Bill Gates Says He's Sorry About Control-Alt-Delete

An anonymous reader quotes a report from Quartz: At the Bloomberg Global Business Forum today, Carlyle Group co-founder and CEO David Rubenstein asked Microsoft founder Bill Gates to account for one of the most baffling questions of the digital era: Why does it take three fingers to lock or log in to a PC, and why did Gates ever think that was a good idea? Grimacing slightly, Gates deflected responsibility for the crtl-alt-delete key command, saying, "clearly, the people involved should have put another key on to make that work." Rubenstein pressed him: does he regret the decision? "You can't go back and change the small things in your life without putting the other things at risk," Gates said. But: "Sure. If I could make one small edit I would make that a single key operation." Gates has made the confession before. In 2013, he blamed IBM for the issue, saying, "The guy who did the IBM keyboard design didn't want to give us our single button."

If I ever meet you

[maxrate]

I'll control-alt-delete you (Weird Al)

Re:If I ever meet you

[jandrese]

Of course it also gave MS-DOS users pause the first time they were asked to log into a WinNT machine. "Is this a prank?"

Re:If I ever meet you

[rudy_wayne]

The reason they used that combo in the first place was for compatibility with legacy applications.

Back in the olden days of DOS, pressing Ctrl-Alt-Del immediately rebooted your computer. But, it's not really possible to accidentally press Ctrl-Alt-Del and lose whatever you were working on.

Bill has nothing to apologize for. There's nothing wrong with Ctrl-Alt-Del.

Re:If I ever meet you

[apoc.famine]

As an example how this is useful, back when I was in college we had an old Vax network with green terminals. Being a cleaver asshole, I wrote a login screen emulator, which ran from my logged-in account. It captured the login and password, popped up an "incorrect password" notice, and then logged me out, terminating the login emulator. The victim would have a slighter longer than normal delay as they got dumped back to the login prompt, but the network was dodgy enough that it wasn't totally out of the ordinary.
 
Not many knew how to break a program that was running on the screen, so it wasn't likely that someone would be able to close the fake login program and be sitting there in my logged in account. If you had to execute something like CTRL+ALT+DEL to log in, that prank totally wouldn't have worked. Not saying I couldn't have found a way to do it, but it would have been much, much harder. With most terminals sitting at a login screen, it was pretty trivial to emulate that login with minimal risk of being noticed.
 
And for the record, I used this to make nefarious edits to people's finger data, subtly most of the time. Back in the stone age before social networks, we figured out who was on campus by fingering them. Had a whole ecosystem of profiles stored in there, from humorous to tragic. Most of the same drama as the current social networks, just plaintext and requiring terminal commands to access. I'd go in and do things like put subtle references to goats throughout someone's profile, or slip in things about "my son is also.." to make it seem like mom wrote it. Good times, good times.

Re:If I ever meet you

[Strider-]

The whole point of Ctrl-Alt-Del was that it's protected in the BIOS. Invoking it would jump to a routine that was hard to override. In most cases, though, under DOS the subroutine just caused a reboot. Later operating systems, it was trapped for and was the one key combination that a user application couldn't map.

Re:If I ever meet you

[hey!]

And in a way that makes it the last bit of user responsiveness left in a world where software acts as if it knows better. A world where you aren't considered responsible enough to have a power switch, so that in certain circumstances the only way to shut a computer off is to take it apart with a screwdriver.

CTL-ALT-DELETE may be overloaded with multiple functions, but at least the system does it's best to prioritize responding to you.

Re:If I ever meet you

[spitzak]

Yea this whole thing is silly.

Ctrl+Alt+Delete was a key combination trapped by the BIOS keyboard driver in the original IBM PC and it caused the machine to reboot. This meant it worked almost all the time (it did not work if the interrupt going into the BIOS was disabled or if something was done to the keyboard hardware so that it did not produce the right key codes). It was also pretty obvious that it should be hard to type accidentally, and this was pretty common on all computers at that time.

Since typing Ctrl+Alt+Delete caused a reboot, no MSDOS software used that key combination to do anything. Thus Windows (which was initially very concerned with being able to run existing MSDOS software) was able to safely use that key combination (and no other) for it's own purposes (Windows did change the keyboard interrupt so it did not go to the BIOS and thus stopped the reboot).

Later versions of Windows had to keep using that key combination as any other one may have interfered with existing software.

I would say they could have done something when they introduced the "Windows Key" since software was not using it yet. Hitting it could have done the job. Other than that, there is nothing really done wrong here, just back-compatibility causing grief.

Re: If I ever meet you

[LordWabbit2]

I disagree, computers did, and still do, have a reset button. Control-alt-delete is a SOFTWARE reset. Not a hardware reset which is what the reset button is for. If you were doing some type of low level coding that froze the underlying operating system so control-alt-delete was not working, your last resort was resetting the hardware. Its only in todays modern operating systems that it has become a method to login.

Re: If I ever meet you

[dwillden]

The reset button did exist and worked fine on those occasions where the problem blocked the three finger salute. If locked up to that degree the Power Switch was your one button reset.

Re:If I ever meet you

[flink]

Yes, on linux, Alt+SysRq+ sends signals to the kernal. s flushes all disk caches, u changes all mount points to read-only, b reboots, c dumps core, etc.

Some Windows programs still respond to scroll lock by locking the cursor in place, causing the arrow keys to scroll the window instead.

Break is still occasionally useful when using a terminal emulator.

Re: If I ever meet you

[Z00L00K]

You never experienced the IBM PC/XT - where a power cycle could make your floppies flaky unless you ejected them first and the hard disks had to be parked before power cycle or you risked a trashed hard disk.

That's the one?!

[ngc5194]

I have a LONG list of things that I think Mr. Gates should be embarrassed about regarding Windows. The three finger salute is very, very low on my list.

Re:That's the one?!

[Tablizer]

I have a LONG list of [MS gripes]. The three finger salute is very, very low on my list.

For all the others, both God and I give him the one-finger solute.

Re:That's the one?!

[ShanghaiBill]

This was my reaction exactly.

Actually, I think CTRL-ALT-DEL is one of the things they got right. There is little chance of doing it by accident, a dedicated button would have been a waste of keyboard real estate, and resulted in far more inadvertent resets.

It actually makes sense that the decision was forced on Microsoft, and if the decision had been left up to Bill, he would have taken the dumb alternative.

Re:That's the one?!

[default+luser]

You know, like that stupid Reset button on the Apple II. Located conveniently above the RETURN key.

Can't tell you how many times I fucking hit that thing.

Re:That's the one?!

[JohnFen]

Yes, I agree that Control-Alt-Delete is an entirely reasonable design, and I'm not sure why Gates is apologizing for it -- particularly when there are a number of other things that I think most people would agree he should apologize for.

For instance -- using the backslash for directory paths when every other OS used normal slashes. As a developer, I think I curse that about once per week.

Or, maybe more controversially, the registry.

Re:That's the one?!

[Z80a]

I think hide known extensions should be quite higher on the list.

Re:That's the one?!

[dranga]

On the apple 2e and later, yes, it required the control key.. on the 2 and 2+, just the reset button alone would reset the machine, and probably trash anything you were working on.

Re:That's the one?!

[Curtman]

If he was involved in that typewriter holdover, there should be a large monetary fine at the very least.

Re:That's the one?!

Control keys are for mere "users". Just in case I ever have a little "emergency", my computer is configured to automatically wipe all memory and format its hard drive when pressing the "

Re:That's the one?!

[ArmoredDragon]

Bill Gates didn't actually say that.

https://en.wikiquote.org/wiki/...

Re:That's the one?!

[steveha]

using the backslash for directory paths when every other OS used normal slashes

You overlooked one other OS that matters here: CP/M.

When MS-DOS was first developed, it was not the first DOS on the market; the majority of the business market was using Z-80 processor computers running CP/M. (Home users were on Apple II computers, mostly. Some business users used an Apple II with a CP/M card!) Anyway, MS-DOS looked and worked almost exactly like CP/M. MS-DOS programs were not that different from CP/M, I think deliberately to make it easier to port. The similarities were enough that the company that made CP/M threatened legal action over them. (Bob Zeidman checked the source code and he says no stolen code was present.)

