Paul Hsieh's Editorials Microsoft Watch
As Seen on Yamoo!

OpenGL vs Direct3D
OS Alternatives
Reader Feedback
Mail me
Numerous weak bugs in .NET

Dejan Jelovic has been compiling a list of known bugs against .NET. While its not too surprising to find bugs in a new product (which .NET is relatively speaking) some of the bugs he's run into are really quite sad. They range from simple crashed for certain otherwise legitimate parameters, to leaks (something a leak analysis tool could have helped them discover while developing it) to multithreading design flaws.

Cost savings of open source software in the server room

While not directed solely at Microsoft, the following is a case study of cost savings from using free open source solutions versus commercial solutions:

Microsoft Crash Gallery

So just how bad is Microsoft's code anyway? If you've used their products in any serious way for any length of time you should know, but in case you have a selective memory, or are just in denial, let me point you to the following gem:

Microsoft exposes kernel bug to user-mode code through console

While its no surprise that Windows has bugs in it, simply sending too many backspaces to it appears to send the NT kernel (read: NT, 2K, XP) into a blue screen of death, followed by a spontaneous reboot.

The original program posted to comp.lang.c on USENET looks something like this:

#include <stdio.h>

int main (void) {
     while (1)
         printf ("\t\t\b\b\b\b\b\b");

     return 0;

The code is specifically detrimental only to the Win NT kernel (including Windows 2K, and Windows XP.) A more detailed description of the bug can be found here.

Update: After years of exposure, this bug has been addressed in a patch that was released roughly in September of 2002. Microsoft's knowledge base article ID Q311486 is alleging that they had fixed the bug in October of 2001. The most likely explanation of this discrepancy (like the Intel FDIV bug) is that internally they knew of the problem and fixed it, but it took them an entire year before they decided to release the patch. In any event, this is indicative of the penalty paid for having to wait for Microsoft's process (as opposed to Linux, for example, where kernel flaws of this degree are fixed in *hours*.)

Microsoft's innovations

I recently found a pretty good list of Microsoft's "innovations". In fact this list is so good, I'll present it here at face value:

Microsoft's Innovations
Presenting the Microsoft Hall of Innovation

Close Combat
Popular game purchased from Atomic Games

Flight Simulator
Purchased from the Bruce Artwick Organisation

Age of Empires
Collabaration with Ensemble studios(Gopal R S)

Microsoft's HTML editor was purchased from Vermeer Technologies in 1996

This database application came along with Microsoft's purchase
of Fox Software in 1986

Internet Explorer
Desperate to play catch-up in the fast-moving Internet world Microsoft
licensed code from Spyglass Inc one of the two licensees of the
original Mosaic code base in 1995 and called it MSIE Microsoft then
proceeded to distribute MSIE for free denying Spyglass substantial
royalties for their key contribution to the product

The original Microsoft cash cow this CPM clone then called Q-DOS
was purchased from the Seattle Computer Company in 1981 Microsoft then
proceeded to thwart Seattle Computer's license rights to the product
The tiny company sued Microsoft and prevailed in court

Object Linking Environment OLE
Microsoft settled a suit with Wang Labs over patent infringement code
portions of OLE which is also the heart of Microsoft's ActiveX

This presentation software package was renamed and re branded after
Microsoft's purchase of Forethought Inc in 1987

SQL Server
This important database product is based on code purchased from
Sybase in 1988

Visual Basic
Ruby the foundation for Microsoft's highly important Visual Basic
product was purchased from Cooper Software in 1991

Visual C
Microsoft purchased the Lattice C code compiler which became
Visual C Microsoft's software development environment

Visual SourceSafe
Purchased from OneTree Software Shortly after OneTree's SourceSafe was
released Microsoft preannounced a similar application called Microsoft
Delta which failed to sell Microsoft then purchased OneTree and renamed
SourceSafe as Microsoft Visual SourceSafe

Technologies used in Windows multitasking came to Microsoft with
their purchase of Dynamical Systems in 1986 Portions of the interface
were licensed from Apple Computer also in 1986

Microsoft's version of Unix was actually written under contract by
the Santa Cruz Operation(SCO)

Woah! Most of these I knew, but the business about Microsoft purchasing key technology from Dynamical Systems for Windows was something I was unaware of. Any further information on the subject would be appreciated.

Where is the harm?

On a message board someone recently asked what harm Microsoft's so called "monopolistic practices" have caused. Below is an excerpt from my response:

(1) Consumers don't use automatic disk compression because its unstable. Its unstable because they have not solved the technical problems required to make it stable. They haven't bothered with this because they *KILLED* the Stacker product and therefore have removed them as a competitive pressure. Therefore consumers are paying for twice as much disk space as they really need.

(2) Consumers who *wanted* to buy OS/2 preinstalled on their systems from IBM have been told that they can't. There is absolutely no logic behind this. The only reason why this happens is because IBM is under severe pressure not to ship OS/2 for fear of reprisals from Microsoft. Therefore the consumers cannot get the products they want.

(3) The innovations in Word processing have absolutely hit a stand still since  Word 6.0.  This version of word contained many features over their last  version, but since then has added nothing substantial (the sometimes annoying  auto-spell checking, stupid paper clips and about 350MB as far as I can tell.)  People cannot write textbooks using MS Word -- people are forced to use  Adobe's FrameMaker (another lame and very expensive product; but at least it  can do the job.)  This is all as a result of Microsoft killing WordPerfect  Corporation -- if that company were alive and thriving today, competitive  pressures would have forced them to provide true desktop publishing  functionality into their core products.  We should all be empowered with  supremely awesome capabilities for presentation and publishing through our  Word Processors.

(4) MS VC++ Standard edition does not come with full optimization flags. The professional edition does, but even that sucks. Furthermore Microsoft's compilers don't put any consideration into optimization considerations for vendor other than Intel's CPUs. Because Microsoft has beaten all competitors out of the compiler space, Intel's CPUs are being unfairly propped up, and price conscious software vendors are being performance penalized. WATCOM, Borland and Symantec have pretty all given up on competing with Microsoft. As a side effect, *ALL* software suffers in terms of performance, size, etc.

But the crimes in the VC++ product don't end there. Microsoft has severely broken the ANSI C/C++ standards. The compiler allows for code that would otherwise be illegal on any 100% compliant compiler. Because of that, this has increased the cost of porting applications to non-Windows platforms, and therefore has made software less available on other platforms.

And to this I'll add:

(5) It is well known that Microsoft "steered its whole ship" to the production of Internet Explorer. A monumental amount of work inside of the company was performed; people were taken off their projects, and all other Microsoft developers were forced to waste time beta testing early versions of IE. The net result of all this is what we know of IE -- which is arguably nothing more than a knock off of Netscape with a few more security flaws. Why couldn't Microsoft instead have put those same people to work on the next version of their compiler (or go hunt down their OS bugs, or any number of other things they could have better spent those resources on)? At least then *all* products would see an improvement in quality, and instead of IE marginalizing all competitors, perhaps there would be thriving competition between SpyGlass, Netscape and Opera.

John C. Dvorak compiled a list of utilities that Microsoft has created and which Microsoft has leveraged their monopoly power to promote:

Product or Function Target
Internet Explorer Netscape Navigator
WinPad, WordPad QEdit, Zedit, etc.
Built-in networking Novell and many small-timers
Direct cable-to-cable LapLink and many small-timers
Outlook Express Eudora, Netscape
Exchange Fax Transport Various
Microsoft Network America Online
Disk compression Stacker
Windows Explorer Norton Commander, XTree
TrueType fonts Adobe PostScript
Backup Various

Of these, Netscape survived only by selling out, Norton survives by abandoning any products that Microsoft is competing with them on, All text editors are now free, Stac has pursued a different line of business, Novell has abandoned their main netware product in favor of NDS, and Postscript has been marginalized to a printer technology.

Not surprisingly the supposed "innovations" that you would expect Microsoft to bring into subsequent versions of these utilities are nowhere to be found. So not only are these little service companies hurt, but the consumer is hurt, because they miss out on the inevitable innovation that would have happened had there still been competition for these utilities.

Installing Visual C++

I recently tried to install MSVC++ 6.0. I gave it a reasonable go, but I failed. Now, I've had IE removed from my system, so of course, I had to reinstall it (MSVC++ needs IE, I have no fucking idea why, there is absolutely no cross functionality I want out of these two tools.)

Although it clearly gave an option for not associating file extensions to IE or Windows Media player, after installation IE, most certainly DID take over the .HTML URL.

Buffer Overflows, and Microsoft

In Microsoft's latest BUFFER OVERFLOW bug, we find that the incompetents up in Redmond has used a fixed char[] array for the file name of email attachments in Outlook Express.

So its a little bug. So why am I bothering to report this? Because this is really getting old. I recently became aware of two additional internal buffer overflow problems in something called the VDD under Windows 98 (a kernel level program that helps emulate console and DOS boxes in a Window.) Internet Explorer has been bitten by numerous buffer overflow problems.

Its like its a chronic problem over there. Now, here's a quick quiz for you programmer manager types. Lets imagine a programmer that works for you writes the following code:

        char URLname[80];

        printf("Enter URL:");    
        Fetch( URLname );

Now how do you deal with this programmer?

  1. Give him kudos for writing a simple piece of non-commented code.
  2. Tell him to choose a number larger than 80.
  3. Slap him upside the head then fire him.
  4. Strip him, tar and feather him, then light him on fire.
  5. All of the above, in order (the first two with as sarcastic a tone as possible)

Where does Microsoft find these losers? BUFFER OVERFLOW is an amateurish, beginners' bug. The next time you use a Microsoft product for something important just keep in mind the kind of moronic programming they do.

Update: 07/28/98 So they issued a patch for Outlook, basically a day or two after the problem was discovered.  That's good right? Well, as proof of the deep rooted incompetence at Microsoft,

C|Net reports that their  patch fixed one buffer overflow problem, only to reveal another.  In other words this kind of crappy code permeates throughout their products.

