Windows Confidential: Once bitten, twice shy

You have to be careful what you include in your default links history, because it may inadvertently cause problems.

Raymond Chen

You may have noticed that when there’s a default link to a Web site in a Microsoft product, it seems to always point to a Microsoft site or a Web site for a company with which Microsoft has struck a deal. Is this some sort of evil plot?

I recall a Microsoft Research project from many years ago that was made available only to other Microsoft employees. One of the features of the program was that it could monitor the contents of Web sites you had selected. This was back in the dark ages of the Internet, before RSS or even Facebook. We’re talking about the era when AltaVista was the hot new search engine.

The feature in question worked like Internet Explorer Web Slices. It was entirely client-driven and required no server support. It simply scraped the site, extracted the data according to the rules you specified and alerted you if something changed.

The program came with defaults used by the program’s author. So the list consisted of Web sites the author liked, most of which were non-Microsoft properties. As word spread within the company about this research project, more and more people installed it on their systems. The researcher gained valuable usage data and usability feedback. The employees got a cool new tool.

A bit later, one of the companies whose content the project used by default contacted Microsoft: “Hi, Microsoft people. It looks like more than 90 percent of our traffic is coming from Microsoft IP addresses. It’s overloading our servers, and it’s preventing us from providing service to our other customers. Can you please investigate the source of all these requests? Maybe there’s some sort of coordinated attack, or maybe it’s a simple misconfiguration somewhere. Thanks.”

The people in Microsoft IT launched an investigation. After determining that yes, there was an awful lot of traffic going to that one site from thousands of Microsoft machines, they attempted to determine the precise source. Eventually, they found the common thread was the people who installed that research project on their machines.

Even for a project deployed just within Microsoft, the volume of installations was enough to become an unintentional denial-of-service (DoS) attack against that company’s Web site. Imagine if the program had been released to the public. Their server would probably have burst into flames.

Watch the list

Since then, I suspect there’s an unwritten rule that no Microsoft product can contain default links to non-Microsoft properties without some sort of agreement with the people who run the site. They need to be alerted to and OK with all the traffic that’s about to come their way. And there’s probably some sort of promise that once they start getting all that traffic, they won’t suddenly turn into a porn site or something.

During the keynote at the 2011 BUILD conference, the volume of outbound traffic to Twitter was so high that the service blocked all traffic from the conference center’s IP address block. Twitter seemed to fear it was under a DoS attack.

There was some scrambling to try to find a contact at Twitter in order to tell the company, “Sorry for the high volume, but we just made a major announcement at our conference about Windows 8 and a new application model. That’s why there’s so much traffic. We’re not trying to take your servers down. We just have a lot of excited geeks here.”

Reportedly, the people at Twitter replied, “OK, thanks for the information. We’ll look into it and unblock the addresses. Oh, and could you tell us a little more about Windows 8 and that new application model?”

It took some time after that, but it looks like the Twitter people sat down with the Windows 8 documentation and came up with a pretty cool app of their own.

Raymond Chen

Raymond Chen's* Web site, The Old New Thing, and identically titled book (Addison-Wesley, 2007) deal with Windows history, Win32 programming and the secret lair of administrative assistants.*