Anyway, the important thing is: CP/M used forward slash as the punctuation for command-line program arguments. Thus, so did MS-DOS.

And nobody was really thinking too much about directory separators because CP/M, and MS-DOS 1.x, did not have directories. They used floppy disks, and those disks just had one directory. Just a flat list of files.

When MS-DOS 2.0 came out, someone was thinking of the slash for directories, because there was an actual command that you could put into your config.sys file that let you switch the character used for command-line switches. This was SWITCHAR and if you set it to - you also set the directory separator to forward slash. It was undocumented! It was never officially supported! And I think MS-DOS 3.0 dropped it and it never returned. (But in Windows, even today, you can just use forward slash as a directory delimiter and it works.)

I think that Microsoft had the opportunity to push on this. Just say "old MS-DOS apps that are using the old APIs can continue to use forward slash for command-line switches, but any program that works with directories should use the dash. It's The New Standard." I think they could have pulled it off, with some grumbling but nothing serious. But either someone at Microsoft was timid, or else they had an argument about this with IBM and lost, I don't know.

But way back in the dawn of time, compatibility with CP/M was the reason why forward slash was reserved as the command-line switch marker.

P.S. I think the registry was a good idea. Having a little database to store options, and have some kind of daemon that owns it, avoids race conditions and is just good sense. However, using an opaque and fragile binary database format was insanity. They could have used a simple text-based format (like .ini files... or, heck, S-expressions!) and saved the world a lot of pain. Or, at least made their binary database less fragile and documented it completely so that third parties could write registry checker tools that could fix corrupted registries or whatever.

Ideally they should have used JSON for the registry, but I'm pretty sure the registry pre-dates Javascript, let alone JSON as an interchange format.

Re:That's the one?!

[Waccoon]

I like how everyone forgets that MacOS originally used the colon for directory separators, among other weirdness.

Conforming to UNIX standards was not that common in the budding PC industry. MS always gets the blame because they're one of the few companies that actually survived.

Time for another book

[SuperKendall]

Blaming IBM eh?

Looks like it's time for another volume of "What Happened".

Re:Time for another book

[bugs2squash]

Didn't the IBM guy turn around and say something like "sure we invented it, but you made it popular..."

Re:Time for another book

[hey!]

You know, I have no interest in reading Clinton's book, but I did run into someone who did. He said (and this probably shouldn't come as a shock) that the media reports that make it sound like a vendetta book are misleading. Mostly it's campaign trail anecdotes.

I don't understand.

[xevioso]

I thought it was supposed to be a *good* thing to prevent people from accidentally restarting their machines by pressing the wrong button. From that perspective, it's a success.

The fact that windows now adds a whole bunch of other options to that command, like change password, log off, lock the computer, etc, is entirely their fault; there's nothing stopping them from adding *those* commands to another button, say an F10 or something, that allows you those options. So what is wrong with Ctl-alt-del again?

Re:I don't understand.

[nine-times]

Yup. Back in the days when Ctrl-Alt-Del did an immediate soft reboot of your computer, it was really smart to not have it be a single button. Not only was it not a single button, they chose keys that were all over the keyboard, making it very difficult to press them all accidentally. If you slipped and mashed your hand down on the keyboard, there's no chance you'd just happen to hit those keys.

Now, I don't know. What does it do? It opens the login screen if you're in a domain? It brings up a menu to bring up the task manager, I think? Those things could be a single button, but at the same time, I don't think we need to cram a new button onto keyboard designs just for that.

Re:I don't understand.

[FrankHaynes]

That's a terrible thing to say about the President!!

Re:I don't understand.

[ckatko]

Yeah. I've had keyboards on client machines with a power button right next to home and delete. It's the most insane, horrific thing ever.

You shouldn't be able to POWER DOWN A SERVER with a single keyboard press. You don't power down machines that often. You shouldn't even be able to restart Windows with a single accidental press by pressing the windows key and then a couple more keys (this has happened). You don't make "high risk, low occurrence" things faster... unless you're an idiot.

I, for one, want a button next to my volume control on my car radio, that disables my steering.

Re:I don't understand.

[vux984]

And in fact, Gate's quote that he thinks he made a mistake and that it should always have been a single button is actually odd.

No its not.

That would have been a disaster. There's no way to make a single button more secure than three buttons if you are trying to prevent an accidental restart.

You are not trying to prevent an accidental restart. He's talking about using them to bring up the login/logout/lock/taskmanager screens. It would not be a 'disaster' if there was a single key to do that. Hell.. we've had "Win-L" as a shortcut for lock for ages and nobody is really up in arms about that.

Yes CTRL-ALT-DEL once upon a time was a soft reboot, but that isn't what Bill Gates is apologizing for. He's apologizing for having to press it to bring up the login screen. There is no real reason that HAD to be the choice. The fact that it was basically 'reserved' and trapped at BIOS in legacy systems meant that it wouldn't conflict with any other applications; and the use as a 'restart' isn't that semantically distant to 'start/login' so the choice wasn't ridiculous.

However it certainly wasn't necessary.

Using a single button to show a screen where you'd have the option to restart is bad too, because back in the early days you needed to restart *quickly* sometimes.

What exactly is this supposed to mean? Why did you have to restart quickly in the early days exactly? Plus "Back in the early days" computers had a reset button on the physical case too, and a power switch. Some still do.

Ctrl-Alt-Delete was just a keyboard short cut that got ingrained early for one purpose and then repurposed over the years. In practice by the time Windows NT rolled around there was no real reason it couldn't have been something simpler/easier to reach, or even on a dedicated key or something.

Compatibility

[The+MAZZTer]

The reason they used that combo in the first place was for compatibility with legacy applications. In legacy Windows, CTRL+ALT+DEL was handled at a low level and could bring up task manager or restart the machine. Applications could not detect the keypress.

When they went to implement multi-user and logins, they realized they needed to ensure applications could not spoof the login screen to trick users into entering their credentials. A malicious application could potentially save and reuse these credentials especially if they were of a DIFFERENT user or an admin user.

What to do? Well if they had the user press a key combination that applications couldn't detect to log in, or even a key combination that would result in a different action if they were already logged in, a fake application would not be able to detect this keypress and spoof the actual login screen. Guess what, an existing key combination fit this criteria. They could have invented a new combination, of course, but chances are a legacy application might use this combination as a hotkey, and reserving it for login user would break that application.

Re:Compatibility Addendum

[The+MAZZTer]

I forgot to mention... I think the key combo stretches all the way back to MS-DOS, where CTRL+ALT+DEL would instantly reboot. I assume 16-bit Windows trapped this combination first of all so DOS wouldn't intercept it and reboot right away, and also so they could anticipate the user was having problems and offer to run Task Manager. But the key combo was first declared in DOS as a key press that could be used to soft reset the machine, but would not be pressed accidentally. CTRL+ALT+DEL makes perfect sense for that scenario. Then it just evolved organically.

Pretty dumb answer

[angel'o'sphere]

"Sure. If I could make one small edit I would make that a single key operation."
On an Apple ][ we had a reset key. However it only would work in conjunction with the CTRL key.
Why? So you can not hit it by accident and cause a reboot.
Basically every Workstation, Mini Computer, uses a 2 or 3 key combo which REQUIRES BOTH HANDS, so it can not be triggered by accident.

Is ctrl/alt/del a good combo? No idea, never cared.

It was a reacton to the Apple II reset key

[Jecel+Assumpcao+Jr]

The IBM PC was designed by observing the market leader (the Apple II with a Microsoft CP/M card) and copying all the good stuff while trying to avoid its problems. One of the problems of the Apple II was that reset was a simple key close to the return key. So it wasn't rare for you to type in stuff all night only to watch it all vanish due to a slightly misplaced finger. A popular add-on product for the Apple II was a little plastic cap for the reset key that you had to lift before you could press it. IBM selected three keys that were far enough apart than nobody would type by accident.

Re:It was a reacton to the Apple II reset key

[drinkypoo]

And it was a good enough idea that others copied it. The Amiga had ctrl-amiga-amiga and mac had cmd-option-escape, which is difficult to hit by accident but which can be done reasonably with one hand, as long as you have the left one.

the reason

[supernova87a]

I thought the point of Ctrl-Alt-Del was that it generated a system-level interrupt that no other program would be allowed to supercede (I'm getting the exact terminology wrong here probably, but the point is), and only the operating system would be get a user to put in a password on the familiar login screen.

