Slashdot Mirror
Interview of the Windows XP SP2 Dev Team
Masa writes "SuperSite for Windows has a nice interview called "Windows XP Service Pack 2: The Inside Story". The interview gives a good insight, what kind of a project the Service Pack 2 was, how it got started and how huge effort it actually was." The ITMJ Product Guide is part of OSTG, as is Slashdot.
Jesus Christ, hasn't the guy heard of Deedpoll!
Gamers Europe - Gaming News. Reviews.
I followed the link, but it was only a story about the quest for the Holy Grail. Except the Holy Grail was a dixie cup, and the crusaders took twice as long to search for it, but still came up with nothing, except t-shirts with corporate logos.
The Custom Mary
It's interesting to know that there was a fair amount of thought involved in enabling the firewall in SP2. Who would've thought that could break a system? Not that I use Windows much any more, but it's still a welcome enhancement.
"The reason we called it RC1 was that we wanted people to think that we were serious." I for one welcome our serious microsoft overlords... for a change.
The only thiung that really caught me was "lipstick on a chicken"... btw I am on holiday so anything too serious right now won't go in my mind anyway (too much alcohol)
just a web application developer and instructor in Toronto, ON Canada
So at Microsoft, either something works and isn't secure, or is secure and doesn't work.
I know, this isn't really news, but it's not every day you hear it from Microsoft.
There's a Mercedes gap too. I want one and can't afford one, but it's not government's job to do anything about it.
We knew we had a bigger problem than just enabling the firewall.
...can't wait to read it, actually. Right after I finish reading the Worldwide Service Agreement that came with my lawnmower.
"The SP2 product they shipped bore little resemblance to Microsoft's original plans for the release, but was instead a far more secure and stable product that, ultimately, made XP a better operating system." I knew it! Microsoft originally planned it to be unsecure and unstable!!!!! ~kalinga
"and a virtual team of Microsofties"
So is that like little fairies or something that write code while everyone is asleep?
Coder's Stone: The programming language quick ref for iPad
A people that values its privileges above its principles soon loses both. Dwight D. Eisenhower
Looking at the timeline, almost half of it was filled with 'fixing' Internet Explorer
Just drop IE and spend more time on the freaking OS.
I mean they took too long to release a patchset that caused problems and look, 7 or so new bugs found in CORE components [prolly been there since win98 or earlier].
;-)
Maybe if they spent less time "re-inventing the wheel" er... "innovating" they would have more time to actually write what they NEED to write more securely.
There is no reason why commercial software would have buffer overflows [at all] and specially in something like LoadImage().
In FOSS at least you can blame lack of time, review, etc. But in commercial software you're paying for the eyes and the time.
Show me a story where they agree to hold back on re-packaging the latest video/sound codec as a Windows format [hint: wmv == mpeg4 == divx for all intents and purposes] and instead decide to fix a good 10k bugs or so.
Of course I'd settle with the non-integration of MS IE, explorer.exe and MSN and the addition of a POSIX.1 emulation layer [that comes bundled]
Tom
Someday, I'll have a real sig.
"Todd: The original idea was to make it sort of like IE Hard. The IE in Windows Server 2003 is really unusable for consumers. ...
I agree with that, as a Windows 2003 server consumer. Although the prevailing wisdom says that browser use from a server should be minimalist at best.
But we were thinking that drastic at first. I can tell you that during the [initial design] phase were definitely thinking as drastic as that."
And that is the problem. It is not so much that Internet Explorer is insecure. It can be made VERY secure. But then it is very difficult to use for Joe Average User. There are tradeoffs all over the world wide web. (example: I want to be able to view these nifty stock quotes, but then my browser is open to exploits). The standards are still evolving and programmers are still adjusting towards the safest yet most robust model for all.
Have you Meta Moderated t
"An additional processor-based "no-execute" feature is expected to be offered in forthcoming Intel and AMD processors."
No Operation? (NOP, 0x90)
FWIW: Laurie Litwack is Canadian, Tokuro Yamashiro is of Asian heritage, and Jim Allchin is from another planet.
I've been reading The Old New Thing for a few months now. It's a blog written by a guy at Microsoft (I don't know what department), and among the things he writes about is why windows sometimes works in unexpected ways.
Yeah, Windows has lots of bugs. But some of those bugs can't be fixed, because certain major programs rely on those bugs . When you fix the bugs, you break the programs. Almost every bug fix windows gets these days is accompanied by a program breaking. MS has to try and decide whether enough users are affected by the bug to make the fix worthwhile.
MS has been pussyfooting it about breaking programs in the past, and I'm glad MS finally bit the bullet with SP2 and broke all those programs in the name of security. It was high time. Of course, it means I have to keep a second PC around for some older games, but hey, that's life.
The people at Microsoft know what is wrong with Windows. They have a variety of reasons for not fixing it. I can't say I agree with them completely but some of them make good "business" sense. It's too bad they care more about "business" than the quality of the product itself.
When Apple did MacOSX, they basically created a "WINE" for MacOS9. Not everything was/is perfect but a great many things continue to work without problems. They didn't sit back and say "oh... we have business reasons for not overhauling the whole OS and starting over from something more secure and stable from the start."
I have said it before and I say it again: Microsoft is perfectly capable of doing exactly what Apple did: Make a new OS and make a WINE to run the old stuff until people finally migrate over. I'm not a developer but there are plenty of examples out there to show it's not impossible. I know I can't be the only person who has ever thought of it and I wonder why they haven't done this at Microsoft already? Some people here have been kind enough to put forth some reasons why Microsoft hasn't just abandoned its current Win32 model -- essentially business reasons -- so can someone offer some likely reasons why Microsoft wouldn't build a new OS and then make a WINE for backward compatibility?
Those are pretty nice pictures for geeks. Almost *too* nice. Is this really a collection of programmers?
Join the Slashcott! Feb 10 thru Feb 17!
I know this isn't on topic, but after reading the article and seeing how difficult it was to get SP2 out the door, I wonder about their goals for Longhorn.
I keep reading how longhorn is going to have wonderful new features and things nobody knows they need. However, I think that most users just want the stuff in windows xp to work the way it should. Longhorn should be a hardened Windows XP SP2.
That might actually be the incentive for the companies that still run windows 2000 for stability to switch over. That is their market.
Consumers are going to get windows when they buy new computer. I don't care how many linspire running walmart PCs are sold, Dell and HP are selling them with windows.
Their competition is beating them on stability and ease of use, not cool groundbreaking new features. Most computer users just want the PC to be easier to use, not more complicated with new file systems and taskbars with more crap on them.
People are switching to firefox from IE mainly for the enhanced security and tabbed browsing. Okay, tabbed browsing shouldn't be too difficult to copy to IE, but security is the reason techies are putting that little fox icon on peoples' desktops.
I think they've done a good job with SP2, but I think that people just want the computer to work and are indifferent to the bells and whistles appearing in longhorn betas.
That's what a billion users spending $50+ billion a year on Microsoft software get for their money. They could have hired tens of thousands of programmers just to do line-by-line code audits without making a dent in their budget.
Why I get 5 calls a night from one idiot or another who has enabled automatic update without knowing it, download SP2, and subsequently had their entire IP stack screwed. Is that a feature?
Microsoft's marketing team deserves a big fat Christmas, no holiday, bonus. What I'm most impressed with is how this string of security failures around retail versions of Windows (going back how many years) can be re-shaped as a team of scientis-like experts facing an impossible task and doing a great job. If this was any other field of business or eve pro sports, this many security breaches or failures in the core of the product line would have shaken things up for the better. Instead, the reaction is a clever marketing campaign to convince consumers the maker of the problematic and generally insecure product is a victim just like the consumer who is violated when all his or her credit card info or financial records are obtained with SpyWare. The lesson to be learned is that if you spend enough money on marketing, any perception can become a reality. www.softwareobjectz.com
http://www.softwareobjectz.com
Todd: I'm talking Windows [Division] in general, or Microsoft in general. The Longhorn wave
As I had previously read this is not a joke, just look at this quote from a Microsoft worker: http://www.longhornblogs.com/robert/archive/2004/
Now, at the same time all this has been going on, there has been a lot of complaining about the constantly slipping Longhorn release date. I haven't weighed in on that too much yet, but I think it's time to break my silence. Microsoft shifted between 80-90% of the Windows Client Team off Longhorn development and onto Windows XP SP2.
Is not that the SP2 is a bad thing. Is a great improvement, but it took so many time, it was delayed so many times...that's all what Microsoft can do? I mean, they just put all they resources in the SP2 and it took them forever to release it.
Perhaps it's just me, but the open source world evolves much faster and has more resources than Microsoft. Every 6 months I see more evolution in the OSS field than what I saw in SP2 (and again, it's not that the SP2 was bad - it was great! But just look at fedora 3 with its SELinux integrationand all the rest. We're being faster than them IMHO, and how fast can you evolute is more important than "how good are you today"
I notice they left out some photos of the other team members. Maybe they actually looked like operating systems geeks instead of models?
That article offers an interesting insight into the Microsoft development process.
I know that even sizeable open-source projects can be ridden with political complications, but this article gave me a new sense of how people interact when working on big projects.
Todd Wanke seems like a good guy, but using the article as a vehicle for his sappy management practices wasn't very appealing.
Also not appealing is Jim Allchin's satanic gaze. Jesus.
Too much hype. Too much bullshit. Too many acronyms. I'm sticking to free software people.
- Microsoft's best are not able to turn off Media Player 8.
- Media Player 9 went thru a "security audit", so it must be better than 8, which has been tested by several hundred million people.
- Enabling a firewall breaks *everything*. Apparently they havent heard of a simple GUI with easily-understood checkboxes. (See IE options... for the classic counterexample).
- They somehow expect a semi self-anointed czar of security patches to gain everyone's support.
- Nowhere is it mentioned the (estimated) 45,000 uses of unsafe string functions in the source code.
Sigh^3?Microsoft spent too much time trying to tie-up market-share, instead of architecting and designing their products to help clients.
By (inadvertently) harming their clients like that, they've built a monster, and now, short of scrapping most of their IE work, there is no way they will ever deliver anything robust and secure.
Of course, they WON'T go back and do it right, both because the corporate masters won't stand for it and the fact their development teams are committed to what they've done and their disgracious vision.
So it's game over for Microsoft, who couldn't deliver on what clients really needed.
In fact, they'll survive in computing the same way Mcdonalds survives in cuisine. Some would call that a success, but few would admit to eating there.
I don't know the meaning of the word 'don't' - J
Following the first link in the story leads you to this picture (eventually):a m_85.jpg
http://www.winsupersite.com/images/reviews/war_te
Isn't that a penguin?
Isn't that Tux?
What's he doing there?
Spying?
Or... noo. They hold him captive??!
I'm so glad Slashdot devotes so many stories to Windows. I haven't used it in so long it nice to touch base now and then.
You know, to be quite honest, I'm damned sick of this mindset that only a group of different races and genders is divrse. Five white men can be just as diverse as than a black, white, aisian, ect of varying genders. For the inevitable retarded people responses: I'm not saying that there should only be groups white people.
That way, users such as he with apps such as those could still get the OS patches and work on deploying the firewall by itself.It would depend upon the specifics of those "holes" and the apps that depend upon them.
There is nothing wrong with having an app listen on an open port. Web servers do it, email servers do it, FTP servers do it, etc.
Not having a firewall should not be considered "security risks in the operating system".
I know lots of people who have turned off the firewall in XP sp2 because it stopped apps from working (VPN in particular). That doesn't sound like much of a "fix" for the "holes" in the OS.
he's an MVP, not an MS worker. MVP's are people awarded by Microsoft for their efforts in helping others out. An MS employee can't be an MVP by definition.
FB, C# MVP
Never underestimate the relief of true separation of Religion and State.
Richard Stallman asserts that closed, proprietary - non-Free - software is an ethical wrong. That is to say, it reduces the amount of freedom in the world. By developing, supporting, selling, evangelising - etc, etc - proprietary, non-Free software, one actively HURTS one's fellow humans. I mean this in the RMS sense - I'm not talking about Windows being less secure or less stable than GNU/Linux, but being less free.
How do Microsoft (et al) developers, who are obviously intelligent, hard-working and - at the technical level, at least - well-intentioned people, reconcile this with their consciences? Do they...
Hope this doesn't sound like a troll. I just really want to understand why people go along with this system. I don't get it, but obviously most of the rest of the world don't care or have some other cognitive work-around. Please enlighten me someone!
"None are more hopelessly enslaved than those who falsely believe they are free." -- Goethe
Then the vendors can release patches for their apps so that they will work after the service pack is applied.
And before anyone goes off about how Microsoft would have to spend too much money and time testing every app out there, you're wrong.
There are lots of companies with contracts with Microsoft and Microsoft could ask those companies to run a quick diagnostic app on some of their machines with the apps those companies consider critical to their business running.
That way, Microsoft could see what apps were using the bug that they planned to fix and how many of their big customers would be affected by a fix.
Microsoft has the money, the contact info, the company info and the existing contracts to do just that.
The real reason Microsoft doesn't do that is because there are too many bugs that rely upon other bugs and Microsoft doesn't even know which are which or where they are.
For reference, look at this previous
One of the things I do when I run a project is I never use the word "I." Even if you went back through every piece of mail I wrote for Windows Server 2003, and Windows XP SP2, you'll never see the word "I" in any of those emails, unless there was a specific reason for it. I'm just a believer in that if you want to get things done, the best way to do it is as a team.
What a wanker. This is one of those guys who when he means "you" he says "we". For example - "why don't we spend the next few hours working out the bugs." - which means "why don't you bust your ass for a few hours while I go home and get some sleep.".
Of course any hardware 3d-accelerated video driver in Linux can also bring down the system, since parts of DRI and nvidia's GLX run in the kernel. The salient difference is that video drivers in NT are coded against an interface that is designed not to change. Change your kernel version, or apply the wrong patches to the kernel you're already running, and your Linux video driver might very well break, particularly if it's a binary-only driver like the ones from ATI or Nvidia.
Indeed.
Running video drivers in kernel space is not a "bad technical decision," it's a tradeoff, informed by the realizations that for end users crashing your graphics subsystem is just as bad as crashing the entire machine, video performance is pretty important, and video drivers can be made pretty reliable. It's the same tradeoff most reasonably-performing 3d-accelerated drivers make in Linux. The difference is that it works a lot better in NT, since the driver won't just break one day for no apparent reason.
Now before I get modded down, I be to remind whoever might read this that what I am saying is FACT. - bogaboga
Which is very different from a very specific video problem in Linux.
It is not the same trade-off as with Linux because it is possible to run a Linux server with only the command line interface.
With Windows, every implementation has those flaws.
With Linux, only a very specific sub-set of implementations have those flaws.
Lot's of software isn't sold in the first place.
Yep. Because the most popular games are new versions of old games. I don't care if DOOM no longer works on XP because of a service pack, but there is no reason why the next version of Quake wouldn't be patched to no longer depend upon that bug.
Quite a lot of people play games that are >12 months old. Breaking them isn't an option: they simply won't apply any more security updates from that point forward. Like it or not, in the Real World with the sort of end users who have fast machines on the end of fast home DSL, appcompat takes precendence over security. Every time.
f your company is running a critical app from 1996 without support, your company has bigger problems.
Welcome to the real world. I've already dealt with several in various test Linux migrations. One of them was written by a company that doesn't appear on Google and is apparently bust anyway. Actually this app was a Windows 3.1 program, from even earlier.
Think how much stuff is still written in COBOL.
Actually, it is. Just look at Linux development.
Linux is pretty much a textbook case of how not to maintain backwards compatibility. It's a serious problem. Some vendors are telling the LSB they won't start porting their apps to Linux until it becomes more stable (C++ in particular is an issue).
Due to the projects I'm involved with, I deal with the lack of stability on Linux all the time, and I can tell you it's one seriously fucked platform from that perspective. I've seen more than one open source developer get up and walk away (back to Windows) because the stuff they wrote simply didn't keep working.
Cry me a river. Look into the concept of "source code escrow".
It's easy to talk about source code escrow now. Too late, it's already happened. On a large scale. Deal with it.
I'm not worried about companies that didn't take basic precautions when they licensed software. They made the wrong decision, they suffer the consequences. That's business.
That's why you don't work for Microsoft, and therefore have no say in the matter. You don't sell many operating systems by telling your customers that they're screwed but it's OK because "that's business, it's harsh". People will just tell you to fuck off, and they will give their money to people who care about their software investments (like Microsoft).
Todd: The original idea was to make it sort of like IE Hard. The IE in Windows Server 2003 is really unusable for consumers. But we were thinking that drastic at first. I can tell you that during the [initial design] phase were definitely thinking as drastic as that.
It sounds like Microsoft actually has a secure version of Internet Explorer, without all the guck that makes it insecure. But they consider it "unusable for consumers". Probably because you can't run all those stupid "toolbars", "Active-X controls", "upgraders", and other crap you don't need. It's clear that the "features" people won out over the "security" people.
They could at least offer "IE Hard" for everyone who wants it. Most business desktops probably should be running "IE Hard".
I don't see how. You claimed it was up to the people who sold the software to fix it, and I pointed out that much software was not written to be sold as a product. It was written by the people who had a problem to solve.
Yes, and I just got back from the pub, where I was talking with a friend who claimed you don't need to bother applying security updates if you have a good firewall - in fact, he said, it's best not to because stuff might break. And this is with a huge amount of effort put into things like SP2 by Microsoft. He isn't the first person I've met with that attitude.
I work for Codeweavers and in fact this Windows 3.1 app (it was for a hospital) now runs quite well on Linux. We work hard to ensure Wine and CrossOver stay working on an incredibly unstable platform. Do you know that every single release from Red Hat 9 through to Fedora Core 3 has broken CrossOver/Wine in some way? Every single one? These typically weren't "bugs" and they weren't one line fixes. I myself put a lot of work into allowing Wine to run when exec-shield and prelink are active.
So, I'd like to think my opinion is an informed one because I work at the crossroads where Windows and Linux meet, and the differences in stability between them are like night and day.
Here's a simple experiment to try. Install IBM Domino Server and run it on any modern distribution. Any Fedora Core release will do. At least the release I have, won't run. It'll hang during startup in a way that looks like it's running, but actually it's not.
Now go to garagegames.com and download the Lore demo. Run it. It will fail to start with an error about libgcc_s.so. In fact most of the Loki games are now broken in some fashion.
Now try disabling NPTL, and they'll start working. Did you know about LD_ASSUME_KERNEL? Do you understand what it does?
Here's another experiment. Install a stock Red Hat 9 distribution and upgrade its copy of GTK+ to 2.4 - remember, this release is supposed to be backwards compatible. Observe that GNOME now hangs when it logs out due to a semantic change (bugfix) in GObject.
Final experiment. Write a program to create a menu heirarchy that works on every distribution out there. Actually, don't bother. The one that ships with CrossOver is over 3000 lines of Perl and covers the 6 or so different menu systems otu there as well as cases where a distro ships with more than one at once.
But which is dominant? I think you'll find it's Windows.
Sure. Stability and backwards compatibility don't matter much when you're selling a product that just has to serve web pages, or route mail. Everything you need comes out of the box. If stuff breaks it can be fixed by the distribution provider. The same is not true on the desktop which has a much less homogenous set of software in use.