Do You Trust Microsoft?


I try to give things, ideas, people, etc. a fair shake in most cases, and this even applies to the Microsoft Windows operating system (specifically Windows XP). Yeah, I use Linux and go out of my way to avoid using Windows, and yes, I sometimes _do_ feel like I need a shot of penicillin after touching a Windows box (which is an infrequent event itself), but I try to acknowledge the contributions and advancements that Microsoft has built on, when those things have happened. Some things are even admirable, like the time I plugged in a Firewire camcorder, and XP just popped open a program (Media Player, I think) and captured the video, no questions asked. Pretty cool, and I have not seen this happen on Linux (not to say that it can’t – I just haven’t seen it).

Two recent events (among many) stand out, however. I recently helped local school kids (6th grade and up, about ten of them) learn how to load Linux (Mandriva 2007) on some old donated Dell 3 GHz machines (512 MB RAM, Intel on-board graphics, 80 GB hard drives), and the installs went smoothly. They then got to take home their computers, free. We did not have much time to show them how to use Linux once KDE was up and running, and I honestly expect seven or eight of them to have reloaded their free computers with Windows by now – at least two seemed likely to stay with it, even though all of them seemed impressed by Linux and KDE. This doesn’t bother me – most of them game, and reloading seems to be ingrained way of troubleshooting for home users of Microsoft products. At least two seemed likely to stick with it, and that is fine with me.

I ran into one of the (likely-to-load-Windows) kids a couple weeks later at a store, and asked him how things were going. He then told me a tale of woe and sorrow that surprised me – his computer was now extremely slow and hard to use, and he was doing nothing but RELOADING DRIVERS. This surprised me, since the drivers were already loaded, and I mentioned this. He then clarified, saying that while he liked Linux and it had worked fine, he had gone out and gotten another hard drive, installed it, and proceeded to loaded Windows XP on it so he could play his games. The Linux hard drive had been pulled out, since he did not want Windows overwriting his boot loader – something I had warned the kids would happen if Windows was loaded after Linux. Now, no matter how many times he reloaded drivers and patches, the system crawled and was unstable – and he couldn’t figure out what was wrong. I smiled, nodded, and told him that this was one of many reasons I was glad I no longer used Windows at home. I wished him luck and offered my help if he ever decided to try Linux again.

The other event was when we were troubleshooting an odd error with svchost.exe (application error) that was showing up on some desktops. After Googling (the event logs were pretty useless – again), we found multiple identical fixes, posted from different sources, and similar explanations. Apparently, the error was suspected of being caused by a corrupted update pushed from Microsoft. (Anyone remember the bad old days when such an event could thrash a Windows network?) The fix was pretty involved – the typical home user would either put up with the error, or reload. We decided to make sure our images were clean and reimage to save time.

Quality software? These are just two examples of many that over the years seem to point to a pattern of poor quality that cannot be defended or excused. There have been many many times I have been troubleshooting weird errors in Windows workstations and servers at work in which I have found cryptic error messages in the event logs, looked them up on various Microsoft resources (including TechNet), and discovered absolutely NOTHING useful. Google has many times only provided links to others who have had identical results – but no answers. Another time, I found a workstation that was so boned it would only let me, and no one else, log in. Apparently, someone had power-cycled it in the middle of an update, essentially busting it quite nicely – which is what a quick Google revealed was the expected behavior. The fix, of course, was to reimage the machine. Nothing else would do. This is tip-of-the-iceberg stuff…

From the Windows side, rebooting, reloading, formatting, fdisking, destroying and losing data, starting over from scratch – these are acceptable methods of troubleshooting and problem-solving. People are used to not being able to find out why, or how. It is an annual event (sometimes more often than that) to rebuild because the machine has become slow and unpredictable – it is like Spring Cleaning.

From the ‘nix side – this is unacceptable. Heresy. Sacrilegious, even. Instead, you can read the logs, and they mostly make sense with only a little familiarity with Linux. You can Google and get real answers. There are lots of forums, chat rooms, and channels one can participate in to get answers, but help is so easy to find that I have almost never had to ask a question online. I have had many problems with Windows that have had no solution other than to reload. I have never, ever had this case with Linux (certainly, if one tries hard enough, such a problem can be induced on Linux, or any other OS, of course).

Linux has it share of faults, especially with printer management (I am sure you can think of other things), but it is free. No cost other than your time to set it up. It can happily coexist with other operating systems. It can happily use hardware long since abandoned by Microsoft. Forced upgrades in order to get Linux patches and security updates are possible, in some extreme cases, I suppose, (only because I try not to rule anything out) but I have never actually seen this in practice. Major updates and upgrades almost always seem to yield impressive results, making the effort feel very worthwhile. In most cases, stuff just works, and once you get things working, they tend to stay working.

Windows? Forced updates for hardware and software, if you want to keep getting patches. Pay expensive support fees to get security patches for older versions of Windows. Pay to get anti-virus subscriptions from a third-party to protect your PC from harmful software that exploits flaws in Windows. Pay to someone else to provide software that protects you from flaws in the Windows OS you already paid for. Pay for cleaners, spyware-busters, registry sweepers. Then get updates from Microsoft that break Windows. Then reload and start over when your computer, for no good reason other than enough time has passed, becomes slow and stupid. I won’t go into the reactivation schemes if you change hardware. I won’t go into DRM. I won’t go into UAC-nagging and phone-home-to-Microsoft features. These are things you PAY MONEY for. Oh, but I did get a patch to update the Microsoft Genuine Advantage program, to ensure I was using a real version of Windows, even though I had already done that previously. Sure did. Yup. Good thing THAT was free. Don’t forget upgrades that required you to relearn how to drive around the desktop and applications. Happened with 95 (good), happened with XP (sorta good), and happened with Vista (now I gotta wonder). Windows supporters grouse about Linux requiring the user to relearn the GUI, but the same has happened with Windows and Office before, and sometimes, you just cannot see why it had to be that way.

Windows does a lot of useful stuff for folks, and that is fine. Most people won’t actually *pay* for their copy, since they will just get a new PC in order to meet the increasing hardware requirements, and it will come with the newest offering from Microsoft, with all the drivers, 30-day anti-malware services, subscription discounts, some lightweight productivity software, some games, etc. And paying for useful software is hardly criminal. But how much money has to be sucked from your wallet to make the OS you bought with the new computer safe enough to stay connected to the Internet? How is it right to fund a third-party industry that was built around protecting Windows from itself – without complaint? How is it right that there are still known holes in widely-used Microsoft products that remain unpatched, products someone paid for?

Would you expect the coffee pot you just paid for to have a hole? Would you next obediently pay someone else to patch it, or or would you return it and demand your money back? Simplistic, sure, but come on – this is an operating system that drives entire groups of industries. Hundreds of billions of dollars move around because of Windows. It is astounding that so many have become so accepting of such shoddy quality. I am not addressing applications not written by Microsoft – I am addressing the operating system and Microsoft applications like Office and Internet Explorer.

All software has bugs, holes, flaws, and over time, it is expected that old ones will be patched, new ones will be found. But isn’t there a systemic problem when the anti-virus industry *grows*? When the anti-spyware industry *grows*? When the security-cleaner-defragger-performance-tweaker industry *grows*? If things were getting better, shouldn’t they be shrinking or at least *not* growing, since there would be fewer holes to exploit? What does this mean? Do you doubt that without these industries and their tools, your hardworking OS is in danger of being exploited or damaged just because you connected to the Internet?

Why are the holes that allow viruses and worms and keyloggers and trojans not fixed, when others are with patches? There is a long list of viruses that are quite old that can still infect Windows XP, even with SP2 applied. There is a lot of spyware out there that can still get in. New versions seem to spring up weekly, and some are just minor tweaks to older versions that were blocked by a patch. There have been Microsoft updates that can break software and countless patches to fix problems introduced by patches. Doesn’t anyone at Microsoft know their own software well enough to at least avoid that scenario?

