Windows coders write buggy code - ON PURPOSE.

thats what coders do to keep there jobs, why would you want to write a code thats gonna last forever that would put you out of a job so you write buggy code so that eventually you'll have to write new code to replace it
i had to explain this to a friend recently there just doing there jobs

I have known this for years, you have just proved it. It makes total sense. It is called, "job security" I hate those freaking updates, they ultimately end up crashing your system. Microsoft is scaring people off to open source OS's.

Another software dev here.

No notes - just conversation on what we've done, maybe a demo of the functionality so far, more conversation on the next part, agree what is needed then write the code.

At no time has malicious software ever been deliberately coded into an app that I've written. I'm sure there are many laws covering that kind of behavior. It requires more than a typo to make it happen, too. Missing out a ']' will result in compile errors, not malicious code that steals CC data.

Remember Google and their BS excuse of one lone programmer and some bad coding resulting in their StreetView cars stealing *TERABYTES* of WiFi data "accidentally" and no-one noticed? Utter lies! The sheer volume of data would have swamped the data collection system, and someone would have noticed. In addition, the cars required HARDWARE to capture WiFi data, and they're going to notice that, too.

There is no such thing as accidental capture of terabytes of data when dedicated hardware and software is required.

So much guessing and just plain ignorant posts.

Programmers interact with Windows code constantly, when creating their own software. Do you really think this would be invisible to everyone? If there is one thing that is OBVIOUSLY transparent, it's WINDOWS CODE. Why do you think there are so many malware / viruses that take advantage of even a single BYTE of space to infect a computer? And yet no one has found this CIA code that somehow "spies" on us.

There are people that track ALL traffic leaving their computer. Sniffers have not found super-secret info going out to the CIA. If spying on corporate America was that widespread, many people would know. No one has found the code. No one has seen the traffic. And yet magically we are being spied on.

Use some common sense people.

reply to post by mirageofdeceit


I think you have summed it up rather nicely in half a sentense;

The sheer volume of data would have swamped the data collection system ...

The sheer volume of data exchanged daily over the Internet, in the form of "submitted data", emails, etc. is by far too much to be handled with today's technology. Even if some filter were developed, that kind of a project would keep Hard Drive makers busy 24/7, and "Western Digital" and their ilk would be the big companies, not the likes of Microsoft.

I am a software eng also,

There is a great quote that really sums up the nonsense in this thread..

"Never before in the history of mankind have so many people known so little about so much."

( Dr. James Burke , "Connections" / PBS ")

It works in most technical discussions these days...

Originally posted by skeptic_al
reply to post by coder22

 

It doesn't matter if this story is true or false.
Think of it this way in terms of Logic. If they wrote Perfect Code with no bugs, why would
anyone even think about upgrading. Due to the complexity and decreasing chip size of hardware they also breakdown much easier and more often, supporting M$ model of why make Perfect Code. Why do car manufactures design cars to last 10 years, or in the case of GM 5 years, because nobody would buy a new one, they would have no need to. Everything IS designed to last X Years, the problem is that X is getter shorter and shorter, so we are constantly replacing things.

I think perfect code is impossible, especially in large scale projects like the ones Microsoft usually engineers. I spend more time debugging than I spend writing new code.

reply to post by krzyspmac


u must have heard about the iphone tracking users movements..apple says its a flaw..what do u think?.. a flaw that keeps track of the user or a purposeful attempt at tracking phones?

if it is a flaw then it proves u wrong that faulty code cant be used to obtain data but if it is a backdoor..who gets to call it as a backdoor ...afterall the company isnt goin to???

reply to post by 547000


perfect code is possible if u consider that an OS is a program and that means a long sequence of bits..the perfect program would be X bytes ...programming is simply producing the right sequence of the right size

For those of you who are developers - below is the kind of thing I'm talking about - dodgy code written on purpose that looks legit, that can get past a check by other programmers looking over the code. Then, when said mistake is discovered, it looks like an honest mistake.

for(c = buf;*c;c++) [
if(isdigit(*c)) [
if(!ws) [ // new number, increment location.
ws = 1; x++;
if(x >= width * 3) [
y++; x = 0;
]
]
if(x > rx * 3 && x ry && y < ry + rheight)
putchar('0');
else
putchar(*c);

] else [
ws = 0;
putchar(*c);
]
]

Now, programmers - tell me what is wrong with that code?

EDIT: ATS autoformatted out the tabs and indents but you see what I mean....

