Denial

Don’t Panic The Natives

After the release of XP into the retail stream, the veneer of invulnerability slowly began to crack. A lot of users, including myself, found driver issues with our existing hardware that could not easily be solved. What was so frustrating to me was how these driver issues were able to undermine the stability of the operating system itself. For months we had been told that XP would not be like the other operating systems, that it could not be brought down by bad drivers. But as the “Infinite Loop” bug clearly demonstrates, it is still pretty darn easy to lock XP up so tight that a restart is the only way to fix it.

In spite of all the claims to the contrary -- the reassurance that XP was nearly bullet-proof -- consumers were still finding issues. They cropped up everywhere. Motherboard chipset drivers caused blue screens and reboots, as did CD Burning software like Roxio Easy CD Creator 5. Old DOS and Windows applications caused lockups even when they were run “emulation mode” and supposedly separate memory space.

Microsoft public relations continued to assure consumers that these problems were not caused by XP at all, and that it must be a result of unsupported hardware or some such thing. But the problem for Microsoft was that these issues occurred nearly as frequently on OEM machines that came bundled with XP as it did those systems that had XP installed as an upgrade.

Taking The Wraps Off

Instead of hashing over every little fault, let’s just say that XP turned out to be a bit less than was promoted in terms of stability. Stability, however, turns out to be the least of the worries surrounding Windows XP. One of the first big issues turned out to be around security and Universal Plug And Play. In late December of 2001, it was like a wind blew the veil of secrecy away and suddenly, a major flaw was exposed for everyone to see.

Without restating the entire issue, it turns out that some weeks before the late December announcement, an extremely serious security problem was discovered that allowed people to take advantage of holes in the Universal Plug And Play implementation in Windows XP to gain control of an XP system remotely. Not only could someone gain complete control of an XP system, they could also make use of that system in Denial Of Service (DOS) attacks. For weeks the vulnerability was kept quiet as they worked hard on a fix. Once the fix was in place, Microsoft made the announcement.

Angering The Wrong Crowd

The fact that Microsoft had been aware of the problem and said nothing for weeks got the attention of one of their biggest and best customers: The United States Government. Immediately after Microsoft made the disclosure public, they were contacted by representatives of the Department Of Defense (DOD) and the Federal Bureau Of Investigation (FBI). This direct contact is certainly uncommon, but it was perhaps the tone of the conversation that got the most attention. The DOD and FBI were said to be fairly furious at Microsoft for withholding this information from them and maintaining a shroud of secrecy while they worked on a solution in private. They felt that if anyone had the right to know about such a major flaw, it was the government agencies charged with protecting this nation. After the events of 9/11, I’m not about to chastise the government for being concerned.

Microsoft had made some very bold claims about Windows XP security, and it had come back and bit them where the sun don’t shine. They had continued to deny problems existed, when all the while they knew of some pretty major issues. Now, not only were the pundits angry, but the government was angry. Consumers have claimed for years that Microsoft kept them in the dark about problems with their software, but now there was an incredibly glaring example of the kind of problems people were talking about. Only now, Microsoft could not deny or explain it away. They had been caught red-handed with a major security problem in “The Most Secure Operating System Ever Released”. The odd part is, it turned out to be only one of many such problems that XP had.