My guess – some flaws in Windows are so deeply rooted they cannot be baked out of Windows without severe, drastic changes. Imagine a set of holes and cracks in a dam that cannot be fixed without gutting the dam and rebuilding it. So someone else installs a set of protective drains and diverters and pipes and valves that all needs constant vigilance and repair to keep the holes from growing and the cracks from spreading – because it is cheaper than rebuilding and affecting communities downstream. I suspect that the business realities of commercial software works against quality in a similar fashion.

  • Programmers have deadlines and deliverables.
  • Bosses and managers have progress reports to pass upwards, and cost-cutting measures to pass downwards.
  • Executives have shareholders and the media to massage and seduce so stock prices go up, not down.
  • Teams work in isolation so no one can know too many trade secrets.
  • Everyone has a job to protect and a promotion to work towards, and maybe rocking the boat gets in the way of some of that.
  • Code gets rushed, and sloppy code gets reused rather than rewritten to get things out the door on time.

I said I wouldn’t mention DRM, but quite a lot of effort went into it on Vista, and it seems to work quite well, restricting how users play their media on their hardware. Why couldn’t that same level of effort go into better security patches, overall better quality of Windows? Because you need to upgrade to Vista to be more secure, and Vista will sell beefier computers. Making XP better and safer to use works against those goals. Vista DRM helps establish future revenue sources. Security fixes do not generate income. The reasons go on, but they all boil down to profits first, everything else last.

It makes me wonder how much room is left at Microsoft for quality, except for the times when a large enough event forces a change, such as the revamped IE7. Why did this happen after Microsoft declared that IE6 was the last stand-alone release? I am sure the success of Firefox had something to do with it. IE7 and Vista sound like progress has been made in fixing holes and providing a more secure OS, but look at past releases – all prior versions have been the “most secure Microsoft operating system ever” (what else would they be?), yet all have rapidly been shown to be quite a bit less secure than hyped. Even now, many are advising users to wait until Service Pack 1 for Vista is released before upgrading. Any reason to think Vista, Office 2007, IE7, etc., will be any different? Are you getting better quality software, or just different looking software that essentially does most of the same things, and adds a few things you probably wouldn’t miss?

I lost my trust of Microsoft a long time ago, after security updates broke machines, after zero-day exploits slagged networks, after viruses repeatedly smoked corporate networks and slowed the Internet to a crawl in many places around the world. We paid good money for that software, and we paid more to secure it. We paid money to troubleshoot it, to learn it and understand it. After enough bad news, you cannot help but start wondering what you are investing in…. And being a convicted monopolist sure didn’t help Microsoft, either.

I have yet to lose faith in Linux. I have yet to see any event that affected a huge community of Linux users in a common fashion (and yes, there really are enough Linux machines out there to qualify as a huge community). I have yet to see a zero-day on Linux that flogged the Internet. I have seen at least one distribution-specific update that borked a major system component, Xorg, but fixes were quick and better tested, and the problem update only affected the one distribution, not all of them.

I had put up with a lot before I finally gave up on Microsoft – Linux still has a long way to go to before I do the same with it. In fact, it is my experience with Linux and the exposure to the level of quality of the OS and its major component applications that has made me more keenly aware of and less tolerant of the quality Microsoft puts into its software. So I ask – what will it take for Microsoft to improve their software, to make it safer for the end users at home, and to make it easier for admins to troubleshoot? And how much more trust will they be willing to place in Microsoft?

Finally, some related good reading, if you stuck it out this far:

“A Cost Analysis of Windows Vista Content Protection”

“The Missing Microsoft Patches”

“Latest Ubuntu xorg-core update breaks X – this is quite old news”

Old article on a Microsoft patch break…

Googling on svchost.exe issues…

Microsoft phones home…

Remember – this is an opinion piece about trusting the quality of software you pay for and depend on from Microsoft. These links support my point of view – I am sure you can find plenty of links to support the opposite if you want. In the end, your personal experiences are going to drive you one way or the other – and mine have definitely made me question everything Microsoft does or does not do and say.

Update: Basic file operation problems in Vista…

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: