Hacker News new | comments | ask | show | jobs | submit login
Why no Easter Eggs? (2005) (microsoft.com)
47 points by markusmknsri 7 months ago | hide | past | web | favorite | 80 comments

There was an article some time ago (also on HN) about a Linux command line tool which had an easter egg on a particular date/time - it's output was slightly different, and this broke some build scripts in another project, and as you can imagine, it was hard to pin down.

Then the easter egg was removed and people were complaining that "it's takes the fun, the human out" (as you can also see here)

But what if every command line tool had an easter egg at a particular date/time? Then on every day of the year one of your tools would misbehave. Is this really what we want? What if a safety critical process gets broken because of this.

A recent example:

> We've noticed that some of our automatic tests fail when they run at 00:30 but work fine the rest of the day. They fail with the message "gimme gimme gimme" in stderr, which wasn't expected. Why are we getting this output?


The obvious response to this is that there are two kinds of easter eggs.

The good kind doesn't do something one way a million times and then suddenly produce a different result given the same input for no good reason like your example date/time shenanigans.

Unpredictable behavior is called not being dependable. Not being dependable is called untrustworthy. Software should always strive to be predictable, dependable, and trustworthy.

But there have also been plenty of fun easter eggs in computing history that didn't needlessly make the software less predictable. We don't need to also throw out the baby.

I think it depends on the context. In video games, easter eggs are mostly fine. In utilities and tools, easter eggs are a potential source of harmful behavior and security issues.

Also you can do it in a non-destructive, non-random way. Take `apt` as an example.

The easter egg is running it with an undocumented flag. The "error case" is the same as mistyping a command. Sure, you could argue the return code is 0 when it should be != 0 but I'd argue a) if you're using the wrong flags it's your fault and b) if you'd hit --help by chance it would also return 0.

Well, parsing strings instead of having a well-defined api is fragile, so the easter eggs won't probably the only thing breaking the scripts.

Except that on Linux parsing strings and piping is the way of life.

Fortunately, if you pipe or redirect output, the filehandle won't be a terminal, so just check it with `isatty`[1].

[1]: https://linux.die.net/man/3/isatty

People like to complain about the systemd ecosystems and I don't agree with some of their choices, but I appreciate their emphasis on D-Bus RPC instead of fragile text-based interfaces (even if it has issues on its own).

This may or may not be an unpopular opinion, but I'm not particularly fond of all the string mangling going on in *NIX environments. It's great when the output format is well-defined - like many kernel interfaces - but please stop parsing "ifconfig" output!

> One of the aspects of Trustworthy Computing is that you can trust what's on your computer. Part of that means that there's absolutely NOTHING on your computer that isn't planned.

HA! That's incredibly amusing, considering, you know, Windows 10.

Given the windows update craziness, I've re-read this part a few times to make sure there's no double negative or sarcasm:

> there's absolutely NOTHING on your computer that isn't planned

There's LITTLE on my Windows VM that IS planned.

I guess that could be said with a straight face only because it was 2005.

Microsoft saw Android and iOS getting away with installing whatever they like at whatever time they like for years, and how little users complain about it; so they were seduced by such practices.

Completely true, however main reason for Android and iOS was Candy Crush on the go, while desktop has different requirements and use cases.

I don’t know about Android but my iOS devices only install updates to the OS and apps when I tell them to. Not everything is Windows 10 ‘Microsoft decides when you install updates’

I can easily ignore iOS and macOS updates for as long as I choose. Windows 10 will forcibly update me on shutdown unless I yank the power. Microsoft takes a much more forceful stance.

What gets installed on iOS that users should complain about?

It doesn't say "well planned".

Reflections on Trusting Trust of Windows! Are you kidding me?

Got any Easter eggs to show?

Does OneDrive count?

Candy Crush showing up on a business laptop running Windows Pro or what it is called?

Same with login backgrounds for a game a newer wanted, again on my business laptop running Windows Pro?

I often defend MS recently because some of the criticism is really over the top.

Stupidity like that however should be publicized and questioned IMO.

No comment.

Every single user-hostile bit of spyware, advertising, and nonsense in Windows 10 was put there on purpose, by more than one person, collaborating specifically to enrich Microsoft and fuck up your computer. It’s not an accident.

> Every single user-hostile bit of spyware... was put there on purpose... specifically to enrich Microsoft.

You don’t really believe that, do you?

Do you believe Microsoft forced their ads into the start menu for your benefit and they lose money on it?

Some of the problems with Windows 10 may be due to their incompetence but most of it is just greed and their know-it-all attitude.

> Once you've lost the trust of your customers, they're gone - they're going to find somewhere else to take their business.

Unless there is nowhere else.

One of the reasons I don't trust Microsoft is because they know perfectly well that the above aphorism isn't true. They have an effective monopoly, even more so in 2005 when this was written than now. They put a lot of effort into developing and maintaining that monopoly, arguably more effort than they put into building quality software. The idea that we're supposed to trust them because market mechanisms will force them to be trustworthy, after they have worked so hard to destroy those very mechanisms, is Kafkaesque.

Trustworthiness isn't the same thing as honesty. The goal of Microsoft is not to be honest, it's to be trusted. The article is exactly what it claims to be.

> Trustworthiness isn't the same thing as honesty.

It's also not the same thing as being trusted. There are many entities in the world that are trusted despite being neither honest nor trustworthy. (IMHO Microsoft is one of them, but they are far from alone.)

> The goal of Microsoft is not to be honest, it's to be trusted.

Yes, I get that that is their goal. My point is that they are trying to achieve that goal by being disingenuous and deceptive. (And they succeeded spectacularly.)

I think an important point is that trustworthiness and trust carry an element of relativity as compared to honesty. Honesty is pretty binary, but different groups can have wildly varying levels of trust.

Microsoft probably has a very high level of trust with a senior corporate IT buyer (CIO) but low levels of trust with a hardcore GNU/Linux believer.

How is it Kafkaesque?

I'm not quite sure how to explain it if it is not self-evident. The defining characteristic of Kafka's work was situations where the protagonist has to struggle against powers that are both unseen and overwhelming. So here we have Microsoft, one of the world's most powerful corporations, saying "You can trust us because if we were not trustworthy you would abandon us and flee to the competition." Except that there is no competition because Microsoft has destroyed it all. That reminds me of Kafka. YMMV.

How old are you?

53. Why?

I'm just trying to understand the exceptional hatred some people have for Microsoft.

Microsoft more or less destroyed the competitive market for computer operating systems and office software, and they did it not by producing a superior product, but by using their market power to destroy any potential competitors before they could reach a significant enough market segment to become a threat. What they did was illegal [1], but the deleterious effects of their illegal actions have never been fully remedied. As a result, we now live in a world where we have to live with inferior software produced by a non-competitive market, and the people who broke the law to make this happen are billionaires.

Does that help make it clearer?

(P.S. You probably would have gotten less hate from the downvote brigade if you'd just asked me that in the first place.)


[1] https://en.wikipedia.org/wiki/United_States_v._Microsoft_Cor....

Yeah, the explanation sounds all good and professional but it deeply contrasts with my Windows experiences.

While I can believe there are serious people working on this OS, I often seriously get upset by all the crap Microsoft is putting in Windows. (There was this time where it downloaded 'Candy Crush' on its own!?). I would prefer a few easter-eggs instead.

Seriously Microsoft, please be coherent.

> Seriously Microsoft, please be coherent.

This post is 13 years old. They may have been totally coherent in 2005 but lost their way by 2018.

> They may have been totally coherent in 2005...

If anything I think they were probably less coherent. Remember: this was still the era of Steve Ballmer and - to a much lesser extent by this time - Bill Gates.

They still thought Windows Mobile was going to take over the world of handheld computing, and Silverlight was going to take over rich applications on the web, and on it goes. Vista hadn't even been released and, if you want to talk about incoherent, let's maybe start a conversation about Windows Vista.

You're right, I haven't seen it and thought it was more recent.

In fact, the title got corrected from 2015 to 2005.

I think it's important to note that this is explicitly about "the OS division". Microsoft may have a company wide policy about this, I have no idea. But I think there's a huge distinction between an OS having hidden code and some higher level application or script having hidden code. The effects are much different and much more dangerous at the OS level.

7+ years ago at a different company I had a tiny picture of my face encoded and hidden deep within the bowels of our search system in a component you should basically never have any reason to touch, along with kinda nasty and obfuscated logic touching the global state of the application such that when you went to `/easteregg` you got my face.

Someone must have found it because it suddenly disappeared from all the sites that had it.

I'm responsible for the Asteroids easter egg in the Sun x86 lights-out-management. It is true that we sneaked it in using a rather unprofessional manner (the build system would incorporate it iff the build happened on the CIS build server). I'm older now, more experienced and probably wouldn't do that again.

I also stuck an easter egg in the Cobalt NASRaQ, back in 1999. It was taken out pretty fast (I had marked it in the code, "THERE IS AN EASTER EGG HERE," then checked it in). It did ship in the first version, though.

Much of that was also back before viruses and trojans were an every day occurrence, before an unpatched computer on a network wasn't going to be owned within an hour or so.

It was more fun back then, and we weren't the ones who ruined it.

There are two recent MS easter eggs I can think of:

1. Clippy is hiding in the "school supplies" Office theme.

2. The default user photo in Office 2010 was a silhouette of Bill Gates' mugshot photo. This one is gone in the recent versions.

Both are just images though. No code was harmed in the making of these easter eggs.

I can understand the reasoning behind Microsoft's decision, and somewhat agree, but ultimately I think something is lost when developers are kept from leaving their mark on projects they spend a lot of time working with.

I think a lot of developers leave their mark with documentation. I have myself stumbled upon many easter-egg comments that have put a smile on my face.

I remember reading the manual of a handheld PC many years ago. It was very professionally written and detailed. In the "updating" part though, there was something like "At this point, the update has started and pressing the back button continuously will only make you more angry". It had made my day.

That was one of the interesting things about the 1980's video game boom: Programmers were treated like rock stars.

Not with hookers and blow, but with their names prominently attacked to and marketed with the games. Especially Atari 2600 games.

If you saw a game by Joy McStickerson, you knew it was going to be a quality game, and often would buy it without bothering to read the reviews.

Didn't cut down on the Easter eggs, though.

Huh? The Easter eggs were originally added because Atari didn’t give their programmers’ rock star treatment, including acks on the packaging or in the 2600 game. See https://en.wikipedia.org/wiki/Easter_egg_(media)#Origin

I was under the impression that the military and maybe other branches of the US government have "no East Egg" rules for software they use, and I expected that to be the justification. Is this true? I found one document from a .mil domain that specifies no Easter eggs [1] but I frankly don't know enough context to know if this is actual policy that would apply to Windows.

[1] http://www.dtic.mil/dtic/tr/fulltext/u2/a495389.pdf

would you mind pointing on which of the 133 pages is the rule?

I could not find it after a quick glance.

I don't know if it is what tgb was referring to, but in section F-15, it says

c) No Malicious Code. Developer warrants that the software shall not contain any code that does not support a software requirement and weakens the security of the application, including computer viruses, worms, time bombs, back doors, Trojan horses, Easter eggs, and all other forms of malicious code

It's interesting they classify eastereggs with malicious code!

I'm glad I avoid doing business with the government.

Do a search for "Easter". It's on page F-15.

Well, Windows 3.1 back in 1993 definitely had easter eggs. I still after all those years remember some of them (the perils of being a kid back then; these things are just stuck in my memory):

- Start minesweep and press enter; then write "xyzzy" (remember the magic word from Zork) and press alt+enter. The top left pixel of the screen will change color if there's a mine under your coursor.

- For solitare, you could press ctrl+alt+shift when clicking on your stack of cards to get them one by one instead of three by three.

- Also for any program, if you click on the about Window you'd see the windows flag (http://logo-timeline.wikia.com/wiki/Windows) and then if you clicked a couple of times at a specific color (I don't remember exactly this) then you'd see some credits along with a sketch of Bill Gates!

Those were great! So, "why so serious"?

In older versions of our client, you could click on a portion of our logo five times to get a small pop up image of our programming staff. It was an easter egg, and cost next to nothing to implement.

