Doom for Windows
So I’m on the road meeting with an important customer. I had spent all night the day before preparing a slide presentation for them with my team. After many hours of flying, cab rides, checking into hotel rooms, etc. we arrive at the customer site with our team to present our brilliant presentation. I get a text from my son just as I walk into the meeting but it’s too late to respond now. It’s show time! We have the usual struggle getting connected, so the Google Docs version of the presentation is out. Fortunately, I came prepared with the old offline Microsoft Office Power Point standby version of the same slides. Also a fail… apparently the right fonts aren’t installed. Finally, I use my iPhone 6 to get my Windows laptop connected to the Internet so Power Point can download the correct font for my presentation. Sigh… 15 minutes of valuable meeting time lost. Finally, we’re up and running… and then without warning or notice… Windows decides to update itself for the next 90 minutes! I don’t know exactly how many times by laptop had to reboot during the meeting but we ended up switching to the sales guys MacBook Pro… which of course worked fine…
Ah, the end is nearing. I used to think it was really funny to blog about this stuff.
Microsoft’s seemingly permanent clown-car ineptitude at delivering a quality product or user experience since Windows 7 was a great source of witty blog material over the years. I’ve written previously about how it was that my work on the original DirectX API’s resulted in the creation of Windows Update and I’ve written may articles over the years predicting the disasters and abuses Microsoft would and has perpetrated with Windows Update since it was first introduced to update DirectX drivers for gaming hardware.
…but there is one prediction I have not made that appears will be coming to pass soon. In all the great Greek tragedies of history the hero’s doom is ultimately a consequence of their own hubris and poor choices. Microsoft has a terrible and intractable problem that I anticipate will only end one way. Windows is obsolete. The connected world of computing has left the old Windows OS paradigm far behind. Microsoft’s lingering dominance in the Enterprise and consumer world may conceal that fact a while longer but the bell is tolling louder now. It is too late for Microsoft to adapt; it has missed all of its opportunities to pivot with the times. The sad yet fascinating thing about this era is that Bill Gates predicted it clearly in the 1990’s and tried hard to steer the company aggressively towards cloud computing, long, long before an online book dealer like Amazon strolled away with control of that opportunity. Microsoft invested hard in the smart OS’s for mobile devices long before Apple even considered getting into the phone business. They bet hard on automating Yahoo search out of business long before Google walked away with that opportunity. Microsoft’s inability to focus and execute over the years has cost the company its future.
Windows failed to make the leap to new business models and new distributed computing paradigms such that now in the year 2016 Microsoft is on the cutting edge of adopting Apple’s 2007 business model for Windows 10. Here’s why Microsoft has reached the end of its road. They lost the mobile market, they lost search, they’re struggling to compete in the cloud and all they have left is a legacy OS with an architecture from the days of personal computing when connectivity was something only nerds and IT managers worried about. Now the idea of personal computer security is collapsing. It is readily becoming apparent that NOTHING can stop malicious attackers from eventually penetrating the best most advanced security measures of any personal device. Furthermore, as the Edward Snowden scandal has made plain to us all, if malicious attackers aren’t breaking into our computers, then the worlds governments are requiring companies to make their products vulnerable to intrusion. The idea that a lowly personal computer behind a frail consumer router… made in China… stands any chance of resisting serious hacking attempts is a fast fading dream.
Back when I was making online game publishing DRM (Digital Rights Management) Solutions we measured the time it took Chinese and Russian hackers to crack our best latest security attempts in weeks. Today it can take a matter of days or hours.
The Windows Operating system has become vast, bloated and cumbersome to maintain. It faces constant security bombardment by the entire worlds connected hacker community and government security agencies. The volume of patches it needs to maintain even the most rudimentary pretext of stability and security requires a constant and overwhelming flood of Windows updates. The seriousness of the situation and the sheer flood of data Microsoft is constantly sending to our computers is staggering. I wanted to show a screen shot of my HUGE Windows Update history but mysteriously, after this most recent disastrous update… Microsoft has seen fit to clear my machine of that information…
So here’s what’s coming. One day soon, Microsoft will accidentally blow up millions of machines in a way they can’t recover from. The evidence is that they have completely lost control of the OS and their ability to maintain it. A massive scale forced update with the obvious flaws we just experienced has only two obvious explanations.
