How many failure reports does a bug have to get before Windows will fix it?

When a program crashes or hangs, you are given the opportunity to send an error report to Microsoft. This information is collected by the Windows Error Reporting team for analysis. Occasionally, somebody will ask, “How many failures need to be recorded before the bug is fixed? A thousand? Ten thousand? Ten million?”

Each team at Microsoft takes very seriously the failures that come in via Windows Error Reporting. Since failures are not uniformly distributed, and since engineering resources are not infinite, you have to dedicate your limited resources to where they will have the greatest effect. Each failure that is collected and reported is basically a vote for that failure. The more times a failure is reported, the higher up the chart it moves, and the more likely it will make the cut. In practice, 50% of the crashes are caused by 1% of the bugs. Obviously you want to focus on that top 1%.

It’s like asking how many votes are necessary to win American Idol. There is no magic number that guarantees victory; it’s all relative. As my colleague Paul Betts describes it, “It’s like a popularity contest, but of failure.”

Depending on the component, it may take only a few hundred reports to make a failure reach the upper part of the failure charts, or it may take hundreds of thousands. And if the failure has been tracked to a third-party plug-in (which is not always obvious in the crash itself and may require analysis to ferret out), then the information is passed along to the plug-in vendor.

What about failures in third-party programs? Sure, send those in, too. The votes are still tallied, and if the company has signed up to access Windows Error Reporting data, they can see which failures in their programs are causing the most problems. Signing up for Windows Error Reporting is a requirement for the Windows 7 software logo program. I’ve also heard but cannot confirm that part of the deal is that if your failure rate reaches some threshold, your logo certification is at risk of revocation.

If the vendor signed up for Windows Error Reporting but is a slacker and isn’t looking at their failures, there’s a chance that Microsoft will look at them. Towards the end of the Windows 7 project, the compatibility team looked at the failure data coming from beta releases of Windows 7 to identify the highest-ranked failures in third party programs. The list was then filtered to companies which participated in Windows Error Reporting, and to failures which the vendor had not spent any time investigating. I was one of a group of people asked to study those crashes and basically debug the vendor’s program for them.

My TechReady talk basically consisted of going through a few of these investigations. I may clean some of them up for public consumption and post them here, but it’s a lot of work because I’d have to write a brand new program that exhibits the bug, force the bug to trigger (often involving race conditions), then debug the resulting crash dump.

I know there is a subculture of people who turn off error reporting, probably out of some sense of paranoia, but these people are ultimately just throwing their vote away. Since they aren’t reporting the failures, their feedback doesn’t make it back to the failure databases, and their vote for fix this bug never gets reported.

By the way, the method for disabling Windows Error Reporting given in that linked article is probably not the best. You should use the settings in the Windows Error Reporting node in the Group Policy Editor.

I should’ve seen this coming: Over time, I’ve discovered that there are a some hot-button topics that derail any article that mentions them. Examples include UAC, DRM, and digital certificate authorities. As a result, I do my best to avoid any mention of them. I didn’t mention digital certificate authorities today, but I did link to an article which mentioned them, and now the subject has overrun the comments like kudzu. I don’t need to deal with this nonsense, so I’m just going to kill my promised future article that was related to Windows Error Reporting, (I was also planning on converting my talk on debugging application compatibility issues into future articles, but since that’s also related to Windows Error Reporting, I’m going to abandon that too.)

Comments (79)
  1. Alexandre Grigoriev says:

    Windows really needs to include an extensive tool to analyze all installed software (including 3rd party) and advise the user what can be updated, what software is known to contain serious bugs (especially security), etc, based on the most recent online database gathered by MS. This will also have an effect of killing those bogus "stability and registry analysis tool" trojan wares.

    Also, I was quite surprized to find that usermode Windows components don't have an embedded signature. I think MS should do the same as with drivers – include the sig with the binaries.