Otherwise, malicious or other programs might be able to spoof the login screen and capture a users credentials.

Good thinking, but it just led to some convoluted keyboard contortions as a result.

Re:the reason

[JohnFen]

I thought the point of Ctrl-Alt-Del was that it generated a system-level interrupt that no other program would be allowed to supercede

It generates a non-maskable interrupt. However, under the IBM architecture, it has always been possible to install your own handler for that interrupt (and it's always been possible to mask it).

Re:the reason

[drinkypoo]

It's called a NMI, or non-maskable interrupt... except... it actually isn't one of those, at least not at the hardware level. There's no line dedicated to it on the keyboard bus. It might have been way back in the way back when the keyboard controller was a big fat DIP IC.

People with disabilities

[b1ffster]

We had an instance where one of our customers only had one hand. Pretty difficult to do the three finger salute with one hand. They were resorting to putting things in their mouth to get the third key. I bought a cheap USB keyboard, took out the PCB, figured out what to short out to get CTRL-ALT-DEL, and put it in a box with a single button. Problem solved.

Re:People with disabilities

[bioteq]

We had an instance where one of our customers only had one hand.
Pretty difficult to do the three finger salute with one hand.
They were resorting to putting things in their mouth to get the third key.
I bought a cheap USB keyboard, took out the PCB, figured out what to short out to get CTRL-ALT-DEL,
and put it in a box with a single button.
Problem solved.

I have fairly small hands and I am able to CTRL+ALT+DEL with one hand -- My right one.

Maybe some keyboards make it difficult, but every one I use has made this possible.

Not to lock it

[Trogre]

WIN+L will do that just fine.

Re:Keystrokes

[drinkypoo]

You want another? Why is Alt-F4 still available to shut down programs and log off Windows. It's been there since Windows 1.0. Maybe then it made sense, but why now?

I use Alt-F4 all the time. If you're annoyed that it's still in windows you'll be really pissed off if you ever use a Linux desktop, they all seem to use it as well. Inertia, it's what's for dinner.

Re:Compatibility Addendum

[Nonesuch]

The apology was for the choice to capture the historical "Reboot" key sequence and re-purpose it for logon. This was particularly annoying when we still had a mix of OSes in the workplace, and people got into the habit of walking up to any unknown "PC" and the first thing they do is give the 3-finger salute, rebooting the computer if it was running something other than the latest Microsoft product.

Almost as big a sin against computing as the 1994 introduction of the "Windows Key".

hes a master of time now?

[n3r0.m4dski11z]

"You can't go back and change the small things in your life without putting the other things at risk," Gates said.

That sounds suspiciously like something a retired time traveller would say...

You're Both Right--History

[SeattleLawGuy]

Ctrl+Alt+Delete is a combination used for historical reasons.

It is the most secure way of doing a login because it triggered an "interrupt" in the system, like a signal that could not be caught by the program running in the foreground. So programs couldn't fake the login screen.

But it was an interrupt--and one that took three keys--because it was used in the old days to reboot a system with a hung program. You wouldn't WANT a computer to reboot when you pressed one key, because then a random mistaken keypress could lose hours of work. (This was before autosave, remember.)

The common way of doing this today on linux is still what, Alt+Sysrq+b? Or for killing X, Ctrl+Alt+Backspace? They're still a 3-key combinations.

It's been thirty+ years and we should just change system or keyboard designs, but it wasn't a mistake.

Re:It is a security feature

[mea_culpa]

99.9% of all Windows users would happily type in their password if an application popped up an authentic looking fake full screen windows login screen with the cursor flashing inside the password box. They're not going to press CtrlAltDel because it is already asking for their password.

Unless companies are educating users that they must always press CtrlAltDel even if the password cursor is blinking (which most won't bother) the whole CtrlAltDel requirement is just bullshit. Passing it off as a security thing is well and good but only nerds are going to understand this and maybe be aware enough to press it in the above example. I can honestly say that I'd probably be fooled by this type of trick if done on a busy day.