- There was a security emergency so dire that Microsoft felt compelled to prematurely force an update on millions of machines… even in the middle of a business presentation… despite the known flaws with the patch.
- Microsoft can no longer cope with the scale and complexity of security updating Windows itself and the organization within Microsoft doing it has become dangerously desperate, reckless or both.
Microsoft needed to start work on a very new kind of OS a long time ago in order to avoid this day. When you see this kind of transparently careless updating taking place with a multi-billion dollar product, you know something has gone very seriously wrong. Windows Update is extremely powerful and dangerous technology. One careless update could wipe out all of the information on most of the worlds computers overnight and Microsoft just demonstrated how perilously close they are coming to having such an accident.
Moreover, as I’ve written about previously, they can be forced by the government to push updates nobody wanted to our machines as was demonstrated in 2004 when a US Court ordered Microsoft to delete everyone’s copy of the MSJVM (Java), which wiped out an entire generation of online game companies and Java developers.
Does anybody want to hazard a guess as to what “features” are high on the Chinese or Russian Governments wish list for Windows 10 updates?
Here’s a question I would like to pose… is it possible that it has even become ILLEGAL for Microsoft to allow us to turn Windows Update off? The weasel words to look out for are “We will comply with all applicable laws and regulations”. Those applicable laws and regulations generally include court orders not to publicly disclose when or how they are being enforced.
Apple, as usual has attempted to be ahead of the curve by trying to cut off their own access to their user’s data so that they can never be forced to reveal user information… or so they claim. Microsoft on the other hand has created a monster that appears to be on the verge of consuming them. Windows can’t be secure or stable without Windows Update and it can’t be secure or stable WITH Windows Update. They have cornered themselves in a bad Avengers movie plot, beyond apparent escape from a doom of their own making. It’s just a matter of time before an irrecoverable update is forced on us.
I used to enjoy writing funny articles about how inept Microsoft was being with consumer stuff but this is a dangerous situation that has already spiraled out of control. Oh yes, I nearly forgot to tie this together… here’s the text my son had sent me before I walked in to do that presentation;
“Don’t turn on your computer, you’ll get a forced Windows 10 Update that will screw up your machine. It kept rebooting and updating my machine in class, it took me hours to fix! There’s alerts all over the Internet about it!”
He was attending an expensive one week physics program far from home when Microsoft decided the most important thing for him to deal with was a disastrous forced Windows update instead of his classwork.
Oh no, it’s started again. Apparently there is something far more important for my computer to be doing right now.
I couldn’t make this stuff up if I tried… where has my restart button gone?
*Update 10-03-2016: In that screen capture above, do you see the “Security Update for Adobe Flash Player”? That’s likely to be the source of the emergency update. Odds are whatever vulnerability that Flash was exposing has been wide open and getting actively capitalized on for a long time before this update. What goes on these days is that IOT devices, consumer routers, and of course Windows desktops get hijacked and turned into botnets that are used for denial of service attacks on other computers. Hijacking somebody’s computer and blackmail encrypting it has also become wide spread. In addition to Microsoft’s pure self-interest in trying to force the entire Windows using market to adopt their most current Windows platform, there is also a herd immunity problem with having a huge installed base of old Windows versions that Microsoft doesn’t want to maintain anymore and are increasingly impossible to really secure. Not only do they WANT us all on a common version of Windows so they can focus their development resources on up-selling us to additional Microsoft products and services, they NEED us on a current version of Windows so they can concentrate their security resources on one target OS version. The sheer scale of modern security threats divided by the number of Windows OS variants in the market may have played a major role in Microsoft being FORCED to change it’s Windows license model and make it free to try to bring along their entire installed base. Their business model was their biggest security vulnerability, hence the overly aggressive marketing effort to force adoption of Windows 10. The Windows house is really on fire.
I spoke to an IT security expert about the issue today and he pointed out that they see vulnerabilities getting detected and capitalized on in a matter of hours these days. The idea that Microsoft can keep up with these threats with monthly or even weekly security patches is an increasingly implausible premise.