Even if you love it, there are some things for which Windows is clearly a silly solution. Richard Stiennon lists 10 of the worst uses of Windows he’s seen, including using it to display a static green arrow over the open TSA security lanes at Detroit Metro.
Top 10 Worst Uses of Windows
About The Author
Adam Scheinberg
Technology Executive • Web Developer • Father • Foodie • Music Snob • OS enthusiast
Follow me on Mastodon @[email protected]
…and not a little bit scary in places. Especially the Medical systems and the paper trail involved in every one of their updates. Paper trail for updates will probably result in no updates, making these machines a hackers wet dream.
Do you thing you could add these systems to WSUS? Patch Tuesday for my breathing machine! Woop woop! 😉
This problem is well known to me due to my work. There are hospitals where you just need to plug your laptop into the LAN outlet in the wall – you get an IP via DHCP without any authentification and can easily log into several machines (“network drives”) without being prompted for a password. Using means like ethereal, tcpdump and ping -f, a hacker could do really bad things to such machines, starting from blocking their data transfers, copying data and destroying it (and maybe the backups on accessible NAS, too) up to installing malware and abusing the clinic’s IT systems to spread spam.
One thing I miss in nubmer 10 of the list is that “Windows” is also used in ICUs (intensive care units). This is highly dangerous! As it has been mentioned in the discussion on another topic, the term “bluescreen of death” becomes a dangerous connotation here.
Maybe “Windows” is okay for client systems (that emulate an IBM 3270 dialog client in worst case) or data postprocessing, but for critical systems, it’s simply too dangerous.
Regarding updates in “Windows”: Due to the advertizing by MICROS~1 people do really believe that they do not need to do system administration, including considerations what to install and what not to install, when to get updates and how to install them. They believe that “Windows” does everything by itself, because it is so “user friendly” and does your thinking. Another opinion is that you can save money by not hiring a professional to take care of the IT infrastructure. Why? You can do this on your own, just by clicking! The result: Out there in Germany’s medical system there are many old “Windows NT” and “Windows XP” (the most common ones) out there that didn’t see any updates since the date of their release. And nobody cares…
And for a cardiac pacemaker? “Hold the installation DVD against your breast and click your nose to install. If you are near a WLAN entry spot, just raise your finger to get the updates.” 🙂
Cancer patients sometimes get fatal doses during radiation therapy due to keyboard error. In the old days of manual knob twiddling this was extremely unlikely. However a simple typo can now be fatal due to accidently giving 10x the required dosage.
Typos are made on any OS. Good programming practice for such an application — no matter what OS it is running on — dictate that code for error checking and verification of dosage be included.
Off by 10 happens even with knobs. More often than you would imagine. You see you have to read and understand the order, and the bottle, then dial it in. If the order and the bottle are in different units then you better hope the coffee machine was not broken at the start of the shift!
It sounds like you’re thinking of the Therac-25 incidents, which wasn’t quite as simple as you make it sound (& it certainly wasn’t running Windows)
I once saw Windows being used as a public facing Web Server
Only now with Windows server core does Microsoft understand the concept of a modular OS. Windows perhaps would be a good candidate for the tasks outlined, however having the full desktop and the million other services installed by default just doesn’t make sense. Fingers crossed that in the future the desktop version of windows follows some of the ideas of it’s server cousin and become more modular and only have installed the modules needed.
However in reality everyone knows that unix/linux is perfectly suited to these kinds of tasks, want a DNS, simple just install the DNS service, no other junk needs to be installed. You are left with an OS which is super fast and has a very low surface of attack.
Does the eula now allow Windows to be used in mission critical apps ?
http://community.zdnet.co.uk/blog/0,1000000567,10004610o-2000331777…
so how about some disclaimers from the XP eula..
LIMITATION ON REMEDIES; NO CONSEQUENTIAL
OR OTHER DAMAGES. Your exclusive remedy for any breach
of this Limited Warranty is as set forth below.Except
for any refund elected by Microsoft, YOU ARE NOT ENTITLED TO ANY DAMAGES, INCLUDING BUT NOT LIMITED TO CONSEQUENTIAL DAMAGES, if the Product does not meet Microsoft’s Limited Warranty, and, to the maximum extent allowed by applicable law, even if any remedy fails of its essential purpose.
15. LIMITATION OF LIABILITY AND REMEDIES.
Notwithstanding any damages that you might incur for any reason whatsoever (including, without limitation, all damages referenced above and all direct or general damages), the entire liability of Microsoft and any of its suppliers under any provision of this EULA and your exclusive remedy for all of the foregoing (except for any remedy of repair or replacement elected by Microsoft with respect to any breach of the Limited Warranty) shall be limited to the greater of the amount actually paid by you for the Product or U.S.$5.00. The foregoing limitations, exclusions and disclaimers (including Sections 11, 12 and 13 above) shall apply to the maximum extent permitted by applicable law, even if any remedy fails its essential purpose.
