My computer just crashed itself, according to Microsoft policy, right while I was working on it. I'm up at 1:00 a.m. working on a project with a complex enough work environment that it takes an hour just to get the work environment fully functional. I have over two dozen tabs open in my browser, I'm connected to numerous secure endpoints, all of which require separate two-factor identification, as well as a transient layer of browser tabs which I'm opening and closing regularly while researching topics. I voraciously move all over the Internet when in this mode. I have multiple editors open, multiple folders on the machine, an escalated command prompt, and other tools like Putty, which is often holding multiple SSH sessions open to other servers. This is my normal work environment, and a fairly common arrangement for developers.
Then Microsoft pops up a "Your computer will restart in a few minutes" notice, completely taking over my screen, and giving me two options: "Restart Now" or "Confirm," meaning that I must spend the next few minutes closing down my environment and rebooting my computer, or just go ahead and reboot now, losing all recent work, and requiring an hour to rebuild my environment. I have numerous techniques which I use to rapidly shutdown such a complex workspace when needed, but even these require time. So no, I'm definitely not going to "Restart Now" and the 20 minutes they give is barely enough time. This is ugly. I'm working in the middle of the night specifically to avoid such meddlesome intrusions into my zen flow.
If you think this is bad, keep reading, I'll describe how it gets worse, like something designed literally in hell or Guantanamo as a Sisyphean punishment. But first, let's continue the narrative of my thoughts in the moment as I was presented with this violent-taking-control-of-my-computer moment from Microsoft that has not gotten better over time, but is getting worse. Yes, Windows 10 is worse than 8, and 8 was worse than 7, and 7 was worse than its predecessors, specifically in this area where, as an operating system, it should be getting better.
So I'm furious at Microsoft. It used to be, you could put off a restart like this for hours or days, and get back to work. No such option is available now. My screen is black. I have to stop everything, NOW, with no alternative. I've never seen it this bad before (and it must be new because I can't find screenshots of this screen anywhere on the Net.)
This is exactly what Linus Torvalds, creator and -- thank God -- still the lead maintainer of the Linux kernel says never to do:
"Do no harm" should be your mantra for any new hardening work. And that "do no harm" may feel antithetical to the whole point. You go "but t hat doesn't work - then the bug still exists". But remember - keep your eye on the endpoint, and that this is just the first step. You need to not piss off users, and you need to not piss of developers. Because if you as a security person just piss off users, and piss off developers, I'm not going to take your work, and I'm going to call you a bad security person. Because in the end, those users really do matter. Without those users, your system may be "secure", but all your security work was still just masturbation. You didn't do anything useful at all in the end. (https://lkml.org/lkml/2017/11/21/356)
He was writing this (mild for him) in response to this kind of violation of a workspace, and he's famous for his "do no harm" mantra which protects end-users and developers from encountering such intrusion. NEVER EVER EVER do what Microsoft did to me a few minutes ago, he says, loud and clear, and often. And he's right.
If you know only a little about Linus, this is likely one of the things you know. Every software developer in the world -- including those who never use Linux -- know he's right. We get what it means to have intricate, sophisticated structures opened up, working on multiple levels to solve difficult, superpositioned challenges, and why such environments need to be protected at all times.
Tell that to Microsoft.
They famously chant "developers, developers, developers," and yet it's a proveable deception: in the grand war between "liars and geeks" (sales and engineering), they've been sales-driven from their inception, and never wavered from this upside-down approach to building trust. Now they've gone so far that it is no longer possible to have a functional development environment in Windows.
I used to be a superfan of Windows, I've actually used it since late the 1980s version 1.0, when it was embedded, before the 3.1 version which was the first release that could be used by normal people. Yes, I've always been frustrated by the "Microsoft tax" where their obvious strategy is to control everything, but until a few years ago, they kept it in check enough I could be productive with a Windows machine. No more.
I finally abandoned Microsoft as my main development platform a couple years ago because of this same problem, and now it's even worse. After years of working with Linux as a hobby, I finally migrated fully, and only run Windows in a virtual machine when I absolutely have to. Out of a dozen machines that I use regularly, few are Windows, and whenever I can I disable these automatic updates because I responsibly manage them manually, which is natural for me as I work in secure environments, and use dozens of best practices like regular updates as a matter of course. I get that not everyone works at this level of responsibility, but those of us who do, should have the freedom to do so.
We do not.
Sadly, Microsoft doesn't trust you anymore. They never did, but now they've crossed the "do no harm" threshhold, and are actively traumatizing developers with this kind of policy. I'm not fooled by their recent embrace of open source technology -- I see it for what it is in its more sophisticated but well-known embrace extend extinguish model, because if they had sincere motives in this area, this kind of problems would not happen. But they do, and thus I know "developers developers developers" is a sales tactic.
Thus I already clearly loathed Microsoft Windows, and then tonight happened. Now for the worst part of the experience:
As soon as the screen went black while I was in the middle of typing, I immediately knew I was going to write this post talking about how I loathe Microsoft Windows. When I feel strong emotions, I write. I went to make a screenshot, so I could illustrate it. The screen froze, probably a bug in the modal screen code because nobody tested screen capture at this moment. I hit escape to end the freeze, and the virtual machine immediately crashed. The entire system went down immediately.
I lost everything, including things designed to survive crashes. One of the reasons I prefer using the Brave browser is that it recovers very nicely from a crash like this, rebuilding entire complex sessions, including logged-in state, once you restart it. I love this feature for moments like this, because, as a developer, I crash systems often. But whatever Microsoft did in its crash eliminated this feature. First time I've seen that. When the computer came back up again, all state was lost except a few file folders open, because I long ago selected "keep folders open during restart," because, well, can't expect Microsoft to respect your environment when it unilaterally crashes things due to its inability to design a secure environment and requires rebooting itself regularly to keep itself secure. You can run a Linux machine for years without rebooting, and this has always been true, but Windows can't get a few weeks these days. Like Musk said to Bezos, they can't keep it up, and it's getting harder to hide this fact.
I know, I know, I'm just one of many thousands of similar rants over decades, by people who loathe this aspect of the Microsoft Way(tm) of gaining people-who-loathe-them. I know, nothing I say here is going to change Microsoft's assumption that it owns my computer, and there are plenty of other reasons to loathe Microsoft.
This one hurt, though, so here's your rant, Redmond.
Ha Ha Ha ha! OH YEAH!
Oh this is grand. While here, I find this gem from Linus, which is part of the same discussion, linked by a larger community discussion here, which is quite insightful to read all the comments in detail. This gem speaks for itself, and you're obviously still reading, so here's the best part of the whole story:
As a security person, you need to repeat this mantra: "security problems are just bugs" and you need to _internalize_ it, instead of scoff at it. The important part about "just bugs" is that you need to understand that the patches you then introduce for things like hardening are primarly for DEBUGGING. I'm not at all interested in killing processes. The only process I'm interested in is the _development_ process, where we find bugs and fix them. As long as you see your hardening efforts primarily as a "let me kill the machine/process on bad behavior", I will stop taking those shit patches. I'm deadly serious about this. Some security people have scoffed at me when I say that security problems are primarily "just bugs". Those security people are f*cking morons. Because honestly, the kind of security person who doesn't accept that security problems are primarily just bugs, I don't want to work with. If you don't see your job as "debugging first", I'm simply not interested. So I think the hardening project needs to really take a good look at itself in the mirror. Because the primary focus should be "debugging". The primary focus should be "let's make sure the kernel released in a year is better than the one released today". And the primary focus right now seems to be "let's kill things for bugs". That's wrong. And I'm _so_ not interested in that. It makes me go "no, I will not pull that shit, it's not safe for me, and it's not safe for our users". So the hardening efforts should instead _start_ from the standpoint of "let's warn about what looks dangerous, and maybe in a _year_ when we've warned for a long time, and we are confident that we've actually caught all the normal cases, _then_ we can start taking more drastic measures". See the difference? Stop this idiotic "kill on sight, ask questions later". Because it's wrong.
Glad I'm not the only one telling Redmond to fix their bugs the right way, instead of forcing me to debug for them. This is even stronger than my "loathe" position above. Thanks, Linus.