Stuff to make the program managers at Microsoft proud:

Update: 06/10/00 I was asked to provide an example of how to deal with overflow problems. This is what I wrote off the top of my head. Its not really hard.

Update: 12/15/03 In case Microsoft cares about buffer overflow safety solutions, here is one I created.

Update: 10/31/06 Here is the WikiPedia article on Buffer Overflows for anyone needing a more comprehensive explanation.

Nader and Torvalds speak to PC OEMs

PC World online reports that Nader has sent a letter to the top 6 PC OEMs asking that they install alternative OS's such as linux, BeOS, and Caldera's DR-DOS/Web Spyder as a installation option for their PCs.

In my opinion, if Nader et al, really want to make this work, they have to put some of the burden onto BeOS, RedHat, Caldera etc.  What if they visited these OEMs, got a run down of their Windows testing, and construct equivalent testing for their own OS's.  I'm sure a forward looking company like  Compaq would definitely give it a shot, if only they could do it  realistically.  (Update: Dell, HP and IBM are shipping Linux to customers that  ask for it, but do not support it themselves.)

An interesting NT utility

As told to me by a coworker:

NT users beware! Retail copies of both the Workstation and Server versions of Windows NT 4.0 shipped with an undocumented system-wiping utility. The file Rollback.exe erases key components of the system registry, disabling the operating system.

Microsoft Corp. officials say that once the file has been executed, the changes cannot be undone and require a complete reinstallation of the operating system. At least one incident of accidental erasure has occurred and Microsoft is mulling over how to inform customers of the problem.

This undocumented feature could do the most damage to NT4.0 Server users because it erases critical-security and user-account information. Without an up-to-date backup, network administrators will have to recreate all of the users' account and password profiles. Microsoft this week sent out an E-mail warning to its channel partners. It stated that after running the utility "the next thing the customer knows, they are staring at the set-up screen and are completely down."

Rollback.exe was designed to allow OEMs to test NT with their hardware and software configurations, and then return systems to their pre-installation state. The file is located in the support\deptools\I386\ directory of the NT CD-ROM and is not installed on the system by default. But the lack of any online documentation or escape route once the program has begun has put curious users at risk.

Microsoft officials say that more than 150,000 copies of NT Server 4.0 have been sold since its release in late July. Microsoft has posted an entry in its online Knowledgebase, but has not determined how it will notify customers and OEMs.

Given the recent exploitation of the back door in Word docs that people have discovered for viruses, it seems next logical step is to combine the two. The resulting would be a a lethal non-recoverable Word doc virus. This does not bode well for the future of Windows and/or Microsoft Word.

Think NT is secure?

Windows NT passwords are not very secure things at all. There are tools available on the following web pages for getting around NT's password security.

NT Locksmith l0pht crackreal audio presentation about themListen!

In short, Microsoft's security mechanism is based on IBM's Lanman protocols. Not just their legacy stuff, but even their home grown security mechanism are based on this. Apparently L0phtCrack is a trivial keyspace search attackto break this silly 7 character encryption scheme.

It sort of makes you wonder what their security ratingis good for.

This is what CIAC thinks of Windows NT:

Bruce Schneier's comments on Windows NT's Point to Point Tunneling Protocol.

Story on C|Net

Infoworld's Nicholas Petreley reports on some "funny business" going on with respect to NT's so called "C2 certification".

Microsoft continues to plug security holes well after it received its so called "C2 certification"

Incomplete Stretching mechanisms

Its bad enough that the underlying graphics display technology in Windows is 16 bit; but the DIBENGINE/GDI mechanism is also flawed in that it does not supply a complete bitmap stretching architecture that display drivers can fall back onto. This is important for applications like Video for Windows. Roughly speaking the software flaw is as follows: When an application tries to perform a GDI based stretch, GDI will call the display driver to perform it and if for some reason, the display driver is not up to the task (there are several valid reasons for this such as running out of offscreen scratch space or the display driver decided to shut down all non-essential accelerated functionality to give maximal resources to direct draw, or other graphics clients) the display driver has been given free reign to call the DIBENGINE version of the function as a substitute. The only problem is that the DIBENGINE version of the function may periodically fail depending on color translation difficulties and reports back an error rather than performing any Stretching. The failure is propagated up to GDI which then simulates the call itself. Except that it does it totally wrong (pixel discolorations, alignment, etc.) Notably the 24 ->565 graphics mode translations are broken after a display mode switch. MS has never bothered to look into the problem.

GDI and DOS Boxes

While I am on the subject of GDI ... I recently bought a machine, and being a Windows 2D driver writer myself, with a bit random incidental testing I noticed some bugs in the Diamond Stealth driver. Specifically, if a Windows application sends a command to render something when a full screen SVGA screen is active, it will set the VGA registers into a random undefined state, sometimes crashing but usually just causing display anomalies.