Originally posted by coder22
For those of you who are developers - below is the kind of thing I'm talking about - dodgy code written on purpose that looks legit, that can get past a check by other programmers looking over the code. Then, when said mistake is discovered, it looks like an honest mistake.

for(c = buf;*c;c++) [
if(isdigit(*c)) [
if(!ws) [ // new number, increment location.
ws = 1; x++;
if(x >= width * 3) [
y++; x = 0;
]
]
if(x > rx * 3 && x ry && y < ry + rheight)
putchar('0');
else
putchar(*c);

] else [
ws = 0;
putchar(*c);
]
]

Now, programmers - tell me what is wrong with that code?

EDIT: ATS autoformatted out the tabs and indents but you see what I mean....

edit on 24-4-2011 by coder22 because: (no reason given)

I have no idea what that does. There are no helpful comments, I don't know what the name of the function is, and the variable names do not give any context. I would tell that programmer to read Code Complete. Is this outsourced code by any chance?

reply to post by 547000


Looks like pretty boring code though doesn't it? Would you expect that code to have a nasty outcome? - The functions don't matter.

Originally posted by coder22
reply to post by 547000

 

Looks like pretty boring code though doesn't it? Would you expect that code to have a nasty outcome? - The functions don't matter.

It might. The way it loops the strings might cause a buffer overflow. It's waiting until it reaches a 0, and a hacker might take advantage of this by supplying shell code.

At least that's what I think is wrong. Since I have no idea what this function does, I'm just guessing that possibility.

reply to post by 547000


Yes Sir, you are indeed correct - But the point being - if this code was part of other software code, a programmer, not specifically looking for something nasty will pass over this on most occasions. As it's only a few lines, and looks like a simple looping mistake.

My buddy says that this is the kind of thing the Microsoft coders are told to do. Now, it's only a small group of programmers. They are designing the bugs to get past the eyes of the other programmers, of course, their methods would probably be much more advanced than my example posted above. (As it was just an example)

Originally posted by coder22
reply to post by 547000

 

Yes Sir, you are indeed correct - But the point being - if this code was part of other software code, a programmer, not specifically looking for something nasty will pass over this on most occasions. As it's only a few lines, and looks like a simple looping mistake.

My buddy says that this is the kind of thing the Microsoftprobable that the devs coders are told to do. Now, it's only a small group of programmers. They are designing the bugs to get past the eyes of the other programmers, of course, their met ds would probably be much more advanced than my example posted above. (As it was just an example)

I see your point. It's just hard to believe Microsoft would encourage leaving exploits like that. I see that it's more probable the devs were being careless, or uneducated in the methods hackers use to exploit code.

reply to post by 547000


Yeah, I was kind of shocked when he told me about it too. But I think this is only a small team of developers. Maybe 5/6 programmers.

Sometimes I think though that it would be easy to do, considering coders have been writing malicious code for fun for decades. Think about the infamous fork bomb which is only a few characters long which can still hang many systems today :

: ()[ :|:& ];:

^ The above code executed in the bash shell will make most linux systems crash. (I think Ubuntu is safe - try it with Fedora / RHEL)

(Had to insert a space when defining the : function as it gives a sad face...)

Originally posted by coder22
reply to post by 547000

 

^ The above code executed in the bash shell will make most linux systems crash. (I think Ubuntu is safe - try it with Fedora / RHEL)

(Had to insert a space when defining the : function as it gives a sad face...)

edit on 24-4-2011 by coder22 because: (no reason given)

No linux OS can withstand the fork bomb, even though there are some things which can be done to limit the damage but I don't think that is included in most of the out of the box distro's. Ubuntu will not crash but simply consume all resources, it is still possible to type a command to end the bomb process but it takes a lot of patience and rebooting is easier. Just tested it on my zentyal (ubuntu) FS vbox machine.

This does not surprise, they are just out to try ad make more money

I do not trust any closed source software. Microsoft has an agenda, and that is to make you mad at the OS you have now, so you will buy the "new improved" one that comes out in a few years. I remember ME. How buggy was that OS? Then came XP, and I must admit XP runs pretty good, in fact a lot of my customers (I run a small PC repair shop) ask me to install XP instead of Windows 7, which everyone seems to hate in this neck of the woods. I started using Linux because I got tired of all of the updates every other day, the constant crashes, fatal blue screens, and the constant threat of viruses and malware. I have a custom box running PC Linux Gnome. It is fast and stable, and I can do anything a Windows PC can do except perhaps play games, but them, computers were not meant to play games on all the time, were they?

reply to post by Dragonfly79


Sorry, What I meant was - Ubuntu's default set-up makes it impossible to execute a successful fork bomb this way. Fedora and RHEL though do not protect by default.

But yes, you are quite right - all are vulnerable.