Click here to monitor SSC

Michael Sorens is passionate about software to be more productive, evidenced by his open source libraries in several languages (see his API bookshelf) as well as SqlDiffFramework (a DB comparison tool for heterogeneous systems including SQL Server, Oracle, and MySql). With degrees in computer science and engineering he has worked the gamut of companies from Fortune 500 firms to Silicon Valley startups over the last 25 years or so. Current passions include PowerShell, .NET, SQL, and XML technologies (see his full brand page). Spreading the seeds of good design wherever possible, he enjoys sharing knowledge via writing (see his full list of articles), teaching, and StackOverflow.

Step Away From That Computer! You’re Not Qualified to Use It!

Published 14 August 2014 12:32 pm

Most things tend to come with warnings and careful instructions these days, but sadly not one of the most ubiquitous appliances of all, your computer. If a chainsaw is missing its instructions, you’re well advised not to use it, even though you probably know roughly how it’s supposed to work. I confess, there are days when I feel the same way about computers.

Long ago, during the renaissance of the computer age, it was possible to know everything about computers. But today, it is challenging to be fully knowledgeable even in one small area, and most people aren’t as savvy as they like to think. And, if I may borrow from Edwin Abbott Abbott’s classic Flatland, that includes me. And you.

Need an example of what I mean? Take a look at almost any recent month’s batch of Windows updates. Just two quick questions for you:

  1. Do you need all of those updates?
  2. Is it safe to install all of those updates?

I do software design and development for a living on Windows and the .NET platform, but I will be quite candid: I often have little clue what the heck some of those updates are going to do or why they are needed.

So, if you do not know why they are needed or what they do, how do you know if they are safe? Of course, one can sidestep both questions by accepting Microsoft’s recommended Windows Update setting of “install updates automatically”. That leads you to infer that you need all of them (which is not always the case) and, more significantly, that they are safe. Quite safe. Ah, lest reality intrude upon such a pretty picture!

Sadly, there is no such thing as risk-free software installation, and payloads from Windows Update are no exception. Earlier this year, a Windows Secrets Patch Watch article touted this headline: Keep this troublesome kernel update on hold. It discusses KB 2862330, a security update originally published more than 4 months earlier, and yet the article still recommends not installing it!

Most people simply do not have the time, resources, or interest, to go about figuring out which updates to install or postpone or skip for safety reasons. Windows Secrets Patch Watch is the best service I have encountered for getting advice, but it is still no panacea and using the service effectively requires a degree of computer literacy that I still think is beyond a good number of people. Which brings us full circle: Step Away From That Computer! You’re Not Qualified to Use It!

10 Responses to “Step Away From That Computer! You’re Not Qualified to Use It!”

  1. Dimitrios Kalemis says:

    I think that every IT person can identify with the problem that you bring forth.

    Patches from Microsoft come out all the time. I do not take this to mean that Microsoft’s products are more buggy than others. I take this to mean that Microsoft’s products are used a lot and Microsoft wants to correct any and all bugs.

    Still, the problem remains. Not all patches are harmless. A few may break things or misbehave (only in your environment, or only in some environments, or in all environments).

    The worst patches put the computer in a state that it makes it keep rebooting constantly.

    So, you have to be careful when you apply patches. You have to test them first. And unfortunately, this requires time and other resources.

    The problem remains: when a new patch comes out, we are stuck between a rock and hard place: should we apply it or not?

    Microsoft gives us guidelines, but we also have to take into account our specific environment, and we also have to test. And this is one of the reasons that do not make our job an easy one.

  2. Louis Somers says:

    Step away from that excavator! Only clairvoyant x-ray eyed drivers qualify!

    Obviously policies are quite different for development, acceptance and production environments. On my machine I always just blindly install the updates hoping that it may resolve a glitch or two.

    Once I spent three days hunting down a bug, only reproducible in production, which was instantly solved by installing a SQL-Server update (all other environments had been updated earlier). I can very well imagine that Microsoft could suspend support for an issue until all patches and updates have been applied.

    In another environment we had VPS’s with limited hard-disk space. The price would skyrocket if we needed more. Updates were very specific there.

    The line starts getting dimmer when using cloud services. How can we know exactly what Microsoft is updating right now on there Azure platform? And how can we influence or prevent it?

    Grandfather would wag his finger saying “if you do not know what a button does, you’d better not press it”. With that attitude it is impossible to learn how to operate a computer!

    Like pressing a button to see what happens, we sometimes must install an update and see what explodes. However not in a real airplane cockpit, and not in the production environment.

  3. DrTechnical says:

    I think we are clearly dealing with a situation surrounding personal computing where the complexity of the operating systems and their applications has increased geometrically but the built-in features to assist the owner to update and maintain their system have been sorely lacking.

    I use Microsoft products for my computer OS almost exclusively. There are many instances where I am given a choice about installing or proceeding with a process but have no idea what the ‘right’ choice is and why. Worse still, many of the message windows or error codes are meaningless, even to someone like me who has a technical background and has been using the products for literally decades.

    As an example, if you insert a USB 2.0 device in a USB 1.0 port, you will get a message window telling you that inserting the device into a USB 2.0 port will give you better performance. Fine. But the window that comes up when you click the link to find a USB 2.0 port is USELESS!! All it does is display the port list from Device Manager, which does NOTHING to help you identify which port (of the multiple ones on your computer) is a USB 2.0 port. No help here.

    There are those who would not like to see software that took choices away from you, taking a paternalistic attitude (“We, the vendor, know what’s best for you so we’ll just make that change for you.”) But there has to be some middle ground, where you give the customer choice, but also explain what the effect of making each choice will be.

    When even tech-savvy folks like me are crying out for better guidance on updates and patches, or on routine matters of system errors and how to diagnose and handle problems, that is a situation that can be addressed, if only the vendors will walk a mile in the average user’s shoes.

  4. Andrew Watson says:

    Or how about the allow/deny prompts from our chosen anti-virus software that seem to pop-up with increasing regularity – no matter how many times we click “create rule”….. for applications that we have no idea what they are, or why they are wanting to update, or when they updated, or what they do that’s so essential to our computing life…. so we allow/deny almost at random…. I’m sure this is not the ideal for security…. but a user is a user.

  5. Keith Rowley says:

    Where this scares me is with the oncoming age of home automation. If I install an update and my computer starts having problems, oh well, worst case I have to re-install windows from scratch. Not good but livable.

    If I install an update to my home automation system and my HVAC starts having problems that could be a real problem, that could burn out my AC unit or possibly set my house on fire. Really bad!

  6. willliebago says:

    Yes, I really do not have the time, resources, or interest, to go about figuring out which updates to install or postpone or skip for safety reasons… I’ll check out the Windows Secrets Patch Watch service you’ve mentioned.

  7. paschott says:

    In general this isn’t a huge issue when it comes to Windows Update. That’s not to say that problems never happen (see the current issues w/ the “August Update” for Windows 8), but they are very rare when they do happen. For that, I’ll give MS some pretty huge props that with all of the complexity in Windows things pretty much keep working.

    For me, I tend to install updates pretty automatically, if not immediately. That bites me more often w/ dev tools than with the OS, though. I’ll sometimes find that an update to my dev tools requires a project update as well. Very rarely, those updates aren’t backwards compatible. On the whole, though, the updates run smoothly.

    Anti-virus prompts are a whole different game, though. I’ve seen those pop up repeatedly and as noted in the article they just don’t ever seem to stop. They get to the point of being ineffective because people just start clicking “OK” repeatedly. I did this one time w/ Spybot to prevent unauthorized/unknown changes and had to turn it off because of the sheer number of prompts for even the smallest of changes. It may be good to keep an eye on that sort of thing, but if I did that for my less savvy family, they’d throw the computer at me.

  8. TodConover says:

    Another opportunity to trash iterative development, “Agile” to some of you. Part of the problem is there are too many unnecessary changes, some the result of adding features we don’t need, or worse, refactoring. If you take the time to do it right, you don’t have to do it again. If you subscribe to fallacy that you can’t know the requirements fully until you try a few times, then don’t complain about bloated patches.

  9. Robert Young says:

    Well, something of a misleading title!!!

    What I was expecting was a discussion of computer geeks and financial quants screwing up the globe with opaque models in Excel and SQL Server.

    You know the drill, “don’t let your kids touch the sharp cutlery”. Or, skip the Agile hula and do the Deming Dance (do it right the first time).

  10. jerryhung says:

    I have had Microsoft KB breaking OS on me, luckily not on Production servers

    Blessing in disguise, changes/reboots on Production require Change tickets which I prefer not to do all the time, so that means I get to skip most updates :)

Leave a Reply

Blog archive