What the "Black screen of death" story says about tech journalism

What the "Black screen of death" story says about tech journalism

Summary: I've spent the better part of the last 48 hours looking into the colossal fiasco that is the "Black Screen of Death" story. It's a near-perfect case study in how Internet-driven tech journalism rewards sloppy reporting and how the echo chamber devalues getting the story right. Here, let me walk you through the whole sordid, depressing episode.


I’ve spent the better part of the last 48 hours looking into the colossal fiasco that is the “Black Screen of Death” story. It’s a near-perfect case study in how Internet-driven tech journalism rewards sloppy reporting and how the echo chamber devalues getting the story right.

Here, let me walk you through the whole sordid, depressing episode.

On Friday, November 27, an obscure computer security company, Prevx, publishes a blog post accusing Microsoft of releasing security patches that cause catastrophic crashes in Windows PCs. The inflammatory headline reads: Black Screen woes could affect millions on Windows 7, Vista and XP. The post lacks even the most rudimentary technical details and is maddeningly vague. It goes unnoticed over the U.S. Thanksgiving weekend.

Early Monday morning, November 30, Jeremy Kirk of the IDG News service sends a story out on the wire that is picked up by IDG flagship publications PC World and ComputerWorld. Conveniently, the story is posted at 7:05AM Eastern Time, ensuring that it will be at the top of news sites as Americans drag back into work after the long holiday weekend.

Here’s the first headline as it appeared at PC World and ComputerWorld early Monday morning: Latest Microsoft patches cause black screen of death According to the accompanying story, the patches “cause some PCs to seize up and display a black screen, rendering the computer useless” for millions of Windows users. The security company “hasn’t contacted Microsoft yet” and “Microsoft officials could not be immediately reached for comment.”

The story is echoed by dozens of other publications within an hour, some pointing specifically to PC World as the source. The rush of coverage catapults the accusations into the mainstream. At some point that morning, Microsoft’s security team goes into “fire drill” mode.

Later that day, this follow-up headline appears in ComputerWorld: Microsoft investigates Windows “black screen of death” The report quotes a Microsoft spokesperson, who says “Microsoft is investigating [the] reports…"

I interrupt here to note that asking Microsoft for comment on Monday morning was disingenuous. Prevx admits that no one from the company contacted Microsoft before publishing their vague findings and inflammatory headline. Given that this is the first that anyone at Microsoft is hearing of the issue, what else can they say but “We’ll investigate and get back to you”? In the initial flurry of reports, not a single reporter talks to an independent expert on computer security or Windows.

More headlines:

Microsoft is investigating... Microsoft is probing... Microsoft is looking into the problem... And then, finally, on Tuesday afternoon: Microsoft denies blame for ‘black screens of death’. Oh, really? By the time your name appears in “So-and-so denies…” headlines, you are toast. Ask Tiger Woods.

It’s he-said-she-said journalism at its finest. Security expert says Microsoft patches seem to cause fatal crashes, and Microsoft denies it! Who’s right? Hey, we’re just the press, we don’t know. You decide! In a refreshing bit of actual reporting buried deep in his story, ComputerWorld’s Gregg Keizer notes that a search of Microsoft’s support forums turns up only one thread on the subject in the entire month. Alas, he does nothing to help his readers draw the obvious conclusion from that data point.

After two full business days of relentlessly negative coverage for Microsoft, the noise from the echo chamber is deafening. More than 500 separate posts on mainstream tech sites and in blogs have amplified the original story, most of them simply repeating the accusations from the Prevx blog post with no original reporting or fact-checking. The story has now taken on a life of its own.

Finally, on Tuesday evening, Prevx backs down completely from the story, publishing a formal retraction and apologizing to Microsoft. Another follow-up post the next day from Prevx CEO and CTO Mel Morris tries to deny any responsibility for the damage. He includes this hilarious bit of understatement: “Regrettably, it is clear that our original blog post has been taken out of context and may have caused an inconvenience for Microsoft.”

You’ll notice I didn’t link to any of the Prevx blog posts or IDG headlines in the account above. Here’s why: Doing so increases the rank of those pages on search engines and makes those inaccurate headlines and summaries even more likely to bubble to the top of a search for troubleshooting information on Windows. And given that most of those stories have not been corrected, it would be irresponsible to give them more Google juice than they already have.

