|
|
 |
 |
Last week, Bill Gates released a statement indicating in no uncertain terms that Microsoft's new #1 priority is trustworthy computing. Was the memo purposely leaked? Absolutely. Is it just a marketing exercise? Absolutely not. If Microsoft doesn't execute on it, its .NET My Services business is toast. And with it possibly a great deal of their future plans.
In the past, Microsoft has had a very different attitude, such as the pronouncement "there are no significant bugs in our released software" made by Bill G in an interview back in 1995.
So why the 360 degree turn-around? It is no more than a result of Microsoft's drive to make money from software. This unfaltering drive has underpinned the company's philosophy from day 1, which is building "good-enough" software.
The definition of good-enough software is simple: software that will sell. This hasn't changed, nor ever will. Back in the 1995 interview, Bill makes the comment that everything Microsoft does in software is based on what they think consumers want. This shouldn't come as a surprise, as doing what customer's want is a fairly crucial means to Microsoft's ultimate end: software sales 'o plenty.
In 1995, the crucial ingredient for software sales was shipping software before competitors and providing more features than competitors. These were more important traits than quality, security, size or speed of the software. Bill G. confirmed this, himself, back in the 1995 interview. And Mark Gimein, in his Fortune Magazine piece a year ago, describes a company whose philosophy hadn't dramatically budged.
It has been the focus on shipping functionality above all else that has helped gain Microsoft a reputation of being stupid, arrogant and unable to ship quality software. In reality, though, what Microsoft has really demonstrated is an acute understanding of the economics of software. It has understood that the luxury of zero-defect, secure, small and fast software has not been affordable in the mass-market.
Bill's latest memo, however, signals a clear desire to make what was a luxury, the norm. Just as car manufactures have done with air bags in the automotive world. This is a real tough ask, and one he can only be demanding because his hand is forced -- his customers are demanding it. They are sick of the increasing costs of software ownership associated with viruses and downtime.
So Microsoft has got a new religion. The question is, how well will they practice what Bill now preaches?
The technical elements that underpin trustworthy computing are quality and security. Before we discuss them, though, let's quickly address the issue of small, fast software, a feature often inappropriately associated with trust.
Moore's law has demonstrated that it is much cheaper to throw hardware at large and slow software than it is to build and maintain small, fast software. Consequently, arguments about speed and size of software have all but disappeared within the smart parts of industry. They are a non-issue and shouldn't dictate trust.
Software quality has always been a problem and remains a problem. And not just for Microsoft. However, as an industry leader, many suggest Microsoft's quality control hasn't been high enough, and it needs to do better. Whilst Microsoft has actually been doing much better, as far as the consumer's concerned it still hasn't been doing good enough.
Poor quality also leads to poor security. As Roger Sessions highlights in his latest ObjectWatch Newsletter, Sloppy Programming (aka poor quality) is the primary cause of security problems. As anyone who has been infiltrated by a virus can attest, poor security can lead to massive increases in costs.
So poor quality combined with poor security leads to disgruntled (and poor) consumers. No surprises there. What has changed over the last few years, though, is the degree of disgruntlement. With the rise of the Internet and PCs in general, the standard of "good-enough" software is being forced to rise. And that's what Bill and Microsoft have been watching. Evidently, it's reached "memo" point.
Of course, reaching this new high-bar will be no easy task for Microsoft or any other vendor. The software industry probably has never had it so hard. Fortunately, it is said that adversity is the mother of invention, and with .NET we can see some evidence.
Microsoft's drive to increase the quality and security of its own software has set much of the agenda for the .NET platform.
.NET brings with it the elimination of the "buffer overrun" bug, the #1 Sloppy Programming Security Problem. It also introduces a Code Access Security model (CAS) that extends security way beyond the level of any existing operating system. We won't go into the details here, but the techniques used in CAS trade performance for security. Microsoft understands security is a software problem and performance is a hardware problem. And Microsoft never fights Moore's law.
In an important addition to security support, .NET provides infrastructure to ease the development effort of providing diagnostic information and guaranteed-delivery services. The integration of language-neutral exception handling, performance counters, tracing, WMI and MSMQ all assist in the production of high quality software. When combined with Web Services that allow software to self-heal, the path is set for better quality products than previously available.
It is these facilities which Bill refers to in his memo, when he says "No Trustworthy Computing platform exists today. It is only in the context of the basic redesign we have done around .NET that we can achieve this."
The benefits provided by .NET don't just affect Microsoft. They impact everyone that uses it. As we've discussed, .NET makes software easier to write and more secure. That leaves more time for developers to spend on quality. Of course, it is up to us, as software developers to achieve a higher level of quality. Microsoft is spending the month of February "cleaning up the garbage". This includes training on secure coding practices and examining existing code for security and quality holes. About time, you smirk. Maybe so, but what are your plans for this month?
Microsoft has set its agenda for the foreseeable future to be Trustworthy Computing. We've discussed some of the reasons for this initiative and looked at how Microsoft might meet the challenges it faces by using .NET technologies.
What we haven't looked at is all the other factors required to earn trust. In both the memo and recent remarks he made at an MVP summit, Bill talks about those other factors. Maybe they'll provide a little bit of comfort the next time your buggy video device driver snaps you into a BSOD. Or maybe not. Which brings us to the matter of Microsoft becoming a hardware company. But we'll leave that discussion for another day.
 |