Microsoft’s mythical man-years

The company boasts that it's making Herculean security efforts -- but throwing more people at software problems rarely solves them.

Topics: Microsoft,

The claim was, let’s just say, a little arrogant, a little overconfident, in the way the world has come to expect from Microsoft. It came at the end of a New York Times article about the company’s big new push to make its software more secure.

“I’d be astonished,” said Steven B. Lipner, Microsoft’s director of security assurance, “if the open-source community has in total done as many man-years of computer security code reviews as we have done in the last two months.”

What Lipner was saying, with that Microsoft swagger, was simple: Microsoft has rallied its massive army of smart developers under the banner of “Trustworthy Computing” and turned their overpowering force on its security problem — the plague of Internet-borne viruses and worms that afflicts many of its products. The problem, like one of Microsoft’s competitors, is doomed. No other force on earth — certainly nothing as puny as a ragtag bunch of volunteer programmers contributing code fixes cooperatively — could possibly match such might. Die, worms, before the wrath of Gates!

It sounds intimidating. Only, to anyone with a long memory in the software field, the term “man-years” should set off some alarms.

Technically, Lipner is saying the following: Let X equal the number of individual Microsoft programmers reviewing its products’ security, multiplied by the amount of time each has spent on the task. Let Y equal the number of open-source programmers reviewing their software’s security, multiplied by the amount of time they have spent on the task. X is way greater than Y. All this rings with the kind of scary precision that cows nontechnical people when they hear it in engineers’ voices.

The trouble is, the whole concept of measuring software productivity in “man-years” or “man-months” is profoundly discredited — and not by some radical new theory of software development, but in what is probably the single most seminal work on software management: Frederick P. Brooks’ “The Mythical Man-Month,” first published in 1975, when Bill Gates was a stripling and personal computing a dream.

Brooks was an IBM veteran who’d watched Big Blue’s mainframe software projects spiral out of control in the 1960s. As he analyzed the company’s epic failures — which earned the label of “software crisis” in their day — he discovered a counterintuitive principle: “Adding manpower to a late software project makes it later.”

How can that be? Brooks argued that, with most common large-scale software projects, adding manpower to a team results in further delays, as veterans stop to introduce newcomers to the complexities and challenges of the project, and as managers step back to divide up the work afresh. When a team is behind schedule, throwing new people at the problem actually makes the problem worse. Brooks concluded, “The man-month as a unit for measuring the size of a job is a dangerous and deceptive myth.”

While most aspects of the software business have changed since 1975, and good practices have helped many development efforts skirt the kinds of disasters Brooks observed at IBM, the general validity of his observation remains unchallenged. Which might leave you wondering what a Microsoft manager is doing, in 2002, boasting about how many man-years his company is throwing at its current top-priority project.

One answer is that Microsoft today is desperately trying to win back its customers’ trust — and that, while software experts may understand Brooks’ principles, the business managers who are Microsoft’s customers may be comforted by the thought of that busy hive of developers, pumping out their man-years of code review.

This week another New York Times scoop reported that Microsoft is giving up on its “Persona” project, formerly known as “Hailstorm.” Unveiled last year with massive fanfare, “Hailstorm” was to provide a centralized, Microsoft-managed hub for users to access personal services of all kinds on the Net.

But apparently Microsoft was unable to convince other companies to adopt it as a trusted middleman. “After nine months of intense effort,” the Times’ John Markoff reports, “the company was unable to find any partner willing to commit itself to the program” — an extraordinary rebuff. With no third-party services on tap to offer users of Persona/Hailstorm, Microsoft decided to abandon the project — though its underlying .Net technology remains the heart of the company’s push to build a new generation of Internet services.

Trust is hard to win and easy to squander. Though Microsoft remains the software industry’s 800-pound gorilla, it cannot achieve its goals alone. And on several different fronts today, Microsoft has lost valuable credibility. The collapse of Hailstorm suggests the toll five years of antitrust conflict have taken on Microsoft’s ability to work with other companies; too many potential partners simply distrust the intentions of Gates, Ballmer and company. Meanwhile, the Gates-driven push for “trustworthy computing” indicates just how furious Microsoft’s corporate clients became over the past year as they watched important business systems brought to their knees because Microsoft’s code was insufficiently mischief-proof.

The question now is, can Microsoft effectively tighten up its products — and win back corporate America’s trust — by throwing enough “man-years” at security reviews? To the folks at Microsoft, the answer is, of course! They feel they have the smartest gang of coders in the world, and if they put their heads to it, they can do anything. Their problem, according to this thinking, was just that they’d been too busy serving up exciting new features to their customers — too focused on innovation — to worry about security. Now that they’re properly worried, they’ll do the job right.

Microsoft is legendarily able to evolve and adapt to changing technology landscapes — most famously in its reorienting of its entire product line toward the Internet after Gates’ famous “Pearl Harbor Day” speech in 1995 — and it would be foolish to dismiss its efforts or predict its failure.

But in this case, the open-source world’s critique of Microsoft’s methodology requires more than braggadocio to counter. Open-source developers believe that their software ultimately proves less virus-prone and more trustworthy than most commercial software because the code is not kept under lock and key but rather made available for any developer to examine at any time. Any program in wide use — Microsoft or open source — is exposed over time to an almost infinite range of stresses and violations; the open source methodology means that developers can quickly see what’s wrong and fix problems as they arise, rather than wait for headquarters to issue bug patches.

Roy Fielding, a Web pioneer who helped create the Apache Web server used by the majority of publicly accessible Web sites (it’s serving the page you’re reading) and is now chairman of the Apache Software Foundation, points out that one root of Microsoft’s security woes lies in its development process itself — which “encourages individuals to make large changes to the products under deadline pressure, without adequate peer review of every single change at the time it is made.” Open source works differently: “Every change that is made to the Apache code bases is … posted to a mailing list where any person who wants to review changes can do so, in public, and the first person who identifies a potential security problem in a change is given instant credibility within the community.”

In this view, the total number of “man-years” of security code review is largely irrelevant. No matter how smart Microsoft’s developers may be, they are all part of one company’s culture, and the odds are good that no matter how many hours they spend improving their code, they will not collectively be able to imagine all the myriad ways the entire universe of computer users — and mischief-makers — will attempt to break it.

Fielding says that Lipner’s “more man-years” claim is “absolute crap. They probably spent more money on it, but he is misdirecting the public based on the theory that there are fewer open source developers per project than there are people per project within Microsoft. Open source developers are only a small subset of the people who do security reviews of open source code. Most open source security reviews are done by the hackers and security consultants that make a living from finding (and sometimes exploiting) security holes. They have a very strong incentive for publishing their findings.”

The open-source model, in other words, allows for a kind of global stress-testing, peer review and transparent repair that Microsoft can never guarantee. Since its code is proprietary, you can only take Microsoft’s word that it has fixed bugs and plugged security holes. And the next time a rogue virus takes down your company’s e-mail server, all you can do is curse — and wait for the company to issue a fix.

Today, with the software industry a linchpin of the global economy, we tend to think of open source as a radical new challenge to the Microsoft-style norm. So it’s useful, in looking back at a classic like Brooks’ “Mythical Man-Month,” to be reminded that — in the days before Gates and company built their empire on operating-system software — open source was once considered simple common sense.

In Brooks’ day, a program had no general value — was not considered a true “programming product,” in Brooks’ words — unless it could be “run, tested, repaired, and extended by anybody.” (The italics are mine.) Such programming “products” require “thorough documentation, so that anyone may use it, fix it, and extend it.” To Brooks, and many other software experts of his era, if the programmer hadn’t enabled anyone to fix or extend his work, he hadn’t finished his job.

Microsoft takes a different view — always has. With its vast resources, Microsoft can afford more “man-years” than anyone else on earth. But can it rewrite principles of the software business first identified nearly 30 years ago?

The answer will become plain as the results of the “trustworthy computing” project emerge. If the torrent of security gaffes in Microsoft products vanishes, we can applaud Redmond’s intrepid troops. But if we’re still battling the spawn of the NIMDA and Code Red worms in a year or two, it’s time to stop trusting Bill Gates for good.

Salon co-founder Scott Rosenberg is director of He is the author of "Say Everything" and Dreaming in Code and blogs at

More Related Stories

Featured Slide Shows

  • Share on Twitter
  • Share on Facebook
  • 1 of 11
  • Close
  • Fullscreen
  • Thumbnails

    Ten spectacular graphic novels from 2014

    Beautiful Darkness by Fabien Vehlmann & Kerascoët
    Kerascoët's lovely, delicate pen-and-watercolor art -- all intricate botanicals, big eyes and flowing hair -- gives this fairy story a deceptively pretty finish. You find out quickly, however, that these are the heartless and heedless fairies of folk legend, not the sentimental sprites beloved by the Victorians and Disney fans. A host of tiny hominid creatures must learn to survive in the forest after fleeing their former home -- a little girl who lies dead in the woods. The main character, Aurora, tries to organize the group into a community, but most of her cohort is too capricious, lazy and selfish to participate for long. There's no real moral to this story, which is refreshing in itself, beyond the perpetual lessons that life is hard and you have to be careful whom you trust. Never has ugly truth been given a prettier face.

    Ten spectacular graphic novels from 2014

    Climate Changed: A Personal Journey Through the Science by Philippe Squarzoni
    Squarzoni is a French cartoonist who makes nonfiction graphic novels about contemporary issues and politics. While finishing up a book about France under Jacques Chirac, he realized that when it came to environmental policy, he didn't know what he was talking about. "Climate Changed" is the result of his efforts to understand what has been happening to the planet, a striking combination of memoir and data that ruminates on a notoriously elusive, difficult and even imponderable subject. Panels of talking heads dispensing information (or Squarzoni discussing the issues with his partner) are juxtaposed with detailed and meticulous yet lyrical scenes from the author's childhood, the countryside where he takes a holiday and a visit to New York. He uses his own unreachable past as a way to grasp the imminent transformation of the Earth. The result is both enlightening and unexpectedly moving.

    Ten spectacular graphic novels from 2014

    Here by Richard McGuire
    A six-page version of this innovative work by a regular contributor to the New Yorker first appeared in RAW magazine 25 years ago. Each two-page spread depicts a single place, sometimes occupied by a corner of a room, over the course of 4 billion years. The oldest image is a blur of pink and purple gases; others depict hazmat-suited explorers from 300 years in the future. Inset images show the changing decor and inhabitants of the house throughout its existence: family photos, quarrels, kids in Halloween costumes, a woman reading a book, a cat walking across the floor. The cumulative effect is serene and ravishing, an intimation of the immensity of time and the wonder embodied in the humblest things.

    Ten spectacular graphic novels from 2014

    Kill My Mother by Jules Feiffer
    The legendary Pulitzer Prize-winning cartoonist delivers his debut graphic novel at 85, a deliriously over-the-top blend of classic movie noir and melodrama that roams from chiaroscuro Bay City to Hollywood to a USO gig in the Pacific theater of World War II. There's a burnt-out drunk of a private eye, but the story is soon commandeered by a multigenerational collection of ferocious women, including a mysterious chanteuse who never speaks, a radio comedy writer who makes a childhood friend the butt of a hit series and a ruthless dame intent on making her whiny coward of a husband into a star. There are disguises, musical numbers and plenty of gunfights, but the drawing is the main attraction. Nobody convey's bodies in motion more thrillingly than Feiffer, whether they're dancing, running or duking it out. The kid has promise.

    Ten spectacular graphic novels from 2014

    The Motherless Oven by Rob Davis
    This is a weird one, but in the nervy surreal way that word-playful novels like "A Clockwork Orange" or "Ulysses" are weird. The main character, a teenage schoolboy named Scarper Lee, lives in a world where it rains knives and people make their own parents, contraptions that can be anything from a tiny figurine stashable in a pocket to biomorphic boiler-like entities that seem to have escaped from Dr. Seuss' nightmares. Their homes are crammed with gadgets they call gods and instead of TV they watch a hulu-hoop-size wheel of repeating images that changes with the day of the week. They also know their own "death day," and Scarper's is coming up fast. Maybe that's why he runs off with the new girl at school, a real troublemaker, and the obscurely dysfunctional Castro, whose mother is a cageful of talking parakeets. A solid towline of teenage angst holds this manically inventive vision together, and proves that some graphic novels can rival the text-only kind at their own game.

    Ten spectacular graphic novels from 2014

    NOBROW 9: It's Oh So Quiet
    For each issue, the anthology magazine put out by this adventurous U.K.-based publisher of independent graphic design, illustration and comics gives 45 artists a four-color palette and a theme. In the ninth issue, the theme is silence, and the results are magnificent and full of surprises. The comics, each told in images only, range from atmospheric to trippy to jokey to melancholy to epic to creepy. But the two-page illustrations are even more powerful, even if it's not always easy to see how they pertain to the overall concept of silence. Well, except perhaps for the fact that so many of them left me utterly dumbstruck with visual delight.

    Ten spectacular graphic novels from 2014

    Over Easy by Mimi Pond
    When Pond was a broke art student in the 1970s, she took a job at a neighborhood breakfast spot in Oakland, a place with good food, splendid coffee and an endlessly entertaining crew of short-order cooks, waitresses, dishwashers and regular customers. This graphic memoir, influenced by the work of Pond's friend, Alison Bechdel, captures the funky ethos of the time, when hippies, punks and disco aficionados mingled in a Bay Area at the height of its eccentricity. The staff of the Imperial Cafe were forever swapping wisecracks and hopping in and out of each other's beds, which makes them more or less like every restaurant team in history. There's an intoxicating esprit de corps to a well-run everyday joint like the Imperial Cafe, and never has the delight in being part of it been more winningly portrayed.

    Ten spectacular graphic novels from 2014

    The Shadow Hero by Gene Luen Yang and Sonny Liew
    You don't have to be a superhero fan to be utterly charmed by Yang and Liew's revival of a little-known character created in the 1940s by the cartoonist Chu Hing. This version of the Green Turtle, however, is rich in characterization, comedy and luscious period detail from the Chinatown of "San Incendio" (a ringer for San Francisco). Hank, son of a mild-mannered grocer, would like to follow in his father's footsteps, but his restless mother (the book's best character and drawn with masterful nuance by Liew) has other ideas after her thrilling encounter with a superhero. Yang's story effortlessly folds pathos into humor without stooping to either slapstick or cheap "darkness." This is that rare tribute that far surpasses the thing it celebrates.

    Ten spectacular graphic novels from 2014

    Shoplifter by Michael Cho
    Corinna Park, former English major, works, unhappily, in a Toronto advertising agency. When the dissatisfaction of the past five years begins to oppress her, she lets off steam by pilfering magazines from a local convenience store. Cho's moody character study is as much about city life as it is about Corinna. He depicts her falling asleep in front of the TV in her condo, brooding on the subway, roaming the crowded streets after a budding romance goes awry. Like a great short story, this is a simple tale of a young woman figuring out how to get her life back, but if feels as if it contains so much of contemporary existence -- its comforts, its loneliness, its self-deceptions -- suspended in wintery amber.

    Ten spectacular graphic novels from 2014

    Through the Woods by Emily Carroll
    This collection of archetypal horror, fairy and ghost stories, all about young girls, comes lushly decked in Carroll's inky black, snowy white and blood-scarlet art. A young bride hears her predecessor's bones singing from under the floorboards, two friends make the mistake of pretending to summon the spirits of the dead, a family of orphaned siblings disappears one by one into the winter nights. Carroll's color-saturated images can be jagged, ornate and gruesome, but she also knows how to chill with absence, shadows and a single staring eye. Literary readers who cherish the work of Kelly Link or the late Angela Carter's collection, "The Bloody Chamber," will adore the violent beauty on these pages.

  • Recent Slide Shows



Comment Preview

Your name will appear as username ( settings | log out )

You may use these HTML tags and attributes: <a href=""> <b> <em> <strong> <i> <blockquote>