maybe even we can open Internet "HitShop". Just order, pay via credit card, and our system will do the rest.
And no, it will be no MS fault. Why didn't you patch your car software.

drazen
Thursday, August 14, 2003

(Rodan, I find your response quite amusing, because by day I am actually a foaming-at-the-mouth free software zealot. I went out of my way to avoid scoring cheap points, despite my general distaste for Windows, because this forum is hosted by a Windows software developer and has as such attracted a Windows-friendly audience. Not being from that side of the fence, I like to peer over from time to time to see what colour the grass is. Cheap point-scoring leads to discussions producing a lot of heat and no light, and I try to avoid starting them -- except when it's funny.)

Anyway, onto your actual point:

"When will you people realize that popularity has nothing to do with crashes and exploits that windows suffers.  Poor programming is the problem."

This is what I meant:

Suppose that Joe Bloggs, software developer, introduces a bug into Outlook. On the same day, his twin brother James makes the same kind of coding mistake (let's say it's a buffer overflow caused by long Subject lines which crashes the email client) in JimboMail 2004.

Now suppose I send a message with a really long Subject line to a mailing list with one thousand subscribers. If half of those people are using Outlook, and only three are using JimboMail, there will be 503 crash reports to analyse. But there are only 2 bugs.

I assumed that when Microsoft says "half of the crashes", they mean half of the crash reports, and not half of the causes of crashes. If I'm right (and I think that interpretation is the more plausible one), popularity has a *tremendous* impact.

Daryl Oidy
Thursday, August 14, 2003

Hello Daryl Oidy

There is a little problem with this argument. The most popular Internet Server is Apache. But I never heard about an Apache worm that makes trouble. The trouble comes with CodeRed (I think) that was a IIS-worm.

Florian
Thursday, August 14, 2003

"When will you people realize that popularity has nothing to do with crashes and exploits that windows suffers.  Poor programming is the problem."

I'm running Win2k here. It's on my desktop server, which I use for .Net development, a database server, xml editing, ftp, text editing, web surfing, IM clients, etc, etc.

I have Win2k on my gaming/media box, where I play some pretty awesome looking games, do video capture and editing, and play MP3's.

Win2k is on our dev server, which is also our mail server and company webserver.

Win2k is on the client's production server, database server, and web server.

Microsoft Windows 2000 is running in all those places, doing all those things. It's running 24/7. Hundreds of people using the production boxes. I beat the crap out of my servers.

With the exception of security patches, which I apply when available, the last Windows bug that affected my work? I can't remember. There *might* have been one or two in the three years I've been using Win2k.

"Poor programming"? I don't think so. This is definitely a time when I have to say "put up or shut up". They've had problems in the past, and still have issues, but IMHO Windows 2000 is probably one of the best programs, quality-wise, on the market today.

Philo

Philo
Thursday, August 14, 2003

What's wrong with MS being honest?  This strategy of honesty pays off in the long run -- if MS maintained silence, they'd be seen as passing the buck.

Obviously they have a knotty engineering problem.  There's no way to put it as a coding problem, because coding is what individuals and small teams do.  Systematic problems occur, and that falls under engineering.

Opensource engineering would shield components from each other, so Sendmail's problems shouldn't overly affect the rest of the system.  However, there is a usabilty and performance disadvantage, and the stability advantage is theoretical and can't be taken for granted.

anonymous
Thursday, August 14, 2003

I thought I saw

"Half of Windows cash not our..., says MS". :-)

where are me glasses...

Amour Tan
Thursday, August 14, 2003

Scott Charney says, "half of all crashes in Windows are caused not by Microsoft code, but third-party code".

That's a rather negative comment - even if it _is_ true.  Negative comments don't make good PR.  In this case, I don't even think the negative comment has made _effective_ PR.

Had they kept the focus on _their_ responsibility and elaborated on what they're doing about it, it would have been much better (albiet, less talked-about).

bpd
Thursday, August 14, 2003

The only times I've ever had my Windows XP Pro box crash was due to a poorly written graphics driver.  I use Windows 2000 and XP Pro at work and both are rock solid.  I leave my Windows 2000 desktop up for months without a reboot (save the critical security patches).

Jeremy
Thursday, August 14, 2003

Cross-referencing it here:

http://www.google-watch-watch.org/

because it provides a nice explanation where all this bashing really stems from.

Johnny Bravo
Thursday, August 14, 2003

I actually would not be surprised if their claim is true.  The vast majority of Win2k and XP crashes I've seen have probably been due to driver bugs.  I say "probably" because there is no way for me to know for sure, but the symptoms have indicated driver problems

Mike McNertney
Thursday, August 14, 2003

I have a feeling that "chief security strategist" is sort of like the "Application Architecture group" that Joel described in one of his articles. 

SomeBody
Thursday, August 14, 2003

I'm surprised MS admits to half the windows crashes being their fault!  That's a big step in my eyes.

chris
Thursday, August 14, 2003

I think the problem here is that there's two completely different things being discussed.

Windows crashes: if the OS crashes, there's basically two possible sources for the problem: the OS vendor, and the third-party driver vendor. The application can not be blamed for accidentally crashing the OS: there shouldn't be anything an application could do that would have the result of crashing the OS.

If he's pointing to drivers, then I'll grant him the point. I'll even include applications that include drivers, like games that bypass the GDI. But if you're using Office or Photoshop and your computer crashes, that crash was not the fault of Microsoft's apps division or Adobe... it's the fault of the OS group. Because there's nothing that these kinds of programs need to do that should have the potential of crashing the OS.

Peter da Silva
Saturday, August 16, 2003

One of the main source of crashes in NT4 ior NT5 (W2K or XP) is the decision to let the graphics access the kernel.

And as the code base is the same for the server as for the workstation go figure!

Stephen Jones
Sunday, August 17, 2003

Stephen,

have you ever had a video driver crash your server? I have run plenty over the years and have never had this happen (actually, I have never had a server crash on me. The closest I came was having Exchange halt because of low diskspace). Video in servers tends to be ultra conservative.
For games on Workstation/Pro would you make the tradeof different: speed <-> stability? Again, I have had workstation (NT 4.0) crash on me once (bad memory simm). I did have Explorer freeze on me a couple of times, and I did have to reinstal a win2k because of bad driver install (Toshiba). I choose my hardware conservative with a bias towards stability. YMMV.
OTOH, the one time I ran a non-NT MS system after running NT4/Win2K (win98) I had a few crashes. I was realy amazed the first time that happened and ditched the OS at the first opportunity.

Just me (Sir to you)
Monday, August 18, 2003

*  Recent Topics

*  Fog Creek Home