  2. Leo Davidson says:

    Does this mean if I want a bug fixed I can write a script that keeps running the buggy program and submitting reports? :)

  3. Joe Dietz says:

    OT: All windows components are signed (not the same as saying all Microsoft components are signed!), just not embedded signed.  They are catalog signed.  Unfortunately the shell's file properties dialog does not display catalog signatures for a file (probably because looking them up is at least 10X as expensive as an embedded signature check, and there can be more than one catalog signature signifying different things).  This comes up a lot unfortunately in that people don't have a easy visual way to verify a file is indeed part of windows or not, or worse they think Microsoft in 2010 isn't signing files. ;)  Even some of the driver files shipped with Windows 7 are not embedded signed, catalog signing is allowed for drivers, just not a 'best practice' due to the signature check overhead.

  4. Alexandre Grigoriev says:

    @Joe Dietz:

    I'm not sure kernel loader will go to CAT file to check the driver signature. This is why kernel drivers must have the sig embedded. From what I saw, Win6/7 x64 will refuse to load a kernel driver if the binary was not signed, even though the CAT file supposedly contains its sig.

  5. Vilx- says:

    What about the checkbox in System Properties that allows you to disable Error Reporting? I've always used that one (mainly because the popups are annoying). Should I rather use the GPE?

    [The checkbox works too but requires manual intervention on each machine. If you're only doing it to a few machines then that's fine. -Raymond]
  6. Ben Hutchings says:

    Alexandre Grigoriev: If I remember correctly, it depends on when the driver must be loaded. Drivers that may be required to boot the system are loaded by the boot loader, not the kernel. To keep the boot loader simple, it requires embedded signatures. The full driver loader in the kernel only requires a signature in the catalogue file.

  7. No One says:

    @Vilx- It seems that Raymond almost always works and gives advice at enterprise-scale rather than single-user scale.

  8. ChrisTX says:

    "Also, I was quite surprized to find that usermode Windows components don't have an embedded signature. I think MS should do the same as with drivers – include the sig with the binaries."

    They can have embedded signatures. Windows will also notice if you replace one of its components by them using sfc.

    However, having an embedded signature is of course not a requirement, and is also not practicable as requirement.

  9. Nawak says:

    Windows Error Reporting needs a checkbox to directly send the bug report to Raymond Chen!

  10. pcooper says:

    @Leo Davidson:

    I assume that the reporting metrics distinguish between "error 1000 times on one computer", "error one time on 1000 computers", and "error 1000 times on each of 1000 computers". So just reproducing it on your machine often may not be enough.

    But somehow, writing that gave me a funny mental image of somebody writing a piece of malware to infect a bunch of computers, purely to have a lot more computers crashing on the bug and submitting the error report. That must be why malware causes computers to crash; it's that the author of the malware wants their favorite bug fixed. :)

  11. Joe Dietz says:

    OT: The boot loader will load a catalog signed driver and you can load catalog signed drivers any other time as well – it just takes longer.  Check out tdi.sys in your win7 system32drivers directory – no embedded signature.  Chances are really good that you are running this driver right now though.

  12. Alexandre Grigoriev says:

    @Joe Dietz:

    tdi.sys is not a boot start driver. tcpip.sys is, and it has an embedded signature.

  13. Sebastian Paaske Tørholm says:

    I love the concept of a centralized error reporting system, it's just such a pity that the certificates are so expensive that there's no way that I as a student, for instance, would be able to justify the price of it to gain the benefits.

    Hopefully companies do utilize it, however. Are there many smaller companies that use it, or is it mostly the larger ones?

  14. frymaster says:


    they aren't amazingly expensive, but yes they're out of reach of students releasing free software.

    That being said, there are quite a few free software projects that have proper signed certificates so are, at least is theory, able to pick them up.  Though the one that immediately sprung to mind doesn't use WER, but instead changes the default error handling to just save the crash information, and then it pops up it's own "do you want to send this?" dialog on next program startup.  Part of the thinking was the non-standard dialog might convince more people to say "yes" to sending the info

  15. Joshua says:

    (.NET Development): I would consider enrolling in the error reporting if it were as simple as submitting the .snk file we use to sign our code. And no, I won't do something as silly as submitting mono.snk.

  16. JJJ says:

    I had some RAM go bad and submitted lots of crash reports last month, both application and kernel crashes.  Sorry in advance to whoever has to look at those!

  17. Marquess says:

    “You should use the settings in the Windows Error Reporting node in the Group Policy Editor.”

    You do know that the GPE isn't included (and doesn't work) in XP Home?

  18. James Schend says:

    Marquess, if you're using the Home version, then you could just check the checkbox in the Control Panel.

    If you're running a large network on XP Home, then you have much bigger problems than turning off error reporting.

  19. Joshua says:

    You do know that the GPE isn't included (and doesn't work) in XP Home?

    Yeah, and it's been a royal pain in the behind because the GPO settings work just fine if set in regedit, which certain malware uses to full advantage.

  20. Tim! says:


    We used to use Windows Error Reporting, but switched to a custom error reporting system

    a) because we wanted to gather more information from our users (e.g. account id, contents of the most recent log file) at crash-report time than WER can obtain

    b) because we wanted real-time crash reporting instead of waiting at least a week for WER to batch process our reports

    c) because the WER site is only one or two rungs above 'barely usable'.  The password policy is ridiculously overprotective.  There are no ActiveX controls, why does it restrict me to using IE?

  21. Matt says:

    Why aren't bugs reported by users through the forums fixed with priority? Next to Connect which closes after RC, Microsoft Technet and Answers forums are the best place for Microsoft to "discover" bugs and fix insane design decisions such as the mandatory auto sorting (this is the single most complained feature in the forums). Bing for it. Insane design decisions will now take 3, 6 or 9 years to fix (Windows release cycle) or may never get fixed in this flawed system. "Fixing" them is simply giving developing a hotfix for it. All that the forums users get is a polite answer that this is a known issue or this is by design. It doesn't get fixed in service packs.

    My second issue is that the application should restart immediately and errors should reported in the background. If it crashes endlessly looping, only then Windows should not restart it immediately.

  22. No One says:

    @Matt: About the second issue, what if you have a program (that is irreplaceable and unchangeable) that clears "corrupt" data, either by design or accident, on startup?  An automatic restart would bork what could be useable data.  Reporting in the background, however, I agree with at first blush.  I wouldn't mind WER being automatically enabled with batching of error reports between sends if there's no internet connectivity.

  23. Auntie says:

    Fully disabling Error Reporting (or Customer Experience Improvement, if there's a distinction) on Windows 7 breaks MANY other things that in theory shouldn't be related to it. And I mean MANY.

  24. Maurits says:

    disabling CEIP breaks things

    Like what?

    There are plenty of good reasons to disable CEIP.

  25. Christian says:

    What Raymond writes about WER acutally makes me less likely to click that send-button!

    I trust Microsoft very much nowadays, that they would protect WER data with the highest level of security. I even sent in Outlook crahes when mails were open that I wrote, risking transmitting pieces of it with the stack in the minidump.

    But knowing that third party developers (any third party developers) will get my crash dumps and maybe see tiny bits of data from my applications is really scary.

    And I'd never trust a popular open source browser with their own bug system to have my crash dumps, there might be passwords etc. What open source crowd would be able to look at them?

    I hope we can trust third party developers to protect privat information, too. Surely MS' WER contract will enforce this, but are there technical systems to protect my data against third parties? I hope not just a ridiculous password-chaning scheme (like use a simple password because a hard one would only last 40 days before a useless scheme forces you to change it)

    [Vendors can see crash dumps only for their own programs, so Joe Software Company can't go in and try to scrape financial data out of your Quicken crash dumps. There is no technical system to scrub sensitive data from the crash dump because there is no technical system for identifying which random bytes on the stack or on the heap are sensitive and which aren't. (Not sure what you're talking about with the password-changing scheme.) -Raymond]
  26. JonPotter says:

    Is this why cosmetic bugs seem to never get fixed at all? Because they don't crash and therefore there are no WER votes for them?

