News: 1721032210

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Hey Microsoft – what ever happened to 'Developers, developers, developers'?

(2024/07/15)


Opinion As Microsoft approaches its 50th birthday next year, it can look back with satisfaction at having created the first era of universal corporate computing, and of having ridden successfully on the coat-tails of the second.

It is one of the companies that pop in and out of the quantum state of richest in the world. And if ever an outfit qualified for full understanding of its market, it's Microsoft.

So when it causes what looks like random suffering to its customers, we must assume it's deliberate. The infliction of deliberate, needless suffering would be abuse, a serious charge, but the possibility bears serious examination. Most recently, we have the case of Redmond telling its customers that the [1]connectors and webhooks that link Teams to Office 365 are going away over summer, and everyone now has to switch to Power Automate. Just another old system deprecated to make way for the new, surely?

[2]

Not so, argue the users affected. There's no need for the change, it's going to cost them for no advantage, and forcing a quick transition over the summer when so many staff are on break is just cruel. The pain is intensified by what the technology actually does - it helps create and smooth workflows within organizations. To mix immiscible metaphors, it's the glue that binds everything together and the oil that keeps things flowing. Breaking it breaks so much for so many. Transition has to be absolutely necessary and meticulously planned.

[3]

[4]

Microsoft has excuses, like this change is needed for security and stability. This is the first anyone has heard that connectors are neither scalable nor secure – please tell us more. Hello? Hello? Charitably, that has to be the normal marketing spin when a company wants to forcibly push people off platforms that were previously the best thing since America discovered craft beer. Create a problem and sell the cure. Yet that doesn't explain the urgency or the feckless timescale: some might even speculate that there has to be some internal Microsoft milestone for departmental revenue, or perhaps a regulatory reason. There was no customer voice within a lightyear of that sign-off.

It's not an isolated incident, either. Your correspondent lent a sympathetic ear to an Azure dev the other week, where they were trying to create a data flow within an Azure Data Factory pipeline. Hmm, there's that flow again. They couldn't make it work: one part of the system throwing up an error when presented with a perfectly good input that worked elsewhere. The internal debug help didn't, the documentation was out of date and useless, and support? "Hah!" Senior heads were scratched, all search options exhausted, and in the end the Azure "solution" was abandoned.

[5]

This is not an abnormally incompetent dev, any more so than those who are reacting in horror to the implications of the dead connectors. This is not an unusual story, nor has it been in all the decades Microsoft has been helping itself to corporate cash. There can be no economic justification: however you do the sums for providing good support that respects the customer, it won't come within a parsec of the money spent on failed mobile strategies or pointless mega-takeovers.

The result is real abuse of real people - as, shockingly to much of the world and seemingly to Microsoft, developers are real people. The damage done to project timescales is real enough, but so is the mental harm in frustration, overwork and burnout for those fighting the tools that should be helping them. This isn't snowflake wokism, it's a fact, and it doesn't have to be like this.

It is not unreasonable to ask someone who is hurting you to stop it. When that someone has all the power and money in your world, such an ask becomes more than reasonable, it is compelling. How to get the attention of Microsoft and its many fellow travelers in corporate callousness – that's a good question.

[6]

The problem is that the only legal relationship Microsoft has with corporate devs is the license, created to minimize the vendor's obligations. Keeping promises to developers does not feature. Not even on the radar. It could be, if client companies wanted it, but you may have noticed developer happiness isn't always on the internal radar either.

[7]Fragile Agile development model is a symptom, not a source, of project failure

[8]Open source versus Microsoft: The new rebellion begins

[9]Forcing AI on developers is a bad idea that is going to happen

[10]That runaway datacenter power grab is the best news for net zero this century

[11]That's not the web you're browsing, Microsoft. That's our data

Fun as it would be for thousands of devs to take Big Tech to court for mental abuse, that ain't gonna happen. What's needed to start the ball rolling is what behavioral psychologists call a nudge, consistent pressure to make people feel uncomfortable about bad habits. Over time, this can escalate into stronger pressure, and eventually into changes in the law that would have seemed impossible a few years before. Think about smoking or careless driving.

Microsoft and its ilk get away with bad behavior because it's never seen as a bad habit with cumulative effects, just repeated chronic isolated acts of bad faith. Let's start keeping count, as the state keeps count of bad driving. Microsoft works by licenses, so let's start giving it boots for violations. Every day lost because documentation isn't valid? A point. No help from support? Point. A service withdrawn without due care and attention? Lots of points.

Such a scheme would need common and reasonable definitions of bad behavior, and enough people playing the game. Given that, though, the steady accumulation of points will be impossible to ignore. Adding, of course, the cash cost per point to aid the upward pressure through the system towards those who sign the contracts.

