Mark Stephens, the PBS pundit who goes by the pseudonym Robert X. Cringely, is modestly famous for his bomb-throwing anti-Microsoft screeds. He’s also famous for being flat-out wrong, often, even when it comes to his own professional credentials. His latest column, A Whole New Ball Game, reaches new heights of misinformation. Here’s a snippet:
Last week, a Microsoft data security guru suggested at a conference that corporate and government users would be wise to come up with automated processes to wipe clean hard drives and reinstall operating systems and applications periodically as a way to deal with malware infestations. What Microsoft is talking about is a utility from SysInternals, a company that makes simply awesome tools.
This is pure horseshit. One surefire indicator that something is rotten in this particular pulpit is that Mark’s … oops, sorry … Bob’s column contains no links. In fact, his columns never link to any external sources of information. Isn’t it remarkable that someone who writes a weekly column for the Internet never links to anyone else? If you want to actually check the facts about something Mark/Bob has written, you have to go dig it out yourself.[*] In this case, the quote is from a presentation at the InfoSec World conference by Mike Danseglio, program manager in the Security Solutions group at Microsoft. The story was originally reported by Ryan Naraine of eWeek. (Read the whole thing here, and see some additional remarks of mine here.)
Did Danseglio really say that corporate and government users should “periodically” wipe and reimage systems? No, not at all. He said that’s the most effective way to deal with a system that has been compromised by a rootkit or an infestation of some advanced spyware programs. And he’s right. When you let someone else take over your operating system, it’s not your PC anymore. You could spend hours or days trying to find and remove all traces of the intruder, but you’d never know for sure whether you were successful.
So, wipe and reimage as a last resort. But the smart, safe strategy that Danseglio recommends is prevention. In fact, if you click to the second page of the eWeek story, you read this conclusion:
According to Danseglio, user education goes a long way to mitigating the threat from social engineering, but in companies where staff turnover is high, he said a company may never recoup that investment.
“The easy way to deal with this is to think about prevention. Preventing an infection is far easier than cleaning up,” he said, urging enterprise administrators to block known bad content using firewalls and proxy filtering and to ensure security software regularly scans for infections.
That’s good advice, and it’s consistent with the “defense in depth” strategy that the Microsoft Security Response Center has been advising for years. But you’d never know that if you read only Cringely, who preaches to an audience that’s eager to sop up anti-Microsoft propaganda, no matter how ill-founded or factually challenged.
And then there’s this:
The crying shame of this whole story is that Microsoft has given up on Windows security. They have no internal expertise to solve this problem among their 60,000-plus employees, and they apparently have no interest in looking outside for help. I know any number of experts who could give Microsoft some very good guidance on what is needed to fix and secure Windows. There are very good developers Microsoft could call upon to help them. But no, their answer is to rebuild your system every few days and start over. Will Vista be any better?
Given up on Windows security? Yeah, I guess Windows XP SP2, Windows Defender, Windows Live OneCare, Microsoft Client Protection, and the many security improvements built into Windows Vista don’t really exist. No internal expertise? That’s ludicrous, as anyone who’s spent even 10 minutes with the Windows team would know. No interest in looking outside for help? As Scoble points out, all you have to do is look at the attendee list of Microsoft’s BlueHat Security Briefings to know that conclusion is not supported by any facts.
Or you could just look at the by-line. If it says Cringely, you know it’s wrong.
Update: Dwight Silverman is skeptical about some unrelated parts of the same Cringely column.
[*] As some commenters point out, a separate page, unmentioned in the original column, includes a link to the eWeek article. I’m a little baffled at the idea that a columnist who writes a weekly column for the web hasn’t learned how to create hyperlinks. It is 2006, after all. But technically, he did provide a link to this article, if you know where to look.
Ed Bott 
I haven’t read the column yet, so I don’t have a comment on its accuracy. However, Stephens/Cringely does link to the same eWeek article you reference above on his “links of the week” page at http://www.pbs.org/cringely/links/links20060406.html
Attacking Cringely is silly. As a matter of fact, many technology folks routinely attack Cringely and Dvorak for their outside-the-box commentary. Yet both have notable predictions that are true. First of all Cringely’s year end predictions are about 70% correct. For example, he correctly prediction the G6 wouldn’t be released and Apple would consider moving to another architecture. Along the same lines, Dvorak correct predicted OSX for Intel being released. Both items lead to these columnists being grilled and flamed even though they were right. The fact is, Microsoft has a horrible security record. Firewalls, virus scanners, and spyware scanners are the norm now on all my windows machines when before they weren’t necessary. Internet Explorer is not used unless it is for testing Windows Updates or downloading WGA-protected content from Microsoft. Default Administrator privlidges, remote exploits, and generally poor overall design of windows requires the bandaids that you herald as examples of Microsoft pushing for security. About the only good thing about Microsoft is systems administrators will never be out of a job as long as this continues. By the way, patch tuesday is coming up so I have to go prepare for hell again.
Well I have to say that in the past I found some of Cringely’s articles well done criticisms of the state of things in software.
I also have found Ed’s much the same. I don’t understand why Cruz above is calling Ed such an MS apologist.
In either case Cringely might deserve criticism for getting his facts wrong. But the reality that I keep seeing is that no software is very secure. It’s like economics, the “dismal science”. Either they start using more hardware implementations and remove less control from the software or they develop a new way of creating software. Until then I see little hope of anyone improving on the situation and we will continue to have these pointless arguments.
You are full of shit too.
1) Reformatting your OS : this won’t get you away from having to acknowledge that XP SP2 and the horde of addtional anti-virus/malware software has not stopped the IE flaws. How less has Microsoft put everyone’s Windows-powered PC at risk these days?
2) defender, one care, … : yeah, and what about rootkits? Feel free to discuss how Microsoft has so blatantly let the Sony BMG rootkit fiasco go away without any form of damage. Is Microsoft security software aimed to protect users, or to protect Microsoft’s public image, or competitor’s public image when it’s important for Microsoft?
Cringely sure knows what he is speaking about. Although, must say he does seem to have a humorus or arrogant aura around him. Why one should pay attention to Craig (http://www.pbs.org/cringely/about/) is definitely far from humble :)…..
Anyway, tat much for flaming! The fact remains though, Craig has added quite some spice in his report over and above the eweek article. But then thats synonymous with most journalist/publishers. Agreed, windows doesn’t have a good track record on security. But then, now that OS X has started gaining more users, Safari’s security flaws, and Mac OS X crashing have alo come to the open.
Craig’s idea that MS has given up on its specialists is just far too bloated. In the same breath, must say that its acceptable to reformat once OS is taken over 🙂 sounds like a perfect Dev’s idea :). I have to bring down and rebuild my house completely if a small( or big for that matter) theft happens in my house? Certainly and surely not, I FIX THE SECURITY LOOP. And if it happens inspite THEN I sell the house and buy a new one.
We (MS), is definitely aware of the seriousness of security loops in its product and Windows Defender, One Care etc are clear indications of the same… We are doing this because WE CARE and WE WILL FIX IT!
Ed,
I think a far more likely reason that you’re going after Cringely is his previous column “A Prisoner of Redmond” http://www.pbs.org/cringely/pulpit/pulpit20060330.html. Your timing and choice of columns to attack his credibility and character by drudging up an old article gives you “plausible deniability”, but it seems to me at least to be highly suspicious.
Then you attack his journalistic practices citing his lack of links?
“One surefire indicator that something is rotten in this particular pulpit is that Mark’s … oops, sorry … Bob’s column contains no links. In fact, his columns never link to any external sources of information. Isn’t it remarkable that someone who writes a weekly column for the Internet never links to anyone else? If you want to actually check the facts about something Mark/Bob has written, you have to go dig it out yourself.”
I guess you didn’t do your own fact checking. If you did, you’d plainly see that Cringely posts links to each week’s article in a “Links of the Week” section http://www.pbs.org/cgi-registry/cringely/thisweek.pl?links section, which by the way, had a link to the very same eWeek article you had to dig out yourself (as someone already pointed out).
I guess the egg is on your face when it comes to Journalism 101.
If you are in fact part of an official/unofficial smear campaign against him as retribution for his “Prisoner of Redmond” article, then shame on you.
Well, boys and girls, this is the story of Ed Gets Really Angry.
This must mean Ed Is Absolutely Right After All, hmm? Not.
Ed, your comment on what Cringely wrote about is Danseglio is off base.
Cringely paraphrased a bit, certainly. but he wrote accurately. And you want to crucify him over YOUR interpretation/usage of the word “periodically”?
The fact that matters is this : Windows “security” is a festering toilet bowl. Microsoft made it that way, and they are keeping it that way. And the vaporware called Vista, despite your praises, is nowhere near a shipping product.
Our huge virusware/spyware/malware situation is fundamentally, almost completely, Microsoft’s responsibility. And I wouldn’t bet ten bucks of YOUR money that some future Vista will substantially alleviate the situation, never mind actually FIX it.
OS X and Unix users will never suffer anything remotely similar to the agony of Windows. These systems were designed to be secure, and very largely, they are.
Brian, an “official/unofficial smear campaign”? Sorry, but I ran out of tinfoil about halfway through your post.
The last Cringely column I read was the one where he predicted that Intel is going to buy Apple. How did that work out?
Hey, don’t knock Cringely and Dvorak, what’s an industry without a couple of clowns? I need those columns for a good laugh once in a while.
Fred, ask your sister Flicker (yes, we’re both old enough to remember Laugh-In) to look up “periodically” for you. It means “at regular or at least generally predictable intervals.” Which is not at all what Danseglio said.
Any corporation or government agency that supports hundreds or thousands of computers should have systems in place to re-image those systems. That makes it easy for employees to get back to work after a hard disk crash, or if they drop a notebook and shatters into pieces, or if they fall victim to a rootkit.
He never, ever said that a company should call in all its computers at regular intervals (“periodically”) and wipe them clean as a prophylactic measure. That’s a gross distortion.
Yeah, right. You write an article attacking his journalist practices, but you’re trying to tell me you didn’t research any of his other recent articles to find other inaccuracies/inconsistencies, but you manage to dig up an article from 1998 to attack his credibility.
More plausible deniability Ed?
1998? Brian, did you follow the freakin’ link? It was from June 2005.
If you want to debate, at least try to follow along.
It’s nice to see someone finally calling BS on Cringley. We need more of this, not less. Well done.
Cringley also downplays the importance of Apple’s ‘bootcamp’, which lets new apple macs boot either into windows or OS X. He says it will make no money for apple. He’s wrong there, too. In my very narrow sphere I know of 3 people who are have decided to make apple purchases because of bootcamp. But, more significantly, consider the k-12 market or the college student market. Apple has a big presence in each. But, in each, the argument against an Apple purchase is that you will be locked out of Windows software. Game has changed. In my district we are considering a 1:1 laptop program starting in middle schools (2 purchases per kid; one in 7th grade and 1 in 10th grade). At the middle school level a good argument can made for macs. At the high school level it may be on the fence, with the argument for windows being that adult, business software is windows-based. Now, potentially, the district can go with one vendor and solve both needs.
This is the article I’m referring to about attacking his credibility:
http://daily.stanford.org/Daily98-99/11-11-1998/news/tempo?page=content&id=4462&repository=0001_article
Having trouble following along?
Ed wrote:
“But you’d never know that if you read only Cringely, who preaches to an audience that’s eager to sop up anti-Microsoft propaganda, no matter how ill-founded or factually challenged.”
Only a Mac hater and Mac user hater would write the above sentence.
You are no different.