  27. Limited_Atonement says:

    Thanks for the information!  This is a very good post.

  28. Christian says:

    I was referring to "The password policy is ridiculously overprotective.  " from "Tim!".

    I know that each vendor can only see his own programm. But I don't trust every vendor. Back when XP started to offer me to send error reports I always assumed they would go to Microsoft only. Only through your blog I learned that normal vendors can see their own stack dumps.

    I just hope that they threat them well! And I won't send them so certain vendors I don't trust.

  29. Marquess says:

    If you don't trust those vendors, why do you use their programs which apparently handle sensitive date?

  30. Stefan Kanthak says:

    @Joshua: it's a PITA that lusers who abuse their Windows with administrative rights don't see the REAL cause and blame themselves when some malware sets registry entries restricted users only have read access to!

  31. lusers? says:

    @Stefan: And yet Windows 7 gives the default user administrative rights. Are the poor dumb users really to blame then?

  32. Nick says:


    Doing a search for your phrase returned this blog entry (  I am now stuck in an infinite loop. Thanks a lot.

    Anyway, would you post a link to what you're talking about.  I have a guess, but would like to know for sure.

  33. Cheong says:

    Is there anyway to send those crash report in offline way?

    I mean that, there's some part of network that doesn't allow internet access due to policy. Is there anyway that I can periodically use a flash drive or something to zip-copy a folder out, plug to a machine with internet access, and then send to Error Reporting folks?

  34. John Muller says:

    @Matt: Restarting an app upon a crash is a bad idea, since many applications have trivial issues when their process is ending that throw errors… but noone cares since the process is ending anyway. Sometimes a crash is indistinguishable from a normal exit.

    @AUntie: Disabling CEIP shouldn't cause problems, I am suspicious of your use of the word 'fully'.

  35. Auntie says:

    @John Muller: you are right. By "Fully" I mean using Procmon to see what registry keys and values Windows asks for and creating the non-existing keys, then re-running ProcMon again several times if necessary. I don't think it's full without this. Done as an excercise/project, this was limited to CEIP/WER only, and no undocumented values were created that could not be found on the Internet coming from credible source <- judged subjectively by eyballing. :)

    Breaks Event Log and creates general slowness of Windows, including booting. Don't remember which were the other issues, but there were many.

    I would be glad if someone can prove me wrong and/or investigates in a more coherrent way.

  36. Don Reba says:

    gpedit is not even included in Vista/7 Premium.

  37. Marquess says:


    Yes and no. While the default user is created as an administrative account, it has, without elevation, about the rights of a limited user. This get's really weird when, for example, you can't even see details to your own processes in Process Explorer … which even limited users can.

  38. Jeff Tyrrill says:

    @Marquess: "If you don't trust those vendors, why do you use their programs which apparently handle sensitive date?"

    Answering for myself (not the poster you are responding to), it might be because the risks are different. It is far more likely for a partially unscrupulous company to start doing bad things through internal employees improperly handling data in private where they won't get caught. It is reasonable to think that this is much more likely to occur than the company embedding malware or data-corrupting code in their software where it is visible to the world and much more likely to be exposed.

    @Alexandre Grigoriev "Windows really needs to include an extensive tool to analyze all installed software (including 3rd party) and advise the user what can be updated, what software is known to contain serious bugs (especially security), etc, based on the most recent online database gathered by MS. This will also have an effect of killing those bogus "stability and registry analysis tool" trojan wares."

    The Secunia Software Inspector already does almost exactly this (not quite everything you mentioned, though). Unfortunately, few know about it. I did convince one person I know to use it though, who was quite pleased with how much easier it made it to stay up-to-date with their software.

