Re: VMS website updated.

From: Bill Todd (billtodd_at_metrocast.net)
Date: 09/14/03 

Date: Sat, 13 Sep 2003 20:11:07 -0400

"Paul Sture" <p_sture@elias.decus.ch> wrote in message
news:$y6ed0HVjEqj@elias.decus.ch...
> In article <3F60F4D1.53B8969F@ost.cdrh.fda.gov>, Jonathan Boswell
<jsb@ost.cdrh.fda.gov> writes:
> > John Travell wrote:
> >> I am well aware how this group are not representative of the vast
ma[jo]rity of
> >> internet users, but I had not fully appreciated just how much a few
vocal
> >> members seem to have theirs heads buried in the sand.
> >
> > OK, that is such an outrageous statement you have brought me out of lurk
mode.
> > For the record, I might run some up-to-date browser on my VMS systems if
I
> > really felt like it. But most of the time I browse on Windows WITH
JAVASCRIPT
> > TURNED OFF. I rarely use NS or IE because it is so difficult to turn
scripting
> > back on again when some braying jackass forces me into it just to
navigate their
> > obnoxious website.

I actually don't find it particularly onerous to require prompts for js in
IE. I usually answer 'no', but as much to avoid screen clutter that I'm not
interested in as for security purposes (my wife has it turned on, and has
yet to be bitten by any malware problems).

  So usually I use Opera, where the Quick Preferences pulldown
> > menu allows me easily to turn scripting on or off.
> >
>
> <snip>
>
> Well, this discussion prompted me to do a bit of Googling...

And it caused me to do at least minimal verification.

>
> http://www.stremler.net/javascript.html
>
> Not much in itself,

And its 'eviljs' example failed to crash even my insecure old Win98SE system
(though it caused IE to hang and I had to abort it).

 but links to the following:
>
> http://www.clock.org/~fair/opinion/javascript-is-evil.html
> http://www.clock.org/~fair/opinion/system-crash.html

Full of generalities that apply to virtually any software. In a nutshell,
the author doesn't trust JVM implementors to have created a secure product -
and since virtually no product is *provably* secure he's likely right.
However, since virtually no product is provably secure, virtually everyone
runs insecure code all the time - even if they never come within shouting
distance of js.

It's true that js greatly increases the number of instances where people run
potentially malicious code in that potentially insecure environment, but the
proof of the pudding is in actual exploits - which are conspicuously absent
in that exposition. Since I don't particularly like the *idea* of random
code running on my system (even in a sandbox), and since I usually don't
find that js adds to my surfing experience, I usually keep it at bay - but
that's a personal choice and a far cry from demanding that it be expunged
from the cosmos.