Zato, if you’d like to point to something I’ve written on this site that is objectively anti-Mac and inaccurate, be my guest. Otherwise, you’re just making a cheap ad hominem attack.
“Windows Defender, Windows Live OneCare, Microsoft Client Protection”
Well. Aren’t those just band-aids for failed systems design anyway? And from the vendor that made the borked stuff to begin with…?!?!
Call me tin-foil, but the security-tools i use, are from 3-party, since i would think it smelled too much of mafia-methods to buy insurance from the same company that makes the products.
Brian, I identified an article from this week that was filled with inaccuracies, one from last summer that was laughably wrong, and one from 1998 that includes a serious error in a published bio. Sounds like a pattern to me.
Andy, I’ve made the same point. See Is security software a protection racket?
By the way, check out http://www.microsoftmonitor.com/archives/014546.html and http://www.microsoftmonitor.com/archives/014294.html for a Jupiter Research’s Microsoft analysts ongoing woes with OneCare.
OneCare was supposed to be a step in the right direction (if you’re not a partner/now competitor) but it still has a ways to go before it just works.
I know it’s been mentioned, but your failure to note that RXC places his links in a separate page — whether by malice or by incompetence — places the whole of this post firmly in the Realm of the Fecal.
Once again, meme-orandum sends me somewhere I did not wish to go.
There is no indication – none – in RXC’s piece that he has linked to another article on a separate page. A casual visitor like me would never know. Malice? No. Incompetence? On Cringely’s part, perhaps.
In the year 2006, what do you call someone who writes a weekly column on the web and does not include hyperlinks within the column? Clueless.
I also note that you ignore the substance of the objection, which is that he completely distorts the article in question. Through malice or incompetence? Does it matter? He’s just wrong.
Ed replied:
“Zato, if you’d like to point to something I’ve written on this site that is objectively anti-Mac and inaccurate, be my guest. Otherwise, you’re just making a cheap ad hominem attack.”
I pointed it out. The quote from your article directly above what I wrote.
It is factually incorrect. Robert X is not a preacher. He’s a tech writer with an opinion, just like you. Why do you need to dis the guy?
You wrote: “an audience that’s eager to sop up anti-Microsoft propaganda”.
What about the much larger audience of PC users eager to sop up anti-mac propaganda. In any case, the’re still a very small group compared to total users. Yet all over the PC tech internet, all mac users are always religious zealots, being preached to by Jobs or X, etc. Give me a break. Do You really think we’re stupid? That we need these people to give us an opinion? I’m sick of reading this shite. And all the anti-mac crap throughout the tech internet.
Here’s an example from today-
from Paul Thurrott (Win Supersite) writing about Boot Camp:
“I would like to stress one thing, however. Apple’s hardware isn’t perfect. If a typical Windows user is going to go Mac, so to speak, they’re going to need to know that there are trade-offs, because Apple typically chooses style over virtually every other consideration”.
Right, we Mac users are just like the Sex in the City girls. We like Manolo Blanik shoes too.
Thurrott’s articles get picked-up by wire services and reprinted all over the country.
This stuff is not just one mans opinion, it’s intentional anti-mac propaganda.
“Bob Cringley” or whatever his real name is, is SO full of B.S. it’s not even funny. But he’s VERY clever about it, he slathers his fantasy/predictions with just a sprinkling of facts … and the rest is pure B.S.
He claims to be a Stanford PhD and then says he wasn’t sure if he was or not? That sounds aweful dumb for a guy who is supposedly as smart as Cringley. In any case, Stanford says he was only a teaching assistant.
And what about Cringley’s “long distance Wi-Fi” lie? He claimed to set up a several mile distant WiFi connection by rigging repeaters in tree’s between his rural home and another home closer to the town where he lives. Nobody before or since has every been able to replicate his stunt, and when confronted about his confabulation he denied it all.
His years and years of “Apple is in a death spiral” conjecture got extremely tiresome too. He’s clearly jealous as hell of Steve Jobs, or anyone, unlike him, who has managed not to crap out in academia and actually make some realy money with thier intellect.
It’s hard to pinpoint precisely what it is about Cringley that rings so false (maybe the fact he changed his name?) but I consider him one of the biggest frauds in techno-punditry. His whole game is to confabulate and lie about the present facts, and wrap it all up in a condescending “I know more than you” attitude. Of course many of his predictions turn out to be correct, as the sources he stole them from were correct. But the rest is pure slop, lies, confabulations, fantasy and ego.
It’s funny watching people come to the rescue of Cringely. It’s very similar to the way people come to the rescue of George W Bush and Michael Moore. No matter how stupid their comments get, somehow they are still 100% correct all-the-time.
No, he wasn’t lying, he was paraphrasing.
So, there wasn’t any WMD, we got Hussein didn’t we?
We haven’t got bin Laden yet, but we got his #3 at least 15 times.
Well, if you multiply the percentage of Canadians who own guns by the number of times more people there are in the U.S., then you get the same number right?
An idiots justification is proof of something.
It seems simple to me:
Both Cringely and Dvorak write columns that are an exciting blend of fact, speculation, and sometimes outright BS designed to titilate or enrage the reader or both, and ultimately generate hits.
It looks as though Ed figured out the formula, which works well, and is now using it to attack Cringley and boost his own hit count.
I’ve enjoyed Robert X. Cringley’s writing for years. I really liked his pbs special “Triumph of the Nerds” (http://www.pbs.org/nerds/) as well. I know you feel you have some knee-jerk responsibility to attack him because he said something negative about Microsoft, but calm down and let the man speak. He’s only giving his opinion.
And what’s up with attacking his lack of inline hyperlinks? Have you ever thought that it might be a stylistic choice? I’m sure it sounds impossible to a “Blogger” like you, but he’s a writer first and foremost, and maybe he has an appreciation for clean text. He does provide a link page clearly marked after all.
I’m sure your desire for hits was fulfilled, but you certaily come off as a bitter IT type to me.
Nice try. I don’t begrudge anyone their right to opinions, but when they’re backed up with distortions and misrepresentations, as this column was, that’s when I object.
And you win the award for Most Fervent Cringely Apologist with the “maybe he doesn’t do hyperlinks because he has an appreciation for clean text” argument. Priceless!
I agree that it looks like Bott, Orchant, & Scoble are smearing RXC for his Prisoner in Redmond article. Going after him for his most recent Microsoft security column is merely a smoke screen.
Bott gets really nasty when he uses tactics like implying that the fact that Cringely misses on some of his predictions and uses a pseudonym (as many writers/authors/columnists commonly do) impugns his credibility. And he’s totally off base about Cringley’s links.
I don’t have a clue about Ed or Mark; but the one thing I really noticed when starting my internal credibility-o-meter is that Cringely doesn’t have a comments link on his article. So I get to read lots of criticism of Ed but none of Cringely. This makes me trust Ed more 🙂
these attacks on cringely are unwarranted. anyone who reads his column regularly understands the concept of speculation. they also understand that he puts his links on a seperate page. as unusual as this is, it has to do with style…not substance.
as for the specifics of this post, this seems like defensive fanboy talk.
He does link to stuff in his articles — its just that the links are put on another – separate – page..
Thank you for pointing it out. It makes a lot of sense and helps.
It sounds like he is just another average reporter; making shit up as they go along.
Journalist that have to attack another journalist are cheap. Instead of directly pointing him out you should have wrote your own article concerning the same topic. I am sorry but you have lost my respect for what you.
It is unfortunate that you have resorted to childish finger pointing, not to mention name calling. I hope you dont write that type of language in your books.
For those of you who apparently have allowed Ed to make up your mind for you, try reading his articles before you pass judgement. Taking Ed’s word is just as bad as someone who clames “It sounds like he is just another average reporter; making shit up as they go along.”