I hope they change their minds someday.

With Microsoft's track record on security and bug issues, I really hope they don't change their minds. They should write exactly as much code as required and not one line more.

> They should write exactly as much code as required and not one line more.

They already clearly don't do that.

I like how Adobe Lightroom [classic] displays names of dev and QA (and other?) team members in a splash screen on startup. Apparently at least Photoshop does the same[0]. I've always thought this is a nice way of giving little kudos to people behind SW.

It works the other way too - a long time a go I was brought into a particularly challenged SW project (e.g. when we still shipped desktop apps with splash screens), and among other things, I put forward a proposal that we will do exactly the same: let the whole world see who is behind the code. Unsurprisingly, motion was shot down, but I think the mere thought that we might still do it made everyone contribute better code. Maybe. Maybe not.

[0] https://www.hongkiat.com/blog/heroes-of-photoshop/

Since Photoshop 1.0 they have always had team credits, much like how TV shows have credits, not as a hidden Easter Egg.

This set the precedent and that probably can't be changed now with upsetting people. Maybe that is the trick, get in on version 1 with non hidden credits.

There was a move a few years ago to create humans.txt files for websites. This idea died but essentially it was an effort to accommodate credits into web design. Personally I would like to see cats.txt as an Easter Egg feature.

I think client easter eggs are different from OS easter eggs.

> the OS division has a "no Easter Eggs" policy.

I worked with the creator of the first easter egg, David Ramsey. In the early 80's he added a "Zebra Lady" to Mac Paint. It made a lot of press when it was discovered.

Eh, MS is so damn big that they can get a pass on no Easter Eggs in operating systems. But I fully expect them to be games, etc. Have some fun, and respect your roots.

It makes me think about the Linage OS April fools joke. Very annoying and difficult to remove the notification that came with it.

I was unaware of it, but actually stumbled upon their apology[0] today.

[0] https://lineageos.org/An-April-Apology/

I remember getting that notification- my knee-jerk reaction was that I had contracted some malware on my phone. Not a great prank by any means.

I remember this debacle: https://core.trac.wordpress.org/ticket/12816 Notice the mention that "this was put in with great effort (to the extent of stopping Trac notifications) by Matt himself".

Which shows the maturity of WordPress developers as a whole. I'm still pretty bent out of shape that this had basically a decade...

Source: Have been a WP developer for a long time (shoot me) and I've received a FRANTIC call over this idiocy from a client in my early 20s. The user didn't know how they produced it in the first place, was having troubles communicating it to me because welcome to agency work, and I dropped everything because I assumed that the site was potentially compromised (or that the client was lying to me about "the computer virus on their website").

> we filed a bug in the database ("Exchange POP3 server doesn't have an Easter Egg"), we had the PM write up a spec for it, the test lead developed test cases for it.

I'm not sure you fully grasped the concept here...

The way I read it: we are taking your money (oh so much), we can't risk losing your trust if you happen to have no sense of humor AND we want to preserve the illusion that this is serious business.

It's funny how Microsoft talks about "TrustWorthy Computing" and thinks implementing Easter eggs could be malicious but a closed source os isn't ^^

What I’m most curious about is which business and governments had access to which Microsoft source code, circa 2005. Anyone care to enlighten me?

I wonder how many "easter eggs" were planted by people on the NSA's payroll pre-2005?

One of the lesser talked about things that was touched on in the Snowden docs is that the NSA sometimes has agents within companies similar to how we traditionally think of the CIA having "assets"

They have a point, but count me nostalgic for the early days of early technology. At a certain point things move from being homegrown and individualized to industrial, dehumanized, and commodified. No one really likes this process, but it's a choice our society has made. Of course, as a socialist, I believe we can make different choices, but I digress.

Fun will be forbidden.

It is sad. I disagree with that. Products needs to appeal to the end user. Easter eggs have that gut appeal.

They are like google chnage of the main logo, but in a sneakier way: you will not find them unless you look for them.

This is 2005, not 2015.

The '1' instead of a '0' is an easter egg.

Updated. Thank you!

Wonder how many "NSA eggs" have been planted in MS products over the years? All it takes is one NSL.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact