/>
X
Business

Did Microsoft's 'Browser Ballot" break because of Copy'n'Paste code?

A great way to avoid actually having to do any real coding work is to search the web for the type of code you're looking for and do a quick CTRL+C and CTRL+V to drop the code into your own project. Job done. Well, perhaps not. What happens when the code you copy doesn't actually do what it says on the tin it does?
Written by Adrian Kingsley-Hughes, Contributing Writer

A great way to avoid actually having to do any real coding work is to search the web for the type of code you're looking for and do a quick CTRL+C and CTRL+V to drop the code into your own project. Job done. Well, perhaps not. What happens when the code you copy doesn't actually do what it says on the tin it does?

When Microsoft drew up its "Browser Ballot" screen it needed some JavaScript code to randomize the order in which the browsers were displayed. However, it turns out that the code was flawed and didn't work as expected.

Now, on its own that's nothing special. But what's interesting is that Rob Weir spotted that if you do a search for "Javascript random sort" on Google (or Bing for that matter), you come across a JavaScript library that has the exact same flaw.

Now, I'm not suggesting that Microsoft did anything wrong with using code from a JavaScript library, after all, there's little point in continually reinventing the wheel. But it is a problem when you lift code that promises you a wheel, but you end up with a square wheel rather than the more traditional round one. The problem with using code libraries is that unless you are sufficiently skilled to be able to understand the code or test it in action, you could very easily end up with a square wheel, or a wheel that comes off under certain circumstances. Or worse still, a wheel that decides to take you on a trip to the seedier parts of town and hands over your wallet to a thug. These are the perils of using code you don't understand.

Code libraries are, by and large, untrusted sources. Even the hint that someone at Microsoft unleashed untrusted, untested, and flawed code on millions of computer users is both reckless and frightening. This time, the code just didn't work right. Next time, who knows what it'll do.

Oh, and it wouldn't be the first time that Microsoft has been liberal with the use of the CTRL+C and CTRL+V keys to build sites.

Editorial standards