'If it ain't broke don't fix it'? Bad advice can break your business

'If it ain't broke don't fix it'? Bad advice can break your business

Summary: Old adages don't apply to the fast-paced world of technology and business continuity requirements.


"If it ain't broke, don't fix it."

I heard this phrase originally from my father. Many of you also heard it for the first time from a family member, or maybe even a co-worker or a supervisor at one of your first jobs.

The phrase is widely attributed to Gainesville, Georgia-born Thomas Bertram Lance, the Director of the Office of Management and Budget during Jimmy Carter's Presidency, who resigned after his first year in office due to charges in a banking scandal that he was later acquitted of in 1980.

Bert Lance is paraphrased by an unidentified author in Page 33 of the newsletter of the US Chamber of Commerce, Nation's Business, in May of 1977.

"Bert Lance believes he can save Uncle Sam billions if he can get the government to adopt the motto,"If it ain't broken, don't fix it!" He explains,"That's the trouble with government: Fixing things that aren't broken and not fixing things that are broken."

Lance is certainly known for popularizing the saying in print, but it is believed that it had been used in the American South for many years before.

Regardless of the origin I think the full quote, particularly the part which I've bolded merits further examination.

It's certainly true that there are sometimes things that don't necessitate replacement, but we often put off replacing or fixing things due to our own complacency, being penny wise and pound foolish.

Or by having a cavalier attitude about threats to business continuity by being under the naive assumption that horrible things will never happen to us, they happen to other people instead.

It's one thing not to replace your refrigerator, your car, or your TV set because it works fine. But keeping around End-of-Life system software and aging computer systems in general? I'm not sure even Bertram Lance would agree with that one.

The Windows XP End-of-Life event has been perplexing as I've heard old Bert's quote again and again as the reason for keeping those old PCs and software around.

Bert died in August of 2013 at the age of 82, but had it been explained to him that his widely-used quote has been used as justification for potentially exposing government, businesses and individuals to malware that could result in financial damages and leaks of Personally Identifying Information (PII), he'd probably ask that it be stricken.

During my 20 years as an IT industry consultant as both a freelancer and also during my tenure as a systems architect at IBM and Unisys I encountered countless examples of putting off upgrades of clunky old stuff because it was inconvenient or nobody wanted to spend the money.

Many of those things turned out to be single points of failure that held up large migrations and application modernization efforts, and ended up causing delays that were considerably more expensive than the money that the organization thought they would be saving by putting upgrades off.

Like, I dunno, the huge insurance company I once worked with that decided not to update their mainframe's 3270 communications stack to TCP/IP ten years before and leave their physically bus-connected (and unsupported) OS/2 2.0 SNA gateway in place when they faced a massive datacenter consolidation and VMware virtualization effort a decade later.

Or the the Internet Service Provider whose provisioning and billing system was tied to home-grown scripts and off-the-shelf software written for an EOL version of SunOS on an ancient SPARC 10 that was left running for over a decade, only to discover that when the hardware failed, the backup of the script code and the orphaned off-the-shelf software they had would not run on a modernized UNIX OS so easily.  

Or the public transit authority of a large city which had a 30-year-old mainframe still in service that operated the switching system for its train cars that needed code modifications when alterations to the train lines were made. They actually had to pull someone out of retirement that wrote the original program, because the system wasn't supported anymore by the original vendor and nobody on staff there had those skill sets anymore.

I could go on with dozens of examples of systems that weren't "broken" but were left in place, and the consequences that followed.

But sometimes IT gets the cluetrain because the consequences of avoiding remediation of a problem are so dire that any inaction could risk a catastrophic business continuity loss.

If prolonged, such a loss or a data exposure could undermine your company's reputation and result in loss of customer confidence or even cause you to be fined heavily by the government. Not to mention other damages by the downtime alone.

The last time the industry hopped on the cluetrain was the Year 2000 problem.

Continued: XP's End of Life compared to Y2K        

Topics: Security, CXO, Enterprise Software, PCs


Jason Perlow, Sr. Technology Editor at ZDNet, is a technologist with over two decades of experience integrating large heterogeneous multi-vendor computing environments in Fortune 500 companies. Jason is currently a Partner Technology Strategist with Microsoft Corp. His expressed views do not necessarily represent those of his employer.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • XP lives

    There are a lot of uses for XP that do not expose it to viruses. We have one set up on a label machine, and another in a packaging line. No one uses them to go on the internet. Viruses simply aren't a factor. I have a XP at home used solely to play some old non internet games. I don't go online with it. XP will live quite long in these situations.
    • I hope

      that by that you mean it is a fully segmented production network, where no internet connected devices can reach the production line devices.

      A lot of worms don't need an internet connection, once they have an infection vector behind the firewall, just look at Code Red, Stuxnet etc.

      Often it is not possible to upgrade these machines, without investing hundreds of thousands on new industrial equipment that is being controlled by those machines. But saying that the PC itself is never used to surf the net doesn't mean it is automagically safe.
      • I don't think most have to worry about that

        Unless you're running Siemens turbines, Stuxnet is no threat to you.