Nudges change minds, and changed minds change laws. Laws that stop companies harming their clients are nothing new. So let's start that conversion. It's very far from pointless. ®

Get our [12]Tech Resources



[1] https://www.theregister.com/2024/07/09/users_rage_as_microsoft_announces/

[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2ZpTzOBkcd4XAJZ7rabLgrQAAAhU&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZpTzOBkcd4XAJZ7rabLgrQAAAhU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ZpTzOBkcd4XAJZ7rabLgrQAAAhU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZpTzOBkcd4XAJZ7rabLgrQAAAhU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ZpTzOBkcd4XAJZ7rabLgrQAAAhU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[7] https://www.theregister.com/2024/06/10/agile_opinion_column/

[8] https://www.theregister.com/2024/04/15/opinion_microsoft_sovereignty/

[9] https://www.theregister.com/2024/02/12/opinion_column_on_forcing_ai_features_on_developers/

[10] https://www.theregister.com/2024/01/29/the_datacenter_runaway_power_grab/

[11] https://www.theregister.com/2024/02/05/opinion_column/

[12] https://whitepapers.theregister.com/



jemmyww

I haven't dealt with MS for a long time. However, recently I decided to put together an app that required native libraries, and I needed it to run on Windows and Mac. So I signed up to both companies developer programs so I could get signing certificates. Apple's process was straight forward, and you pay the annual fee and you have access to what you need. Microsoft... I really don't know what I've signed up for, I seem to have gone through three separate flows to get my account and add things to it. I can now make an app for the MS store but I'm very unclear if I can just get a signing certificate for my own distribution. The documentation indicates that I might need to buy one from a "partner" third party, and they're very expensive, and confusing. That's probably fine if you're an organisation, but for a solo dev it's starting to look a bit out of reach. I do seem to have been given thousands of $$ of Azure credits though, so I guess I could move my online stuff there for a year. Shame I can't swap those for the thing I actually need.

Code signing certificates

9Rune5

I believe you're talking about code signing certs.

There was a change a few years back. It used to be that you could just buy a code-signing certificate from a trusted third-party and sign your executables with that.

Today they do not trust us with storing the private key safely. Some of us would simply check it into our source repositories (I once joined a team that used to do that) or keep it around in various places (the build computer being one of them). I am sure you've seen stories of CSCs escaping into the wild. Those incidents affects the entire ecosystem.

One approach is to keep what is essentially the private key on a USB stick. Some vendors offer this together with some crappy software that guard the key. One solution I tried didn't seem to work, until we realized that using remote desktop into the VM where the USB was plugged in made the key appear dead. We had to use remote access software provided by the VM vendor which was a little bit closer to the metal I suppose. (by the time I figured that bit out, the nimcompoop who had ordered this key had forgotten the password and I couldn't proceed)

The best approach is to keep your build pipeline online. E.g. Azure DevOps have third-party tie-ins that will manage the private key for you. I have not had a chance to try this myself, but it looks like the path of least resistance. There are many, many advantages to not having to mess with your own build server -- I do not want to go back.

HTH.

Times change

Pete 2

> what ever happened to 'Developers, developers, developers'?

It developed.

It's now money, money, money.

(there could be a song in that!)

Zippy´s Sausage Factory

The issue with Micros~1 is that they can't be relied on any more. You can't deploy something one way to Azure today and have that still work tomorrow. And if you can't rely on them, maybe it's time to detach from their ecosystem. Problem is, there's nothing really that can end-to-end replace it, and managers love having a contract where if something goes wrong there's just a single throat to choke - not that that has ever worked in the past, but it's nice to have the illusion.

Longevity

9Rune5

A bit difficult to predict what will happen tomorrow, but I will offer the following observation: The stuff I developed for AKS (Azure Kubernetes) three years ago is probably still running without much adoption. The AKS environment requires updates (not much work on your part, but may incur a few minutes of downtime), but mostly it runs. I can go back to those projects and deploy them as Azure Container Apps without much (if any) modification.

Some caveats:

- Third-party libraries require regular updates. GitHub has its dependabot service that will scan your source code and post pull requests whenever this happens.

- Yes, some packages are sometimes made obsolete. E.g. .net apps are now supposed to use OpenTelemetry with Application Insights. The old way is still supported, but it is a good idea to make the transition to OT now rather than later.

But no, you cannot deploy a public service and leave it running for a few years unattended. At the very least you need the security updates. That is regardless of what ecosystem you're using. (maybe a 'hellorld' app would be able to do that, but anything with any complexity will require some attention)

Doctor Syntax

"And if ever an outfit qualified for full understanding of its market, it's Microsoft.

So when it causes what looks like random suffering to its customers, we must assume it's deliberate."

Obviously - except that it's not random.

The understanding is simple. Having established a monopoly and terrified its victims customers about the prospect of jumping ship it can then screw them as hard and as often as it likes wherever there's a chance of increasing revenue.

Developers are just collateral damage.

Always look over your shoulder because everyone is watching and plotting
against you.