In an e-mail exchange earlier today, I asked PC World Editorial Director Steve Fox whether he plans to publish a retraction or apology for PC World's role in spreading this inaccurate information. Fox stoutly defends his publication’s coverage, saying that they were chasing the story “in real time” and adding, “We were reporting the facts as they were understood at the time (including reference to the primary source), confirmed the existence of an actual problem, and asked for comment from Microsoft.”

Sorry, I’m not buying it.

The idea that IDG was chasing a fast-moving story in real time is absurd. IDG publications weren’t chasing the story, they were leading it. As I noted, the original blog post was published on a Friday. No one noticed it until Monday morning, and IDG was the first one to report on it. An IDG editor could have tossed the story back for some basic fact-checking and reporting. If someone had exercised even a basic set of journalistic skills, this story might never have taken off. But someone decided that this sensationalist report was worth a lot of page views and hit the Publish button when it was half-baked.

PC World’s Fox says he has inserted updates in the relevant stories but that it would be “dishonest and even disingenuous to change an old headline after the fact.” It doesn’t matter that the headline is factually wrong and will appear in search results until the end of time. (The notion that a headline or story becomes part of a sacred historical record and can’t be changed is not shared by other modern journalists. My corporate cousins at CNET aren’t afraid to change a headline when the original is inaccurate. The New York Times has been known to change headlines in blog posts to fix a mistake. There’s a process for making formal corrections in news and feature headlines at the Times, too, as in this particularly amusing example. Even smaller papers like the Birmingham Post are unafraid to tweak a headline when they realize they got it wrong initially.)

Unfortunately, IDG publications aren’t alone in training their correspondents and writers that being first is more important than being right. But in my reading through the dismal headlines around this story, I found several journalists who were willing to wait and do some basic reporting and managed to get the story right. Scott M. Fulton III of Betanews skewers Prevx for sloppy research and irresponsible disclosure:

For a company that made its name pointing out the dangers of trusting any old site that claims it's found an infection on your system and it can fix that for you, it may be a little ironic for Prevx to be pushing a quick fix as an .EXE file, for a problem whose causes it can't adequately explain. …

Prevx knows of ten different scenarios that could trigger KSoD conditions, and acknowledges that maybe this fix will work and maybe it won't. …

[E]ven if the Prevx fix does cure the KSoD problem, it would be conceivable that adjusting the permissions the other way could re-introduce the vulnerability that the original Microsoft patch addressed. That's assuming the fix actually does anything at all -- something which we haven't yet been able to verify.

However, all of that is speculation until anyone, including Microsoft, can make sense of just what it was that Kennerley is claiming.


E-mails to known Prevx addresses bounced back this morning, as though no one were actually present at the firm.

Rob VandenBrink of the Internet Storm Center, an independent, all-volunteer security outfit founded by the SANS Institute that doesn’t make its living based on scaremongering, connected the other dots:

[W]e simply aren't seeing any widespread "black screen" issue.

The thing I find most interesting in this cyber-opera is the number of  posts that we're seeing on other sites that took the original post as truth without doing any check at all.  I realize people are busy and everything, but a little bit of fact-checking goes a long way ....


As for Prevx, they deserve to be laughed out of the security commmunity for their role in this fiasco.

Topics: Microsoft, Browser, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Well done and well said Ed

    Unfortunately I have no hope that this will even slightly temper the sloppyness of the next one to come down the pike. As you said it's all about the page hits for these turds...
    Johnny Vegas
    • Feel free to explain how what happened here

      is any different than any other media reporting. The only reason Bott's
      a rant is because this time it was against a company he likes, he's just
      guilty of doing the very thing he is now, oh, so righteously indignant

      Not too long ago, Apple accidentally included iPhone Configuration
      in it's software update. It was an honest mistake by the company and
      was removed a few hours later.

      Of course, that was well after Bott, in high dudgeon, spent 700 words
      ranting on Apple for sneaking software onto people's computers.

      Wanna take a bet on whether Bott bothered to actually call anyone at
      Apple to do some fact checking before he ran with his story?

      Ed Bott: Pot. Kettle. Black.
      • Um...

        Please point me to the place where Apple acknowledged their error and apologized for it.


        Thought so.

        Btw, the defective components were on Apple's website for weeks and were removed the day after I posted about it.
        Ed Bott
        • Nice try.

          But you're still lying.


