Microsoft has a little liability problem called Windows. Many are no doubt aware of a would-be class-action lawsuit launched last week in California. The suit targets Microsoft over security problems. The plaintiff is a woman who had her identity stolen. Details are
here. (NYTimes, free registration required)Editorial Notice: All opinions are those of the author and not necessarily those of osnews.com
#@%* Lawyers
My first reaction was #@%* lawyers and stupid class-action suits. But as the NY Times article indicates, there could be more to it this time. Software makers have always managed to avoid warranty and product liability problems by licensing rather than selling their wares. There are two assumptions about this in the software business. The first is that these issues cannot be evaded forever. The second is that nothing will actually change until someone figures out how to overturn the End User License Agreement (EULA) in court.
What’s different in this case from previous software suits are the participants, the basis of the suit and the political climate. A little background is in order for non-US readers. The American legal system is peculiar. There are reasons why it works the way it does. Americans have ceded to the courts much of the power accorded to Government agencies in other countries. There is a lot wrong with this approach, but it does have a few positives. It does provide an avenue for the little guy to prevail over the big. And that happens often enough to give the process credibility. Without going too far into it, we can observe that lawsuits are a regular feature of American business life.
Get Rich Quick
For an ambitious trial lawyer, the best road to fame and riches is the class-action suit. A lawyer can go to court on behalf of a particular client and seek class-action status. If granted, the lawyer gets to represent not only that client, but all others with the same complaint within the court’s jurisdiction. This tool was developed to deal with complex cases where the alleged wrongdoing effected many, many people. For example, there was a class-action suit that represented the interests of all women that received defective silicone breast implants. Usually everyone in the “class” gets the option of signing on to the settlement or going to court on their own if they think they can do better. The class-action appeals to lawyers, who can get rich. It appeals to courts, who deal with one case rather than thousands. And it appeals to aggrieved citizens, who can avoid being defeated piecemeal by wealthy corporations.
If a lawyer can launch a lawsuit and get it certified as a class-action, they’ve made a start on the road to fame and fortune. They still have to win the case, or establish an expectation that they will. This is a risky undertaking that has bankrupted not a few law firms. To get the biggest payoff, the lawyer has to take the case on a contingency basis. The client(s) don’t pay the lawyer a cent. Instead, the lawyer gets a percentage of the payout. The lawyer finances the legal costs of fighting the case. This can easily run into the millions. There was an excellent book (and a pretty good movie) called “A Civil Action” that told the story of a law firm that went under trying to win a class-action suit. The movie “Erin Brockovich” also told the mostly true story of a class-action lawsuit from the lawyer’s perspective. Keep in mind that it is a Hollywood movie. And that the story it tells is as typical of class-action suits as Julia Roberts is of single mothers.
The combination of contingency fees and class-action suits have created a legal sub-industry. There are law firms that prospect for such suits. They find a group of people damaged in some way by someone, then go to court seeking class-action status. The lawyers behind the Microsoft suit have had successful class-action product liability suits before. They know what they are doing. That guarantees nothing, but one has to take the initiative seriously.
Classy?
The suit’s first hurdle is getting certified as a class-action. Microsoft has its best chance to beat the suit here. They have a potent argument. Not all California Windows users had their identity stolen or their computers hacked. And not all the victims of identity theft or hacking can attribute the cause to Windows. The counter-argument is that it makes no difference. Microsoft can’t evade responsibility because their products are not 100% faulty. This could go either way, and a failure to gain class-action status will be the end of it. There is no way to tell right now how this will pan out.
If the suit does get certified as a class-action, there is the EULA to deal with. The legal status of the EULA is not entirely clear, but it has held up in a few previous suits. They were all reasonably narrow industry cases. Nobody has made a really credible consumer based attack on the EULA before. The law firm has come up with the novel argument that because MS is a monopoly, they can’t use a restrictive license as a shield. Since consumer’s effectively have no choice but to buy Windows when they buy a computer, they are not in a position to enter into the licensing agreement freely. And that MS’s conduct in releasing shoddy products is so reprehensible the EULA shouldn’t be able to protect them. They also say that the upgrade process is so complex and inept that a normal person can’t possibly ensure they have a secure computer. With MS back into the “patching the patches” routine, this is a powerful argument. One re-enforced by the apparent IE security hole that permitted crackers to steal the source code for Half-Life 2. One can hear the speech to the jury, “If a development company like Valve can’t secure their Windows machines due to MS negligence, then what chance does the consumer have?”
Time of the Season
Microsoft has yet to answer the suit in court. But if their legal strategy is anything like their PR strategy, they’re dead. So far, an MS spokesperson has said “The complaint misses the bigger point, which is that the problems caused by viruses and other attacks are caused by criminal acts by the people writing the viruses.” And “It is pretty clear that Microsoft has made security a priority.” Or as the lawyers will translate for the jury, “the problem isn’t our faulty product, its the people who exploit our faulty product”, and “we haven’t done anything wrong and we won’t do it again”. Both are tacit admissions of guilt.
Judges, on the whole, are remarkably fair and clear-minded. But they still swim in the same sea as the rest of us. They are not immune to changes in the character of the water. This summer has been disastrous for Microsoft. The conviction that they cannot or will not make a secure operating system has taken hold in the mass media. As has the idea that MS security blunders are responsible for a great deal of financial and emotional damage. This suit itself is symptomatic of that perception. If the perception did not exist, this law firm would be prospecting in more promising places. At some point, some judge and jury will accept the argument that MS cannot make billions selling an essential product used by everyone with no warranty whatsoever. This law firm is betting that now is that time.
The rest of us in the software business are now on notice. We cannot continue to get away with ship-now-and-fix-later as a development strategy. The day before the filing of this suit was the last day anyone doing business in the US could claim they didn’t think product liability could apply to them. If this suit is successful, any products introduced after its initiation will be held to a much higher standard. Fewer features, better stability and effective security need to start going into products as of now.
Perhaps we can get MS to pay up for all the lost productivity in the workplace due to Windows, word, etc crashing and having us lose valuable work time – not to mention reboot time waiting, screwing with the machine, etc. I’m a Mac OS X user now, but when I did use Windows, I can’t tell you the amount of lost productivity I had. Microsoft, IMHO didn’t care *because* they are a monopoly – they had no incentive to fix.
Im conflicted on this whole thing. While I think MS doesnt pay enough attention to security, they can’t be blamed for holes. No software is perfect, and that’s the truth. Now, if they’re going to prove MS purposely put bugs in Windows, thats a different story.
If these guys win, I fear for all of the volunteer developers who will be forced to stop. Would you program for free if you could get sued for it?
Who would she sue if she had been running GNULinux? This is a legitimate question.
I should have added that I do not purport to be a legal expert. Any criticism or correction by real experts will be gratefully accepted. Also, here is a mirrored copy of the complaint:
http://www.hldownload.com/MScomplaint.htm
Good question, but remember that the premise for the lawsuit is that MS is a monopoly, and you have no choice in accepting the EULA. GNU/Linux is not a monopoly by ANY definition. You have a choice to accept, or reject, EULA’s.
Does the MS software license have a “As-is” or hold harmless clause? If so then the lawsuit is really an uphill battle unless there is significant proof of negligence. While I have issues with Microsofts security practices in general I do not think they have been willfully negligent. I believe the no warranty clauses in the GPL (11 &12) should protect open source coders for the most part, even given willful negligence.
9/11 victim’s families already are suing the building owners, the airport, and port authority, which I find disgusting. A horrific act commited by madmen is not something that you can blame on anyone but the madmen who were behind the plot. No ammount of precautions the building owners might have taken could have prevented this evil act.
I do agree with this suit though. It’s about time someone held MS accountable.
Excuse me, I genearlized. I didn’t mean that all 9/11 victim’s families are suing. It would have been better to say SOME.
I am right there with you, people are sue happy. I need to read the article but is it certain where she lost her identity, could be from throwing away papers that has her ssn and other information. I wonder if the license agreements were altered a bit, if that would hold up in court
i believe in tort reform. I believe there are too many lawsuits that are hurting the US economy and american people.
That said, i think lawsuits against MS are a good thing. In a free market (a real one) competition would regulate MS’ behavior (perhaps they’d improve security features due to competitive pressures). MS, though, is a monopoly that faces no regulation and no competition. That means the only thing left to change MS behavior is the prospect of lawsuits.
They are already suing the airliners, why not the owner or builder of the building. Hell they can sue MS because wasn’t it proven their flight simulator was used for practice for the terrorists ?
“Good question, but remember that the premise for the lawsuit is that MS is a monopoly, and you have no choice in accepting the EULA.”
“You have a choice to accept, or reject, EULA’s.”
Which is it? You can’t have it both ways.
