Microsoft's meltdown

Microsoft has committed one of the cardinal software sins. Unless it explains itself, it risks losing users' confidence
Written by Leader , Contributor

Forget your opinions about Microsoft. Ignore the industry politics, the legal manoeuvring and the arguments about innovation. The company has one core job to do — produce competent products that do not hurt its customers.

It is not doing that job.

Take Microsoft's Live OneCare, an new online security suite designed to provide "all-in-one security and performance for your PC". Last month, we reported that it failed to protect Windows Vista against virus attack. This week, that it failed comparative testing so badly it may not even qualify for inclusion next time. So far, so bad. It's a young product. It may mature.

The latest report, though, is far more chilling. A bug has surfaced which can, under some conditions, delete users' email stores. Many companies would regard that by itself as a showstopper, yet that's not the worst of it. Most tellingly, this is an old bug that's resurfaced. According to a Microsoft MVP posting in one of the company's own forums, this problem was found in beta and fixed — only to reappear in version 1.5.

If you're a software developer, you'll know what that sounds like — version control failure or fragile code compounded by inadequate regression testing. Old source reappears through poor management, a patch breaks due to fixes elsewhere, and the mistake makes it into the latest version without being found. This is one of the worst events that can hit any software project: if that's gone wrong, what else is broken in there? Nobody knows.

As a user, this means you must no longer trust the product. The component you deployed as a mature, trustable component of your security has reverted back to beta — or, worse, an unknown mutant made from some novel mix of source versions.

There may be other explanations for this bug. If there are, Microsoft needs to make them plain and it needs to make them quickly. As it stands, OneCare appears to show a company with serious organisational problems, with products that cannot be considered safe by any competent IT manager.

We'll say that again. Until Microsoft explains how this happened, it cannot be considered a reliable supplier. There is nothing the company can do or say that's worth a bean if it is incompetent to produce code. No company can survive a total meltdown of trust, and that is closer than Microsoft dares to think.


Editorial standards