Now, obviously Diamond is somewhat to blame for this, and I personally have implemented a solution for just this problem in the drivers I have helped develop, but upon deeper reflection it dawned on me that Microsoft has never said word one about this situation. Nowhere in their documentation do they explain that even during a full screen DOS session GUI rendering commands will still be requested, and handed all the way down into the 16 bit graphics driver! Furthermore, Microsoft themselves are obviously in a position to work around the problem in GDI itself by simply bit bucketing the lost rendering commands (well, its not quite as a simple as that, but its close.)

Windows Virtual Machine Model Robustness

Back when Microsoft was touting their new OS "Chicago", during its notoriously long beta cycle, they visited various companies to show off the latest features. In one demo they gave to my company they tried to demonstrate that when a 16 bit application crashed, it would not crash the whole system. They ran the crashing application, and it in fact didcrash the whole system. A very embarrassing moment for the Microsoft demo givers! Anyhow, I left the demo laughing, but I figured that once the OS actually shipped they would have this fixed, and the OS would be relatively safe from 16 bit crashes.

But I did not know how wrong I was. Recently, a coworker told me that it was indeed trivially possible to crash Win 95 by merely halting interrupts and hanging in a loop. "No"I said, "They could easily virtualize the clearing of interrupts, Intel 386s and above are designed to support this!"Well, he challenged me to enter the following 16 bit program into debug:

2BD4:0100 cli
2BD4:0101 jmp 101

And sure enough, the system crashed rock hard solid. No mouse movement, no keyboard Caps lock response, no nothing. The above program is essentially equivalent to a 3 byte .COM file which you could execute to the same effect. Even Intel's recently discovered FOOF opcodetroubles are trivial by comparison.

While the code above is obvious suicide, that does not diminish the relevance of the test.  Programs, being programs, may either crash or hang unexpectedly (if you don't believe me, try using Netscape to surf 50 random pages, and  tell me if Netscape doesn't crash) and for performance reasons they may wish to turn interrupts off during certain critical loop operations.  Put the two  together, and wham!  A recipe for disaster under Windows 95.

Note: The above code will crash Win 95 whether it is executed from a DOS box, as a Win16 app, a Win32 app, a DLL or a VxD. (I have been told this will not crash Win NT, which is not too surprising.)

Scan Disk

Here's the result of a recent scandisk that was run by the system agent in my Windows 95 set up:

Scan disk error message

While many programs may crash or otherwise exhibit unstable behavior, the entire point of scandisk is to clean your hard drive to reduce the occurrences of such instability due to bad disk sectors, or erroneous writes to the disk. This message in this tool, which is playing games with my hard drive at the lowest possible level (not unlike a malicious virus) is not exactly confidence inspiring.

Personal Beef

I use Microsoft Word, because, lets face it, its the one product the Microsoft sort of got right, they own the market and its actually good for something. I upgraded to Word 95, and it has run with little problems for me (besides being very slow to start up.) But now there is a new version included with Office 97 that people are starting to use. As I have been happy with word 95, I have not upgraded, and how am I punished? I cannot read the new format of Word documents of course! Those *$&%#! Microsoft bastards! And when I ask the people what's so special about the new Word, they can't point to a single feature. In other words MS did this for the sole purpose of seeing if they can get people like me to upgrade, just because everyone else is! That is to say, there is no benefit in the content of the new Word itself, I have to move to it literally because everyone else is. Its a crock, that's what it is.


Apparently the latest Visual Studio, VC++ 5.0 contains serious flaws in its code generator. Here's a short list of things that don't work according to Jonathan Blow:

I want to be able to have a function return a double, and then perform further fp computations, without barfing and dying.

I want to be able to use do/while loops.

I want the compiler not to hang while it's trying to compile my (very simple) files.

Glen Corpes gave an example of a broken do/while loop:

    static char array[256*256];
    short int c = 0;
        array[c] = 0;
    } while(++c);     // should rely on the 64k wrapping
                      // of a short int to exit
it compiles this into nothing at all if you have full pentium optimization turned on. It's the only bug we've found though and it isn't stopping us from using it for our game, this bug isn't fixed in the patch BTW :-(

Pretty pathetic considering they've made 13 C compilers before this but they cannot even do elementary compiles. Here's a story from Matt Pritchard:

I just did some remote (TCP/IP) debugging using the MSVC 5.0 remote debugger (msvcmon) and noticed the following:

(1) A 4 to 11 second delay between single step operations (vs <0.5 seconds w/ 4.2) yes, that's right, hit F10 and go run an errand. Overall, it was ungodly slow. (I turned around did the same thing in MSVC 4.2 for comparison)

(2) You must install MSVC on the target machine in order for MSVCMON.EXE to run. You can *NOT* just copy the needed files over like you could in MSVC 4.2. Setting the Registry key for RPCenable doesn't help either. MSVCMON complains that it can't load 'dm.dll' even if it is present.

(3) Never, *EVER* install MSVC 4.2 on a system where 5.0 is already installed, even though Microsoft says they can co-exists. Dell says they will have my machine fixed in 2 or 3 days.

It turns out installing 4.2 back on top of 5.0 stomped on some system drivers on his machine. This from a company that periodically blames third party software and hardware manufacturers for not being able to maintain driver functionality.

Here are some recently complaints from Paul Miller:

[...] We've logged at least *50* (I am serious) C++ compiler bugs with  Microsoft, beginning with Visual C++ 4.2. To date, I cant think of any of the  more important ones that have been fixed, and we're running 5.0 with the  latest "service pack" (what a great marketing term for bug fix release huh?). These bugs include horrible problems with nested classes and templates. We're constantly working around these bugs by breaking encapsulation, polluting namespaces, and increasing dependencies.

Let me at this point give SGI's compiler division a huge thumbs-up for their fabulous MIPSPro C++ compiler! We haven't stumbled across any problems with this baby.

Admittedly, we're doing some pretty cutting-edge stuff with templates, but after *6* new releases (including "bend-over packs"), most of these bugs are not fixed. I can't be sure if ANY of them are fixed since I dont deal directly with MS tech support, but those work-arounds are messing up the code to this day.

Maybe if Microsoft put half as much effort into the actual compiler front-end as they do thir ActiveX GUI Wizards, they'd actually end up with a decent compiler.

And here's some more discussion from

"Thomas Gjoørup" wrote:
>When switching from VC 4.0 to 5.0 I experienced a (for me) quite serious
>problem.  [...]

VC++ 5.0 absolutely requires patch 3 (a lot of megs from microsoft's
web, or a subscription to MSDN) to correct a host of compiler errors
and lousy optimization in cpp mode.

Javier Arevalo

Other points:

  • According to employees at nVidia, they ended up using the WATCOM compiler instead of MSVC because MSVC did not understand the concept of a volatile declaration.

  • According to employees at AMD, MSVC compiles a super set of C/C++ that is so far removed from the strict ANSI rules that the effort trying to port your source from MSVC++ to a stricter compiler such as CodeWarrior can be an enormous undertaking.

  • Although they have made a big deal about compile speed, the fact is, the time taken to load a project and compile typical project is much more than any other compiler. This is because of the ridiculously slow project load speed alone.

  • You can easily lose Class browser information if your application hard hangs while the developer studio is open. Crashing is a fact of life of application development and hard crashing is a fact of life of Windows. But that's not the worst part. When you lose your Class browser information the next time you load that project it may take several additional minutes just to load the project.

Microsoft and Java

Java (and to a lesser extend JavaScript), as is well known, is a platform and OS independent language that allows people with different kinds of computers to communicate with each other without any special software directly relating to Windows or any other operating system. This obviously represents a bit of a threat to Microsoft and Windows (and indeed even to Intel.) With Java, the importance of specific OS's to run your applications will disappear. Companies such as Corel, have already started to embrace the language, as their latest Office package has been implemented on top of Java.

Now, Microsoft could easily take the high ground by simply implementing Java in the OS and making it run with high performance, minimal resources, be robust and fully compliant with good functional extensions. They could in effect use Java to their advantage by basically demonstrating that Windows is an effective and compelling environment for it. It just takes some engineering resources. (Outdoing the folks at Sun really shouldn't be that hard.) With their reputation in the gutter, and with their over abundance of engineers, it would have been a real shot in the arm.

Instead, Microsoft is doing, well, what you expect from Microsoft. They have an implementation of Java, and they have added extensions. However, they are not being compliant, by simply not implementing the complete set of Java class libraries. In effect they are creating Windows Javabased around proprietary extensions.

There is no excuse for what Microsoft has done. I have looked into the technical details and it turns out there are two JDK 1.1 classes that they are simply omitting. Not because they are hard to do, or because it precludes extensions or other Microsoft technologies. Microsoft contends that they have a better way to do the same things and have chosen a divergent path. This is totally inexcusable. If they had any morals they would simply support their method as well as Sun's method, and make everyone's lives a whole lot easier.

A group of people who call themselves the Java Lobby have authored an open letter (unfortunately, the link is dead) to Microsoft, and specifically, Bill Gates. It outlines their complaints, and gives more details than it makes sense for me to give here.

To be fair, there have been objections to Sun's application to be the standards conduit for Java (they invented it; its hard to think of a better candidate.) Anyhow, Intel(unlike most, my objections to Microsoft do not translate to an objection to Intel, which for the most part is a pure technology company; I dont know about those bunny people though ...) has some fair objections to Sun being basically the controller of the Java standard:

Sun failed to appropriately address the following concerns:

  1. Open Process: Sun refuses to make changes to its process, despite many JTC 1 National Bodies' requests for it to be more open. Instead, Sun requested JTC 1 change its process.
  2. Evolution and Maintenance: Sun refuses to allow JTC 1 to control the future maintenance and evolution of the Java standard, even if maintenance is done in a JTC 1 Working Group. Further, Sun has stated that evolution will be handled through future PAS submissions, not through the normal JTC 1 process as requested by the majority of the JTC 1 National Bodies.
  3. Intellectual Property: Sun refuses to allow compliant implementations of the resulting ISO/IEC standard to be free to use the name Java. Instead, Sun requires that a license agreement be entered into or implementations must follow Sun's fair-use guidelines in order to use the name Java.