          Apple removed the software later in the day. And you know it.

          And anyone with half a brain knows it was an error since the iphone
          Configuration Utility is used for corporations who install signed
          iPhone Apps in an enterprise environment.

          What's hilarious here, is you continue to prove you are the very thing
          you just ranted against by first, deliberately referencing the wrong
          software, and, then, secondly, preaching that your mistake is
          irrelevant because Apple didn't apologize publicly.

          Here's the truth: You ran with a story without having a clue in hell
          about the facts behind it because it fit your prejudices. And, now,
          you're trying to cover your a$$ because you were made a fool when
          the facts did come out.
          • Overreacting?


            Look at the text in the link you posted:

            "Apple pushes unnecessary software to Windows PCs."

            And on a system here in my own home/office, I found that that this unwanted software had been installed more than two weeks earlier:

            "I just checked on my wife?s computer and found that this utility was installed on September 12..." My story was published on September 27.

            Your hysteria is showing.

            FWIW, my post was based on personal observation. No one has ever called the facts into question. The IDG News/PC World posts, by contrast, were simply rehashes of a blog post that turned out to be bogus.

            Tell me again why you are bringing the two up together?

            Oh, and do let me know when you have the link to Apple's post where they announce that they are removing the iPhone Config utility from their site and apologize for it.
            Ed Bott
          • Dont worry about him Ed...

            he has a koolaid induced distortion field up and running. Jobsy would be so proud.
          • that article confirms what Ed said

            The article you posted the link to confirms what Ed said.

            It says it was pulled within hours, and then goes on to say that it was pulled after Ed published his article.

            Apparently they got the first part of that wrong.

        • "It?s a near-perfect case study in how"

          even with all the time and money in the world, Microsoft cannot deliver reliable systems to people.

          Perhaps they should stop their illegal anti-competitive lock-ins with OEM's and let the world progress?
          • Which planet are you on?

          • Not planet Microsoft.

            Is it nice there?
          • Or maybe...

            ... Microsoft should follow Apple's lead, by developing the Microsoft PC, to run the Microsoft OS, and lock out everyone else in the industry. Sheesh. Talk about anti-competitive lock-ins.
      • Couldn't agree more!

        As I read through this, I saw Ed's reporting on Apple stuff being treated
        with the same cavalier approach he accuses his fellow journalists of.

        "microsoft could not be reached for comment" is journalese for "we
        didn't have time to call because we wanted to get this story out" just as
        much as it is for "no one answered the phone at Microsoft,"

        I felt like i was reading a FoxNews Channel rant about "the media"

        The media, including ZDNet, ain't God and there is NO ONE here has any
        business judging the integrity of someone else's bias or coverage.
        • Insightful comment

          Your grammer is so bad I couldn't be sure, but didn't you judge the 'bias or coverage' (lol) of Ed and Fox while condemning it?
      • cut and paste "journalism"

        Zdnet's RNaraine posted the "news" story on 11/30. This is not the first time his "reporting" has added little or nothing to clarify and/or confirm other news stories. Clean house!
        • No, he didn't

          I just checked Ryan's blog and there is no such story. Additionally, I spoke with him on Monday morning and we both agreed this story was bogus and not worth following.

          Do you have a link to the story you refer to or is your memory mistaken?
          Ed Bott
          • cut and paste

            http://threatpost.com/en_us/blogs/latest-ms-patches-causing-black-screen-death-113009. posted Nov. 30, 10:38 am with link to computerworld.com
          • Ah, thanks

            I was looking at ZDNet and didn't see anything here.
            Ed Bott
          • So it turns out what skaja said was true

            That is Ryan's name linked to it, right...
            Wintel BSOD
          • i never gave it a 2nd thought

            when i first saw this, i wasn't about to do anything until i heard something official. i never told any of my clients not to install these updates because there may be a problem.

            i thought it was a lot of hype.
      • Really? The iPhone Utility is gone?

        Cuz, I swear it asked me again this morning if
        I wanted to download it, along with Safari and
        QuickTime, none of which I want anything to do
        with. The only reason it asks me is because I
        have iTunes, because the iPod isn't compatible
        with Media Player. The only reason I have an
        iPod is because it was a gift.

        So either you're lying to make you and your
        fellow Apple geeks feel cool, or you're an
        idiot who spews crap you know nothing about.
        Which, pray tell, is it?