Slashdot Mirror
Microsoft Code at Fault for Half of all Windows Crashes
Flamester writes "In a ZDNet Australia story, Microsoft is claiming that half of all MS Windows crashes are the fault of third party code, not their own. That is, according to Dr. Watson.
The article also goes into the 'rigor in which MS tests their products before release'. "
So they're saying that a poorly designed application can take down the entire operating system? The OS should be resilient enough to handle application crashes and keep on running, who cares who causes the crash? It's the OS's responsibility to handle it.
Also I would like to see where they got these numbers? If they are using the new 'feature' that notifies microsoft of application crashes then I'd be skeptical... If the OS crashes then the notices won't be sent to Microsoft.
Also, it is likely that MORE than half of the applications run on a Windows box are non-microsoft applications, that would mean that statistically MS apps crash more often than third party apps.
Visualize the world of wine
Microsoft emphasised that products such as Yukon and Exchange Server were undergoing thorough testing -- both internally and via independent third parties -- prior to their release to the market.
Hey, they're TESTING! Wow, they really are taking this trustworthy computing thing seriously. Mr. Chase may have said a similar thing if he hadn't been comped, as reported in the diclaimer at the bottom of the article:
Brendon Chase travelled to Tech Ed as a guest of Microsoft.
Hardhitting journalism.
I'm much funnier now that I'm a subscriber.
Memory protection is a good thing.
Microsoft has laid the blame for half of all Windows crashes on third-party code.
Scott Charney, chief security strategist at Microsoft, told developers at the TechEd 2003 conference in Brisbane, that information collected by Dr Watson, the company's reporting tool, revealed that "half of all crashes in Windows are caused not by Microsoft code, but third-party code".
Charney's comments come as the company highlights the rigour with which it tests its own products before release. Microsoft emphasised that products such as Yukon and Exchange Server were undergoing thorough testing -- both internally and via independent third parties -- prior to their release to the market.
The company is employing root cause analysis and event sequence analysis procedures to scrub out the creation of sloppy code. The result is that individual developers have a high degree of accountability for the code they produce, while the systems and processes associated with code development are rigorously monitored.
Root cause analysis enables the company to check closely the work of individual developers. "If a developer has written vulnerable code, then we look at what else that developer has written and check it," Charney said
Event sequence analysis takes this further, analysing the reasons why the vulnerable code was written. Charney said it was not necessarily so they can sack whoever is writing vulnerable code, but find out the reasons why and how Microsoft improve their staff with training or more efficient processes.
As Charney made his remarks, Charles Sturt University announced they would be offering a Master of Information Systems Security degree including MCSE:Security industry certification.
Charney's also reinforced Microsoft's message to developers and network administrators that they needed to build secure applications and networks "from the ground up".
The chief security strategist's remarks have come at an unfortunate time, as mainstream and niche media outlets produce heavy coverage of the impact of the MSBlast worm, which has infiltrated corporate and enterprise networks worldwide.
That sure is encouraging. What a wonderful operating system you have when half the time it crashes, the crash is caused by third party code. A properly designed OS shouldn't allow third party software to crash it. No OS is perfect, but half the time is just silly.
sPh
I guess MSBLASTER, Code Red, Nimda, SQL Slammer, etc. could be considered 'third-party code'. ;>
Assuming this is true, wouldn't this be an example of how closed source can contribute to programming mistakes? If developers had more access to the OS source could wouldn't they be less likely to affect it adversly with bad code?
UNIX/Linux Consulting
So 50% of all system crashes are caused by 3rd party drivers and the other 50% are caused by Microsoft code.
Sounds bad, but compared to the number of application crashes, the number of actual OS crashes is infinitesimal.
His conclusions are suspect, and so are his motives. It's elementary, really. Bill G should get Magnum P.I. or Simon and Simon to do this investigation.
SCO is responsible for the other half of crappy windows code. This is why Microsoft was so eager to buy a license.
Or really just One Ring to rule them all? An application in a protected-mode OS (running in Ring 3 of the x86 chip) can't touch kernel space (Ring 0). Now, if an OS vendor does things like put its GUI subsystem in Ring 3 (cough, NT, cough), and you let 3rd party people write drivers that 5uXX0r5, then yes, you can have a case where 3rd party code causes crashes. BUT YOU (MS) PUT THE GDI SUBSYSTEM IN USER SPACE!
If the OS design is so poor, or hacks and compromises are made for gaming performance at the expense of stability, then you can't really complain when the system goes unstable.
I want to delete my account but Slashdot doesn't allow it.
What kind of third-party code are they talking about here?
Userland applications or device drivers?
As so many others undoubtedly already have remarked, an application, however shoddily written,
should not bring down the whole OS.
If they're talking device drivers.. well, that's a different issue entirely.
On the other hand, if this is the case, what the heck is that MS certification process for?
...Slashdot poll: Is the cup half full or half empty?
What he just admitted is that HALF of ALL crashes are Microsoft OS related. Every application that runs on a account for more than let's say 5% or 6% of total crashes, but Microsoft still has their full 50% share. That's STUPID-speak on his part. Way to instill company pride by shooting yourself in the foot, and then putting it in your mouth.
-Christopher Wu
http://www.christopherwu.net/
There is only one way 3rd party software can crash an OS: If the OS is so hopelessly broken that it gives that much control to applications.
Microsoft's bad coding is responsible for 50% of their crashes, by their own admission. Their inherently flawed OS structure is responsible for allowing the other 50% to happen.
(This of course doesn't address hardware related issues--all I can say is that MS software is VERY sensitive to borderline hardware)
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
I was googling for the 4 lines of C code that use to crash windows but came across this
Rus
Cheap UK and US VPS
"Empathise with stupidity, and you're halfway to thinking like an idiot." - Iain M. Banks
Hmm... What kind of 'rigor' is that, again? Rigor mortis?
So I guess all of the crashes that I have experienced with Inernet Explorer can be blamed on the the third party software they stole from the University of California and Eolas Technologies Inc.
Scott Charney, chief security strategist at Microsoft, told developers at the TechEd 2003 conference in Brisbane, that information collected by Dr Watson, the company's reporting tool, revealed that "half of all crashes in Windows are caused not by Microsoft code, but third-party code".
It's worded suspiciously but I don't think necessarily means the crashes are due to windows code. Aren't hardware issues responsible for a significant amount of crashes as well? Are they being counted in the 50% that belongs to driver problems and other third party code or are they counted with the windows problems.
I stole this Sig
1944 ... Atomic bomb is dropped ... man sets foot on the moon ... IBM releases OS/2 Warp v3 (Apps unable to corrupt/crash the OS) ... Microsoft finally admits that half of all crashes are their fault
... *nix good ... ... Mac good ... ... yes windows does suck.
1969
1994
2003
blah blah
blah blah
blah blah
=)
"The price good men pay for indifference to public affairs is to be ruled by evil men." ~Plato (427-347 BC)
Are you implying that my hardware is really ok and not responsible for all these crashes? *gasp*
Half full mug
help me i've cloned myself and can't remember which one I am
Windows software virtually NEVER crashes while in compact-disc form!
Also if you want a crash free environment all that is required is you shut the machine off and place it in a vacuum sealed container.
.....See Microsoft does make crash free products! you just don't know how to use them properly... anyone that has the gall to use third party applications is spelling their own doom...
I'm currently using Linux, which also gives drivers such low-level access that a bad driver can crash the whole machine. I was under the impression that this was a design decision which couldn't be changed without sacrificing performance.
Ok what about the other half that they are responsible. Never mind the fact that a application should not crash the OS.
Got Code?
I know I'll get modded WAY the fuck down, but I don't care...
This whole thing is flamebait. The article title "Microsoft Code at Fault for Half of all Windows Crashes" should have been "Thrid Party Code at Fault for Half of all Windows Crashes"...or is it that only anti-MS articles get posted? So much for having any integrity, Slashdot.
It would probably help, but the fundamental problem is the design of the operating system. Running everything in kernel space, without memory protection, is begging for problems. This is aggravated by the complexity of many types of drivers.
Mea navis aericumbens anguillis abundat
I think in the last day, the number of crashes due to Microsoft code has risen to 75%.
Having been doing software testing for about 10 years now, I can pretty much guess that Microsoft is like most other software places in that lots of things are discovered in test that still make it out the door. I'd like to hear from someone in the test organization at Microsoft to see what *they* think about the quality of the product they test, and how much pull they have in making decisions. I am betting that it is just as much as anywhere else. Most places have no problem in shipping out code that doesn't meet with QA's approval. I've seen it, I've been a part of it. That's business baby. Quality software will get trumped by some promised deadline every time.
My beliefs do not require that you agree with them.
In other news, the sky is blue.
Prevent email address forgery. Publish SPF records for y
Uhm, anytime Windows crashes, it's a problem with Windows. A bug or crash in a 3rd party application should have no bearing on the stability of Windows, at least that's how MS Marketing describes Windows capabilities, and that's the way it should be.
This looks like a big verbal foo-pa that IBM/Sun could drive a truck load of marketing through.
MS was going to post a detailed breakdown of all the crashes, but the crash report database server went down when it kept trying to send reports to itself.
... your posting. When a 3rd party driver crashes, it probably will take down the system as well, since it runs in ring 0, and can walk over kernel resources (and probably did).
When Windows gets read-only mempages (IIRC win2k3 has them) for kernel processes, this will be ended, until then: the 3rd party drivers are mostly at fault.
Never underestimate the relief of true separation of Religion and State.
If we were to assume there are close to around 50,000 third party firms who develop for Windows and there are around 1 million distinct Windows core dumps per version then there would be 20 incidents per third part developer and HALF A MILLION Crashes thats still owed to Microsoft..
So what were we saying again...
Rapid Nirvana
Scene: Microsoft HQ
Present: Emporer Gates, DBallmer
Emporer Gates: Darth Ballmer, it has come to my attention that we do not possess 90% market share in certain aspects of our operation. Your performance diappoints me...
Darth Balmer: Ook.(1)(2)(3) [Hooo...haaa...hooo...haaa](4)
Emporer Gates: Our code causes only 50% of crashes, yet we control 95% of desktop computers...can you explain the ineffectiveness of our operation? Why are we lagging in this area?!?!?
Darth Balmer: Ook. [Hoooo...haaaaa...hoooo...haaaa]
Emporer Gates: Please put your army of flying monkey dark Jedi to work on this problem immediately. I expect results, Ballmer. You will not fail me in this, or you will be looking for bananas in the sodomy pits of the Hutts!
Darth Balmer: Ook! [Hoooo...haaaaa...hoooo...haaaa]
GF.
(1) Monkeyboy
(2) Librarian
(3) I'm aware that it should be "Ape-boy" if the Librarian is an Orangutan, but if you don't tell the Librarian, I won't.
(4) Darth Vader breathing sound
Lots of petrified grits
still experiences 100% of all failures.
Oh well, what the hell...
"And a voice was screaming: 'Holy Jesus! What are these goddamn animals?'" - HST
The article's headline (both on /. and ZDnet so no blame to /.) says "Windows Crashes", which implies that the OS actually crashes. However the quote in the article says "Crashes in Windows" which implies that some application running under Windows crashes, not necessarily the OS itself.
Which is it? I am confused. The latter isn't the fault of MS. But no application failing should be able to crash Windows, it's the OS's job to make sure it can handle failing programs.
TROY
Big difference.. I would say 99.9% of all crashes in Windows 9x are Microsofts fault. NT,2k,Xp,2k3 are FAR more stable.
Because only "weenies" make excuses for their vendor. I've only ever seen the excuse as a response to somebody complaining about Windows instability - whether it's Microsoft's fault or not is irrelevent if it's stopping you from getting your work done.
I dare say it is, but what does Linux have to do with it?
I'm wondering why the news:
Microsoft is claiming that half of all MS Windows crashes are the fault of third party code, not their own.
turned up side down..
Microsoft Code at Fault for Half of all Windows Crashes
I'll probably be modded off-topic, since a story like this on Slashdot is nothing more than MS-bashing flamebait, but I'll try anyone.
First of all, the article says "crashes in Windows," not "crashes of Windows." So it's not entirely clear to me if they are counting application crashes which don't impact the whole system or just the ones that bring down the OS (as most of the bashers in this thread seem to think).
Second, if this is based on error reports, it's skewed by a lot of things. For example, I send the reports when I suspect it's MS code at fault, and I don't send them when I suspect a third party app. I figure MS can't do anything about the third parties, so why bother. The point is, lots of things can skew these numbers.
But most importantly, the bulk of the article, which most Slashdotters seem to be ignoring, is about tracking root causes of bugs. There is no silver bullet in software quality, but this approach is a good place to start. It's something that should be taught in CS courses, and it's something we experienced programmers should be training our juniors to pay attention to.
When you fix a bug, do you ask yourself how it got in there? Where else in your code a similar bug may appear? How can you avoid making the same mistake in the future. How you could have detected the bug sooner? How did the test cases miss it? These are powerful questions if you take them seriously.
It's a mindset all programmers should have. Ironically, I learned it from a Microsoft book, Writing Solid Code by Steven Maguire. Buy it, read it. Pass a copy onto your peers.
Let's see... umm... A MS basher is someone who believes that half the bugs belong to MS. A MS apologist is someone who believes half the bugs belong to somebody else.
Of course if you want to avoid emotional implications when describing the glass, you say "it's 50% water and 50% air". Likewise for this, except...
If half the *code* in your system is written by somebody else, and they are responsable for half the bugs, then that tells you that you and the other guy are equally competent.
Of course, you can spin those statistics anyway you like to suit your needs. Some programs are historicly more difficult to write than others. You could evaluate binary bytes, LOC, or number of binary files to get the spin you want.
I'm willing to wager that MS and its partners are equally competent, since they draw on similar pools of talent. If there is any significant differential, things will tend to regress to the mean of proportional bugginess. For example, if a given vendor always writes buggy code they will eventually be replaced. If MS can't write something, they will eventually buy a company that can.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Heck! That's for sure! They'd have this light fluffy exterior. It would be hard to dislike someone with a light, fluffy exterior. Just look at Natalie Portman!
Of course, if they were then to be deep fried, they'd be a bit scratchier, although oh so good!
How do you think Natalie Portman would tasted deep fried?
mmmmm... deep fried Natalie Portman... *drool*..
---- It puts the lotion on its skin or else it gets the hose again. It does this whenever it's told.
Cowboy Neal is full of it, whatever it is.
Um... where in the article does it say 3rd party code brings down the WHOLE O/S? In my experience the robustness of Windows has improved dramatically with every version (nevermind ME :-) I see individual applications crashing -- about 2 or 3 times a month. In fact, I typically go weeks and months between reboots (generally only when applying patches). There are plenty of things not to like about Windows, but the bad days of blue screens is a fading memory. Of course there are exceptions for odd hardware configurations and out-of-date drivers, but I've seen the same or worse problems with Linux support for oddball hardware.
BTW -- you may have noticed that sometimes when an app "hangs", and displays a "not responding" message in Task Manager, it is actually still running just fine (though chewing up a ton of CPU). Depending on the problem I may wait it out until the process finishes or simply kill it. One of my gripes with MS is that sometimes I have to use a third-party tool (sysinternals.com) tool to kill runaway processes -- Task Manager is not always able to kill it. Not perfect, but it works.
I think all of this applies to Windows server configurations also. I run IIS/ASP servers with dozens of users and applications. When configured so each account runs in its own memory space, with CPU utilization limits, NOBODY is able to bring down the whole web server with bad code -- just their own site.
The fact is, most of us are so bigoted about our O/S of choice, we are unwilling to learn enough about the "enemy" to use it properly.
Is this sig nificant?
How about moving the GDI to ring 0 for performance reasons, allowing a printdriver to crash the OS.
Help fight continental drift.
At least theoretically, shouldn't WHQL-certified drivers alleviate the "driver-related crash" problems? Granted, most of the latest drivers are not certified prior to release.
:)).
But I would guess that application crashes are the result of Microsoft not discouraging users from running as Administrator, or too many programs installing as system services or running as NTAUTHORITY\SYSTEM. Without elevated priveleges, a "user-level" crash might knock out Explorer.exe, but a crash of an app with elevated priveleges would be more likely to take out a neighboring process (like RPC
The standard Microsoft weenie excuse for instability in the past has been "it's the drivers!", blaming the video drivers is a favourite.
Unless it's an ATI product, in which case you can be 100% assured that it *is* the video drivers.
In my experience, you can bring any Windows 2000 or XP machine with any model of All in Wonder to a screeching blue HALT by simply doing such outlandish and unreasonable things as
And for those who really like fun, try an ATI All In Wonder Pro on Windows 2000. A couple of years ago, I deployed a couple of hundred of them at a Toronto TV station. A year later, they asked me to upgrade all their systems to Windows 2000. Constant random lockups of the whole system, requiring not just a reboot but a power cycle. Needless to say, they were not very pleased - you spend $300 on a video card, and you kind of expect that they'll provide drivers for at least a couple of years. ("They've been around forever. Besides, they're a good hometown company! Their headquarters are just 5 minutes from here, up the 404 in Markham."). Their news department almost did a story on crappy software but it was vetoed because news is supposed to be impartial.
As for ATI, I will never buy another ATI product ever again, for myself or for anyone else.
Fire and Meat. Yummy.
It's a weenie excuse either way, for sure. Who cares about excuses, we don't want excuses, we want the damn thing to work.
And it's perfectly true you can run into the same problem with Linux if you use proprietary drivers so in that case there's something you can do. Don't use those drivers. Don't buy hardware that requires them. Fund development of open drivers. You have lots of options to make the damn thing work. I don't use proprietary drivers in Linux, and I've never seen it crash except when hardware failed.
With windows you don't have those options. Even if you're picky about your hardware it will still crash. And, btw, the crashes the article was talking about were not limited to, and quite possibly didn't even include, those caused by drivers.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
At Microsoft we were going to tell you who was responsible for the other 50% of the crashes but then our sql server database crashed on us.
Computers are so comparatively powerful now, we can afford to trade time performance for stability.
Drivers should be moved out of kernel space where possible. Even then, with some effort it could be up to the admin whether drivers run at kernel level or at user level.
.sigs are for post^Hers.
A poll at CNN here here shows how sometimes no matter what MS does a huge amount of people will be leaving themselves open to problems.
" How are you planning to protect your PC from the LoveSan Internet 'worm' affecting Windows-based PCs?
Going to load a patch from Microsoft 19%
Have already loaded a patch from Microsoft 39%
Doing nothing 41% "
Laptop Reviews
If any non-kernel, non-driver code causes the OS to crash, then that *IS* the fault of the OS. Hands Down. A good OS should be able to survive accidentally bad (or even maliciously bad) application code.
Don't label something "offtopic" unless you know the topic well enough to tell what's on topic.
is it appears MS is proud of this percentage. Along the lines of "only half the total failures of our software are our fault" so look how good our product is. After this many years I really expect to hear that 90% of crashes are due to third party code and that Windows is finally what has been promised for all these years. No question XP has lived up to a lot of it's promise, but it's more than obvious security and stability have miles to go. This is just plain sad.
Microsoft actually contacted us about one of our applications that was occasionally crashing, and talked to one of our developers about where the problem was (what api functions were being called incorrectly).
If MS doesn't open the source, they can say whatever they like. It's up to the users to believe or not believe them as proof doesn't exist.
A crash can be caused because MS's update causes existing things not to be API compatible any more or MS's documentation is not up-to-date causing the third party not to be able to write good software.
Both would be MS to blame even though DrWatson (whatever) tells the third party software isn't good.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Yeah, but that was an unstable release. (2.1.something.) It's equivalent to an internal beta of Windows---why on earth would you run it on a production system? The unstable series are for testing, not for running on a system you're not willing to fry!
--grendel drago
Laws do not persuade just because they threaten. --Seneca
With the help of Intel and the "trusted computing initiative" only MS certified objects will be alowed to run on your computer. The fritz chip extentions are already in place for this in the p4 and up, so when you install Longhorn you will effectively surrender control of your computer to MS, the RIAA, Hollywood and the Government. But don't worry the trade off is you will not have to worry about worms and viruses anymore sucker! Unix systems are not attacked because to install an executable you need to be root, and any user that knows squat uses a decent pass word mine was dos_booty until just a few minuites from now when I will change it again.
OH THE SHAME I fell off the wagon and use sigs again!
Comment removed based on user account deletion
Try
Windows Crash Vs. Linux Crash
You are not a beautiful or unique snowflake -- but you could be if you got off your ass.
I look at the story title:
"Microsoft Code at Fault for Half of all Windows Crashes"
I look at the paragraph under it:
"Microsoft is claiming that half of all MS Windows crashes are the fault of third party code, not their own."
Anybody older than the age of, say, 10 should see that these are two very different statements. To assume that Microsoft is automatically to blame for the other half of OS problems completely ignores what everybody here should know is the #1 source of computer problems: User error.
If you want to lament the lack of quality conrols involved in Microsoft's "Made for Windows" branding, fine. If you want to conjecture just what that other half really is, also fine. But you can't print painfully obvious logical fallacies like this and hope to be taken seriously as a source of news.
Ah, gee. And no wonder. That would make sense that so and so a percentage of crashes is caused by third party software because MS doesn't provide the info to software developers which they need to make their software work like it's meant to on windows. That point was mentioned in 'The Court Case' and hasn't really changed, to the best of my knowledge, since.