If Microsoft is a monoply, how can I use Linux, Mac OS etc?
Quote — “While I think MS doesnt pay enough attention to security, they can’t be blamed for holes. No software is perfect, and that’s the truth. Now, if they’re going to prove MS purposely put bugs in Windows, thats a different story.”
I disagree. There is an important, though also very fine, line between an attack they have no conrtol over, and negligence. As an example, take Outlook and its past problem of auto-running attatchments. If a trojan gets on someones system because Outlook auto-ran the attatchment by default, partial blame SHOULD go to MS. If, on the other hand, it does not auto-run it by default, but the user enabled that feature or simply saved and opened the attatchment themself, then the user gets that partial blame instead of MS. Of course, the other part of the blame goes to the attacker.
The question on how this effects GNU and BSD licensed software is a much more difficult one however. It will be interesting to see how this plays out.
“As an example, take Outlook and its past problem of auto-running attatchments.”
When did Outlook automatically run attatchments?
That if they are going to take the time and effort to ship a binary only product, they are the only ones that are able to make security changes, or know what is going on. Therefore, I think that they are liable.
I use linux, and I can (not that I am extremely capable to) make changes to the software, and inspect it as I choose. I do rely on others for a lot of fixes, but there are lots of eyes that see my sources, and therefore more open for someone to see a problem and fix it.
If they want to keep everything under lock and key, they are the one responisible for holes.
You actually rent Microsofts software, you pay to use it,
so yes they are fully responsable for the bugs and security flaws just as your landlord is for not fixing the pipes..
Quote — “When did Outlook automatically run attatchments?”
More then one version of Outlook that would automatically run attatchments when an email was opened. I do not believe it has been an issue in more recent versions however. They learned there lesson on that one. Besides, its just an example to illistrate where I believe the line is between incidents beyond MSs control and negligence.
There is no technique for writing a large piece of software and avoid introducing security holes. I mean, even if you go the OpenBSD approach and sift through the entire code base every 6 months, you still miss something bad once every few years.
If this suit succeeds, then:
1) development will slow down. The only reason open source applications can grow so fast on so slim resources is that they release frequently and use the users as beta testers (one can make an argument that Microsoft does the same thing). If developers are liable for screwing up the user’s computer, they will err on the side of caution and spend time looking for bugs instead of making radical changes to their program.
2) small/independent developers will go out of business. Either they will have to buy liability insurance, or they will have to maintain an expensive notarized paper trail detailing how many hours they spent looking for what security flaw, or they will have to put up a bit notice saying “this is alpha release – I am not liable” and give ignorant customers an excuse to stick with big, suable vendors.
3) open source will be in serious trouble because of the slippery slope effect. If it becomes the duty of programmers to make secure code, perhaps someone could argue that only licensed, bonded programmers should be allowed to touch the keyboard. If you don’t pay $$$ for a degree, and don’t pass an official exam, and don’t work for a licensed corporation, you just might lose the right to release software to the public.
I have no love for Microsoft, but if this suit succeeds, it might destroy open source and seriously hurt the entire industry.
Please refer to your original question, and my answer. You changed the context of my note, and then changed the subject all together. I only answered your question about whom to sue fot linux problems, nothing more.
If I were a judge (or whoever it is the task to accept or recuse complaints). If there is no pledging (of security), there is no obligation. If the vendor (or editor) has not promised you that you would be secure, you can’t sue him. It’s like when you buy a house, then some thief breaks in. Are you going to sue the vendor or the constructor if you never talk about the house security? I bet only the thief will be sued, and your insurance company will ask you why the hell you didn’t do anything to make your house secure?
Disclaimer: IANAL.
I don’t have an account on MY Times so didn’t read the article, but I’m wondering if there was a patch available at the time that her system was hacked?
Well I think we can all agree America is Sue-happy. But I do take take some exception to some of the analogies. For example the 9/11 example.
Yes, its ridiculous to sue the building people. I mean no one has in mind a normal building being built to withstand 2 planes. But there is a case to be made against the airlines. These men were able to
A) carry blades onto the plane
B) hijack the plane
C) enter the cockpit
D) fly the plane into a building
Step C at least is possibly negligence. I’m not saying I think they are responsible, but there is a case to be made. A similar case can be made against cars which are poorly designed to withstand crashes. It is reasonable to expect a certain amount of security in any product.
As to this specific case to MS. The courts will have to decide if MS was negligent in their security. On this I am inclined to side with MS. Enough news has been published to make people aware of virii. MS, whether you agree or not has undertaken security as a priority.
Correct me if I’m wrong, but aren’t things like telephones regulated for a certain amount of reliability (at least in canada). If so, perhaps such a model is needed for OS, given that it is such a critical system
Quote — “If it becomes the duty of programmers to make secure code, perhaps someone could argue that only licensed, bonded programmers should be allowed to touch the keyboard. If you don’t pay $$$ for a degree, and don’t pass an official exam, and don’t work for a licensed corporation, you just might lose the right to release software to the public.”
Actually, thats an interesting idea, though I disagree that it would necessarily force all programming to large corporations. I could see somthing like that happening. After all, I wouldn’t want anyone but a licensed and bonded contractor doing work on my home, so why would I want any less for my software? Damaged software can be just as difficult on ones finances as a damaged home these days.
If anything, this would make it EASEIR for independant programmers. People who need software made would be more comfortable going with licensed and bonded independents for important projects, where as today they may prefer a larger company for liability reasons.
If MS is going to take the responsibility for storing personal information like Credit Card numbers, addresses, etc., then MS is responsible for ensuring the confidentiality and integrity of that information.
Perhaps it could be shown that MS has shown negligence in a specific system which lead to stolen identities.
>It’s like when you buy a house, then some thief breaks in.
>Are you going to sue the vendor or the constructor if you
>never talk about the house security?
You do not buy MS software you rent it, you may only use it, the comparison is therefore wrong.
“A horrific act commited by madmen is not something that you can blame on anyone but the madmen who were behind the plot. No ammount of precautions the building owners might have taken could have prevented this evil act. ”
Then, actually the same as “An illegal pirating commited by madgeeks is not something you can blame on anyone but the madgeek who were behind the code. No amount of precautions the OS developer might have taken could prevent all of those illegal acts”.
“I do agree with this suit though. It’s about time someone held MS accountable.”
And on which basis ? Microsoft products are the targets of terrorists. Why should they be responsible ? They make an *OS*. Some people made fun of ATTACKING this product OS.
And just think twice before wishing it. If Microsoft lose, then a *precendence* is set, and this is a real danger, as then ANY legal action can use this precedence against ANY target.
I know many people hates Microsoft for some despictable action. The Microsoft should be punished regarding THOSE despictable action, nothing else. On the contrary, the whole legal system lose, and everybody lose.
What a mess this is going to be. I guess her computer must be siezed to see if she applied the MS patches regularly, updated to the latest secure version of the particular software she was running, was using antivirus software like everyone should, (maybe symantec or McAfee should be sued too!)…and the list goes on and on and on.
Maybe the websites should be sued because they “could” impliment 256 bit security if they wanted to, but hardly anybody does. And maybe the thief should sue the plaintiff for allowing him to access her identy so easily…after all it was just too tempting for the thief who we all know is really not a theif, but just has a mental illness and couldn’t help himself when these identies that are so easily accessible and insufficiently protected through the lack of secure software!
As usual it will end up being everyone’s fault …..except for the theif!!!
I agree to you in a way but you must also understand the avarage Windows user. MS is advertising as if Windwos is all good, secure, stable etc. They are not full responable for the blame but sure they must get some of the heat.
kreg… i totally agree and this will probably be what protects open source…
I guess with all the above responses it pretty much is loose/loose for everyone but the lawyer and the plaintiff. One thing that does bother me is whenever it finally does happen in a Linux machine, I guess you would ultimately be sueing the GPL…not for money, but to have it dismissed, (for reasons, see many responses above). I guess??
There’s just potentially too much to loose for anyone involved in any way, shape or form with this.
I am not at all a legal expert. But the way I see it, that would only affect americans. Once again. People elsewhere shouldn’t worry too much I guess.
“Yes, its ridiculous to sue the building people. I mean no one has in mind a normal building being built to withstand 2 planes.”
Not arguing with you, just to inform you, and everyone else. The designers of the twin towers actually did design the towers to withstand the direct hit of planes. I forget which size, a 707, or a 737, or something like that. A bit smaller (relatively) then the planes that actually struck.
But nevertheless, they did plan and build the buildings in case a plane did hit. They did this because of the shear height of the buildings, and that a plane might accidently hit one of the towers because of technical problems (that was the reasoning).
So yes, even though we wouldn’t think of it, architects and engineers do.
Remember, the lawyers are contesting that because Microsoft is a monopoly, they need to be held to these high standards, and that an EULA is something they shouldn’t be able to hide behind.
The fact is, they are acting like they are a monopoly by not fixing their products, and selling products they know are insecure.
When you buy a car, and that car blows up because of a faulty part, is the company that built the car liable? Or is it your fault? I mean, EVERYONE is a car expert and knows which cars are not good.
No, it’s the companies fault. They built a faulty product. This faulty product caused damages.
So suddenly, a monopoly does the same thing. Damn right it should be at fault.
People seem to forget that Microsoft IS a monopoly.
I think that this whole case is stupid, I dont like MS any more than the next guy, but its not there fault that some ppl dont have there computers running properly. If MS were to make some type of program similer to AVG or nortan then ppl would complain that there using not being fair, and when they dont include this program like now and leave it to the consumer to secure thier computer then they get slamed for having poor software. And yes MS code sucks but that doesn’t mean that ppl cant get linu/Unix/BSD or get a firewall or somthing. People need to pull thier head s out of the sand and look at the reality MS has had a bad rep for this sort of thing for a long time, so if you use it then you know what your getting into. People need to stop blaming MS for everythong and install Linux or buy some scurity apps.
“Not arguing with you, just to inform you, and everyone else. The designers of the twin towers actually did design the towers to withstand the direct hit of planes. I forget which size, a 707, or a 737, or something like that. A bit smaller (relatively) then the planes that actually struck.”
Taking a plane hit seems to be a commong requirement for large structures. I am not sure how it’s done in America, but (according to a Russian nuclear engineer I talked to) the Soviet nuclear power plants were designed to withstand a plane falling on them from some height. And before you start talking about Chernobyl – much of the blame lies on the operators who didn’t follow the safety manual when rebooting the reactor.
Not arguing with you, just to inform you, and everyone else. The designers of the twin towers actually did design the towers to withstand the direct hit of planes. I forget which size, a 707, or a 737, or something like that. A bit smaller (relatively) then the planes that actually struck.
Also remember that it wasn’t the impacts that brought the towers down, it was the ensuing fires.
But I’m with Microsoft on this one. They shouldn’t be forced to guarantee the quality of their products. If people use them and lose their data its their fault. Its not like alternatives don’t exist. And its not like Windows cannot be made secure. These people are just too lazy to do things right. They are stupid and deserve what they get. But I do believe these people should be humiliated publicly for using Windows and losing their personal information. The more publicity this gets the more people will consider OSX, BeOS, Linux, GNU, BSD, etc. The media is extremely biased, so perhaps it too should be criticized for even mentioning Microsoft as being secure, each and every time they say it.
Don’t know how it goes by your side of the world, but on my side, there is no difference whether you rent or you buy the house.
You actually rent Microsofts software, you pay to use it,
so yes they are fully responsable for the bugs and security flaws just as your landlord is for not fixing the pipes..
So is Red Hat, Suse, Mandrake, and all the others whether you paid for it or not(downloaded).
This lawsuit is about defective software rather than the criminals that abused it. Our legal system here in the states makes sure that when a judicial ruling occurs that is based on no prior precedents, it establishes a new precedent which binds it into defacto law. If this suit succeeds these following situations will occur because the ruling will set a new precedent and will apply to all software free or fee.
My copy of Quake III crashed on Red Hat Linux, I’m gonna sue ID Software and RedHat for defective software and emotional distress.
or
My copy of gLabel crashed on Red Hat Linux and Gnome, I’m gonna sue the devlopers of gLabel, Gnome and RedHat for defective software, lost work time, and emotional distress.
I can just see it now, a lawsuit filed against VU and Valve next year by a user whos experiance with Half Life 2 was compromised by cheaters and sues for 100 million dollars for defective software and emotional distress.
This is like the Eolas v. Microsoft suit. You can’t apply a law or ruling to against one entity and not apply it to similar violations by other entitys. That means the greedy lawyers now see a cash cow and will go after Adobe, Macromedia, Intel, Sun, Mozilla.org(and all incarnates), AOL, Real and others. Even the W3C will get hit by a lawsuit.
There is just to many lawyers and lawyers abusing the system.
Quote:
“1) development will slow down. The only reason open source applications can grow so fast on so slim resources is that they release frequently and use the users as beta testers (one can make an argument that Microsoft does the same thing). If developers are liable for screwing up the user’s computer, they will err on the side of caution and spend time looking for bugs instead of making radical changes to their program. ”
M$ development will slow down, and that’s a good thing. Since they have a monopoly, they get new version out too often for large enterprise to have enough time to handle, and thus, cost millions of money to upgrade every 2-3 years, witch is unacceptable. The rest of the industry will inovate without fear of being purchased of copied. So it’s a good thing.
Quote:
“2) small/independent developers will go out of business. Either they will have to buy liability insurance, or they will have to maintain an expensive notarized paper trail detailing how many hours they spent looking for what security flaw, or they will have to put up a bit notice saying “this is alpha release – I am not liable” and give ignorant customers an excuse to stick with big, suable vendors.”
Small vendor almost allways produce more quality code and check more with their customers than M$ does. So they don’t have to fear any of this. Those who do fear are the one that produce crappy software and should even be in the software field in the first place.
Quote:
“3) open source will be in serious trouble because of the slippery slope effect. If it becomes the duty of programmers to make secure code, perhaps someone could argue that only licensed, bonded programmers should be allowed to touch the keyboard. If you don’t pay $$$ for a degree, and don’t pass an official exam, and don’t work for a licensed corporation, you just might lose the right to release software to the public. ”
What are you talking about? Open source has nothing to worry since people that use that kind of software do it by choice, not because they have to upgrade because they’re not supported? I think it will even boost OSS as they already produce quality software over quantity.
Microsoft is a monopoly, don’t forget that. This means that for the average consumer, an alternative doesn’t exist. Soon, that won’t be the case, but Microsoft has been a monopoly for some time, and that means they need to answer for it.
Also, it’s wrong to assume the that user should be responsible for making Windows secure. If you buy a car that has the wrong sized tires, who’s fault is it? If that car crashes because of those wrong sized tires, can people blame you for obviously not knowing that you car had the wrong sized tires, and going out and getting them replaced?
This is a big ugly issue.
Software makers all over the planet take responsibility for their software every day. This liability is enforced through the contracts that the developers have with their clients. The responsibility, duties, and obligations are enumerated in the agreements.
The problem is that this level of care is done typically only with individual, custom software, and is usually quite expensive. But if you go into a contract with a client and don’t meet the expecations and performance spelled out in that contract, then expect ramifications.
With consumer software, you typically don’t enter into these kinds of contracts. Most folks can’t afford them because the difference to having software “mostly work” and “perfectly work” can be quite dramatic, especially very complex systems.
Consumer software makers live on the fine line of hyping and promoting Wonderkind software while denying all liability and responsability. Most companies try a reasonable effort to help consumers surmount basic problems, but if you, say, reinstall Windows, and still can’t get their software to run, they’re not going to go to heroic efforts to make it work. If they’re really nice, they might even give you your money back, but if you read the assorted licenses et al, they’re really not obligated to.
However, if a software glitch slams a Boeing 777 into the ground, you can be assured that Boeing WILL be held to task for the issue, because they sell and maintain the entire system. But Boeing is perhaps at an advantage in that they have really good control over the entire platform, whereas Joes Software doesn’t know much about your machine save that it’s running Win95, and that it’s relying on Microsoft to handle the details like hardware drivers and what not.
This gets into the lovely finger pointing common to modern software “It’s your vendor! It’s the driver! It’s Microsoft!”.
Most other products live nice, secluded lives that make them vastly easier to support. If your car starts doing odd things, you can take it to the dealer be assured that they won’t say “Well, our test car doesn’t do that, so it must be you.” They can “easily” take the entire system as a whole and isolate the problem, fix the problem, in isolation, and if it’s an “engineering issue”, forward the data back to the factory on how to fix it and perhaps prevent it in the future.
Computers, specifically Consumer computers, are not stable platforms. Somehow modern systems are able to take simple, deterministic bits and processes and turn them into unpredictable chaotic systems. This is a key factor on why support for these systems is so difficult and expensive.
Add to the fact that not only are the system themselves changing, but adding the connectivity issue and the fact that the external environment is simply getting more and more hostile exacerbates the problem.
When developers can rely on their platforms, when they can get assurances of quality and liability from the vendors they craft their systems on as well as the platforms they deploy their systems on, then we can have a more stable sytem environment, though I imagine at this stage a for less flexible one.
As far as certifications etc, there’s another side of the coin. Contracting, say, a home addition requires the tasks of licensed contractors. These contractors are licensed through a similar process as an MCSE. They’re tested. Here in California, they require a couple of years of experience before they can test, but I don’t know about other states.