So, to break it down, you are free to use Windows anywhere you like, just as long as it doesn’t screw up.
If it does screw up, it is your fault, not Microsoft’s fault, but they will send you $5 to make you feel better.
That has been every piece of software. Read the EULA for any software and you will see that the company does not take fault with their software. Even with open source they have a “use at your own risk” clause.
The point I was making, was that some people think that because Microsoft is a massive corporation, there will be some comeback when things screw up.
So what. Who am I going to sue when Linux fails me?
*chirp*… *chirp*…
Exactly…
Well, sue Microsoft… you’ll get kicked in court the same as if you had been actually using their products.
I see you are still full of shit. The article and the posts are about Windows not being suitable for certain jobs. Linux will not fail you in the slightest.
Besides, you always have the comeback of the company who sold you the service level agreement….
That would be hilarious, if it weren’t so naive. I almost feel sorry for you, if you really believe that.
The point is that there is no accountability with ANY vendor unless you have a support agreement and, even then, there are limits to what they will do. Unless you have specific guarantees in your contract for uptime, they’re NOT going to reimburse you for lost time or data. So, the original point about EULA language is MOOT.
yes, agreed, maybe the original poster needs a slap and needs someone to sit him down and point out some oss eula’s.
You don’t get it do you ?
Some people install Microsoft products because it is a name they recognise as the biggest software producer in the world.
These people expect it to work out of the box.
These people expect Microsoft to back them up when things don’t work out.
These people are shocked when they realise they have lost years of work and Microsoft tell them to “piss off, you should not have installed our products”
You made a point about who you sue over Linux ? Did any Linux company give Microsoft the blueprint for the wording on their EULA’s ? No.
There is no point you coming on here trying to be abusive towards Linux when this has nothing to do with Linux or Linux companies.
This is purely about Microsoft supplying software that is not capable for doing the jobs it was being sold for, and Microsoft sticking two fingers up to you when you find this fact out.
Show me ANY Linux vendor who will reimburse you for loss of time or data, absent a specifically-worded support contract (which amounts to a EULA).
Are you retarded ?
I was not talking about Linux companies here, you are just trying to deflect away from the original post.
I will repeat it again, in caps, for people who appear to be shills.
PEOPLE PERCEIVE MICROSOFT TO BE A COMPANY WHICH WILL SUPPLY SOME FORM OF SUPPORT WHEN THEIR PRODUCT SCREWS UP.
MICROSOFT ARE TELLING PEOPLE IN PLAIN AND SIMPLE LANGUAGE THAT THEY ARE ON THEIR OWN, AND IT WAS THEIR FAULT FOR INSTALLING THE SOFTWARE.
Most people do not care if some Linux company will not support them, because, plain and simply, most people do not use Linux.
I think you don’t really get it since posting such a crap.
No they don’t, thats why there is technet and huge community that can help. If guy puts up even normal server and excepts it just work right up he is idiot, and its same for ALL OSes!
This is pure FUD, firstly EULA clause about financial payment is only due poor justice system of USA and few other countries. Like clause in GPL and everyother software product is purely there to protect companies and software writers against ridicilous court cases. Microsoft does offer support but not gonna take financial responsible if some idiot didn’t know how to disable auto-updates or secure system enough against hackers.
If GPL and other software wouldn’t have such a clauses greedy bastards called lawyers could sue them if some idiot makes mistake and gets hurt. Yes even Linus Torvalds could be sued and whole Linux Foundation. Have you ever wondered why popcorn machines have label that says “Don’t put hands in oil when machine is on”, no shit Einstein.
More pure FUD. Keep mind that everyone of these systems has 4 components, hardware, 3rd party software, OS and person who makes whole system. Who knows how many times problem is HW or crappy 3rd party software. Most cases problem might be just some idiot who didn’t design system good enough. So I give YOU just one finger, guess which?
I would reply to you, but I try never to feed the troll.
Nor to be drawn into a personal scrap, with you and your middle finger.
One thing I will say little boy, go out into the big, bad world, get a real IT job, THEN come back and we can talk.
until then, stfu.
hehehehe go and get a feckin clue.
What Joe User knows about setting up a server, never mind Technet ?
Sure, they can SAY they’re not responsible but just because that’s in the EULA that doesn’t make it so.
You can’t absolve yourself of responsibility for your products.
The most ridiculous way to use Windows is on a server. I wouldn’t use Windows on a desktop too, but that’s another story. But server? Why would people use the slowest and least secure server OS ever produced?
Edited 2008-07-09 13:58 UTC
Slowest and least secure?
*cough PWN2OWN cough*
Explain please ?
He’s referring to the CanSecWest hacking contest, where an Apple laptop was the first to be rooted in a web-based attack on Safari. The competitors were a Linux box and a Windows Vista box. What that has to do with server security I don’t really know, as any IT staff surfing the web from a server should not only be fired but also executed as an example and buried under the wiring closet.
More info:
http://www.channelregister.co.uk/2008/03/28/mac_hack/
Where can I download this PWN2OWN you speak of ?
Try http://www.l33hax0rst00ls.com/5cr1ptk1dd1/ I think I saw it there.
Want Exchange Server, here’s your license for Windows Server to run it on. Here also is your Outlook licenses and your Windows Workstation licenses since the server is nearly usless without accepting our products on the client side.
Want Microsoft AD management, here’s your Windows Server. Sorry, it doesn’t work so well with non-Microsoft products (but we’re working on it, we swear) so you’ll probably need to replace anything else.
Want .NET and complete .ASP support, Windows server will be needed so you can run IIS.
It sucks but Microsoft has put a whole lot of effort into making as much of there products require the other products as they can. It’s better for business when you reduce the ability for customers to make decisions.
and the whole ting most likely started with novell focusing on the server side of their netware system, and allowing microsoft to make windows talk nice to it.
I remember working with Dos/Novell and Win3.11/Novell setups. I think the latest I saw in person was actually win98 or maybe NT4 running against a Novell server box. It’s an area of history I should probably do some reading on though as I don’t remember much of the politics at the time other than Novell dropped the Netware product line and was supposed to license there own LDAP type network management; MS AD seems to have stomped that option out though.
Novell always did require a client program installed on the workstations with appropriate protocols though. In that regard, they provided the client software across platforms so it was not the use of broken standards or propriety protocols to keep end users from having freedom of choice.
MS was definately not the first company to use lock-in strategy but they have been very financially successful with it.
Now its their eDirectory Services, which also support Linux so you’re no longer necessarily running Netware to support the Netware services. It’s all LDAP based. Haven’t tried it but it’s suppose to be pretty good.
Here’s a decent URL for it:
http://en.wikipedia.org/wiki/Novell_eDirectory
More info at Novell’s own site though, but it’s a good summary.
the thing i was trying to get at was that novell basically left the fortress gate open for the microsoft “trojan horse”.
with microsoft products on the desktops, microsoft could basically say: swap over to a NT server and get a single support source for your whole office network.
iirc, win9x came with a exchange email app already installed and primed to sniff out any email servers on the network.
Oh absolutely. It’s not like there where not business mistakes made by other companies at the time. Palm has never managed to regain what it was after so many business decisions. Novell almost went away until they got rights to Suse. IBM is still kicking but has that whole monopoly restrictions headache off it’s back. If we’re talking business strategy and goals MS is freaking brilliant. It has used a very classic tactic of allowing the enemy to create the opening for the killing cut and then raising barriers to competitors and customer choice where that cut was made.
From the customer, innovation and overall market health perspective my opinion is very different from that though.
My point was simply that companies will use MS as a server platform because of the barriers to choice MS has designed into the product as much as possible. If they have existing MS platforms, they will eventually have to upgrade them because MS will cut support. The upgrade treadmill idea has been kicking around IT departments since MS started and probably with IBM previous too it. You may not want to upgrade but MS “changes” between OS versions will eventually make it a requirement rather than a need for hardware upgrades.
It’s pretty, quick to setup and popular among decision makers but it also has a large amount of overhead that is not usually considered or mistaken for unimportant until it really takes hold.
Case in point; Vista is all the home consumer will be able to buy from now on. WinXP is not off the market because there is no further demand for it. It’s purely because MS wants Vista to take hold. Business can still buy licenses to it for a short while but eventually they will be strongly encouraged to comply. With some companies just finally replacing win2k with winXP, that choice is harder to force but in the consumer market it remains very much “We are Windows; Your computer will be bought with us. You will join our revenue stream and support our ecosystem of third party band-aid solutions.”
(When profits are more important that product quality; what is a consumer to do?)
show them the middle finger and go community based.
pisses of big biz of all kinds, from software to telecom…
Edited 2008-07-10 00:53 UTC
Because depending of your needs it can be a very good system. I just replaced a Windows 2003 Terminal Server today. We replaced the machine because we need a warranty on the hardware and after 5 years the support for the old hardware has come to an end. This server has served 15 coworkers for 5 years 24/24 without a single crash nor a single virus. (It had to be rebooted from time to time because of Windows updates or hardware failure though).
The most stupid use of Windows that I’m aware of: US Navy used windows on an SSBN in a test. The machine blue screened in the middle of the harbor (Norfrolk, Va.). The submarine stopped all operations while the computer was rebooted. Thank God it wasn’t at test depth. or at station during a launch against a real threat.
Windows is used in a LOT of military hardware.
Remember the F-117 that crashed because the computer was left on for something like 49.5 days – the point at which windows CE has a timer overflow that locks it up…
Or the Aegis cruisers that ran NT 4 – which not only left vessels completely disabled on many occasions, but was a double whammy when it came out that BeOS seemed to be able to log into older versions of NT as if there was no security.
In general there’s a tendancy to throw full on computers at problems that could be solved by something as simple as a basic stamp… or in the case of green arrows, an on-off switch.
Edited 2008-07-09 22:03 UTC
Along the same lines as the featured article, the scariest place I read where Windows was used was to control mission critical functions aboard the USS Yorktown in 1998. Windows crashed and the ship was dead in the water.
http://www.wired.com/science/discoveries/news/1998/07/13987
While the actual cause wasn’t specifically windows’ fault, this problem just underscores the fact that more mature operating systems such as Unix and embedded systems such as VXWorks should be used for controlling mission critical functions.
Hopefully, the military has learned from this experience. However, the cynic in me thinks not.
… past the login screen is bad. 🙂
Anyway…. I just remembered a time (like a year ago) in a Citibank ATM (here in Bogotá) that was displaying a beautiful BSOD. It was a shame I didn’t have a camera with me to “inmortalize” the sight.
Edited 2008-07-09 15:05 UTC
The MTA in NY uses windows machines for their metrocard systems. I’ve seen plenty of those things blue screened and just waitign for someone to reboot them. I was devestated when I went ot an ATM and found a windows blue screen, I always thought hat something that needed that much security woudl run some proprietary unix based os, especially since windows is overkill for what these things need to do anyway.
I’m willing to bet that a fair number of these problems are the fault of management making purchasing decisions without doing any research or consulting a lowly geek. They just know “they need some sort of disk to put in the electro-doohickey to make it run, and hey, I’ve heard of this ‘Windows’ thing!”
Then the vicious cycle is completed either by in-house geeks who make backhanded comments about the choice of operating system (and management thinks they’re just being elitist), or by outside contractors who know a cash cow when they see it (“The Windows server running the town’s streetlights needed to be patched and rebooted. Highly technical, you know. That’ll be $500. See you next week?”)
Of course, the enterprising folks making streetlight controllers and breathing-machine software that runs on Windows 98 aren’t entirely without blame either, but it’s so much harder to market this “Linux” thing that nobody’s heard of…
And nobody ever got fired for buying Microsoft!
Man…. if I ever become a boss I will happily take that frase to the graveyard if one of my underworkers dares using Microsoft stuff.
Well, with you spelling like that (frase?), I am not sure that you will be the boss of anyone. Unless you start your own company.
Zorry, Zorry. 😉
There’s some funny stuff here, but in reality some of it makes sense.
1. To display a static green arrow over the open TSA security lanes at Detroit Metro
Well using windows would be one of the quickest way to get a programmer to show a green arrow full screen. Not to mention, they *could* potentially decide to display other images. Custom signs are expensive. My uncle recently wanted an ‘on air’ style lit up sign… the lowest cost was $200.
This same concept goes for the rest of them. Windows gets a developer quickly up and running on a known platform.
Now of course I’ve seen my fair share of humorous crashes (be it ATMs or movie ticket dispenses…).
So don’t think I’m pushing windows for critical apps
but for non-critical stuff, even if it needs to be rebooted, windows is often makes sense.
I once[and only once!] tried to use a Sainsbury’s Bank ATM only to be confronted to an NT Dialog box saying that the virus scanner signatures could not be updated.
I bet they just plug them into the intenet and update straight off the ClamAV site
.
I wonder if the author ever bothered to check out why his machines were crashing. The quality those days was not quite as good as today, but I doubt the late service packs of NT4 had that many crashing bugs or memory leaks. It could just as easily have been his application that was leaky.
Also, if a machine is not attached to any network or its network is segregated from the public, then patches are probably unnecessary. On The other hand, I’d want to take strong measures to ensure that the networks do stay separated.
This is probably one of the dopiest statements I have seen on here in a long while. The article writer was saying his machines were crashing because of bugs and memory leaks, and you seem to think they don’t need updating or patching ?