Though these are legitimate concerns, there are two things that should be considered: (1) How different is Sun's position on Java from SGI's position on OpenGL? Does Intel really believe Java will be hurt from Sun's being in control of the standard? I think Sun has a vested interest in making Java all it can be. (2) Intel itself may need to worry a little about Java since its intention is to remove the backward compatibility issue on OSes as well CPUs. This means Dec Alpha's, PowerPCs and UltraSparcs will be able to run Java apps just as well as Intel x86's or Merced based CPUs. Even if Intel is able to eventually match the performance of competitive CPUs, they will have no built in non-portable legacy Apps advantage. With Java, the option to switch processors will always be there.

What does this have to do with Microsoft? These are probably the most legitimate objections to Suns controlling of the Java standard (a by gone conclusion by the way; the ISO members voted them in.) Yet Microsoft has never brought them up. All they have to say is "We don't like your standard, we've changed it in our implementation and we think our implementation should supersede your specification".

Rather than wait for the courts to decide this issue (Sun Microsoft are suing and countersuing each other) Sun has decided to work around Microsoft's non-compliance with a work around called Java Activator.

Some Crash Protection

Grzegorz Mazur has written a program to monitor Win 95 memory usage. Just booting my machine in 1280x1028x8 with a small tiled background (40K or so) my memory usage was 18.9Mb out of a possible 32Mb. (Loading the Netscape Browser added an additional 20Mb.) This in a system Microsoft claimed you only needed 4MB to use.

I highly recommend that people use the above mentioned tool. It will help warn you when a program is too big for its own good and when a system crash is imminent (when you start running out of virtual memory.)

The PC 97 specification

Every year, Microsoft comes out with a PC specification list for describing what component capabilities for PCs much be to be considered "up to spec" for that year. Its a list that is meant to set the standard for what end users can expect from hardware, and gives Microsoft an expected lowest common denominator that they can guarantee their software should run on.

Anyhow, in the PC 97 spec, they state that for drivers written for Windows 95 to be considered part of the PC '97 specification should run on Windows 95 as well as Memphis by MeltDown(middle of July.) Of course, they have also just announced that Memphis will not ship until 1998, which kind of makes it difficult to pass the PC 97 spec.

(Update: my sources tell me then Memphis is likely to slip into mid to late 1998. Further update: It shipped in Q2 '98)

Compaq, Gateway and Micron

These companies have made depositions in the latest DOJ inquiry into Microsoft's business practices. The substance being that these companies attempted to make modifications to their Windows' installation that disabled or modified the MSNand Internet Explorerconfiguration and Microsoft threatened to take away their "Win95 logo" compatibility label unless they backtracked and left these things the way they were to begin with. (This is called extortion boys and girls. Can you say that?)

$1 million a day, does not begin to compensate for the amount of damage Microsoft is doing to the industry. Their strong arm tactics against tier one PC manufacturers limits differentiation, which hurts both these companies and in turn the end users that buy their PCs.


Direct Draw

So you think Direct Draw is the end-all, be-all of graphics programming interfaces? The horror stories of driver compatibility problems makes DOS compatibility seem like a picnic. The following example is a conversion that took place on

>co-op level, init's DX palettes, timer stuff, etc. My back buffer and
>all image data resides in regular (not a DX surface) system memory and
>is created using malloc. My blit functions are my own assembly functions

You should let DirectDraw create the back buffer in system memory... see why below.

>1-Am I possibly limiting myself by using my own blitter functions?  The
>DX functions (especially the Blt and BltFast functions) as they now
>stand include way more functionality than my routines, but I am not
>using any of their features; the blit features I need (fill,
>transparency, etc.) I have incorporated into my own assembly blitter. I
>am more concerned about hardware features I may not be able to take
>advantage of if I don't use the DX /MSoft stuff.

The answer is yes. Don't get me wrong... in our code, the only DirectDraw Blt command is from system memory to video memory for the WHOLE screen... but we found a distressing problem with DirectDraw. Not all video cards let you lock the primary surface. Yep, it's true. What a load of crap, in my opinion. But in order to be compatible, we made the back buffer a DirectDraw surface in system memory and let DirectDraw Blt it up (since it has access to the primary surface).

The other advantage to this is if there is any hardware acceleration for system to VRAM transfers, the Blt command will take advantage of it.

Joshua Jensen

Programming with Win 32

Microsoft has been heavily promoting Win32 programming as a method of programming that unifies Windows NT and Windows application executables. But as is known to real world developers this ideal is a little too ideal. Brian Hook is a programmer at id software who encountered the following problem:

Wow, disabling Alt-Tab in Windows is a mess. Under NT I can just use RegisterHotKey and it seems to work fine. Under Win95 RegisterHotKey doesn't seem to do the right thing. I also tried installing my own keyboard book via SetWindowsHookEx (MH_KEYBOARD) and I don't even SEE Alt-Tab in my proc function, it looks like it's getting preempted by something upstream. I've also tried trapping WM_SYSCOMMAND messages and returning 0 for SC_NEXTWINDOW, etc. and that doesn't work either.