Minimally though, it comes down to the test. Remember, 50% of the those that tested are in the bottom half of their class.
But as a back up to the license contractors, there’s the State mandated building codes AND building inspectors. These folks “test the work” of the contractors. Of course, the beauty of building a house is once it’s built, it’s pretty static, so the inspector need come at best only once.
How many software systems stay that stable? Can you fathom bringing somebody in as your project is ready to deploy to audit the entire system? Code freeze the project and docs while the inspectors come through to learn the requirements and ensure quality and stability? Can you as a consumer rely on the developer to audit and check their own work? Should building contractors also be inspectors?
How many folks today decided to NOT change something because it requires a time consuming regression test? “Well, we changed the JVM, so let’s test all 1500 JSP pages, shall we?”
Yes, this can all be done, but the environment, economically, historically, and culturally, does not support it. I’m sure Boeing does something like this for their 777, but most business systems can’t and don’t. Ever have a business system written, tested, documented, running, and deployed when all of sudden they get the “WalMart” contract, with edicts on how Things Must Be Done?
This is the dillema, and there’s no easy answer.
>Don’t know how it goes by your side of the world, but on my
>side, there is no difference whether you rent or you buy the
>house.
If oyu buy a house you are responsable for the pluming, if you rent the landlord is, just as it is in @ your place.
The comparison is nice but you cannot compare a thief breaking
into a house with buggy and not correctly working software from Microsoft on wich the user cannot change the working of it (say: locks).
Quote:
“I think that this whole case is stupid, I dont like MS any more than the next guy, but its not there fault that some ppl dont have there computers running properly. If MS were to make some type of program similer to AVG or nortan then ppl would complain that there using not being fair, and when they dont include this program like now and leave it to the consumer to secure thier computer then they get slamed for having poor software. And yes MS code sucks but that doesn’t mean that ppl cant get linu/Unix/BSD or get a firewall or somthing. People need to pull thier head s out of the sand and look at the reality MS has had a bad rep for this sort of thing for a long time, so if you use it then you know what your getting into. People need to stop blaming MS for everythong and install Linux or buy some scurity apps.”
Windows has reach the status that it is everywhere and that anybody can use it. You can requiert ‘casual user’ to be an expert and to know everything about computer security, etc, etc. Do you know everything about your car or do you trust that GM, Ford, Honda or everyother carmaker had carfully checked everything for you (beside normal maintenance)? When something is considered dangerous for you the driver, a callback is issued and those carmaker are responsible to repair your car, even if the warranty is void. MS as reach that same status and must be held responsible for the lack of architecture of their systems. Security holes are their because people at M$ made mistakes. M$ now must assume them: they should pay the price like any other multinationals.
I see your point. And you’re right. In fact, the comparison is inaccurate. Because you are effectively responsible for your own security, so if a thief breaks in your house, which has not been secured, you can’t sue the proprietor (he has no obligation and you have agreed to rent the house, as is), but if the house explodes because of bad plumbing, you are entitled to sue the landlord (he is responsible for concealed flaws, even if he is not aware).
Interesting case. I wonder who is going to be held responsible.
Now I can say that I would accept the complaint, and that I am glad not to be the judge.
Quote:
“M$ development will slow down, and that’s a good thing. Since they have a monopoly, they get new version out too often for large enterprise to have enough time to handle, and thus, cost millions of money to upgrade every 2-3 years, witch is unacceptable. The rest of the industry will inovate without fear of being purchased of copied. So it’s a good thing. ”
You make a good point about Microsoft. However, the same argument applies to the rest of the industry. Concerns about liability will slow down all development, commercial, open source, or free.
To take a specific example: gcc 3.3.1 was released in August; gcc 3.2.3 was released in May and by now is closed. Guess which compiler I am using to compile my (Gentoo) system? Correct, 3.2.3. Why? Correct, because 3.3.1 produces bad code once in a too-frequent while. So if the gcc people worried about liability, they would be testing and retesting gcc 3.3.1, and would release it sometime next year.
BUT try making a 3.2.3 cross-compiler for an ATmega16 AVR (an embedded processor). At least for me, it didn’t work, so I have to use the less-stable 3.3.1 as a cross-compiler. If there was no 3.3.1, I would be out of luck because 3.2.3 just doesn’t have all the features I need.
My point is: today, developers sarcrifice stability for features, and it’s often a good thing.
Quote:
“Small vendor almost allways produce more quality code and check more with their customers than M$ does.” […]
Maybe. But Microsoft can afford to prove (if it gets sued again in the future) that it made an honest effort to look for bugs by keeping an audit trail or doing regression analysis or whatever. It is harder for small companies to afford the expensive audits.
Quote:
‘“If you don’t pay $$$ for a degree, and don’t pass an official exam, and don’t work for a licensed corporation, you just might lose the right to release software to the public. “
What are you talking about? Open source has nothing to worry since people that use that kind of software do it by choice, not because they have to upgrade because they’re not supported? I think it will even boost OSS as they already produce quality software over quantity. ‘
If (for example) California passes a regulation that (for example) state schools must use software produced by (for example) software engineers or corporations licensed in the State of California, most open-source projects would not be able to compete.
> and that I am glad not to be the judge.
I am also because i think i would not be objective in this
Can someone explain why is is Tort Reform and not Court Reform? I always assumed it was a Typo when I saw that before, but everyone seems to use it.
Or maybe its Torte Reform, I’m all in favour of better cakes.
=;-)
They shouldn’t be forced to guarantee the quality of their products.
Then it’s a good thing that they do so voluntarily.
http://www.microsoft.com/windowsxp/evaluation/default.asp
GG
Will:
This is not the case of some unknown error slipping up in a release version of software. This is a case of negligence on MS side – credible security researchers have notified MS that some of their design decision might cause security problems, then security problems exploiting those design errors surface and never really stop appearing as new problems in implementation of a broken concept are found. Futhermore, patches are often ineffective and mask the problem instead of fixing it. It may be understandable that not every bug can be found, but if a sequence of events like this happens, I think the company should be considered guilty of gross negiligence.
Why do people keep repeating this tired old nonsense? Do they even know what a monopoly is? A company has a monopoly when it has the *only* available product or service in a market segment – when there are no alternatives. A company can have 100% marketshare and yet still not be a monopoly. “90% marketshare” does not mean “monopoly”. It just means that MS are better able to meet the needs of their customers than the competitors – but those competitors are still there and are still alternatives, and therefore, MS has no monpoly hold.
Monopolies in general are only really a difficulty when they are legally enforced monopolies. Britain used to have this problem with the steel industry, the phone industry, and so on, because they were nationalised and so consumers had to put up with unbelievably shitty service with no legal competitors around. Now there is British Telecom, which must have 90% of the marketshare, and yet is *far* better than the old state monopoly, being cheaper, faster, and so on. No more waiting for a month for the Post office to enable your phone, thank God.
This singular fact – that MS is not a monopoly – is the reason that they keep trying to improve their products. Admittedly, their improvements may not please the geeks on this site, but those improvements, over time, are not aimed at the people who frequent this site. Their improvements are designed to serve the needs of the *customer*, they are not designed to be purely technical decisions – as many here would doubtless wish them to be. It is this positioning of their products and their ability to serve the needs of those customers that has built up MS’s success over the years, and of course, their marketshare. People buy MS because they want to and because they percieve MS as providing the best solution for their particular needs. In a monopoly, they would buy MS because they *have* to, because there is no alternative, but for MS, this is not the case.
Another, related reason that MS is not a monopoly is that it has a massive installed base to compete with. Every time MS releases a product, it has to be better (as far as the consumers are concerned) than the previous, otherwise it will not sell. Every product that MS has competes with all the products that have went before.
All told, this “MS is a monopoly” talk is the utmost drivel and balderdash and anybody peddling it should feel ashamed of being either a fool or a demagogue.
Thank you.
“Remember, the lawyers are contesting that because Microsoft is a monopoly, they need to be held to these high standards, and that an EULA is something they shouldn’t be able to hide behind.”
This is purely arbitrary. Who get to decide which standards are the held responsible ? At which level ? Can I sue them if my Hard drive crash and loose data, even tho it’s not Microsoft responsibility ? Because hey ! They have a monopoly !
“The fact is, they are acting like they are a monopoly by not fixing their products, and selling products they know are insecure.”
Well, cars are insecure too. Constructor put some stuff to reduce the risks (belt, etc), but they can’t give you a perfectly safe car. Nor can *ANY* OS developer can give you a perfectly hacker-safe OS.
“When you buy a car, and that car blows up because of a faulty part, is the company that built the car liable? Or is it your fault? I mean, EVERYONE is a car expert and knows which cars are not good. ”
Your example just make not sense at all. You talk about a car burning itself, that we can compare to Windows, for example, crashing itself for no reasons.
Here we are talking about a THIRD PARTY THIEF that come unexpectedly to your car, and stole your credit card inside.
That’s exactly what happened, with her Windows. So do you tell me that the car vendor is responsible for her stolen credit card inside the car, as much a Microsoft is responsible for her data stolen by an outsider hacker ?
“People seem to forget that Microsoft IS a monopoly.”
Yes Microsoft is a Monoply. But people like you seems to forget they have to be sued for REAL reasons of illegal activities, and NOT for that crappy reason that set a dangerous precedence for EVERYONE.
I am not sure how to view this case. I do come from a time before law suits. I have often felt that too many sue for too little reason. But then again…
Microsoft offers closed software – they in effect say only Microsoft can fix this. Then if they know of a flaw or weakness in the security and do not fix it quickly they are in fact responsible for no other reason than they have barred everyone else from fixing it. This would be like GM or Ford making a car and refusing to sell the parts or service manuals so that others could fix problems. Then add in an unwillingness to make the repairs themselves. Ah, now you see the problems with closed code. So Microsoft has pulled this down on their own head. They have take full 100% responsibility for how MS products work. With 100% responsibility comes 100% liability. With Open source everyone can access the code and everyone in theory can fix it. But even more important is that no one is 100% responsible for the code or its structure. This greatly reduces the probability that someone will be liable enough for code to make suing worth while. It may well be this liability problem that brings about the end of closed proprietary software.
“The comparison is nice but you cannot compare a thief breaking into a house with buggy and not correctly working software from Microsoft on wich the user cannot change the working of it (say: locks). ”
Uh ? Never heard of firewall ? anti-virus ? Yes, Windows CAN be changed to make it more secure (like say: locks on a house).
“Do you know everything about your car or do you trust that GM, Ford, Honda or everyother carmaker had carfully checked everything for you (beside normal maintenance)? When something is considered dangerous for you the driver, a callback is issued and those carmaker are responsible to repair your car, even if the warranty is void.”
Sooo wrong it’s frightening. Is my car from Honda can be used as normal in safe manner ? YES. Is my Windows from Microsoft can be used as normal in a safe manner ? YES.
Now, is stuff in my car can be stolen ? YES. is stuff in my OS can be stolen ? YES.
Is that so hard to understand for some people on this forum, or you guys so blinded by your hate that you just became fanatics without real logical foundation ?
Benedict, you bring a very interesting point. Many people points at Microsoft as being a monopoly, and at the same time advocating that Linux/OSX is better suited than Windows for most task.
Totally contradictory.
Either you qualify Microsoft as monopoly AND admit that Linux/OSX/etc aren’t viable alternative because of Windows crushing superiority, or you continue pushing Linux as better than Windows but then stop repeating MS is a monopoly.
I’ve seen up to 53 posts so far and as I posted around # 20 or so everyone is giving out all the blame to everyone else except…..THE THEIF WHO STOLE THE IDENTY!!! Yes we need to make software more secure. Yes we need to all be careful and educate ourselves about “driving” the internet the same way we educate ouselves on driving a car. But this whole case in my opinion is nothing but a big agenda machine for some to make money, some companies to crush other companies, to control software maybe, maybe to trash the GPL, or even to license all software writers…….but NEVER to eleminate the theives!
How about this. You get caught with someone else’s identity, you recieve the death penalty carried out immediately upon sentensing. That’ll put a real quick stop to 90% of it.
Too long have software companies hiden behind licenses which totally absolve them from the consequences of their products. With Microsoft being a monopoly on the OEM PC market (yes Benedict, they are a monopoly in the regard of a person walking off the street into a PC store wanting to buy a PC they then have only 1 choice of OS in 99% of the PC stores) they have to be held responsible for their OS.
They also have to be more active in educating the average PC user in the concept of PC maintenance and software updating. The average user expects a PC to be like a toaster in as far as you buy it and you use it but it isn’t it is more like a car where maintenace has to be provided on a regular basis. There is a lack of this knowledge being passed on by the powers that be in the computing industry and people like us who do know haw to deal with PC’s would represent if lucky 5% of the PC users out there.
Companies like Microsoft have to have some consumer recourse on the products and quality of them they produce. No more should they (if they choose to hide their underpinnings) be allowed to hide behind licenses and accept absolutely no responsibility.
Unfortunately Judge Jackson disagrees with you! He ruled that MS was guilty of using and continuing to use monopolistic practices in the marketplace. The appeals courts NEVER, EVER overturned THAT decision, just the punishment. While they may not have 100%, [even standard oil only had like high 90’s too] they are still big enough for the LAW to consider them a threat to the marketplace.
This is Great for consumers because this is something as a concequence of the court case. It could be argued [heck, we all know it to be more or less true] that MS on many occasions sacerficed stability and security for features to keep up its monopoly. Well, now their a monopoly, and this allows the beginings of regulation on it’s industry. These are many of the same issues that we had when cars became dominate on the roads too..
Unfortunately, this means software may soon become like other engineering or professional crafts and start requiring licensing to practice. That’s both good and bad. After all, most commercial products and structures in the world require certified engineers to sign off on design and structural integrity. Houses, medical care, food, cars, boats, medicine, trailers, skyscrapers, advertizing, accounting, medical devices, radios, child care, tvs, etc all have many requirements by law because when they were new, just like computers, many people abused the systems and tried to cheat, steal, misrepresent products. Computing is just going through the changes much faster, and we notice it more because we’re big fans of them. I don’t wish to see mandatory licensing happen…but if it was to, I’d be first in line to sign up for what ever they wanted to stay in business!
In the future, Windows can only be installed by a certified MCP/MCSE and require to have monthly visits from them for security patches installation/check up. 1st year will be free but afterwards you have to pay.
If you do not want to pay for these “warranty” service, you can
1. Go get certified by MS
2. Use alternative OS
mmmm………
MS always markets ‘ease of use’ and ‘freedom’ and pretends that problems don’t exist.
In Australia there is a legal term ‘of merchantable quality’ which means a product is of sufficient quality for its intended use. That means a cheap T shirt won’t fall apart the first time you wear it or a car won’t constantly break down.
EULAs work because most politicians are technically illiterate. They can understand that a car needs to be reliable and safe. They don’t understand that software needs to be reliable too.
MS markets its products as simple and totally reliable. I have never seen an MS advertisement warning of the dangers of malware.
Perhaps Ralph Nader should start a software campaign “Unsafe at any MHz”.
This applies to most other makers not just MS.
I see more and more people arumenting their position by using analogies. While this is effective, it is what I call the cheap and easy way to pass ones ideas.
Come on guys, you’re all pretty educated, why not use some “Real” arguments to enforce your positions?
Analogies are not always so focused on the discussion. It’s always easy to include some “Sophiste” sentences in their (those who took some Philosophy lessons will understand).
Let’s stop saying: “well if windows was a car/building/anything then why wouldn’t I etc…”
Cheers,
Olivier
No, not good enough. Apart from the fact that consumers can walk into many stores and buy Apple Macs, can buy linux in many a bookshop and PC store, and even off-the-shelf linux PCs in the likes of Walmart for goodness’ sake, there’s the singular fact that the channel through which they get the products doesn’t matter, all that matters is that alternatives are available. So MS is not a monopoly. End of story here, people! As “The Pessimist” rightly and wisely says, you can’t keep pushing your alternative OSs as superior and capable alternatives then claim MS is a monopoly. You can’t have your cake and eat it too, you have to make a choice here.
Secondly, I detect a lot of rather horrible semi-fascist sentiments here. What’s all this “MS must do this, MS must do that”? What the hell gives you or anybody else the right to force and threaten a free entity into following your will? MS is beholden to people through the actions and preferences of a vigourous free market. It HAS to serve the needs of its customers, or it will perish. At the moment, and for the last twenty years, it has done that very successfully – more successfully than anybody else in the computing industry. Of course, one size doesn’t fit all by any means, and so many people choose other operating systems and products. Nobody is forcing anybody to use MS products, so why do you want to force MS to do all this nonsense??
If you don’t like MS, then exercise your freedoms and do not purchase its products. Do not try to take away the freedoms of others by introducing transgressive force to have MS do what you want, while touting “freedom” and “monopoly” and other tissues of lies as your justification. Exercise your preferences freely through the marketplace, just like everybody else does every day. This is, ultimately, how MS is held responsible already, every single day.
Has anyone noticed that when an article about EULA’s appears, someone always asks, “Does MS include an ‘as is’ clause? If so, you’re stuck.” Well, yes, every EULA says that…that is the basic use of a EULA.
This goes to show how few people have EVER read a single EULA.
Here are a couple of other goodies in almost any EULA:
The company claims to have the right to revoke your license at any time for any reason. Now with auto updates and activation, anything XP can be remotely turned off with no refund. Some pirate uses a key generator and happens to hit on your serial number, then spreads it all over the planet? Too bad, your software is gone, buy another copy of Office XP please…
How about my favorite: The software does not even have to do what it claims to do!
According to most EULA’s, if you went by the letter, you could market a software that prints reports, but actually just plays a .WAV file of the CEO laughing at you. That is an extreme example, but if EULA’s are really legal, the company would be safe from fraud charges.
Yes, I think companies should be held liable for their software, just like every other industry is responsible for their product.
Free software such as Linux or OpenBeos however, should be exempt. I figure you are on your own and get what you paid for, as if grandma gives you a handmade sweater.
Compiling your own is like building your own boat, it is your problem to deal with if it is full of holes. (No one to bail you out so to speak)
Now if you pay for SuSE Linux, then SuSE should have the same responsibility as General Electric, Kawasaki or Ford for the customer.
That is the risk of doing business.
Mutiny
What “choice” do I have if I want to share documents with others in a professional business context (consulting for example). Can I choose to send clients Openoffice documents when they use Word? Stop being so naive.
I believe you can send them a word-document, made with OpenOffice. What was your point?
Unless MS is the ONLY solution for any market segment (desktop, middleware, server, whatever), then it isn’t a monopoly. That’s it, end of story, nothing more needs to be said.
Seeing as there are plenty of alternatives, whether OSs (linux, macintosh), office software (OpenOffice), or middleware platforms (Java), it really isn’t a monopoly, is it?
Even is OpenOffice did not exist and did not interoperate superbly well with MS Office documents, it still wouldn’t be a monopoly. Businesses, and people, if they *really wanted to*, could muddle by asking partners to use alternative formats. But even that isn’t the case, is it?
You can keep trying to redefine the term “monopoly” as much as you like, it doesn’t change the simple market fact that MS is not a monopoly by any stretch of the imagination.
“The more publicity this gets the more people will consider OSX, BeOS, Linux, GNU, BSD, etc”
Yeah, BeOS is so secure… BeOS had so many secure problems who such a little marketshare !!!!!! Stop this nosense. BeOS is good for some things, certainly not for security.
On the monopoly stuff : I do not know what it means legally, I have no legal knowledge, and I am not american, so it would be difficult to say something not stupid. The thing is : microsoft have a behaviour similar to the former firms which had the monopoly. Even without having the monopoly : to have everything on microsft products from the ground is the culture of this firm ( a bit like apple; heck, I was freacked out by apple fanatics when I went to the French Apple expo…), and it seems to me it is changing.
Linux IS a serious competitor for microsoft. It is either the only one since microsft had such a power. All the thing about security (yes, microsoft had and still has security problems, but they are improving so fast; see windows 2003, its be default configuration, etc… So much better than the previsous versions) are just because there is now a viable alternative to microsoft products in the field of small and middle servers.
As for office stuff : there will be an obligation for microsoft to open its “standarts” for office files. It is already a reason for big offices to change over MS Office… When hiding will mean more money loss than opening formats, MS will open it.
>but remember that the premise for the lawsuit is that MS
>is a monopoly
In the past few years, there should be a Linux distro appearing at least once on major mainstream PC magazines as their cover mounted DVD/CDs. By this time the consumer has ample time to choose an alternative OS.
PS; My personal system is dual booted with Red Hat Linux 9 and WinXP-SP1.
Lots of interesting posts here. I’ll bite on the trolls as far as monopoly goes. Monopoly is both a legal and economic concept. In both there is no requirement for 100% market share for a company to be defined as a monopoly. There is also nothing wrong with being a monopoly per se. That is not illegal. In some industries with high fixed costs and extensive infrastructure, monopolies are the only rational structure to have. Who needs or wants competing sewer companies?
The trouble is the tactics companies use to become monopolies, or remain monopolies. There are laws in most countries that govern what you can and can’t do. For example, the Phone company can’t start a bank and make everyone pay their phone bills only through that bank. That’s called tying. Companies also can’t use selective pricing to maintain a monopoly. Air Canada got in trouble last year for lowering prices only on routes where there was competition. That’s called predatory pricing.
There can be no debate about this. These are objective and verifiable facts. Likewise, Microsoft was found in US Federal court to be a monopoly. That finding was upheald on appeal. They were found guilty of using illegal means to uphold and extend that monopoly. That was also upheld on appeal. We can debate all we want about how right or wrong these laws or those findings. But let’s recognize the facts of the matter.
ummm. actually MS is a monoply. it’s economics 101. they have successfully used their position to further their monopoly. if they were not a monopoly they wouldn’t have been able to do that. that’s why they are called monopolistic practices. if you want to get an online account with many banks you can only use explorer. MS uses non-standard html and other things like DirectX and ASP that are not supported by other browsers because it is closed source. MS has, many times, invented their own propietary version of a perfectly good open protocols or standards. joliet extensions, html, java, ASP, and many others. if you want to interact in certain ways with these MS machines you must be using their product. if they were not a monoploy people would reject the changes and use operating systems with standard protocols unless MS really reinvented the wheel, which they did not. it is true that you could buy a mac but you don’t have a choice of operating system when you buy a PC. 99 percent of them come with windows because MS will not allow companies to sell other OSs on their PCs without paying more. if you’re joe nobody and you just want to play games and check your account balance online then you don’t really have a choice. there is a large segment of people out there that think windows is their computer. MS are not innovaters because they don’t have to be. they have not drastically upgaded windows, not once, since 3.1, or even before that. there is still 16 bit code in XP. they just make each release shinier and include more useless, bloated crap to fool consumers.
>engineering or professional crafts and start requiring
>licensing to practice.
Such as a setup is a near monopoly by their own right (in relation who can practise).
>Unfortunately, this means software may soon become like >other engineering or professional crafts and start >requiring licensing to practice
In Australian POV, most Bachelor Computing degrees in Australia have been certified by the ACS (Australian Computer Society).
Just as a side comment.
There is some evidence that the fire resistant cladding used to protect the steel structure of the Twim Towers was not being properly maintained. Because of the intense fire it’s unlikely this would have made a difference to the eventual outcome, but every extra minute would have given more people a chance to escape.
>actually MS is a monoply. it’s economics 101.
Actually, MS is in “monopolistic competition”(i.e. due high brand preference). MS’s desktop market is not strictly a true “monopoly” in an economic sense. The terms shouldn’t be mixed up with one another. A true “monopoly” has only 1 seller within a market. This is not the case when you have dozens of Linux and BSD distro sellers(includes MacOS X) in the market place.
>if you want to get an online account with many banks you >can only use explorer.
It’s the bank’s choice in that regard…
>MS uses non-standard html and other things like DirectX >and ASP that are not supported by other browsers because >it is closed source.
It’s their product. IF you don’t like it go to a product that has open standards.
>it is true that you could buy a mac but you don’t have a >choice of operating system when you buy a PC
Walmart PC, Lindows… does that ring any bell…
>MS are not innovaters because they don’t have to be.
Note that Apple(or any other Linux/GUN/XFree86 window managers e.g. KDE) just copied their GUI concepts from Xerox.
>they have not drastically upgaded windows, not once,
>since 3.1, or even before that.(SNIP)
I don’t recall NT Kernel running on 16bit X86 CPU(e.g. 80286 processor).
Recall the Pentium Pro’s issues with running 16bit OS(i.e. speed issues). At that time it’s recommended that one should run Windows NT (or any 32bit X86 OSfor that matter) since Pentium Pro(1st generation P6 family) has issues running with 16bit OS. That recommendation implies that Windows NT is a 32bit OS.
PS; Windows XP is just label for NT 5.1.
“But nevertheless, they did plan and build the buildings in case a plane did hit. They did this because of the shear height of the buildings, and that a plane might accidently hit one of the towers because of technical problems (that was the reasoning).
So yes, even though we wouldn’t think of it, architects and engineers do.”
Architects just draw pretty (or ugly) pictures so it’s the engineers that do.
“My copy of Quake III crashed on Red Hat Linux, I’m gonna sue ID Software and RedHat for defective software and emotional distress. ”
Having your game crash is significantly different to haveing your identity stolen. I know which I’d choose given a choice. Though I really don’t think MS is to blame
I don’t know if most people here are aware that a lot of computer HW is also constructed by means not so different from SW ie by use of HW description languages and then compiled or synthesized into a physical form ASIC or FPGA. These languages even look alot like C but with parallel constructs. Yet the HW industry has no EULA and does a far better job of creating robust HW that doesn’t easily fail. Well ASICs are pretty hard to change but FPGAs are not unlike PCs in that they can be upgraded over the wire or over the internet.