  39. Michiel says:

    I'd like to thank Microsoft here for opening WER to ISV's. It's helped us on more than one occasion. Even got a mail once from Microsof asking us to look into one particular crash.

    I've got to disagree with the 50% of crashes = 1% of bugs claim. It's probably 1% of reported bugs, which excludes non-crash bugs. It wasn't unusual for us to have >50% of crashes because of a single bug, yet we regularly shipped with more than 100 known bugs. (90% of which were cosmetic, of course)

  40. ender says:

    they aren't amazingly expensive, but yes they're out of reach of students releasing free software.

    For a while you could get VeriSign certificate for $99 if you signed up for the WinQual program (this may still be true – I haven't checked) – however, this is still $99 more than certificate from Certum (which is free for open-source projects). Given that there are other certificate providers, I always wondered why Microsoft specifically requires a VeriSign certificate for WinQual – after all, Windows has no problems recognizing other authenticode certs.

  41. Matt says:

    Some of you are missing the point and giving your own piece of wisdom. Windows already automatically restarts some crashed apps like Explorer but it reports the crash first. I am simply saying it should restart first and then report.

    @Nick, I am talking about the insane decision to always auto sort and auto arrange in all Explorer views. This is such an annoyance that thounsands including myself have stuck on XP due to the inability to work successfully and painlessly on Windows 7, Vista. Whoever designed this "feature" should be slaughtered to death.

    [There's an obvious reason for not restarting the app until after the crash report is generated. I'll let you figure out what it is. (P.S., should I count your second paragraph as a death threat?) -Raymond]
  42. ender says:

    @Marquess: the problem isn't the kernel driver signing – it's that the WinQual only accepts VeriSign certificates, even though there are (as you said) several other CAs Windows recognizes.

  43. Marquess says:


    Yes, I just wanted to point out that limited choices for CAs are more the rule than the exception. No wonder the prices are so high.

  44. Pierre B. says:

    "stuck on XP due to the inability to work successfully and painlessly on Windows 7".

    Raymond's blog commenters are always a nice source of relaxation in mid-morning. Auto-sorting prevents successful work? It's hard to take hyperbole seriously, really.

  45. Alexander Grigoriev says:


    When I do fresh install of Win7, I have to go through the pain of reenabling Administrator account, creating my non-administrator account, and then killing that half-assed first User-Admin account. I don't understand why MS did it that way. MS security motto: "Stepping on the same rakes since XP Gold".

  46. Teo says:


    I'm speaking as an employee of a company that ships logo'ed software. Frankly, no one gives the f— about your data. What we are interested, in a crash dump, is our code. Really, your data in most cases is completely irrelevant, so noone looks at it. That's because, to ship a program, it has been tested and found to be working with user data. Most crashes nowadays are from things like bad synchronization among threads, which are very very hard to catch while testing because they depends on things like number of processors, speed of the computer components, and system being overloaded.


    * most of the time big parts of the program are swapped out. Even if your program happens to process sensitive data when it crashed, there's a good chance that the sensitive information is paged out, thus not in the crash dump, thus we cannot look at it

    * there are so many other binary data around it, that it hard to find it – for example, go find 14 char password in 1000 MB data of the working set present in a crash dump.

    * The basic workflow of debugging: You get the memory dump, execute "!analyze -v" in WinDbg, get the memory address of the exception, wait for the proper source code to be retrieved and start poking it till you find the bug. In the same time you have to write new code for the next version, fix the bugs in the current internal version and so on and so forth. You simply lack the *time* to peek into the user data.

    * the information is anonymous – we have no idea that this information is *yours*, so that we have a clue to start looking for sensitive data.

    * You may think "but there could be a bad person who works for herself, even if the company is good-intended". Then my question for you is: "Why do you think such bad person can be in 3rd party developers but not in Microsoft?"

  47. Kelden says:

    I don't care if a driver needs a special Versigin certificate. But why bother ISVs to get one? Why can't they use their own certificate?

  48. Kelden says:

    I don't care if a driver needs a special VeriSign certificate. But why bother ISVs to get one? Why can't they use their own certificate?

  49. Teo says:


    I take offense at your words and side with Tim. The WinQual site is an excruciating pain to be used. After the 1st time I used it, I told my boss that I want to be paid triple for the time I spent with it (a joke but I was furious at the site). Please, do not call me a "slacker", instead go fix your broken product! And while in there, why don't you consider making it fun to use? Please!

    1. Drop that VerySign nonsense.

    2. Add some help how to be used

    3. There are browsers on Earth which are not called "Internet Explorer". Support them.

    4. Answer the mails we send to you with *relevant* information

    5. Generally fix the UI to be understandable

    6. Use your creativity to make it better in other ways. Surprise us ;-)

    Frankly, on almost every post you make I take offense at the way you look at us, the ISVs. I suggest you work for 6 months at a company that is a MS partner and see throw our eyes how hard is to work with MS.

  50. kinokijuf says:

    @Alexandre Grigoriev: there is a third party tool to update your programs. It’s called Secunia PSI.

  51. Matt says:

    Yes definitely the entire shell team is under death threat until it fixes Explorer in Windows 8 and restores the features XP Explorer had.

    [I've forwarded your messages to our security folks. You do realize we have your IP address… -Raymond]
  52. Marquess says:

    Oh my, the certificates again. Microsoft *does* have a notoriously difficult relation ship to code signing, doesn't it? But at least there are six companies to choose from when signing kernel drivers. No wait, it's only three, because one half was bought by the other. (How unexpected!)

    And they are all based in the USA. Seriously, now. What were they thinking?

    Speaking of which, do these people have their own blog?

  53. What... says:

    @Matt even if that's a joke (and I HOPE it's a joke) it's still in very very bad taste.

  54. Seen this coming? says:

    @raymond, re: I should've seen this coming

    It's very sad to see some potentially useful and informative postings killed due to the likelihood that they will draw a flood of garbage comments. It feels like collective punishment for the obnoxious actions of the few. Would you consider an experimental alternative? For example, continuing to post entries concerning these hotbutton topics, but with commenting locked (and clearly labeled as locked due to garbage comments so as to avoid comments on unrelated posts)?

  55. Kevin Eshbach says:

    Wow!  The minority is certainly vocal and full of hatred!  Raymond, please don't give up on these topics.  Us in the silent majority enjoy them.

  56. Roland says:

    An application developer can use WerAddExcludedApplication (…/bb513617(v=VS.85).aspx) to remove a specific application from Windows Error Reporting.

    On a test machine, I used this function to exclude a personally developed stress test tool (which intentionally caused lots of crashes) to prevent thousands of crash reports being sent to Microsoft and worrying folks over there :-)

  57. Avid reader says:

    It's probably too late, but I'm saddened to note that certain articles won't get published, due to a user that nobody can control. I would imagine a reasonable solution would be to still post the relevant articles, but disable comments. Either way, I'm sure I speak for a lot of others when I say we try not to derail the topic, and if it was possible, we'd prevent others from doing so.

  58. yuhong2 says:

    "(I was also planning on converting my talk on debugging application compatibility issues into future articles, but since that's also related to Windows Error Reporting, I'm going to abandon that too.) "

    Why? I really want to see that one.

  59. steveg says:

    @some one horrible said: "should be slaughtered to death".

    That's a tautology. And really you aren't a very nice human being. Save being nasty for the playground.

    On a brighter note, Raymond this is a great article. Good to know what happens when I press Send.

  60. Matt says:

    Apparently everyone seems to take it far too seriously. I was kidding. Oh well..

