Slashdot Mirror
WGA Meltdown Blamed On Human Error
Erris writes "As commentators like Ars Technica slam WGA as deeply flawed, Microsoft is blaming human error and swears it won't happen again. 'Alex Kochis, Microsofts senior WGA product manager, wrote in a blog posting that the troubles began after preproduction code was installed on live servers. ... rollback fixed the problem on the product-activation servers within 30 minutes ... but it didnt reset the validation servers. ... "we didnt have the right monitoring in place to be sure the fixes had the intended effect"' Critics were not impressed. 'A system thats not totally reliable really should not be so punitive, said Gartner Inc. analyst Michael Silver. Michael Cherry, an analyst at Directions on Microsoft in Kirkland, Wash., said he was surprised that it was even possible to accidentally load the wrong code onto live servers ... [and asks], "what other things have they not done?' This is not the first time this has happened, either."
One of the articles I read (http://www.betanews.com/article/Microsoft_WGA_Out age_Not_an_Outage/1188405961) suggested that if the server had actually gone down, then this would not have been a problem. The article, based on comments from Microsoft, suggested that WGA defaults to "genuine" if it can't reach the WGA server. So why didn't MSFT just kill the server to let people's software default to "genuine" instead of leaving the server connected with faulty software?
Two wrongs don't make a right, but three lefts do.
Critics were not impressed. 'A system thats not totally reliable really should not be so punitive, said Gartner Inc. analyst Michael Silver. Michael Cherry, an analyst at Directions on Microsoft in Kirkland, Wash.,
WGA is a natural, if not perfect (or even good) business response to the problem of piracy (leaving out all the debate over whether it's a good or bad thing for Microsoft as a whole). But the technical implementation leaves a lot to be desired; if anything, the response to a WGA server failure should be automatic pass (fail safe) instead of an automatic fail (fail deadly).
Sure, for a 24 hour window pirates would have a free-for-all in getting perfectly valid WGA results, but at the same time legitimate customers would not be inconvenienced. As far as I can see, that's the only way to keep WGA while minimising the backlash against it.
I write bullshit
Strictly speaking, there are no tasks I do today that I couldn't do in 1997.
Speak for yourself. Just because *you personally* don't use the extra processing power, memory, and storage that are available doesn't mean that lots of others don't. For example, I'm in the middle of digitizing and OCRing 110 years of local newspapers from microfilm into archival-quality PDFs for an historical society. Quite simply, you *cannot* have too much processing power when doing OCR -- I'm running multiple instances of ABBYY FineReader Corporate on a 2x Quad Core Xeon that has been pegged for two weeks now. It's quick, multithreads across all 8 cores and does a great job, but there's simply too much data. Note that this project would have been completely impossible in 1997 -- there simply wasn't enough processing power, memory or storage available to do it on anything less than a supercomputer. And that's not even considering truly bandwidth- and processor-intensive tasks related to video, weather meodeling, etc.
Some division head inside Redmond is crafting his internal proposal to convert the update realm from a cost center to a revenue center. The rationale will be to collect the funding to staff up that function appropriately so as not to harm MS from mistakes such as this.
The ironic thing is that few people will pay - and while the level of installed patches will go down the overall level of security will not materially change given the overall poor security stance in the first place. What will happen is that interoperability will begin to fail badly.
I think you're more on-topic then you think. I feel compelled to respond to your observations with my own:
Keep in mind that 400K is about 20% of the machine's available resources, which doesn't seem to different from today. Although today we have a lot more choice in how many 'resources' to put into a workstation or server type system.
There is also the difference between hosting old world text terminal interfaces and the modern high color depth, fancy windowing systems we have today.
Now this is the interesting point, IMO. In the past, you would often lease your 'mainframe' software, and need to renew it every year. Often you would have to contact your sales rep, get a new key, and 'activate' the software for another year. With a computer on every desktop, people were sold on the idea that you 'buy' your OS and software from the store and its yours -- forever. While 'Activation' and WGA are ostensibly an anti-pirating measure, in my eyes Microsoft is trying to steer the desktop PC market back to the old mainframe model of paying a yearly (or perhaps monthly) tithe to keep your computer working. Get the market used to phone-home features, and slowly close the net. They've been interested in subscription models for quite awhile, now.
The problem for Microsoft is that, unlike mainframe vendors, they suck at reliability. So while Microsoft is eager for a lease-type model, they don't have the corporate culture or experience to make a robust system, they still have a lot of design issues with the tracking and activation back end which is of course necessary for a 'rental' paradigm.
{ - Generic Guy - }
As for your task, it may not have been done on single machine in a reasonable timeframe and certainly not in a point and click fashion. However you could have easily integrated the ABBY engine into a networked batch OCR solution and then hired the capacity to run it (eg: a renderfarm).
Ahhh, spoken like someone who's never done a project like this before. So easy to plan in your head on Slashdot in 30 seconds, isn't it?
If creating the required integration work to ABBYY's OCR engine to some sort of distributed processing farm wasn't cost-prohibitive (which it is -- historical societies aren't exactly made of money), how would you suggest I upload over a terabyte of raw image data in a timely fashion to said render farm? And then download it again once completed (not as big of a problem, but still an issue)?
The bigger question is whether or not to take on OCR in-house at all. If you want to sub-out OCR, then you have to wait until the scanning is complete (weeks) -- sending partial jobs via hard drive is more expensive than sending everything at once at the end. It's still too much money at the end of the day -- much, much cheaper to keep it in-house, and the QA process is better. The cheapest option is to buy the fastest server your budget permits and run it 24x7 in parallel with scanning and final PDF assembly / burning. ABBYY FineReader multithreads on recognition, but NOT on opening batches or writing out PDFs. That is the real bottleneck, and the reason it's necessary to run multiple instances.
If I have 2 cores at my disposal, I'm going to be even more inclined to let the OS do some extra stuff on one of them.
Yes, but you paid for those cores, the OS vendor did not. The problem is this: what is that extra stuff, and why should your operating system be doing anything that isn't of benefit to you?
Take Vista for example. It is a resource hog. Some of that piggishness is the user interface, but there's a lot of other "extra stuff" in Vista that has no right to be there. Hopefully, someone will figure a way to strip most of it out at some point: maybe then it will be actually usable. Until then, I'm personally going to stick with XP and Linux. There's less extra stuff.
The higher the technology, the sharper that two-edged sword.