Luckily the features 1st mentality of MS is unheard of in the HW industry so modifying my cable modem is probably only doable by the HW vendor that built it.
Its called engineering, HW has to perform within specification often semi open public specs etc, which begs the question, when did you ever see a spec for SW that you just bought (oops I mean licensed). Perhaps its because there are N thousand HW vendors to choose from. perhaps if there was a MicroHard company with 97% of the HW market we might also see a HW EULA and a don’t call us if it breaks license. Luckily we don’t!
my 2 bits
(HW & SW EE)
The hustler in the musical “Music Man” is a better analogy for Microsoft’s behavior in the marketplace with respect to reliability and security.
Everyone wanted a marching band…It was the cool thing of the time. The Music Man provided all the instruments and music they would ever need…made big promises about how great the band would sound, an how proud of their children the parents would be [starting to sound way to familiar by now!]
We all know the guy can’t direct music, or instruct players. When a small boy questions him about playing his instrument the Music Man dodges by saying something that it’s the boys instrument and should practice real hard and “find” the music inside it. Anyway, it ends with the guy getting run out of town. He didn’t really do anything “wrong” [because he sold them properly working instruments after all] but he still gets in loads of trouble.
That’s about how Microsoft’s rise to fame has been. Really, it’s pretty close to that. They created a very popular program that everybody “needs” [We’ll save comparing MS to the “Needful Things” store for another exercise!] and were quick to sell to everyone they could. Well, now the public is at the point where the little boy asks this isn’t as great as we were promised, how to make sweet music, and MS has always said to “find it yourself” it’s only NOW that people are ACTUALLY hearing them say it!
Hardware has really nice testing tools and FPGA’s and ASIC’s demand that you use good modular design techniques so you get decent speed and size. PC memory and CPU time is cheap so people don’t care as much (shame).
Hardware does have Eula’s they just wouldn’t call them that. I can quite cleary remeber reading some specs sheets that had statements about situations where the hardware should not be used e.g mediacal applications. The staments were along the lines of don’t cry to us if you put this in a heart monitor (or whatever) and you kill someone but in more legaese.
Hardware can be hacked too just look at all the work people put into making linux run on things.
Home users wouldn’t read a specs sheet anyway let alone understand one. I’m not even sure what would be in a spec sheet for software?
“IE Specs Sheet
Downloads and displays HTML standard Blurgh
Multithreaded downloads so you can download more than one file at a time to decrease download times.
Warrning do not visit dogey sites as you may get hacked. Don’t come crying to us if you do cause we warned you.”
Lastly even hardware has bugs. Intel Procesors (At least the older ones) have many bugs. I just wish I could remember them or the site I read them at, I think it was realted to Dr Dobb’s Journal.
Wouldn’t it even the playing field if ALL complete oses were forced to liscense a compatability layer for other complete OSes for a per-computer price not exceeding 90% of the value of the minimum compatable OS OR release ALL necessary documentation and information for the OS to create the layer themselves?
A standard could be designed that defines a complete OS, encompassing useability, reliability, capability, maturity, etc.
These OSes would have to register, and would be reviewed by a certified group of certified OS experts.
It’d only apply for OSes residing on the same architecture, and if the OS opted to release information – they wouldn’t have to release it to the public.
*shrug* Could use some work and a lot of thought – but something like that would even the playing field and force an os to stand on it’s own two feet rather than a monopoly, and force competition to provide something better. It would also be fair to Microsoft (or any other proprietary os for that matter) – they don’t have to release anything if they want to write the layer themselves (which they could charge a reasonable amount for), and if they do release the necessary information they can lock it up with NDA’s.
*shrug* Just my thoughts in the wind. Don’t mind me. Something definately has to be done about Microsoft and it’s monopoly though. *shrug* This suit is something – but I’m not a big fan of lawsuits…
As for software vendors being held liable for shoddy products – Unless the software is explicitly labeled ‘Use at your own risk’, I think companies should be held liable GIVEN a security breach or bug in the program (user error is the user’s fault. You can’t shoot yourself in the foot and sue the gun company, you can’t go screwing up your system and expect someone else to take the fall. It’s high time people take responsibility for their actions… Consequences aren’t limited to the law. If you screw up, you have to deal with it.)
Anyway:) I’m a rambler. Pardon me;)
🙂 microsoft actually did NOT sell properly working instruments
I think software liability will come sooner or later in the future. That being said, the recent theft of Half Life 2 source code due to an Outlook vulnerabilities really caused a lot of problem to Valve. It is time for Microsoft to take initiative to design a more secure system – why? Because Microsoft serves over 90% of people out there – the security problem spreads over too easily due to this monoculture of OS environments – the company cannot say it has nothing to do with it because the scale of disruption will be made.
Windows 2000 was released in 2000 with lots of fanfare and hyping that it will be the “most secure Windows ever released”, EVEN BEFORE the software hit the shelves Microsoft had released a patch for a vulnerability on 27 February.
To make matter worse, they haven’t learnt a thing. The same thing happened again when Windows XP was released. Almost instantly a vulnerability was found.
Now, I am not saying that everything be secure, however as I stressed previous times, Microsoft as 40,000 employees and over $45billion dollars, you can’t tell me that Microsoft can’t afford to hire another 5000 programmers to do an end to end source code audit and stress test.
Having never programmed in C/C++ I can’t comment on the specifics, but I do know what is possible. There is nothing stopping Microsoft from writing a hack simulator which attempts hacks away at the various features/API’s etc of the operating system. When a hack is found, it is logged, what API call/feature/part which is vulnerable and what attack method was used.
Then the coders can have a look at the code and fix the problem. This is nothing revolutionary, just plain common sense.
Having never programmed in C/C++ I can’t comment on the specifics, but I do know what is possible. There is nothing stopping Microsoft from writing a hack simulator which attempts hacks away at the various features/API’s etc of the operating system. When a hack is found, it is logged, what API call/feature/part which is vulnerable and what attack method was used.
Haha, you obviously aren’t a programmer. That is not an easy task AT ALL. There are some products out there to do similar things, and Microsoft uses them, but it’s not as simple as just writing a program that checks code.
The solution is use managed code as often as possible, and with Longhorn they’re moving to a lot of C# managed code.
Why is it that when everyone gets into a good M$ bash session someone has to come along and start on the whole they’re not really a monopoly cause <insert econ 101 textbook reason>. Just watch, every time I guarantee it.
I can’t be bothered to read all the comments ( 80+ now ) and probable trolls, but when you *purchase* the right, or you lease software from MS, you, the end user, EXPECT to be able to depend on it. Nevermind all the clauses in the world. It means nothing to most people. This woman sounds like one of those people. People that just want to get stuff done. Microsoft trumpets Trustworthy Computing. Dependable, they call themselves. I get spam EVERY day cause of Windows specific shit from people and their damned outlook. FFS someone received a spam email last night, and what was it about? it was an advert for an application that caches exchange data or something like that, and syncs later. why? cause exchange server crashes so often it seems.
they made a product that exploits instability of another product!
Linux/OSS comes free. You don’t pay for anything. It is like someone giving you a gift, and saying “Hope the camera works, buddy. I think it will, though.” You can’t sue someone cause he said he thought that the gift was going to work.
First, we expect you to read every one of the 80+ posts here! This isn’t /. we have higher standards! If you can’t show a little effort….
anyway.. See, you prove the point that MS isn’t a monopoly [Devil’s Advocate!] After all, there is still a need for ISVs to improve and expand upon windows [but not embracing or extending windows that’s bad:P ] this means that MS is stimulating the software economy!
OK what ever…But you’re right! Why should we have to buy a Norton System Utility, Anti-Virus, spam filter, pop-up blocker, and all the droves of other “utilities” simply to get windows to a “usable” & “reliable” state. That’s the first thing that the vaunted MSCEs recommend is to purchase $200-$300 EXTRA of utilities to get your $200 copy [OEM] of WinXP working properly….That’s nuts. It’s time someone called them on it!
If builders built buildings the way programmers wrote programs,
then the first woodpecker to come along would destroy civilization.
>I think software liability will come sooner or later in >the future. That being said, the recent theft of Half >Life 2 source code due to an Outlook vulnerabilities >really caused a lot of problem to Valve. It is time for >Microsoft to take initiative to design a more secure >system – why? Because Microsoft serves over 90% of people >out there – the security problem spreads over too easily >due to this monoculture of OS environments – the company >cannot say it has nothing to do with it because the scale >of disruption will be made.
Such a security hole is not limited to MS Windows operating systems.
Refer to
http://securityresponse.symantec.com/avcenter/venc/data/trojan.linu…
What “choice” do I have if I want to share documents with others in a professional business context (consulting for example). Can I choose to send clients Openoffice documents when they use Word? Stop being so naive.
If they won’t accept them you’ll have to deal with it. Thats the cost of doing business with someone.
I knew a consultant who was like this. He wouldn’t accept word or powerpoint files. He lost a lot of business. What a moron.
Windows users are virus carriers, and linux people(and their cousins) are old fashioned vermin.
It’s like leprosy vs the bubonic plague..
Don’t get me started about Apple.
iJustShitted
IMHO that would be the BEST thing that could happen to software industry. The common rythms that “…there is no perfect software…”, “…every program has bugs…” are just covers for ineptitude. If you cannot guarantee the quality of your program – don’t write (or, actually, don’t sell or distribute).
We are awash in bug-ridden soft just because bugs are considered normal by programmers.
Benedict…. You give an example of BT offering excellent service. I do not understand that statement. BT had until recently a monopoly on telecommunications products in the UK. I know this, because I work for them.
In the past few years, there have been a lot companies making inroads into BTs pie. BT had to respond by lowering the cost of calls. Other companies started to offer free call packages. BT responded with their own free calls packages.
BT kicked and screamed to OFTEL (the telecoms regulator) that it had to maintain the local loop. OFTEL overruled this and BT was forced to sell off lines from the local loop.
Now you can have your lines and calls from people such as Argos and Tesco.
Why is this ?
Why would people want to move from BT if they offered such excellent service ?
The main reason was that people felt unhappy and dissolusioned by BT. They were slow. Slow to drop prices when they did not have to. Slow to impliment new technology. Slow to adopt to change.
BT still have not got the whole of the UK covered by ADSL, but they harp on in adverts about “BROADBAND INTERNET”
ADSL is old slow technology, why have BT not adopted DSL ?
The same reasons BT is mistrusted is exactly why people distrust Microsoft. They misuse their power. Simple as that.
Lastly, do not beleive all the BT adverts about people coming back to BT. They are simply untrue.
We are awash in bug-ridden soft just because bugs are considered normal by programmers.
Are you playing Devil’s Advocate or Trolling?!?!?!? Bugs are not considered normal by programmers!
Bugs are a direct result of companies cutting corners. We get this a lot: due to the high profile of this project and the rapidly approaching promised delivery date and the lack of resources, we have skipped the feasibility study and gathering of requirements, and there will be minimal system and integration testing, and there will be no user acceptance testing or quality assurance testing. BTW, you will have to download your own development tools since we don’t see the value in providing them for you.
Any developer will recognize the above scenario.
Are you playing Devil’s Advocate or Trolling?!?!?!? Bugs are not considered normal by programmers!
Bugs are a direct result of companies cutting corners. We get this a lot: due to the high profile of this project and the rapidly approaching promised delivery date and the lack of resources, we have skipped the feasibility study and gathering of requirements, and there will be minimal system and integration testing, and there will be no user acceptance testing or quality assurance testing. BTW, you will have to download your own development tools since we don’t see the value in providing them for you.
Any developer will recognize the above scenario.
I’ve seen in happen. The project is running a behind schedule because the PHB assumed the the whole project would be a walk in the park, the head programmer says he requires more time to test the software and iron out any bugs.
Instead of the PHB listening to the qualified person in the room, in their continuously expanding wisdom they demand that the programmers work miracles overnight, remove all bugs and make sure that the product is ready on time.
If there IS punishment, I would like to see a “programmer whistler blowers” protection so that programmers who are forced to sign off on code, OR programmers who bring up security, stability and reliability issues and are ignored, they should be able to disclose their concerns that the management in those companies PUNISHED.
Is not just market share. In the strictest economics sense, it is the behaviour of quantity sold with respect to price. Microsoft could raise the prices of Windows tomorrow by 30%, and sell the same number of systems, well, to the OEMS at least. Microsoft actually signed exclusive deals with the OEMs. They are not allowed to load anything else besides MS software. The only exception would be IBM who load Lotus, but that is because they own it. These contracts are ‘trade secrets’ and therefore cannot be used against them in a court of law.
When you have a situation where the only seller in the market can reduce or increase the price of a good and have it nt affect the quantity sold, you have a monopoly.
Monopolistic competition is the ‘normal’ competition you have. So markets like the car market and all are real monopolistic competitions. The software industry cannot be called a monopolistic competition, at least OS wise. It is certainly ‘worse’ than an oligopoly, which is where you have very few firms dominating the market. In the sense that many people now only make products which work on Windows, (Most DirectX games, and a few OpenGL ones), We have a true monopoly indeed.
Right on brother!
What people forget is that software is a group effort. Here are common areas of responsbility (simplified):
Project Manager
resource management (right people and tools)
project management (time & co-ordination)
Business Analyst
gathers requirements for project
studies feasibility of project
system test plans & results
Systems Analyst
designs architecture of system
choses technology to be employed
business requirements -> system requirements
Quality Assurance
performs quality assurance testing
monitors quality assurance activities
for example, requirement reviews, design reviews,
code reviews, and test plan reviews
Programmer
system requirements -> code
unit test plans & results
integration test plans & results
You can see that the programmer’s application is only as good as the requirements that are given to him, the time and materials provided to him, the testing and reviews that he is allowed to perform. In other words: garbage in + garbage processing = garbage out.
BTW, my company did a project with Seibel. They had no interest in gathering the requirements for the project, and they didn’t want to spend any time doing system or acceptance testing. We forced them to perform system testing anyway – they spent a 4 months fixing defects from a list that never went below 100 “show stopping” bugs.
“MS, though, is a monopoly that faces no regulation and no competition.”
Well, you should be happy to hear this actually isn’t true. While MS is a monopoly, the free market has brought us these: Mac OS X, all kinds of Linux distributions, Sun JDS, StarOffice/OpenOffice.org.
Microsoft’s days _are_ numbered. I’m pretty sure they know it, too (DRM is sort of their last hurrah before becoming obselete).
Let us also remember that 99.99999% of the time, the management have no clue about information technology. Balmer, for example, I’d be surprised if he could turn a computer on. Alchlin, can this person come up with any more bullcrap with in a small space of time.
Achlin is the half-witt who declares at each Windows release that “this is the most secure version of Windows”. This half-witt just “doesn’t get it”(tm), people want stability, reliability and security.
Most people are quite happy of a few applications break as so long as they see a visable improvement for that small inconvience and that the third party vendor takes the time to release a patch to bring it up to date.
What Microsoft need to do NOW is perform a slash ‘n burn. Remove *ANY* security risk API calls that could cause problems. If a few applications break, who cares, it is up to the third party vendor to follow Microsoft not Microsoft to maintain compatibility with the third party vendor. If the third party vendor fails to update, the consumer will blame them and move to another solution. Simple as that.
Bugs are a direct result of companies cutting corners.
I’ve seen the opposite situation as well. The biz types want second best tomorrow. Not the cutting edge, just a competitive set of features in a stable, clean package. The developers couldn’t bring themselves to compromise on elegant technologies. But they couldn’t make those technologies work.
In most cases it takes two to tango. The biz types have unreasonable expectations, and the developers unrealistic goals. Don’t fall for the “we weren’t allowed to do it right” rationalization. Good software is a team effort. Not because it sounds nice, but because there are so many complex elements that go into a successful application. The days of guys like Bill Joy creating vi all on their own are over.
Also remember that bad news travels farther than good news. You don’t hear about how well successful projects go. They are not interesting. Bad projects are interesting. That’s human nature.
“MS, though, is a monopoly that faces no regulation and no competition.”
Well, you should be happy to hear this actually isn’t true. While MS is a monopoly, the free market has brought us these: Mac OS X, all kinds of Linux distributions, Sun JDS, StarOffice/OpenOffice.org.
Microsoft’s days _are_ numbered. I’m pretty sure they know it, too (DRM is sort of their last hurrah before becoming obselete).
Let us also remember that SUN still has a long list clients and the number of users who are going to switch to Linux for their work desktop, and later on their home desktop, well, the customer base will be there and companies will no longer need to use the pathetic excuse, “oh, there isn’t the market for proprietary Linux applications”.
“In the future, Windows can only be installed by a certified MCP/MCSE and require to have monthly visits from them for security patches installation/check up. 1st year will be free but afterwards you have to pay”
Now that is funny. The next question comes to mind though…who is going to teach the people with the MCP/MCSE how to install the OS? Sorry, but my experience has been that lowly me without the credentials usually has to teach the new guy with the MCSE how to install and maintain MS Products, since they have never really done it before, just read a book and took a test. Heck, if I had the money I would get an MCSE myself.
This is NOT a troll…maybe I have just met some bad MCSE’s.