    [I asked if you were serious and you replied, "Yes definitely." -Raymond]
  61. The Internet is not a living room. If you don't want comments to go off-topic, don't have comments. If you have comments, either moderate them or expect that they'll go off-topic. Trying to control every commenter through moderation will take up a prohibitive amount of time, and controlling comments through hinting has proven not to work. Besides, *nobody* is going to read the vast backlog here to find out what all the "rules" are.

    I love this blog, Raymond, and you're right in principle, but I'm afraid your expectations for a popular blog with loosely moderated comments and no voting capability are somewhat unreasonable.

    Besides, most of the interesting conversations I've had (online and in real life) have started with topics completely unrelated to the finishing topic.

  62. Pi says:

    Matt, I would guess that most people know that you are kidding and also most people think that your humor is in bad taste. This kind of aggressive "humor" is pretty common in the internets and on this site in particular and gets really, really, really tiring really fast. Commenters not bahaving have cost this blog interesting articles in the past and most of the other people don't want that happening again.

    on topic:

    From now on I shall send more failure reports, although I don't remember the last time when I was prompted.

  63. hagenp says:

    so I'm just going to kill my promised future article

    that was related to Windows Error Reporting

    Hmmm… could you possibly ask Mark Russinovitch to include it on his blog? (Even if it does not need ProcMon.)

  64. Marcel says:

    Good god, I love your blog, I've been checking it out almost daily for over 6 years now and I have read every single article you've ever posted here. And I was really looking forward to your app debugging series, because around here I'm the guy responsible for the really hard to debug cases and I find these issues highly interesting. But this is no class room, I cannot simply slap the people who misbehave here, I'm powerless to stop it. So excuse me for asking, but who are you trying to punish?

    [I'm not "punishing" anyone. I'm just taking the path of least resistance, which is to avoid hot-button topics entirely. -Raymond]
  65. Jack says:

    Ok, now you should also file this article under "social skills of a thermonuclear warhead."

  66. Will Hughes says:

    Raymond – is it possible for you to post those articles (assuming they had already been written) – but simply disable comments?

    I'm one of the semi-lurkers that find your writing excellent and very interesting – even when it completely goes over my head.

    I understand that some folks are causing you some strife. But, I do hope there is some way you might consider continuing to post on these hot-button topics.

  67. Matt says:

    @Raymond, nope you did not ask if I was serious :P You asked "should I count your second paragraph as a death threat?" You took it seriously based on previous death threats lol. Anyways, carry on with the hot topics, I am equally interested in them.

  68. hagenp says:

    @Christian: working at an ISV, I've signed the WER use agreement. Believe me, if anyone ever would disclose any personal information, they would be getting BIG problems. Apart from this fact, noone is intersted in personal data – it's the application to fix that counts.

    @ender: Verisign still hands out Code Signing Certs for $99 per year.

    PS: Russinvich it is. Sorry for the mis-spelling.

  69. hagenp says:

    PPS: Russinovich, Mark. (Grrr…. sorry!)

  70. Nick says:

    [I'm not "punishing" anyone. I'm just taking the path of least resistance, which is to avoid hot-button topics entirely. -Raymond]

    Like others, I see your point and where you're coming from, but for me at least, I'd much rather you just disable comments on articles you consider "hot-button" topics than have them excluded entirely.  Like Marcel, I too was looking forward to the topics you mentioned.

    Your great blog posts combined with the interaction you give your commentors is what makes your blog easily the best one on MSDN.  I hope you don't change that formula too much.  I'm probably responsible for some off-topic comments in the past, but my only real defense is that good blog posts incite discussion.  It's a compliment to you, in an indirect (if annoying perhaps) sort of way.

  71. Stefan Kanthak says:


    The poor dumb lusers are to blame that they 1) accept(ed) this POOR behaviour of the OS, 2) didn't complain about this, and 3) didn't change the privilege(s) of their accounts.

    The should also take Microsoft (as well as their OEM and EVERY software producer/developer whose  products dont work as "restricted user") before court for selling an OS/product that fails to comply with well-known (security) standards and puts them and others at risk!

    JFTR: WINNT.SIF/UNATTEND.TXT supports [Unattended] UnattendSwitch = Yes for more than 10 years now, so OEMs could have setup their preinstalled systems properly.

  72. yuhong2 says:

    What is unfortunate is that the CRT force some kind of errors to the built-in UnhandledExceptionFilter, forcing people to use WER.

  73. Nawak says:


    Like Marcel, I really saw your reaction as the reaction of a teacher before a noisy classroom. A collective punition. Except that even in reality where the unfairly punished could in theory coerce the trouble makers, it doesn't work that way, so to think that it could work in an online environment is delusional…

    It felt that way because your threat wasn't to kill comments (which are the problem) but to kill entries (what we're here for!), if THAT isn't a punition, then what is? (As a side note, it also seem a little masochistic to kill entries that you already wrote, throwing hard labor to the garbage can…)

    Look… I know that you read comments and I understand that some subjects get old really fast, but writing a blog shouldn't drain you that much. You obviously have to do something about it, but I'm afraid that "killing" entries isn't the good solution (for you readers obviously, and even for you, for the added annoyance).

    I also know that comments are often interesting, sometimes even those offtopic.

    Since your readers aren't a single entity, some dead horses may seem in need for a beating for some of the unregular readers. With a product with a userbase so vast, a lot of people are frustrated by a lot of different things, so with comments enabled, dead horses will start to pile up and your "safe" topics will start to shrink.

    It bothers me to see how all this affects you. If you cannot mentally skip the bad comments or detach yourself from what people are saying, I think you should disable comments, except maybe for "non-computer" posts. (Were you in better mood when the blog was migrating and comments were disabled?). We all know what we would lose, but it is really the lesser evil…

    Please, don't kill your next entries!

    And keep up the good work, you know we appreciate it!

    [That week where comments were disabled was one of the best weeks of my life. Perhaps I need to teach my custom content-management system how to disable comments on a per-post basis. No, that would require actual effort. -Raymond]
  74. Marcel says:

    [I'm not "punishing" anyone. I'm just taking the path of least resistance, which is to avoid hot-button topics entirely. -Raymond]

    It just does sound a lot like "you kids have been misbehaving, I'm going to lock away your toys". I know you're not doing this gig to become hugely popular, I see it more as a public service ;), but you simply do have a lot more readers than 6 years ago and I can only highly recommend growing a bit thicker skin. Or disabling comments when you think something is too controversial (I'd miss the comments, but better that than miss any articles).

    Like Nawak said, keep up the good work! Can't really speak for others here, but at least I do really appreciate it ;)

    [It's more like "You kids have been misbehaving, and this was just a volunteer gig anyway, so I'm not coming back to babysit you next time." (And it's not the new readers who fixate on the hot-button topics; it's usually specific old-timers. They just like causing trouble. You know who you are.) -Raymond]
  75. 640k says:

    raymond was not offended, he's only lazy. This "offended thing" is only an excuse for not doing work.

    Still on topic though, why does windows, as usual, "phone home" with users private information? Hasn't this already been forbidden by court? It should be disabled by default and enabled by those users which likes to get their identities stolen by M$/isvs.

  76. @640k: "You know who you are."

  77. Klimax says:

    @640k: Nothing to base accusation on,no links,no proof,nothing…

    Private info? You know you are not telling truth or at least without anything to back it up.

    What does MS is not forbidden by court or law. (Hint: no private info and no stealing of them)

    Maybe you are troll – one of those who kill interesting future posts?(And his reaction might seem lazy,but emember does somebody pay him to write? I am certain that no.)

  78. Superdude says:

    @640k, you are confusing WER with WGA.

    WGA is the bad guy,…/Windows_Genuine_Advantage

  79. steve says:

    @640k, still churning out the old "M$" eh? Grow up.

Comments are closed.