It is becoming increasingly difficult to predict how new or updated programs will run on users’ computers. Third-party software, particularly security software, is making profound changes to the operating system, creating a constantly-changing digital environment. As a result, manufacturer accountability and due diligence are much less meaningful concepts than they used to be.
Releasing new software updates is a scary process nowadays. Even if you’ve tested everything on all the hardware, operating system and software configurations you can think of, you just know what’s going to happen: Within an hour of the release, six users on hotmail and gmail accounts with names like kilroywzhr779 are going to write you urgent and angry messages saying that your program, Windows or both are doing something radically weird. File output is taking two hours, bizarre error messages are jumping off the screen like popcorn, the program and/or Windows are crashing, and so on.
Looking at the messages, your initial response is always to think you’re in the wrong movie. You tested it, just know that there’s no way your program could be doing this…
More often than not, after you’ve gotten over the horrible sinking feeling of guilt in your belly, you’ll find that it’s not really your fault. Either the users will admit that they’ve done something totally bizarre (Yeah, I had 12 instances of the program open and I was running Windows update and a virus scan, isn’t that OK?) or the problem is being caused by another program – usually an anti-virus or anti-spam program or a firewall.
Today’s operating systems, and especially Windows, are a constantly-moving target. The OS is only really a known quantity just after it was installed. As soon as the user starts to add programs and make changes, what you really have are thousands upon thousands of different operating systems. Among other things, many current security programs install themselves very deep in the system. Some of them actually replace parts of the operating system with their own versions – without informing the user. Others install themselves as an additional layer between application programs and the system, so that everything your program does has to go through them.
Security programs are also critical here because they need to run all the time. So these alien system-level components are constantly at work, and your application is almost bound to run up against them.
The result of this situation is that your program is no longer interacting with the known operating system components – it’s interacting with different versions of those components from company XYZ. Or with components from company QRS, which are acting as intermediaries between you and the operating system. It’s like a seething cauldron full of hundreds of completely unknown chemicals – there is no way on heaven or earth of knowing what reaction is going to take place when you add your own potion to the mix.
Add the virtually infinite number of possible hardware configurations, along with cheap memory modules, bad power supplies, overheating processors and buggy drivers for everything from graphics cards to USB hamster feeders (all running at the same time), then it’s really a wonder that anything works at all. In addition to being annoying and wasting hours and hours of both users’ and developers’ valuable time, this situation is making the concept of manufacturer accountability increasingly meaningless for software producers.
Of course, part of it still is the manufacturer’s responsibility, in the sense of it being a Please don’t eat the daisies! problem (the title of a book by Joan Kerr, who discovered the hard way that you have think of everything that you need to tell your children not to do while you are out of the house). Today, more then ever, you need to at least try to think of all the crazy and potentially dangerous things that users might think of to do and harden your software so that they either can’t do it or can’t do any serious damage if they try.
But that’s not the whole story. When the operating system itself is no longer a known quantity, and when multiple third parties are effectively making undocumented changes to the system on an ongoing basis, then manufacturer accountability increasingly becomes a meaningless concept in the software business. Even if every single manufacturer exercises all due diligence, it doesn’t help. There is just no way to get a handle on all these interactions when unknown third parties are able to change the playing field without warning. Your program can always be shot down or rendered dysfunctional by some other software component getting in the way and doing something completely unexpected.
Accountability would only be possible if all the third-party manufacturers worked together, and that’s about as likely as peace in our time. In Windows Vista, Microsoft has made some laudable attempts to lock out third-party system-level and kernel changes, but this will only be possible in the 64-bit version and it’s going to be years before that is the primary platform. And all the security software producers are already screaming bloody murder and calling for “special access rights” so that they can continue to mess with the system as they please.
So this situation isn’t likely to change any time soon and it’s going to get worse before it gets better, if it ever does.
Click to subscribe feed
Leave a Reply