Grrr...this is NOT something I wanted to deal with this close to shipping, and as a matter of fact, I'm NOT going to deal with it. It works under WinNT right now, and I'll figure it out under Win95 when I get a chance.

I saw another way documented that would probably work, but it would also disable Ctrl-Alt-Del, which is NOT something I find acceptable.

Is there a simple solution? Maybe, (I don't know it that's for sure) but that is not the point. The point is that the simplest solution ought to work for both Windows NT and Windows 95 if Microsoft wants to have any realistic pretensions of unifying the two platforms.


When I recently tried to access a specific article I bookmarked at I got a message to the effect of:

Sorry about the temporary detour.
You arrived at this page for one of two reasons:

1. Your browser doesn't support cookies.
2. You were asked to accept a cookie and refused.


First off, do you know what a cookie is, and does? If not, please take a few seconds to read our explanation, then come back and read more.

We think you should change browsers. Here's why.

... etc


First, please read our definition of a cookie.... etc

In other words, (1) They want to you to get rid of Netscape or whatever other browser you use in favor of Microsoft Internet Explorer (from a line of reasoning that simply is not logical; Netscape and most other browsers allow cookies.) (2) They want you to activate cookies (a well known mechanism for invasion of privacy).

In their explanation of why they are giving you a cookie, they neglect to tell you that (1) it contributes to an ever growing arbitrarily sized cookie file on your hard drive, (2) cookies can be used to track demographic information about you whether you've signed up for it or not; its like an new social security number.

Spam, ActiveX and Internet Explorer

On the off chance that you don't realize how devastatingly bad ActiveX is, it should be known that people can send you email, and if you activate it through Internet Explorer, by default, it will simply execute the embedded active X controls of said email if it contains them. According to a report read on the radio show Off the Hook spammers have been sending bulk emails to people at random with such ActiveX controls that bring up Internet Explorer and the URL to their web sites.

Even if you don't mind the extra activity started by such spam, what about the cookies and other invasions of privacy that can easily result from such an action? What modifications to your browser, registry, mailer or other software might such a piece of mail enact? It makes you wonder.

A Prelude to Spam

From the Microsoft Website, when someone tried to register for some freebies without giving away too much about them:

>The following error was found:
>We need your fax number in order to respect your wishes not to receive
>unsolicited faxes.

Anyone who knows about about spam, junkmail or abusive (is there any other kind?) telemarketing knows what this means. It means they are making a list of phone numbers to avoid. When would they need this? You guessed it: when they intend to start spamming people. While I have no direct evidence of this yet, it would not surprise me one bit to see Microsoft enter the SPAM war on the wrong side.

Microsoft Declares their intent to spam

When trying to download and register for "NetShow" (just so that I could listen to John Dvorak's online radio show; why could he not just use realplayer like everyone else?) from Microsoft's web site I was presented with a form (form290.asp to be precise) that contained the following:


We may have put an end to Spamford Wallace only to see him replaced by Bill Gates.

Update: Bill Gates has come out publicly against spam. Will this just be a case of Bill saying one thing, while his company does another? The evidence do seem to suggest this.  We will have to see.

Microsoft on the wrong side of the spam war

Here's a conversation between Alan Krueger and Ken Weaverling on the anti-email abuse USENET news group:

> I guess it's my own fault, because I *did* ask to get onto a Microsoft
> e-mail list. But I got fed up with it and have been trying to get off
> of it for MONTHS now. Each time I get one, I reply with an Unsubscribe
> message. I also keep getting added to other types of lists by them.
> I went to my personal profile page, and it says I am not subscribed
> to any lists.
> Below are just a few of my unsubscribe requests that I just happened to
> save.
> Beware. Opt-in to microsoft, never ever get out of it! :-(

I had the same problem.  They finally got the clue when I told procmail
to EXITCODE=69 *and* auto-reply with my complaint, and left it on for
a couple of months.

I don't get Microsoft crap anymore, at least not by email.

Microsoft has decided to hide behind their "opt-in" policy, without confronting the fact that the root of the spam problem is the annoyance of it, not the method of its distribution, or who you suckered into receiving it.

Anyhow, for those who use procmail, I would recommend you do what was referred to in the above. Retaliating in an equally annoying way is a good way to send a message to Microsoft (and other spammers too.)

Microsoft pushes the definition of what Internet Explorer is.

As is well known, Microsoft did not comply with the DOJ's original request to remove Internet Explorer from Win 95 OSR2 as an option for computer manufacturers wishing to ship Windows 95. Now before I present my rebuttal, consider the following program:

#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <conio.h>

// Compile as Win32 console application

void main() {
    system("RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY 800x600x8");

This is the source to a Windows console application that only functions on Windows 95 OSR2, because that is the first version of Windows where the RunDLL.exe utility has appeared. Now if you have a reasonable VGA card, what this program does is it will cause the display desktop resolution to switch to its 800x600, 256 color graphics mode.

