Slashdot Mirror
Microsoft Code at Fault for Half of all Windows Crashes
Flamester writes "In a ZDNet Australia story, Microsoft is claiming that half of all MS Windows crashes are the fault of third party code, not their own. That is, according to Dr. Watson.
The article also goes into the 'rigor in which MS tests their products before release'. "
Microsoft has laid the blame for half of all Windows crashes on third-party code.
Scott Charney, chief security strategist at Microsoft, told developers at the TechEd 2003 conference in Brisbane, that information collected by Dr Watson, the company's reporting tool, revealed that "half of all crashes in Windows are caused not by Microsoft code, but third-party code".
Charney's comments come as the company highlights the rigour with which it tests its own products before release. Microsoft emphasised that products such as Yukon and Exchange Server were undergoing thorough testing -- both internally and via independent third parties -- prior to their release to the market.
The company is employing root cause analysis and event sequence analysis procedures to scrub out the creation of sloppy code. The result is that individual developers have a high degree of accountability for the code they produce, while the systems and processes associated with code development are rigorously monitored.
Root cause analysis enables the company to check closely the work of individual developers. "If a developer has written vulnerable code, then we look at what else that developer has written and check it," Charney said
Event sequence analysis takes this further, analysing the reasons why the vulnerable code was written. Charney said it was not necessarily so they can sack whoever is writing vulnerable code, but find out the reasons why and how Microsoft improve their staff with training or more efficient processes.
As Charney made his remarks, Charles Sturt University announced they would be offering a Master of Information Systems Security degree including MCSE:Security industry certification.
Charney's also reinforced Microsoft's message to developers and network administrators that they needed to build secure applications and networks "from the ground up".
The chief security strategist's remarks have come at an unfortunate time, as mainstream and niche media outlets produce heavy coverage of the impact of the MSBlast worm, which has infiltrated corporate and enterprise networks worldwide.
sPh
Actually OS crashes do get sent. When you boot up, xp will recognize that it had just crashed and will offer to send the info.
I suspect that they are referring to drivers and other kernel-space code. The standard Microsoft weenie excuse for instability in the past has been "it's the drivers!", blaming the video drivers is a favourite.
Remember that Microsoft don't write most Windows drivers, they don't have to because their market share is so great, any hardware manufacturer who doesn't supply Windows drivers is not competitive.
I believe this is the reason why Microsoft introduced their "Microsoft signed drivers" that are supposed to guarantee Microsoft-level stability (!).
However, I have to laugh at Microsoft when they claim 50% of crashes aren't their fault. It's like an advert for a diet pill saying "Doesn't cause death in over 90% of people!".
"Microsoft emphasised that products such as Yukon and Exchange Server were undergoing thorough testing -- both internally and via independent third parties -- prior to their release to the market."
;)
Hey, they're TESTING! Wow, they really are taking this trustworthy computing thing seriously.
Probably just a flippant remark, but they actual do test all of their applications and OSes, and they have (you know, all those internal and public beta TESTS and such).
But maybe this time they'll fix the bugs, instead
of just making note of them.
Regardless, if a driver is running in the same memory space as the subsystem, a driver crash is going to take it out. It doesn't matter what ring the code is in. Again, back in NT 3.51 days graphics drivers were kept in seperate memory spaces, in ring3, but that was dropped due to piss poor performance.
The GDI subsystem (several layers away from any graphics drivers) currently sprawls Ring0 and Ring3.
... your posting. When a 3rd party driver crashes, it probably will take down the system as well, since it runs in ring 0, and can walk over kernel resources (and probably did).
When Windows gets read-only mempages (IIRC win2k3 has them) for kernel processes, this will be ended, until then: the 3rd party drivers are mostly at fault.
Never underestimate the relief of true separation of Religion and State.
- all of Canada
- the IEEE statement on the title of engineer
Microsoft is not recognised by the (in the USA) Accreditation Board of Engineering and Technology (ABET), and don't have the ability to grant a BSc., which is a prerequisite for using the term or title Engineer in most states.Guess you've been caught talking out of your ass again (but that's what ACs do)
Yup.
I've done an embedded system with QNX, and it is quite the nice RTOS.
Under QNX, the devices hang out in the device manager, which is not in the kernel space, and the drivers are handled by the process manager, also not in the kernel. Since the kernel exists just to pass messages, essentially, it is uncrashable.
*everything* is Orwellian to cats.
Yup, I have to agree with that. It depends on what you are using it for. For the average desktop use, XP is a big improvement over win9x. However, I get a lot of crashes from XP especially with Outlook when I am doing some heavy compiling and do some heavy dev work. 6 months ago I switched to using Linux to develop with at work (without anyones knowledge) and things have been great. This is at a fortune 500 company. Some people caught wind of it and now a few other developers and most of the Oracle DBA's are asking and showing interest. I have been MS free on my home network for 3 years or so and it has been great. Being able to be almost MS free on my workstations at work has been icing on the cake. Oh, one other thing I don't think anyone has seemed to notice is that is doesn't matter whether those 50% of crashes are from drivers OR apps. The thing that sticks out to me is MS is admitting to 50% of all crashes is because of their product. They are just saying it in a marketing friendly way to try to push the blame to driver developers.
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
I can't speak for Candada, but I believe Texas is the only place that "Engineer" can't be used, because people with certifications don't take/pass some sort of official engineering exam. Sturt Univeristy can get away with it because they're not in Texas, and can't feel the wrath of a Texas court -- wheras MS can.
And Watson can and does report back to "the mothership" for driver crashes, when the user allows it.
The "Texas Engineering Practice Act" has a whole page of exceptions, but they call them "exemptions".
Lets see if we can find the relevant parts:
Well, that would seem to apply quite nicely not only to train engineers, but also software and systems engineers.
Si vis pacem, para bellum
The only thing more annoying than a Libertarian is an (un|mis)informed Libertarian
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I've been reading the replies to this thread, and I'm a little bit confused. The licensing of engineers has been a hotly-debated practice for...well, for as long as engineers have been licensed.
Whether in favour of or opposed to licensing, I don't see how it could qualify as a Ponzi scheme. It may or may not be a worthwhile practice, but it's quite a stretch to describe it as a pyramid scheme.
~Idarubicin
ATI has gotten their act together - it seems the drivers for their "good" cards, i.e. 8500, 9700 actually work, however their support for their older cards is terrible and I don't see that changing in future. ATI just doesn't think supporting older cards is a priority, and it shows clearly. I think the same with their lower end consumer cards, the 7500, etc. The drivers aren't that bad, but from what I've heard the 9700, etc are solid.
;)
Of course, the all-in-wonder pro I have is old (1998?) - so I can see why they want to kill it off, but dragging your customers kicking and screaming to a new product isn't very good for customer relations - and ATI knows this now. Nvidia and other companies made them wake up.
Unfortunately they do have only 1 real competitor for the retail box market, so they aren't that concerned, but competition does help. Not that they will ever fix the drivers for the AIW Pro and their older cards, the PR damage has already been done, and the cards replaced.
Their support is, of course, useless, just because they have to deal with so many buggy - and often weekly - releases. There just isn't time for them to find the problems. No point to call / ask for support because it will not be helpful. Of course venting is fun, but hey. Besides, half the games out there don't work properly and cause issues by themselves.
Every once in a while, they get it mostly right, but it is a crapshoot. I've had drivers for my 7500 that would refuse to let me log on to 2k, but also the current version which works in both xp and 2k3 without any problems - i.e. I've had 0 bsod under 2k3 w/ my box with the 7500 in it since rc2 came out. A couple with "recording", or trying to with the AIW Pro - although that was expected. (the release for the 7500 is 6.14.1.6307 2/28/2003 if it helps anybody).
As far as I can tell, 2k3 IS stable. I've abused my system - knocking out ide cables while the system is running, "hot pulled" pci cards, etc. Basically anything that would not cause the computer to reboot due to a short would keep the system up. My processer fan came out for a couple minutes, I saw it running at 95C and dove for the power switch, but 2k3 stayed up. Granted, it isn't that hot, but still.
If I still lived in Ontario, I'd probably drive by at 120kph and throw a used tire rotor at their front door, it might cure an ulcer or two
1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcf
Why do you think I have that sig? It's because everybody screws up occasionally. But since you don't want to play nice...(and you misspelled "wrong")
Your indentation is extremely misleading. Subsubsection (3) only applies if the requirements of subsection (a) are met.
Since the requirements of 20(a) must be met first, let's take a look at it by itself:
Wow, your options are:
The only way to ensure option 1 is to make sure nobody in the company calls you an engineer, so they won't slip up when talking to people outside the company. This is no different than not calling yourself an engineer at all.
Option 2 is worse than calling yourself something other than a software engineer, and a lot less reliable.
Now, you might say that software engineering doesn't fall under the "practice of engineering" bit.
*ahem*
But then again, I could be wrong.