« It's a Blog, Blog, Blog, Blog World | Main | A Couple More Panoramic Stitches »

April 28, 2005

Can the General Operating System Design Problem Be Solved?

When I was back in Montreal, my father had some trouble with his computer. This seems to happen a lot. What's frustrating is that although I used to be able to help him, these days I almost never can.

These invidents all follow the same pattern. First he tells me about something he is unable to do, usually involving networking. I confess that I have no inside knowledge, but I'll take a look. I futz around with it a bit. We both get frustrated because it appears that Microsoft has delibrately made it difficult to do something. I explain that there probably was a good reason for why it was designed the way it was, but the logic escapes me at the moment. Eventually we get it working, or not.

For example, this last time he had just purchased a new laptop and wanted to share files between them. When I want to share files I usually bypass the GUI and run "NET SHARE" on the server and "NET USE" on the client. This has always worked, except for a slight blip with older Windows 9x clients that didn't let you specify the username and always tried to connect to the server as "Guest".

On his new XP SP2 machine, however, it didn't work. It turns out you have to run a wizard of some sort first. And even better, you have to run the wizard on your older, pre-XP-SP2 machines. Which is a bit difficult when your pre-XP-SP2 machine is a laptop with no CD drive, and filesharing isn't working because that's the problem you're trying to solve.

This is especially frustrating because I worked on NT networking for many years. There's probably still some of my 15-year-old code rattling around in there. But when I sniff it, all you see is the server returning some unhelpful error message. So it looks like the wizard you are run tweaks some magic bit somewhere to say "yes, it's OK to share files from this computer". But of course I have no idea what exactly it does, and there is no documentation that tells you.

As usual, I'm sure Microsoft is not doing this just to be annoying. XP SP2 was all about security and file sharing is a big security opening. So I have no doubt that the wizard, before allowing file sharing, first shuts down some of the openings you get if you just blunder in and start running "NET SHARE" left and right. Presumably you need to run it on downlevel machines for the same reason. This is the standard security vs. convenience debate (as it happens, this type of issue was discussed on Slashdot today).

The problem here is that there is no "right" answer for that the user experience should be here. In the old days Microsoft felt that convenience was more important, so they went that route. But there were still people back then who needed the security more and didn't like that choice. Now, in cases like this Microsoft is choosing security over convenience. Sure, you can argue that getting security "wrong" is a lot worse than getting convenience "wrong", but in this case the security seems to be reducing the convenience down to zero.

I'll point out that my father has a Ph.D. in mathematics, wrote his first computer program 49 years ago, and has been using a PC for almost 25 years. He writes TeX code for fun, for goodness sakes. As for me, I work for Microsoft. I guess we're not in the main demographic that Microsoft is targetting for home network setup. Still, it should be *possible* for us to understand what is going on well enough to get it working--don't you think?

This led me to start thinking about the set of problems that Microsoft is trying to solve with its mainstream OSes, and how in many cases the goals are contradictory:

  • Secure, yet convenient to use.
  • Easily usable by third-party hardware and drivers, yet stable.
  • Supports a wide variety of applications, yet offers a consistent user experience.
  • Unintimidating to novice users, yet accomodating to power users.
  • Takes advantage of the latest hardware platforms, yet runs on older machines.
  • Innovates at the API layer, yet continues to support older applications.
  • Can have security patches applied on a regular basis, yet patches never break anything.
  • Has complete documentation avialable to users, yet the source code is not released publicly.
  • Can be easily upgraded to newer versions, yet everything continues to function as before.

I could continue the list, but you get the idea. The question is, is this even possible?

My point is not to impugn the ability of Microsoft in particular to deliver this software. If anyone can do it, Microsoft can, and the Longhorn team is certainly trying their hardest. My point is: can such an operating system be designed? Assuming that you could instantly create perfect, bug-free code to match whatever design you came up with in your mind--could you come up with a design for an operating system that satisfied all these criteria?

If you look at Microsoft's main competitors, they aren't aiming quite as wide. Apple controls the hardware platform, trades off tighter control of hardware and software for fewer third-party products, and squarely targets ease of use over power users. Linux aims at power users, does not worry as much about consistent UI, takes advantage of its available source code to allow others to document it, and expects users to fix up some upgrade and patching issues.

And these may be perfectly reasonable tradeoffs, because obviously there are many users who are happier with OS X and Linux. In the situation above with home networking not working right away, I predict that on OS X it would be even more obfuscated and harder to debug, and on Linux it would be much easier to figure out what is wrong. But that's just one situation, reflecting the tradeoffs made in those OSes.

It's sort of terribly noble of Microsoft to really attempt to tackle the general problem and be all things to everyone. I'm just not sure if it can be done.

Posted by AdamBa at April 28, 2005 09:04 AM

Trackback Pings

TrackBack URL for this entry:


At least one of the things that the wizard does for you that NET SHARE does not is to enable the File And Printer Sharing exception in the firewall. Without that exception the firewall will simply reject all comers. The wizard sets the exception for the local subnet only.

If you want to do it from the command line I think the required command is NETSH FIREWALL SET SERVICE FILEANDPRINT ENABLED.

I can't think of a reason why the wizard needs to be run on down-level clients - perhaps some policy needs to be set? I remember having huge problems getting sharing to work correctly between XP Home and my XP Pro machine at my parents' house - I put that down to Norton Internet Security getting in the way.

Posted by: Mike Dimmick at April 28, 2005 02:14 PM

To address your question about the general concept, I tend to look at this problem from two angles. One is that there are incremental impovements that can be made. The other angle is to consider a revolutionary approach. The latter would start with forgetting about concepts like 'operating system.'

Posted by: at April 28, 2005 04:30 PM

I am sending your post by email to my father tonight. I hope it will help in restoring his appreciation for me :)

Posted by: Diego Vega at April 29, 2005 12:05 AM