Now, this program does not spawn Internet Explorer. It will run correctly whether or not you have Internet Explorer running. It does not access any HTML, SGML, CGI, ActiveX, WinSock or any other (pseudo) internet/intranet standard protocol. It is an extremely straight forward DLL activator. (DLL's have been around since Windows 3.0; and probably long before that.) And the fact is, at 4912 bytes in size (tiny by MS's standards), I guarantee you, RunDLL.exe really has no other purpose.

Now if you ask my opinion, or anyone else who understands what I have said above, the function of RunDLL has nothing to do with Internet Explorer. Microsoft claims otherwise. Among the files they deleted in their non-option that they gave to computer manufacturers, was in fact RunDLL.exe(and RunDLL32.exe which serves the same purpose for 32 bit DLLs.)

It is clear that Microsoft simply labeled all sorts of new files added to Win  95 OSR2 as really being part of Internet Explorer without any basis in the  truth of what those files are.  

If this does not convince you, see this techweb article on the issue.

I can only wonder about the engineers that they convinced to put this scam together. Do they sleep at night? What's wrong with them? Are they just so useless and without skills that they are willing to do anything the lawyers and marketing people tell them? Listen guys, there are plenty of jobs here in Silicon Valley, and plenty more in other locations. There's no reason to stay at a place where they ask you to do things like that.

Microsoft Paranoia

According to a recent PC World Online report, the Software Information Industry Association (which is known for supporting and receiving support from Microsoft in past especially in the area of software piracy; formerly known as the Software Publisher's Association) will release a set of guidelines for software practices on 02/03/98. The guidelines include 8 principles that were drawn up due to repeated requests from the government during the initial stages of the DOJ anti-trust case against Microsoft.

The guidelines included things like "don't announce vaporware", "don't use OS dominance to leverage other markets or favor internet content", "don't dictate design of target software in API specifications."

Microsoft blasted the guidelines in press reports saying that the SPA was against innovation by Microsoft, then reiterated their need to be able to squash competitors by including half hearted product clones ... yadda, yadda, yadda.

Anyway, the officials at SIIA were quite taken aback by this.  They apparently were not directing their comments directly at Microsoft at all, but were rather taking more of a global tone.  The guidelines are not law or an industry code of conduct but rather, just a reality check.  Microsoft themselves were asked for input to ensure that the guidelines were balanced.

Anyone who reads these guidelines should realize that they apply to Apple, Sun, Digital, and IBM just as much as they do to Microsoft. Why does Microsoft feel that it is only meant to target them? Do you think perhaps because (1) They think/know that basically the entire industry is starting to move in a position against Microsoft (2) The can't comply with the guidelines because their entire business model revolves around breaking them.

Or is Gates simply paranoid?

Microsoft misidentifies CPUs

In the DataBook for the WinChip processor (an x86 clone from Centaur, a subsiduary of IDT) they document the CMPXCHG8B instruction in a very unusual way:


The CMPXCHG8B instruction is supported by the IDT WinChip C6 processor. However, it is not reported as being supported in the CPUID instruction. This was required to maintain compatibility with some Windows NT versions.

In other words, Microsoft's code works correctly for Intel, but not for other processors (Intel's CPU work as expected without this totally bizarre inverted logic.) As such these other processors are forced to complicate matters in this way.

CMPXCHG8B is a useful OS management function (its good for implementing 64bit counting semaphores.) What this means is that in writing defective code for NT, they have caused CPU vendors to implement things in totally unexpected ways that will impede other OS developers.

Did you know?

  • Did you know that if you have a slow CD ROM drive, or auto-disconnecting network links, that any time you try to SaveAs in most programs, that all of those drives have to be re-established even if you don't want to save to them?
  • Did you know that you can swap your drives around so that Windows thinks your swap file is on a CD ROM?
  • Did you know that some versions of odbccp32.cpl floating around there will cause a Page Fault when you exit control panel?
  • Did you know if you install Linux onto a disk partition, Windows will spend a long time on every boot just to verify that the partition is not readable by Windows? You can't "remove the partition" from the device manager or anything (that only works on entire drives which is totally pointless if you have Windows data that you are using on another partition of that drive.)
  • Did you know that PS/2 compatible mice can update the mouse position at a rate up to 200 Hz? Microsoft seems to think that 40 hz is fine enough for everyone, even for people who play precision video games that can render at 60 Hz or higher.
  • Did you know that "TELNET"'s window will not respond while it is trying to connect? That's kind of useless if the site is down, or responding very slowly.
  • Did you know that you cannot edit the association for a single file extension, if it is grouped with other file extensions? (Did you also know that to access them you need to go under the View menu under explorer? -- I had to be told that, there's no way I could ever have found that myself)
  • Did you know that Windows does not come with any sort of audit trail tools for the system registry? It is impossible to know how any software interacts with it especially upon installation and de-installation. If an application fails to uninstall (a very common problem) it is usually impossible, without vendor assistance, to properly clean out the registry.

HomeMail Me

My employer does not endorse anything on this page.

Valid HTML 4.0!