IMHO: Dear Bill: Don't Do It!

[InfoSec News <isn () c4i org>]

Forwarded from: Elyn Wollensky <elyn () consect com>

http://eletters1.ziffdavis.com/cgi-bin10/flo?y=ePd40DicPs0DUm0mOE0Aj

IMHO: Dear Bill: Don't Do It!

April 10, 2002
By: Bill Machrone

Dear Bill:

By now, everyone's heard about your big push to make Microsoft
products more robust and more hack-resistant, even at the expense of
new features. Your email to Microsoft employees was forceful and
direct, and seemed reasonable enough, but I can only conclude that you
haven't thought through all of the ramifications.

For starters, there's a whole industry out there devoted to cleaning
up your messes. From antivirus packages to security scanners, a lot of
people depend on the holes in Microsoft code for their livelihood. I
mean, sure, you've been putting people out of business for
years--remember the memory management market or the word processor
market or. the list goes on. But think of the enterprise
security/antivirus market. These people have built their careers
around the fear and loathing that springs forth from the use of your
operating systems and server software. They've taken your courses.
They've read your books. They've taken the tests and gotten all that
MSxx alphabet soup after their names. And you would put them down as
casually as you might flick an ant off your knee at a picnic?

And consider the poor hackers. All the really smart ones are doing
truly weird IP hacks and breaking crypto and bringing down
governments. The ones who can't aspire to that level of greatness have
Microsoft software to keep them productively occupied. If they don't
have sitting ducks like Word macros and Outlook, they might get
serious and start doing real damage.

Think, too, of the convenience of being able to hack my neighbors' and
coworkers' PCs. Will we, as old-timers, sit around and reminisce about
the good old days when we could pluck NetBIOS names and shares out of
the ether (or out of the air, with Wi-Fi) and run unfettered through
one another's machines? Will we long for the days when we could
remotely install a keystroke monitor on a PC and get it to cough up
another user's innermost secrets?

And what if Microsoft code becomes too good? It'll bring upgrades to a
crashing oops, sorry, sudden halt. Think about it--the main reason
people upgrade is to get away from the bugs of the last version. The
list of new features that people actually need gets shorter and
shorter. Will people flock to the new version of Windows that
automatically uploads new ring tunes to my cell phone? Will people
bother to buy the next version of Office unless you bundle it with a
free 60 GB hard drive?

It'll be The Final Upgrade. You know, like the Apocalypse, or
something. Just imagine, a place where everything works, where nothing
crashes, where we're as safe from hackers as the gods were on Mount
Olympus. Having achieved satori, nirvana, Brigadoon, or maybe just a
legal parking place downtown, we won't want for anything more.

In closing, Bill, I'd like you to consider a potential role model for
Microsoft: Richard Nixon. Wait! Hear me out--you remember those
scratchy news films of Nixon's "Checkers" speech, when he told
reporters, "You won't have Dick Nixon to kick around anymore"?

Just think what a lonely place the Web would be without Microsoft to
kick around anymore. Sites like Slashdot would shrivel from lack of a
common enemy. Hundreds of sites that carry security alerts and patches
(ExtremeTech included) would suffer. Web traffic would plummet. Ad
banner sales would go into a tailspin. ISPs, with a sudden surplus of
bandwidth and a precipitous drop in revenue, would fold. All because
you want to make your company's software bulletproof.

Nixon came through for us, though. He came back to disappoint us all
over again. What unselfish giving! The nation flourished, unified by
the sheer grotesque horror, in a way that was unmatched until the OJ
trial. But you don't have to go away for 20 years, the way Nixon did.
Just keep on larding those important new features into XP and Office.
Move us to a subscription model. Make us suffer. It'll focus us as
never before, building us and binding us into an international
community.

Perfection, after all, is highly overrated.

Best regards,

- Bill Machrone



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.