Thank you for making me spray hot coffee all over myself, I will need a new pair of trousers now.
These are two separate points which you seem to have run together:
a) his applications may have leaks/or be buggy. The app could need a patch.
b) the OS has vulnerabilities which need to be patched for a network-attached publicly accessible machine, but if the machine is in a private non-networked situation, then the regular patch tuesday patches do not need to be installed.
The point is that for a machine whose single purpose is to display a sign or to run a single ATM application, the regular need for reboots due to patching is simply not there.
I can see it now..
“Pardon me sir, we need to reboot the equipment due to a virus — in the computer. Just relax, we’ll be back up in a minute.”
A stupid use of any OS is letting the author to type out this idiocy. He’s a helpdesk dork without much experience outside the cubical world.
I’ve mentioned it plenty of times before. Windows (3.11-2k) is used in air Traffic as are DOS, Solaris, AIX, and SCO. Regardless of OS, any failure is virtually always hardware – fans usually, sometimes a drive, mostly user input devices. You don’t hook boxes like these to the internet. You don’t present the user anything but the application. The user can’t play solitaire. Most are sealed units without any means of access – no thumb drives, no floppy, no cd-rom.
His belief that everything needs patching shows his lack of outside experience. The train control was probably tested in a specific configuration and that specific configuration was certified as stable and performs its duties.
There’s no reason his NT kiosks needed to be rebooted every 24 hrs. Why did he let them get to the floor in that state? Has he ever heard of Quality Control? AIX or Solaris won’t make up for shoddy practices. Regardless of platform or development methodolgy, testing is always a part of the process.
Giving his customers a half-ass product was criminal.
Maybe the TSA displays also need to (or plan to) display messages occasionally and the green arrow is the default.
He mentions embedded solutions, but those often cost more with the custom hardware requirements. Oftentimes a PC or PC-based system (Windows or *nix) is the cheaper route today.
11. In space programs or in NASA
12. In Defense systems (Navy, Army, Airforce,..nuclear defense,…etc)
13. In Research Labs or Experimenal Labs where dangerous devices exists (Laser, chemicals,….etc)
14. In Big shelters
15. In War
16. and finally on your desktop
run windows. I once saw one that the normal program had crashed on and it was just sitting at the desktop, complete with the Start menu at the bottom. I really wish I knew how to control the thing. It would have kicked ass to double click on that nice juicy Internet Explorer icon, browse to some sleazy pr0n site and leave that on the display for the next person who came along to see.
I saw something similar in an “entertainment system” in a tram in Schwerin, Germany. Maybe I should have asked the tram’s driver to plug in his mouse and click around a little bit, just for the passengers’ entertainment. 🙂
Hehe… 🙂
As typing this on a Mac, running Linux at work. I have to say that this argument is over a decade old. XP and even Vista run much better then the old 95 and NT counterparts and most of these actions seemed to be bias on on the old Windows 95 stereotype. Windows today in terms of stability is really about the same as Linux or Macs. I have seen both crash on me far more often then Windows XP. Yes they crash for different reasons and some are more preventable then windows but the fact they do crash just like Windows. For many of these applications the reason for using windows is because it already comes with the PC Many Kiosks are just PC’s hidden in a box. So it is cheaper for them the buy a Dell PC for say $200 and put the money on user side stuff like touch screens and thermal printers and just have a simple VB application that runs it, vs. Getting the same PC having to clean it off, install Linux, Write a C++ app or a web app to display the graphics…. The install time you loose the cost savings of linux.
very much just windows bashing.
complaining about NT in 2008 is like complaining about spears, there have been better advances since then.
i installed windows in my car for my stereo and it downloaded music off p2p, burnt a cd of it for evidence and drove me to a police station where they were waiting for me after an email tip off from [email protected].
I’ve never and would never use windows in an industrial application. But getting Linux compatible industrial hardware is akin to sticking toothpicks under your nails
When will these morons learn, Linux is the best for most of those applications!
Just so you know, Linux doesn’t only run on x86 hardware. There’s enough industrial hardware with ARM, MIPS, PPC and other embedded processors, so there are many more numerous and flexible choices if your software can run on those.
You can also be fairly sure there is a Linux BSP (board support package) or commercial-grade distribution available with full support from the hardware manufacturer or a designated third party.
If it was up to me I’d rather have the x86 architecture die alongside the Microsoft DOS and Windows operating systems it was brought up with, but that’s not going to happen anytime soon.
If you think whole article otherway around it just proofs that Windows is pretty solid system. He just proofed us that there is hundreds of millions Windows systems that don’t fail in lots of different situations.