>
> But the next link moves off the subject of Javascript and is so
> hilarious (and truly sad too), that I am posting it in full:
>
> http://www.cantrip.org/nobugs.html
>
> original at:
>
> http://catless.ncl.ac.uk/Risks/17.44.html#subj11
>
> --------------------------------------------------------------------------
-
> FOCUS Magazine Interview with Bill Gates:
> Microsoft Code Has No Bugs (that Microsoft cares about)
>
> In this interview, Big Bill gets distracted and reveals his contempt for
> you, his loyal customer.
>
> Slashdotters: yes, it's real.
>
> Note: this page is also available in Italiano, Espaņol, and Japanese.
>
> In an interview for German weekly magazine FOCUS (nr.43, October 23,1995,
> pages 206-212), Microsoft`s Mr. Bill Gates has made some statements about
> software quality of MS products. [See executive summary, below.] After
> lengthy inquiries about how PCs should and could be used (including some
> angry comments on some questions which Mr. Gates evidently did not like),
> the interviewer comes to storage requirements of MS products; it ends with
> the following dispute:
>
>
>
> FOCUS: Every new release of a software which has less bugs than the older
> one is also more complex and has more features...
>
> Gates: No, only if that is what'll sell!
>
> FOCUS: But...
>
> Gates: Only if that is what'll sell! We've never done a piece of software
> unless we thought it would sell. That's why everything we do in software
> ... it's really amazing: We do it because we think that's what customers
> want. That's why we do what we do.
>
> FOCUS: But on the other hand - you would say: Okay, folks, if you don't
> like these new features, stay with the old version, and keep the bugs?
>
> Gates: No! We have lots and lots of competitors. The new version - it's
> not there to fix bugs. That's not the reason we come up with a new
version.
>
> FOCUS: But there are bugs an any version which people would really like
to
> have fixed.
>
> Gates: No! There are no significant bugs in our released software that
any
> significant number of users want fixed.
>
> FOCUS: Oh, my God. I always get mad at my computer if MS Word swallows
the
> page numbers of a document which I printed a couple of times with page
> numbers. If I complain to anybody they say "Well, upgrade from version
5.11
> to 6.0".
>
> Gates: No! If you really think there's a bug you should report a bug.
> Maybe you're not using it properly. Have you ever considered that?
>
> FOCUS: Yeah, I did...
>
> Gates: It turns out Luddites don't know how to use software properly, so
> you should look into that. -- The reason we come up with new versions is
> not to fix bugs. It's absolutely not. It's the stupidest reason to buy a
> new version I ever heard. When we do a new version we put in lots of new
> things that people are asking for. And so, in no sense, is stability a
> reason to move to a new version. It's never a reason.
>
> FOCUS: How come I keep being told by computer vendors "Well, we know
about
> this bug, wait till the next version is there, it'll be fixed"? I hear
this
> all the time. How come? If you're telling me there are no significant bugs
> in software and there is no reason to do a new version?
>
> Gates: No. I'm saying: We don't do a new version to fix bugs. We don't.
> Not enough people would buy it. You can take a hundred people using
> Microsoft Word. Call them up and say "Would you buy a new version because
> of bugs?" You won't get a single person to say they'd buy a new version
> because of bugs. We'd never be able to sell a release on that basis.
>
> FOCUS: Probably you have other contacts to your software developers. But
> if Mister Anybody, like me, calls up a store or a support line and says,
> "Hey listen, there's a bug" ... 90 percent of the time I get the answer
> "Oh, well, yeah, that's not too bad, wait to the next version and it'll be
> fixed". That's how the system works.
>
> Gates: Guess how much we spend on phone calls every year.
>
> FOCUS: Hm, a couple of million dollars?
>
> Gates: 500 million dollars a year. We take every one of these phone calls
> and classify them. That's the input we use to do the next version. So it's
> like the worlds biggest feedback loop. People call in - we decide what to
> do on it. Do you want to know what percentage of those phonecalls relates
> to bugs in the software? Less than one percent.
>
> FOCUS: So people call in to say "Hey listen, I would love to have this
and
> that feature"?
>
> Gates: Actually, that's about five percent. Most of them call to get
> advice on how to do a certain thing with the software. That's the primary
> thing. We could have you sit and listen to these phone calls. There are
> millions and millions of them. It really isn't statistically significant.
> Sit in and listen to Win 95 calls, sit in and listen to Word calls, and
> wait, just wait for weeks and weeks for someone to call in and say "Oh, I
> found a bug in this thing". ...
>
> FOCUS: So where does this common feeling of frustration come from that
> unites all the PC users? Everybody experiences it every day that these
> things simply don't work like they should.
>
> Gates: Because it's cool. It's like, "Yeah, been there done that - oh,
> yeah, I know that bug." - I can understand that phenomenon sociologically,
> not technically.
>
>
>
> Executive Summary:
>
> So...
>
> Bug reports are statistically, therefore actually, unimportant;

You won't find the word 'unimportant' in that quote above, with either
'statistically' or 'actually'. That's because Gates never said that: he
said that most *users* did not find them significant - and had the 'phone
statistics to back it up.

  If you
> want a bug fixed, you are (by definition) in the minority;

Not 'by definition' but by actual count - at least in terms of what people
request from MS. Of course, the fact that MS offers bug-fixes/updates on
line free of charge would tend to decrease the pressure to create special
bug-fix-only releases, so those people most interested in fixes probably
just obtain them via that route and never contact MS with any kind of
request for it.

  Microsoft
> doesn't care about bugs because bug fixes are not a significant source of
> revenue;

Once again, you won't find *any* comment from Gates to the effect that MS
"doesn't care about bugs": he just stated that they weren't the reason
people bought new releases, and that's almost certainly true. The
significant effort MS puts into its 'Windows Update' and on-line FAQ/help
facilities is sufficient indication that they take support seriously
(perhaps more seriously than they used to take initial quality - though
whether that actually changed recently has yet to be proved).

  If you think you found a bug, it really only means you're
> incompetent;

Wrong yet again. What he said was that if you think you've found a bug you
should report it, and then raised the *possibility* that some such beliefs
might be incorrect. My guess is that he had by then caught a strong whiff
of the reporter's bias and had had enough of it.

  Anyway, people only complain about bugs to show how cool they
> are, not because bugs cause any real problems.

Zero for five: if you want incompetence, look no farther than this
reporting. Gates offered a sociological basis for *most*, but hardly all,
of the common complaints about bugs, and never said that they didn't cause
*any* real problems, just that they did not create major problems for a
significant number (I'd read that as 'percentage', because even a very small
percentage of MS users would be a rather significant 'number' IMO) of MS
users.

>
> Straight from the horse's mouth.

Just to make it clear to those who didn't bother to follow Paul's link, all
the above quoted words below the dashed line are the article's not his - and
I hope he's a careful enough reader to have noted the fallacies.

I don't like MS software quality, and I don't like MS business practices.
But I also don't like sloppy analysis, especially when it knocks someone
(whether I like them or not) for things they never said.

- bill

Loading