On 16 Jul 2001, at 10:41, Bruce Toback wrote:

> The problem is that features like Word macros and VBS
> auto-execution are enabled by default, and users don't know what
> these features are or that they're supposed to disable them
> (which, of course, robs them of the functionality the features
> were supposed to provide).

The problem is that Microsoft's policy is to install every piece
of their software with every option turned on and every known
interaction between software components enabled.  This, as
far as I can determine, is done simply to reduce the number of
support calls generated by users of Microsoft products.  While
there is no doubt a compelling business case here insofaras
increased user satisfaction (most things work as soon as you
install them) and lower cost (because they usually work then
Microsoft isn't burdened with the expense of providing
assistance in getting common software installations to
function for novice users) the problem comes down to one of
informed consent.

If we went to a doctor and were given a combination of pills
that individually posed no risk to our health but when taken
together made the safe operation of a motor vehicle
problematic then we expect to be told that fact.  Further, if
there exists alternative remedies which preclud such a
situation then we would expect that course to be taken
regardless. We expect this whether we drive to the doctor's
office or not and whether we obtained the pills all at once or
had them prescribed over a period of time.

Microsoft's approach to universal software component access
may once have posed little risk; when work stations
computers were rarely networked and when Internet access
was a novelty enjoyed by only a few.  Now however, this
practice is nothing short of negligent.  The risk to computer
users posed by this practice is profound and the benefit to
them is negligible.

Software installation routines can and should be written to
enable the minimum set of features necessary to operate only
those functions selected by the user.  The default install
process should provide the minimal functionality required.
There is absolutely no reason why a person who wants to be
able to type a letter and e-mail it to a friend should be placed
in a position where his personal records and valuable data
could be placed at risk simply because he took the defaults
during the installation of his software.

It is fine to claim that software users should be knowledgeable
and take adequate precautions to guard against the hazards
of the environment.  However, such statements do not remove
the liability of other manufacturers for the consequences of
poor product design and inadequate safety precautions.  I fail
to see why software should be an exception, particularly as it
is the manufacturer's decisions that has created the
hazardous environment to begin with.  There is a very real and
very large expense caused by this deliberate behaviour and we
are all bearing it.

Regards,
Jim


---   *** e-mail is not a secure channel ***
James B. Byrne                Harte & Lyne Limited
vox: +1 905 561 1241          9 Brockley Drive
fax: +1 905 561 0757          Hamilton, Ontario
mailto:[log in to unmask]  Canada L8E 3C3

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *