Dear Microsoft – a sysadmin's wishlist

I promise I've been a good boy this year

Sysadmin Blog I yell at Microsoft a lot. It's cathartic. Microsoft make several decent pieces of software and quite a few great cloud services, but for every awesome thing they create it seems they ruin something else. Over the past year I've developed a wishlist of changes. Dear Microsoft...

Azure Stack

I like Azure Stack. A lot. What I don't like is the price tag. The preview version was great. Unfortunately you removed our ability to roll our own. That's sad, but I understand that all your large partners are eager not to be put out of business by your ability to single-handedly render them irrelevant and make cheap Chinese server manufacturers the future of the data centre.

They want enough time to bleed the companies dry before parachuting out figure out a new business model. Fair enough.

What would be groovy, however, is if you found a partner to release a two-node solution for the enthusiast/SMB market. Xeon-D-based nodes are fantastic examples as they can put 128GB of RAM into a single node, allowing the creation of a highly available cluster with enough RAM to actually take Azure Stack for a ride.

I am aware that your first response will be "but... but... the cloud". Stow it. There's a bunch of us who are never going to be OK storing our data with Americans, nor particularly happy about subscription fees. You know this, or you wouldn't have made Azure Stack in the first place.

A pair of Xeon-D nodes can be had for cheap, and even with integration overhead this could probably be built for under $7,500. That's a great starter kit for a business looking to grow, or even a reasonable price for a nerd looking to build out a home lab but keep their skills relevant. Please, let this be a thing.

Containers and desired state configs

Containers are good. Containers are great. Why isn't everything in a container yet? I don't actually care about application isolation or network microsegmentation or any of the other things that most of the Twitterati seem to care about with containers. What I care about is that containers package applications.

For ages the fact that Windows applications spread themselves out across the operating system, putting files all over the place has been a problem. Some of this is Microsoft's fault for periodically tweaking where everything is "supposed" to go, but most of it is that developers are just lazy and do whatever they want. The rest is due to Windows being really, really odd about where it wants various files put.

Containers – or container-like technologies – can solve this. It happens in the VDI world all the time. In a VDI world, we can isolate applications from the OS and patch the OS and the applications asynchronously from one another. We can even remove applications without leaving a bunch of detritus in the file system, logs or registry!

The problem is that the software that lets us do this in the VDI world is a hideous morass of multi-tentacled nightmares. We shouldn't need to weld together a dozen applications to a hypervisor just to get an operating system that can install and remove apps as needed. And VDI-like tools for servers are still in their infancy.

Microsoft, you have the technology. Turn it on by default. Every application should be in a container forevermore. Never again should we submit to the tyranny of WinSXS's exponential growth, nor some remnant application interfering with a new one.

While you're at it, baking desired state config directly into the OS would be great. It's all part of the same thing. I want to, as an administrator, be able to inject an OS into a VM – or on to bare metal – have it check for a desired state from management server, and configure itself appropriately. I then want it to either attach the relevant applications and data automatically (if a server) or when a user logs on (if an endpoint). I also don't want the management side of this to be 20 applications that were designed by a drunken Dr Seuss during a manic phase.

Most of the pieces already exist, they're just not well integrated, or the default. I imagine a world where I could backup a system not by streaming a terabyte of system image, but by having that system backup a few config files and some data containers.

Restoring would be a matter of booting from the relevant OS's .iso, and feeding it the backup config file. It would install, configure, and even pull down relevant app containers. I then tell it where the data containers are and Robert is your mother's brother.


Oh, Windows. Microsoft, why have you let it get so royally screwed up? Safe Mode – a critical diagnostic feature – seems to have become nearly impossible to access unless you've already managed to boot the running OS.

Whatever happened to "mash the F8 key"? This was useful. I don't care about handwaving around "it boots too fast". Let us set a flag that makes it boot slower so we can roll it into our configs. Make F8 great again.

Like oh so many others, I'm quite angry that the only version of Windows that is almost usable is Enterprise. Enterprise only comes in packs of five, and this makes me a giant pink rage monster. Make Enterprise something that can be purchased one at a time, by consumers, without a subscription.

While you're handing out unicorns, for the love of Jibbers, please stop resetting default applications after every major update. We choose not to use Microsoft-provided applications for a reason. Respect that.

Spying and updates

Please stop spying on us. Give us the ability to turn telemetry and tracking all the way off, and the ability to uninstall spyware like Cortana entirely. Also, for the record, building telemetry into applications compiled with Visual Studio is not OK. Nor is installing apps without user permission. Please stop.


While everything else above are nice to haves, updates are the biggest sore spot. The truth of the matter is that Microsoft is unable to make reliable updates. It seems that every month for at least the past eight months the weekly patch Tuesday has broken something important. This wasn't such a big deal in the past, because we could simply avoid those updates that caused problems. Cumulative updates prevent this.

So please, Microsoft, end the cumulative updates nightmare. Get an update mechanism capable of restarting services after updates so we don't have to restart every month. Provide clarity on what updates actually do (your current policy is outright asinine) and build a system-wide update mechanism that third parties can jack into that isn't the hideous, partner-hostile bureaucratic mess of the Windows Store.

Maybe, just maybe, if you started digging into the above Microsoft could start to slowly earn back the trust of customers. Trust is sort of an important thing when you're asking customers to buy into your cloudy services, and your continuous development model and otherwise cede ever more control of their environments.

Trust and a less fragile operating system are both key, Microsoft. Your competition are working on building both. ®

Similar topics

Broader topics

Other stories you might like

  • Robotics and 5G to spur growth of SoC industry – report
    Big OEMs hogging production and COVID causing supply issues

    The system-on-chip (SoC) side of the semiconductor industry is poised for growth between now and 2026, when it's predicted to be worth $6.85 billion, according to an analyst's report. 

    Chances are good that there's an SoC-powered device within arm's reach of you: the tiny integrated circuits contain everything needed for a basic computer, leading to their proliferation in mobile, IoT and smart devices. 

    The report predicting the growth comes from advisory biz Technavio, which looked at a long list of companies in the SoC market. Vendors it analyzed include Apple, Broadcom, Intel, Nvidia, TSMC, Toshiba, and more. The company predicts that much of the growth between now and 2026 will stem primarily from robotics and 5G. 

    Continue reading
  • Deepfake attacks can easily trick live facial recognition systems online
    Plus: Next PyTorch release will support Apple GPUs so devs can train neural networks on their own laptops

    In brief Miscreants can easily steal someone else's identity by tricking live facial recognition software using deepfakes, according to a new report.

    Sensity AI, a startup focused on tackling identity fraud, carried out a series of pretend attacks. Engineers scanned the image of someone from an ID card, and mapped their likeness onto another person's face. Sensity then tested whether they could breach live facial recognition systems by tricking them into believing the pretend attacker is a real user.

    So-called "liveness tests" try to authenticate identities in real-time, relying on images or video streams from cameras like face recognition used to unlock mobile phones, for example. Nine out of ten vendors failed Sensity's live deepfake attacks.

    Continue reading
  • Lonestar plans to put datacenters in the Moon's lava tubes
    How? Founder tells The Register 'Robots… lots of robots'

    Imagine a future where racks of computer servers hum quietly in darkness below the surface of the Moon.

    Here is where some of the most important data is stored, to be left untouched for as long as can be. The idea sounds like something from science-fiction, but one startup that recently emerged from stealth is trying to turn it into a reality. Lonestar Data Holdings has a unique mission unlike any other cloud provider: to build datacenters on the Moon backing up the world's data.

    "It's inconceivable to me that we are keeping our most precious assets, our knowledge and our data, on Earth, where we're setting off bombs and burning things," Christopher Stott, founder and CEO of Lonestar, told The Register. "We need to put our assets in place off our planet, where we can keep it safe."

    Continue reading

Biting the hand that feeds IT © 1998–2022