Чак (auto194419) wrote,

Why Software Is So Bad

“Software sucks because users demand it to.”

On average, professional coders make 100 to 150 errors in every thousand lines of code they write, according to a multiyear study of 13,000 programs by Humphrey of Carnegie Mellon. Using Humphrey’s figures, the business operating system Windows NT 4, with its 16 million lines of code, would thus have been written with about two million mistakes. Most would have been too small to have any effect, but some—many thousands—would have caused serious problems.


The potential risks of bad software were grimly illustrated between 1985 and 1987, when a computer-controlled radiation therapy machine manufactured by the government-backed Atomic Energy of Canada massively overdosed patients in the United States and Canada, killing at least three. In an exhaustive examination, Nancy Leveson, now an MIT computer scientist, assigned much of the blame to the manufacturer’s inadequate software-engineering practices. Because the program used to set radiation intensity was not designed or tested carefully, simple typing errors triggered lethal blasts.

Despite this tragic experience, similar machines running software made by Multidata Systems International, of St. Louis, massively overdosed patients in Panama in 2000 and 2001, leading to eight more deaths. A team from the International Atomic Energy Agency attributed the deaths to “the entering of data” in a way programmers had not anticipated. As Leveson notes, simple data-entry errors should not have lethal consequences. So this failure, too, may be due to inadequate software.


In January, Bill Gates issued a call to Microsoft employees to make “reliable and secure” computing their “highest priority.” In what the company billed as one of its most important initiatives in years, Gates demanded that Microsoft “dramatically reduce” the number of defects in its products. A month later, the company took the unprecedented step of suspending all new code writing for almost two months. Instead, it gathered together programmers, a thousand at a time, for mass training sessions on reliability and security. Using huge screens in a giant auditorium, company executives displayed embarrassing snippets of flawed code produced by those in the audience.


The fine print in many software licenses forbids publishing benchmark tests. When PC Magazine tried in 1999 to run a head-to-head comparison of Oracle and Microsoft databases, Oracle used the license terms to block it—even though the magazine had gone out of its way to assure a fair test by asking both firms to help it set up their software.

(MIT Technology Review, paid subscription req'd: )
  • Post a new comment


    Comments allowed for friends only

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded