So, I was about to write on another topic altogether, just to discover that an automatic update to one of the modules that make up this website had crashed the entire thing. All that would come up was an error message. This was not a small-time, off-brand add-on, either. It was major brand name add-on. Shame, shame.
That add-on has been disabled, never again to be ventured by me.
Fortunately, I am a programmer with centuries… er… um… decades of experience in software, and I was able to get the site back up in a few minutes. But I shouldn’t have had to. What about all the other such sites using this same combination of tools? Tens of thousands likely were bitten by this same update. Do they all know how to get around software fixes and aren’t fixes? Doubtful…
What very few decision makers in the computer industry seem to know (few, not none) is that these situations do not have to happen. There are several solutions available, beginning with more extensive testing (more, more, more! Never too much testing!! Microsoft could learn from that one), all the way up to an automatic certification facility, where, after an update, it checks to see if the website still runs, and if not, removes the update, then cross-compares with other update situations and tries to figure out the problem, etc, etc.
To any one saying “that’s not possible,” trust me, it is. Especially with websites, not hard at all. A bit tedious maybe… but scarcely impossible. And at that, only tedious to the programmers and designers of the product, which is nothing compared to the shear panic involved when the consumer finds this website is down and does not have centuries of experience with computers to help him sort it out.
(Further, with an admittedly not-insignificant change to how computer hardware works, it would be possible to certify software as bug free right from the start, leaving only design flaws, not actual coding bugs. Alas… I fear the study demonstrating that has been lost — that proof was published quite a while ago, now.)
There’s an odd phenomenon going on in the computer industry these last 20 years: a frantic drive to make it “simpler, and simpler and simpler.” Which is good in theory but what they’ve been doing under this heading ends up only causing more problems than if they’d left it alone. Besides, it couldn’t be anything but a short-term solution at best.
Such as: automatic updates that break the system. (I’ve also turned off automatic updates; my bad for not doing that from the start, really.)
Such as: take security systems for password recovery. An increasing number of people come to me for help in navigating the “simple” instructions for how to recover a lost password with Apple or Google. (With Microsoft accounts I shake my head and tell them it’s probably impossible, but let’s try anyway!)
It would be wonderful if once a year for 3 weeks or more every CEO in the computer industry spent time incognito, doing grunt work in a small computer shop, (or a week in each of three shops in various economic strata), just making a show of being “busy” but really listening to all the people who come, what their real problems are and what their real challenges and needs are.
Believe me: it would be an eye-opener for them, one and all. (Well, probably not all: there is one guy at the top of food-chain whom I suspect has a fair grasp of reality.)
Ok… here’s the core of my message: if you release an update that crashes thousands of websites, who covers that cost? Who does cover it is the website owners. Who should cover it?
When Microsoft releases a radically new version of Windows that is so changed I have to escort one of my regular clients to the ER for an anxiety attack (I am not making that up — it was a PTSD reaction… though my own reaction on seeing the “new and improved” Windows made me instantly start swearing), when Microsoft radically changes the way a billion plus people access their computers, with no warning and no easy way to go back to what you’re used to… who covers that cost? Can that even be compensated?
My point, and I’m gradually getting there, is that there is a HUGE responsibility that goes along with having millions or billions of customers. It’s not a thing to ride-high on, gloat over or even swagger into the stock holders meeting over. It’s a thing to fear and to feel to the marrow of your bones as the immeasurable responsibility you now have taken on.
Every time Oracle causes me to suffer through another Java update, and I see that “serving over 2 billion devices” (or is it over 3 now?) I cringe! 2 billion devices and folks dependent on this thing and they actually advertise that fact? This is advertising a massive vulnerability! One fake update, or one update from them that wasn’t completely tested and an unknown but massive amount of damage could result all over the world. And they advertise this. Wow.
[By the way, Oracle actually is a pretty responsible company. I do not mean to malign them at all, in any way. They have some really good software engineers in many areas. Nevertheless, I cringe every time I see that incredible vulnerability being shouted to the Four Corners.]
It’s the apparent lack of a sense of responsibility that I dislike about modern “corporate culture.” Buyer beware (caveat emptor) and all that. Massively irresponsible is that attitude (especially when combined with a failing educational system among the consumers). When that is spread out among a billion or more customers? A billion or more “gadgets” (ATMs, medical machines, tablets, computers, phones…) the scope becomes impossible to imagine.
What would satisfy me here? Should Oracle stop shipping JAVA everywhere? No, not at all. But I think it is shipped too freely, with too few safeguards. Most folks (I would venture 99% of all those who click — or don’t — on that “update Java now?” question have no idea what Java even is. I get asked rather a lot about Java, is it safe, should I update it? Can I get rid of it? And nearly all people think JAVA and JavaScript are the same thing, and they are in no way related. Oracle could do more to educate people on this topic.
Frankly, I don’t know why JAVA updates are not simply folded in to Microsoft’s and Apple’s update mechanisms and automatically (and securely!) handled that way without the user having to make a guess about it all. So, Oracle wouldn’t get the advertising they are now getting. But frankly, they’re not getting the advertising they probably think they are getting anyway, because, as I said, 99% of all people who click on that update (or choose to not click on it) have any idea what it is or why they should care. (Nor do I know why they should care … it’s like requiring every car driver to know how to pull a spark plug, gap it and put it back. Silliness.)
The best solution: educate the user. Educate the consumer. Educate the people. Educate. There really is no other solution to a very large percentage of all the world’s problems right now, by comparison with which, a crashed website is a small issue. The same solution would work for many things, though. (More on that in another conversation / pontification.)
Alright, if you’re thinking I just don’t understand business, you wouldn’t be the first person to tell me so. Consider that the feeling might be mutual, though. To me, long term is centuries(1), not next quarter’s stock returns.(2)
Just a thought (or six)…
(1) even unto the seventh generation… you might say. Or longer. I’ll tell you this: any planning at the major corporate or city government and up level, that isn’t at least 100 years out, isn’t planning at all: it’s a hope and prayer. Raise a ruckus: ask your city council to see their 100 year plan. 🙂
(2) Margaret Mead, the great American cultural anthropologist, once said, “In America, long term means next quarter.” Nothing has improved in corporate culture since then.