Now blogging at diego's weblog. See you over there!

it's not the users, part 2


I was typing this as a comment but it got to be just too big. So here it goes. References for this entry are comments in my entry on software, developers, and users, in particular those by Bo and Roger.

First, thanks everyone for the comments. Now, my replies:

Bo said:

Are you willing to guarantee that your program behaves exactly the way it's supposed to on the infinite configurations of sofware and hardware out there? Are you willing to guarantee your program won't one day do something stupid leading to great monetary loss? What will be the EULA on clever cactus?
While liabilities and guarantees are legal matters, what I am talking about is simply a question of taking responsibility. Instead of taking responsibility and saying "We'll fix this for you, it's our fault", Microsoft says, "It's YOUR fault. But we'll see what we can do."

And it can be fixed. For example, any content downloaded from the Internet would be placed under quarantine, and as Christian said, scanned. Even then, it could be run within a sandbox, for example, NOT allowing access to your entire web browsing history, cookies, and all the network drives to infect. I don't know, there are a thousand things that could be done, but Microsoft hasn't done ANY of them since they started "trustworthy computing" almost two years ago.

In fact, can anyone name a single clearly defined advance that "trustworthy computing" has brought to Windows and/or Office? This would have to be something added to Win XP SP 1 or one of the updates to Office XP. And how is it that well after this "initiative" begun, they still keep finding buffer overflows all over the place, sometimes across ALL VERSIONS OF WINDOWS (!) including the "ultra secure", recently released Windows 2003? Yes, they've got millions of lines of code. But also have thousands of developers. Surely asking each person to run purify and a properly defined set of tests on each of their modules is not too much to ask for.

Even their new developments are not secure, they come up with C#, which is "secure like Java" and they break the security of the environment by letting the developer mess with memory directly. Result: I guarantee that there will be C# buffer overflow worms. Why is that? Because they don't care about security. Don't tell me that it's a compatibility problem, please. A company that is willing to do this doesn't care about compatibility too much.

Security is low priority for them, trustworthy computing notwhistanding. They think it's a "feature", and optional as such. Here's the proof.

So, as far as clevercactus is concerned, I can say what I will NOT do. I will not, facing a widespread security problem, start a "user education campaign", like Microsoft is doing this week. That is an insult. I will use the money on development. I will try to come up with innovative solutions for the problem, and I will try to understand how it can be solved, not just for the next version, but for current versions. I will ask users for input. And, you know, if I had 50 billion dollars in cash (heh) I would think about how to use it properly. Assumming that this is some intractable problem (it's not) you could fund a good number of crash research projects to find good fixes, no?

I don't know, I guess that I could not provide a guarantee (in terms of legal liability, no small company could, probably, and an EULA would reflect that), but at least I would be honest and humble in the face of a mistake, and I'd do my best to fix it, and communicate that to users (and get their input), instead of subjecting them to an "education campaign" which essentially arrogantly says that "we're fixing it up, you just get educated while we come up with something for morons like you", and "oh, here it is. BlahBlah XP is more secure. Pay up." and then have it blow up all over again. This is not a one-time problem. This is a pattern of problems that keeps showing up, over and over, and it's been happening for quite a while now. If it happens once, maybe even twice, it's an honest mistake. If the exact same thing happens three times, except that it gets worse every time, well then...

And, of course, as I've said before, Microsoft has even more responsibility because of its dominant position in the market, and its immense resources.

Roger said, essentially as the core of his argument:

People who open unknown attachments are jumping the curb. People who don't run antivirus software aren't wearing seatbelts. Safety is in the steps you take to protect yourself, not the responsibilities you shift to others.

Now, I can add to what Christian said, by taking each sentence in turn.

"People who open unknown attachments are jumping the curb."

No. Opening an attachment is trivial, it's two clicks and one confusing warning message, and you can get an amazing amount of damage from a simple action. "Jumping the curb" implies a lot, not least of which is the screams of the people you're running over, not to mention crashing trees, etc. I'm not making a literal comparison, I'm just saying that something that causes *so much damage* should be hard to do and to keep doing. That is not the case with attachments.

"People who don't run antivirus software aren't wearing seatbelts."

Conversely from my previous point, "safety" should be easy to obtain. Putting on the seatbelt is easy. Installing, maintaining, and updating AV software is hard. And expensive. The seatbelt comes built in. Easy to use. And it just works. AV software is a long way from that.

On PCs, particularly on Windows PCs, doing a lot of damage is easy, while avoiding damage is hard and expensive. It should be the other way around.

This ties in to Bo's first point of how hard it is to certify different configs, platforms, etc. I agree with Bo that it's difficult. What I am saying is that: a) Microsoft's gut reaction of "people are wrong in opening attachments" should change. If people keep doing it, then they are right, and Microsoft is wrong in assuming they won't. b) Doing damage should be difficult, increasing safety should be easy. Consider how difficult it is today to configure Internet Security options in IE, or how braindead is Outlook XP's "security" with attachments (Executables are not shown. That's it.)

I am not asking that Microsoft be perfect. I know the problems they face, they have a huge market, etc. I am just asking for something simple: I would just like to a) be treated with respect, as a user, that is, when there's a problem like this, please don't say "Oh, users are idiots, they don't do what we tell them to do," and b) that they, rather, try to find a way of solving the problem while maintaining functionality, that is, I would like to see progress in these areas, where solutions are truly solutions, and the way to stop an engine from blowing up is fixing the engine rather than preventing people from ever turning it on.

I don't think it's too much to ask for, no?

Categories: technology
Posted by diego on August 22 2003 at 6:06 PM

Copyright © Diego Doval 2002-2011.
Powered by
Movable Type 4.37