        The simple fact is most people aren't worthwhile targets. Most machines that are running XP today, and which are used for largely non-Internet connected purposes are going to be just fine.

        If you are a defense contractor, its a thing. If you're a music producer, it really isn't.
        • Stuxnet was just a recognizable example.

          By the way, Stuxnet infected many networks beyond the original target. The specific point is that a networked PC can be breached, even if it doesn't browse the Internet.

          Your second suggestion is that most computers will not be targeted? True for national spy agencies, but technology flows down hill. Those creepy guys who spawn software like cryptolocker ransomware don't care who owns a vulnerable target. After infection, you'll either pay or lose your files. (my file backups are "limited access")
        • End-users? Maybe not, but ...

          ... any business with customer data (especially financial data), or trade-secrets faces financial ruin (and possible litigation) if their systems are breached or data is lost.
          M Wagner
  • Whoever thinks the old adage probably wasn't in business

    I know a guy that has been running his business on a Windows 2000 workstation for at least 15 years. He has a Vista workstation for the youngsters but all his we he does on Windows 2000. There is nothing unique to the newer OSes that will enhance his business in any way.
    • Perhaps not ... but a catastrophic loss of his business data ...

      ... could ruin him.
      M Wagner
  • Define broken

    The main issue here is the definition of broken. Different people will define it differently. Some people (notably Apple fanboys) will consider anything to be broken if there is a new version available. By that logic, Windows 7 is broken, and they fully believe it. Others will not consider something broken until it is no longer physically capable of serving its purpose. To most, however, "broken" lies somewhere in the middle, and exactly where it lies is up to that person and their own specific scenario. I like to define "broken" in XP's case as: the point at which mitigating the risk presented by not upgrading is worth the cost of the upgrade. My wife's XP machine which does nothing but access her work's web portal - not broken. My in-laws' primary family PC that still runs XP - broken in my opinion, but that's their machine, and up to them to decide to cover the cost of an update. I can educate them on the risks of not doing so, but I'm not going to belittle them for not doing what I think is better.
    • In-laws vs. risk

      As long as your in-laws will "never" blame you when their PC is disabled,
      and as long as you won't be asked to invest heroic efforts attempting to recover it,
      then I agree. Don't belittle them. It's their risk, not yours.
  • What's next from the Microsoft brain surgeons ????

    Geez, another Microsoft propagandist !!
    An old IBMer from the mark sense, key punch era and onward to 50 years later of a stormy Microsoft relationship. With the departure of Windows XP, guess we'll just have to suck it up AGAIN!! WHAT'S NEXT !!!!

    Most of the comments are absolutely correct. A dedicated machine, off "line" will not be exposed to problems.
    I have four in my business, dedicated to a specific job function and they work perfectly. I will not change them. On-line machines for Internet work is a different thing. Although this new world of "touch screens" is garbage. Ever work a PAD with gloves on? GARNMIN GPS is touch screen.
    The computer world is capacity screens. That's my beef !!
  • Business via home use. Different risks and risk mitigations

    While I think it is best that people move on from XP. Sometimes it isn't possible (I have an Oscilloscope that runs XP which isn't certified for Win7 or 8) and other times someone who can't afford a computer has a very old legacy device and doesn't want linux.

    Well, if caution is used and you don't put something mission critical on it (occasional Power Point, Excel or web browsing), what is the worst that can happen? Re -install XP, office and latest browser.

    An evaluation of the risk, the likelyhood and the impact will allow assessment of what is acceptable or not.
  • It cuts both ways

    These stories are of horrors occurring because upgrades didn't happen. But many more are the horrors because they did happen:

    1. The 50-year old records you can't read anymore, because the big houses won't support those old formats, and you were dumb enough to give your old hardware and programs away, thinking surely you'd be able to read those old files. So now you flunk the audit, can't prove basis for capital gains, pay way too much inheritance tax, can't furnish medical records, nor prove you own your gramma's house. The list could go on and on.

    2. Or, less disastrous, suddenly that really important long document which took forever to craft, which you thought you'd never have to do again, you do. And the newer stuff, can't format it properly. So the million-dollar proposal you intended, won't be ready in time.

    3. This one's rather more sinister: many CNC controllers (machines which make everything you buy) depend on older computer programs to make their widgets so well and so cheaply. But now, oh no, they cannot, because MSFT hates economy, so these multimillion dollar machines are obsoleted overnight. So guess who'll have to pay for new ones? You, the consumer of the end product those machines make. Yeah, right in your wallet. You pay, MSFT gets nothing, so is not benefitted, either, and the world incurs inflation. Heh.

    4. Of course, many of those machines make car or restaurant or hospital parts/implements, and who's to say that the new ones with the less-tried-and-true programming, won't turn out more defective parts? So how many limbs lost, people made sick, deaths. Did you know, even improper anodizing can make rivets loosen, and a car or plane can thus crash? Sometimes older is more tested and thus reliable. Hmmm.

    One can find many more examples, but these four help you see the flipside. New isn't always better. New lately, be it in unibody construction, packaging, programming.. is often worse. Kinda like devaluing gold or silver in coinage...
    • Overnight?

      That is bogus. Industry has had over a decade warning that XP will no longer be supported. It isn't as if this date wasn't known long in advance, but industry has been too lazy or too caught up in its own greed to deal with the problem sensibly.

      That leaves its users stranded. I agree, you can't just replace a CNC machine overnight, it costs a fortune. But a simple software upgrade should be cheaper. But the companies behind the CNC machines (and many other industrial devices) have abandoned them and the line is, "if you want to use Windows 7/8, you'll have to buy a new CNC machine."

      WTF? The CNC machine is fine, just the controlling software was originally poorly written and needs modifying. Instead of modifying the software, they declare the machine obsolete.

      This isn't Microsoft's fault and it isn't the customer's fault, but it is their problem.

      It is annoying when your $100 printer isn't compatible with a new version of the OS, because the manufacturer would rather sell you a new printer than give you a free driver update. It is a different matter, when the "peripheral" costs hundreds of thousands of dollars.

      BTW, talking of drivers, I was pleasantly surprised at the weekend. My brother-in-law updated to Windows 8 from XP and I set up the machine for him. Kyocera had a Windows 8 driver for his 2003 vintage printer!

      As to point 1, you never decomission an old system before you have successfully imported the data into the new one! And even then, you generally run them in parallel for several months to ensure there are no incompatibilities. Anyone who doesn't do that deserves everything they get!

      2, yes, it can happen, but even switching to OO.o or LO will generally cause relatively minor inconsistencies, which can be quickly rectified. Annoying, but a one-time problem. It is more of a problem if you are converting thousands of documents. I've lived through this, with DisplayWrite IV to WordPerfect 5.1 migration and WordPerfect 5.1 to Word. It is doable, but you need to calculate the time to do the conversions into the upgrade costs.

      4 is pretty bogus. If the new software is at fault, then the software company will have huge lawsuits on its hands, they can't afford to not properly test it.
  • Not enough profit killed XP

    If we built a car that never broke down and ran for years without earning us any additional money, we'd go broke in a market like the OS market.

    We'd up the game with a fancier model, bright paint, fancy chrome and make excuses why the old model couldn't be upgraded. We'd be lying and our stockholders would applaud and stick with us.
    Stories of our business prowess would flood the press. Schools might be named after us.

    Maybe later, when our conscience bothered us enough, we'd put some of our earnings into charitable projects just like the lumber barons and steel magnates of the past.

    Anyone seeing flashbacks from Citizen Kane?
  • Y2K Date Was Not A Bug

    It was a feature. In the 70's I maintained an application with a million records each containing 10 date fields. Expansion of those from 6 to 8 bytes would result in about 20 million more bytes for the database. At the time that was about the capacity of our 2314 disk drives which cost more than $100K each. We chose to save the cost of the disk drive, after all, nothing lasts for 25 years in the software world.
    • Never say never.

      You say: "nothing lasts for 25 years in the software world", At home, I have a game called "PC Arcade" that resides on a copy righted bootable 5 1/4" floppy disk that was programmed in around 1985 that runs perfectly on my PC AT 8 MHz Intel 8088 computer, its one of those games they released back then where you boot up (start up) the computer with the disk already inserted and the computer starts off from the game's proprietary operating system and lets you play the game right away. That software is 29 years old and still runs perfectly and on Windows 8, 7, XP, etc you can run it with a DOS emulator after dumping the floppy's contents into a .IMA/.IMG file.

      So, you can MAKE software work on any computer your want, no matter how old it is, there is an emulator for virtually anything that ever existed computer wise. So, if you are nostalgic enough go to Zophar's Domain and grab your emulator(s) of your choice.
      • It is a miracle that your old IBM PC/AT is still functioning.

        If it dies tomorrow (or if the floppy drive fails), where are you going to find a functioning floppy drive so you can move the floppy's contents into an .IMA/.IMG file? Where will you find a DOS emulator (16-bit, remember) which rill run on a 64-bit OS? Right now, only 32-bit Windows 7 (with XP Mode) will support any 16-bit app.

        In short, you need to make plans NOW to protect this code from being lost forever. Otherwise, when your old IBM PC AT (or its 5.25" floppy) takes its last breath, you are simply SOL.
        M Wagner
  • The only issue is security for XP

    This may seem heretical, but in point of fact, for most users the only weakness of XP is security. XP can run almost every program written for PCs, and many that Windows 7 and later cannot. So of course people want to stay with it. An OS is just an OS and little more. It's the shell that allows programs to run. There is very little value-added in Windows 7 and later besides security. That's the "elephant in the living room".
  • If it ain't broke - do not fix it

    Now, what is your definition of 'broke'?

    If the car runs just fine, but the red 'check engine' light is on - does the car need fixing?

    I am not sure about yours, but mine does.