We answer all requests. Some we answer "No"

  • Article

It has been a while since my last blog because I have been busy on a case which proved a little tricky. I will talk about that one next blog because it was a very interesting problem.

Instead, I am going to talk about a type of request that we often get and normally have to decline. Some customers want more bugs in our product. No, I did say more. It wasn’t a typo. There generally fall in to two categories.

1. I used this feature in version X-1 and now it is broken. I want it fixed in your new version X. This is quite a common scenario but we can consider an abstract case. Imagine that we allowed you to pass one of the objects belonging to the runtime system out of the process because we had done insufficient error checking to spot when you were trying to do this. Further imagine that this worked for one particular scenario or possibly didn’t crash and did deliver the data to where it had to go but leaked 40 bytes. It is a bug that it didn’t stop you from doing something like that and we come across a place where this has caused a massive problem. Accordingly, we fix it and the new version breaks a few applications which used this and just crashed once in a while. We almost always deny requests to reintroduce bugs. There are a few rare exceptions of bugs that were so widely used that they become regarded as features. In VB n (n <= 6), there was a difference between x = foo(i) and x = foo((i)). The second example passed the contents of i by value regardless of what the function was expecting. The reason was a bug. The parser saw the second open bracket and thought "Oho, we have an expression here". Expressions can’t be passed by reference so it forced the code generator to pass the value ByVal.

2. I need to do this and I know that I shouldn’t because it breaks security/is not secure but mine is a special case. Can you put in a way past security? This is an easy one to answer for us. No. We can’t. Your case may be special and it you may want it for a very noble reason but if we open up a security hole then as sure as eggs are eggs, someone will use it for evil. We used to get this request quite often to allow sending of mail from outlook without the user knowing. I can see why people want it but it is a free license for every script kiddie who wants to send a worm around the world.

We sometimes get requests that we deny for legal reasons. We are not going to help anyone break copy protection on someone else’s intellectual property. We are certainly not going to hack in to someone’s competitor to steal data for our customer. Don’t laugh – it was a genuine request. I even had a request for information on how to get past our licensing system so that the caller could sell pirate copies of MS software. I like to help but please…

Never a dull moment

Signing off

Mark