Follow TV Tropes


Darth Wiki / Idiot Programming

Go To

"I love lag, especially when you have eight processors and no excuse!"

You'd think it would be simple to program something to do something simple. Despite what some people may tell you, you're often right. In a perfect world, we wouldn't have programmers who assume that any simple task is a gargantuan effort that requires the importation of several processor-heavy 100-megabyte libraries just to set up. In a perfect world, machines capable of performing 2 billion complex calculations per second wouldn't be brought to their knees by spin-locks and memory leaks. Alas, such pleasantries would only exist in a perfect world, and it's at times like these where you wonder if the big brains behind your favorite products are just a troop of inebriated orangutans...or ants.

The other side of this is, of course, Genius Programming.

For similar issues, usually gaming-specific, see also Artificial Stupidity, Porting Disaster, and Game-Breaking Bug.

In general, a problem in a piece of software shouldn't be considered an example if it occurs in a pre-release (pre-alpha, alpha, or beta) build, or if there's no reason to believe that the software should be judged by professional standards (e.g. commercial software is fair game but non-commercial software often isn't, unless it's intended to compete with commercial software).

There are also a few things that often aren't examples, even though they might look like they are — in particular, software that appears to use a lot of memory or storage space on your machine. Your operating system might use a gigabyte of memory on your machine, but that's not because it actually needs it — what's actually happening is that it's using extra memory in exchange for a speed boost. Even the most resource-hungry consumer OSes used today can run on dinosaurs (although finding such a rig may prove difficult). Partisans in the Computer Wars will insist that everything the other company has done is Idiot Programming.

Some galling examples can be found on The Daily WTF (here), particularly the CodeSOD section.

See also Idiot Design for when the idiocy isn't limited to shoddy programming, especially bad UI design.

Pages with their own examples

    open/close all folders 

Brands with Their Own Folders

    Adobe — Its Name Is Mud, Literally. 
  • Adobe Flash (now known as "Adobe Animate"). Before it was discontinued, you may have once noticed it on this very site, taking up 100% of your CPU and 80 megabytes of your RAM to display a static image as an ad banner that would have taken maybe 12K of your RAM if it were a JPG. It was also seen on numerous video sites, as a Flash video player which dragged multicore, multigigahertz computers to their knees in order to jerkily fail playing h.264 video that would run silky smooth on Pentium IIs or G3s as unwrapped files. For comparison, playing a Flash video from YouTube through VLC Media Player only needs 1/4 to 1/2 of the CPU on a Pentium IV 2.8GHz system, and with much less memory usage.
    • Even simple programs, like Conway's Game of Life, which can easily run at 70 frames per second on a 486SX when written in C, would struggle to run at 5 frames per minute when the same code is used in Flash on a computer more than a hundred times faster. And sometimes, the already-poor performance of Flash was compounded by the often badly coded applications written for it. To give an example, The BBC embeds audio and/or video files in pretty much every article on the BBC News website. Unfortunately, the initial version of the Flash app they used to do this was so badly designed that any system with a processor below a Core i7 was pretty much guaranteed to be utterly brought to its knees for several minutes at a time while the player loaded. It took months for the app's performance problem to be fixed.
    • One version of the Windows Flash installer would sometimes report insufficient disk space even when there was no such problem. The reason is because the installer would check drive C for space regardless of the actual destination drive, and even if C wasn't assigned to a hard drive at all. Compounding all these problems is the fact that Adobe appeared to be deliberately crippling Flash in its capacity to perform its original purpose — vector-based animation — to try and get people to use it for what they wanted, which seems to be website layout.
    • Flash had issues on the security front as well. For example, over a two-week period in early 2015, Flash had three zero-day exploits appear and attack unsuspecting users. As each one was patched, the next one appeared to make people's lives more miserable. There was a movement that Adobe passively supported called "Occupy Flash" that pleaded with users to uninstall the plug-in; with the rise of HTML5 content, this quickly became quite feasible, enough that in July 2017, Adobe announced they would end support for Flash Player by the end of 2020.
    • The problems with Adobe Flash got so bad, that around late 2009 Google began using an in-house reimplementation called Pepper Flash in the desktop versions of Google Chrome. Since Google begrudgingly maintained Pepper Flash for as long as Flash itself remained supported (though they'd rather we used HTML5 and WebGL), it was considered the definitive (!) version of Flash, especially on Linux distros (which Adobe stopped supporting after Flash 11 in 2011).
    • On July 14, 2015, Mozilla announced that all versions of Flash were blocked by default in Firefox, citing Adobe's slow response to patching publicly available security exploits, to the delight of tech people the world over. However, Adobe soon issued patches, and Flash was unblocked — though the general feeling is that this incident added another nail to a coffin that had been a long time coming. YouTube gave the finger to Flash as well, and started using its own HTML5 player by default. The memory consumption was reasonable for the budget-computers in that time (Budget Pentium and AMD APU systems, for example), considering they were running the full-featured YouTube site. Also, unlike the Flash player, it supported videos that play at 60 frames per second, as well as playback speed options. A good omen, perhaps.
    • Ultimately, Adobe saw the writing on the wall, and discontinued Flash at the end of 2020. Which still left a lot of sites scrambling for ways to keep their content working, long after any site that was still using Flash had discovered their own workarounds for the program's issues.
  • Adobe Acrobat and Adobe Reader have their fair share of problems. Somehow, Ctrl+C to copy doesn't always work, despite the fact that this is one of the most basic features of any program that can display text. Sometimes it works, sometimes it silently fails, sometimes it fails and pops up an error message saying "An internal error has occurred", and sometimes it works but still pops up that error. And if you hit Ctrl+C four times in a row in a futile attempt to copy the same text, you might get one of each result despite the fact that nothing else changed between attempts. It's like playing a slot machine.
    • The installer likes to add bloatware to the system in the form of "helper" programs that start with Windows, stay running as background tasks, and which the main program runs fine without, and the equally unneeded Adobe AIR. Google searches for "Adobe Reader without air" are very common.
    • Linux versions were somewhat troublesome. Sometimes, when having several documents opened, you cannot change between them using the mouse — same for using the menus. You have to "unlock" it from the document by either clicking on the document, or using the keyboard to activate the menus. Adobe eventually stopped developing Adobe Reader for Linux, but that's not really a bad thing when less bloated PDF viewers, like Evince and Okular, exist (especially since those two also support other formats).
    • Early editions of Adobe Reader X would take forever to display a single PDF, take up huge amounts of processing power, and even had parts of the menu and toolbars disappear at random.
  • Adobe Dreamweaver is known to crash when trying to load a file with a size that's an exact multiple of 8,192 bytes. This is actually a known issue and documented on Adobe's official support forums. The recommended solution? Open up the file in a text editor and add a few characters to change the file size.
  • Despite Adobe Photoshop having been the gold standard for professional digital artists for years, later releases and developments have their increasingly disillusioned artist userbase investigating the products of competitors and open-source projects such as Paint Dot Net, Krita, and GIMP.
    • The company began insisting on billing the program as — and going to great lengths optimizing it to be — an idiot-proofed meme-generator and photo-sharpener targeted toward the lucrative "casual users with way too much money to burn who think Photoshop is magic" market. As a result, the "exciting new features" added to Photoshop are frequently things like yet another way to remove red-eye, while basic glitches and quirks that artists have been wanting fixed for years remain ignored.
      • These problems include things like the ability to freely scroll the canvas in certain modes,note  failure to update key aspects of the program like the "liquefy" tool to modern 64-bit multicore operation, and implementation of fundamental industry-standard utilities like total keybinding control, tiled windows in fullscreen mode, and changing the selected tool when the user changes tablet styluses.note 
    • The software's "exciting new features" occasionally displacing, complicating, and/or generally eroding the performance of the Genius Programming aspects of the program that endeared it to artists in the first place. Meanwhile, Adobe seems baffled by the fact that many artists have expressed a complete disinterest in trading their already-paid-for program for a rented one that introduces more such issues on a regular basis.
  • Some versions of Adobe Illustrator, on their initial release, include a bug wherein the entire program could be suspended by Windows, effectively making the program instantly run out of memory. This forced Illustrator into wireframe mode and caused visual glitches aplenty, and the only way to fix it was to close Illustrator, re-open it, and hope it didn't happen again. If you hadn't saved in a while, a user might catch the program in a good mood and be permitted to save if it got suspended, but it was a crapshoot. Thankfully, this tends to get patched out pretty fast, but later updates to Illustrator have caused this same glitch in multiple versions of the program.
  • Adobe Creative Suite for Mac, before it became the subscription-based Creative Cloud package, can be installed only on your startup disk. Made much worse by the fact that it also won't run on a case-sensitive file system... y'know, like anyone serious about using the Unix command line would normally have. There's a lovely hack for this that involves creating a case-insensitive disk image and tricking the installer into thinking that the image is an actual folder on your drive (not as simple as you might think, since the installer isn't tricked by aliases, symlinks, or mount points). And you have to run the hack script every time you update any component of the Creative Suite package. The reason for this massive headache? Adobe's programmers were sloppy and inconsistent about case in support file references. Instead of putting a handful of entry-level code monkeys on grep for a few days and establishing policies on support file naming and referencing, they coded the installer to reject case-sensitive volumes.

    Apple Should Have Thought Different 
  • The original 128K Apple Macintosh and its 512K successor weren't designed as upgradable machines, but their 400K internal floppy drives would seem in principle to be upgradable to the 800K double-sided drive introduced with the Macintosh Plus, since it used the same (custom) floppy controller. Anyone who did this without also modifying the firmware (as Apple did late in the 512K's product life) and attempted to boot from even a 400K system disk in the new drive would be unkindly surprised by a Sad Mac failure screen with the cryptic error code 0F0004. The reason was that differences in speed regulation between the two drives cause the calibration code to literally divide by zero.
  • Apple products, especially iTunes, have a habit of downloading updates, installing them, then leaving behind tens or even hundreds of megabytes (per update!) worth of temporary files which it doesn't clean up. Even if you update your iPod firmware, it'll leave behind the temporary files on the computer you used to update it. To add insult to injury, it leaves these files in its own application data directory instead of trying to look for a system-designated temporary directory, meaning any other program trying to find and clean up unneeded temporary files won't notice this particular cache of unnecessary files. It's like living with the worst roommate ever. To get rid of these wastes of space, you have to dig through your file system to find Apple's directory, look for the temporary directory within that, and delete the files yourself. It also always restarts the computer on Windows-based systems after applying the updates, without warning, even if it doesn't need the restart. It's annoying when you're leaving the updater in the background running and then your programs start to close all of a sudden.
    • There is an increasingly common issue where, for no discernible reason, any TV show episodes you bought from the iTunes store will suddenly stop playing at all, rendering just an audio-free black screen, forcing a complete reinstall of iTunes and QuickTime just to get your TV shows watchable again.
    • Notoriously, iTunes also does not support multi-user environments. Say Alice and Bob share a computer and both have their own accounts. If Alice is the first to run iTunes, Bob will find that iTunes will never launch for him, ever, for no good reason, until it is reinstalled, which in turn will lead to Alice being locked out instead until she repeats the cycle.
  • For some reason, when Apple was releasing Safari for Windows for the first time, it had a tendency to crash when attempting to bookmark a page. A basic web browser action, and it killed the program.
  • In a hacker's convention contest, Pwn2Own, Mac OS X was routinely the quickest to fall to an outside attack. And by "quickest", we mean "less than a minute". A common entry point for exploits? Safari. Whether or not Apple is improving browser security remains to be seen.
  • Apple Maps, which came pre-packaged in Obvious Beta form with iOS 6, had several glaring problems right out the gate. The satellite imaging technology was prone to inexcusable errors, from odd patchworks of pictures taken under markedly different conditions (some of which wouldn't even be considered usable, as they were covered in clouds or very low-quality) to severely misshapen landscapes and buildings. The map function frequently misplaced entire cities (and, on at least one occasion, continents), was outright missing countless locations (and creating several new ones), and the search and GPS were just plain broken. It quickly became the topic of ridicule, with entire Tumblr blog dedicated to mocking its shortcomings. Even the London Underground got in on it, with a sign reading "For the benefit of passengers using Apple iOS 6, local area maps are available from the booking office."
    • A few, hearing about the problems with the new Maps app, refused to upgrade to iOS 6 until Google came out with a third-party Google Maps app for the platform (replicating the old app's functionality, if not its interface).
    • People have also reported a purple flare when taking photos. Apple's response? "You're just holding it wrong."
  • Apple Music, at launch, had an unwanted "feature" where it scans your local files, deletes any music that matches what it thinks it has, and if it doesn't have it, it will upload a copy to its servers into the AAC format, regardless of the original encoding. Which means not only is Apple deleting files off your drive, if you're an independent musician or composer, Apple steals your music. All because Apple thinks if you wanted to listen to your music from the cloud, there's no point in having a local copy. Never minding that one will need a Wi-Fi connection for this to work. Also, if your subscription runs out, you can't access the cloud—even for music you created.
  • On an absurd level of Epic Failure in programming, High Sierra allowed the user to log in as an admin with no password! How they managed it is actually quite interesting: High Sierra upgraded the database format used to store logins. The system was written so that when a user tried to log in, it'd first look for their login in the new database; if it wasn't found there, it'd then try the old database. If found there and the password is right, the server would copy the data into the new database for next time. A good plan in theory, except there was a crucial problem that got overlooked: while it checked that the password was right before migrating the account, it didn't check for the account being disabled, which the "root" account is by default on macOS. So the old database returns an error that the account is disabled, but then — since it didn't return that the password was wrong — the migration process created an account with no password in the new database the first time a root login was attempted, which would then allow the user to successfully log in as root if they tried again, without a password. Fortunately, Apple patched it within 24 hours of it first being widely announced.
  • In early 2019, a bug was discovered in Apple's FaceTime service where if a user called someone else on FaceTime and then initiated the newly introduced Group FaceTime feature before the other person answered the call, the first person could still hear the audio picked up from the second person's phone as if they had answered the call. This prompted Apple to disable group calls on the server side until a fix could be patched in. For extra embarrassment on Apple's part, a 14-year-old boy and his mother discovered the bug and tried to send a warning to Apple a week prior to it becoming a major news story, but Apple ignored the problem until it was too late.
  • Prior to iOS 9, devices would shut off when the battery reached 10%, and refuse to turn back on until the user plugged in a charger. For no reason whatsoever. While it is industry standard for lithium-ion batteries to report as empty when they still have some charge (as if they're completely depleted, they can never be recharged), common wisdom is to mark that point as 0%.
  • iOS' auto-correct function infamously does not recognize swear words, and more often than not assumes they're typos. For example, "hell" gets corrected as "he'll", "fucking" becomes "ducking", and "shit" becomes "shut". Any other spell checking software would at the very least check the context of the sentence first before making that assumption, and there is no solutions to rectify this other than turning off auto-correct altogether, or using a third party keyboard that bypasses the built-in autocorrect and does understand swear words.

    Google's Not Feeling So Lucky 
  • In an effort to restore the tainted image of Internet Explorer, Microsoft has touted that it is more power-efficient than competing browsers. They mostly weren't taken seriously... until Google admitted to not bothering to patch a bug that caused the Windows version of Chrome to guzzle memory for years. note 
  • For some reason, if you attempt to save a picture from Twitter to your computer from Chrome, it will be assigned the nonexistent file type ".jpg-large". The kicker is that if you manually insert the .jpg, the picture will save just fine. It's even worse on Android Chrome, where you can't save pictures from Twitter at all.
    • This appears to be caused by the way Twitter handles pictures. When you click an image in your twitter feed, it appends ":large" to the URL (example). Some browsers have no idea how to handle this — Chrome will try to name the example "C92VACaV0AAZG7V.jpg-large", while older versions of Firefox note  will try to name it "C92VACaV0AAZG7V.jpg large.jpg%20large". Other sites that use URL postfixes can have similar problems.
  • So what do you do when you've had enough and want answers from Google Customer Service? Call them? Hope you weren't planning to do that over Google Voice, because the application is incompatible with the Google Customer Service line.
  • If you for some reason have to reset your Android device, you have to use your Google account to unlock it. This sounds fine, if it wasn't for the fact that it forces you to use your old password and doesn't accept a more recent one.
  • Android's power-management system makes it highly vulnerable to rogue applications. To explain it easily: by itself the system always tries to go into deep sleep, where everything is as powered-down as it can be to save battery life — unless an app tells the system "hey, please wake up, I'd like some CPU power to do stuff" using something called a wakelock. Well-made apps make sparing use of wakelocks — for instance, to check messages every few seconds by very briefly waking up the phone. But a badly-made app can request wakelocks continuously, keeping your phone awake and drawing battery power uselessly. There is no easy way to prevent this in current versions of Android. An experienced user can install all sorts of monitoring applications and try to hunt down and delete (or freeze temporarily) the accursed rogue app, but it's often a difficult and frustrating task, made worse by the fact that applications that used to behave fine can break during an upgrade and become rogue. Importantly, the hunt-down-the-power-sucker rigmarole is not a basic-level operation, and a lot of average users don't even know it exists — leading many to complain about the battery life of handsets that really should be lasting a lot longer. It has gotten so bad that many phone manufacturers now include an app that tracks power usage across the system and alerts you to these battery vampires. And this should be a basic function built right into Android!
    • Often, the rogue app is an integral part of Android. The backup feature, for instance, likes to get stuck and stay awake trying to sort itself out — for eternity, if not disabled manually. Ancillary Android apps show up as a bundled-together "Android System" entry in the stock power manager (making it impossible to know what part of the system is messed up without, again, third-party monitors); a quick Google search for "Android System battery drain" will show rather effectively how often Android pole-axes its own power management.
  • YouTube has had its fair share of blunders over the years. One would think the largest video-sharing platform in the world would be more wary of things like this, but alas, no.
    • The sole reason Content ID exists is to cut down on copyrighted material being uploaded on the site. The problem is that it only does the bare minimum: it only checks if the content is there. It doesn't take into account length, context, or how much of it is in the video compared to anything else, let alone if it even falls under Fair Use. There have been many cases of people who've had their own creations taken down because Content ID falsely flagged them for copyright (which, under the American laws that YouTube is required to follow, is illegal). There have been multiple attempts to try and make the system not quite so strike-happy, including relaxing a few of the restrictions and having the ability to challenge a claim, but these have a spotty track record at best. Jim Sterling noted that the copyright system doesn't even work as intended, since there is a way around it: if there are multiple copyright strikes in a video (because it's using audio or video from multiple different sources), the video doesn't get taken down and nobody gets the ad revenue, since each company would have to prove the claim on videos that have been flagged multiple times. This is a result of the algorithm checking the same video multiple times, flagging it as violating copyright multiple times... and then doing nothing about it. Also, you can upload pure white noise and get up to five different Content ID claims from record labels who have that sound effect in their library.
      • One thing Content ID struggles with is things in the Public Domain. More specifically, it cannot tell the difference between the original work and copyrighted material that uses it. Uploads of classical music are often hit by this because Content ID mistakes them for things like covers or third-party re-releases. Similarly, uploads of The Conet Project are claimed to be songs from random indie groups because the song in question sampled it. Of course, the public domain is no stranger to exploitation, but what should be fair game for anyone to use turns into an unnecessary game of "who owns what" when it comes to Content ID.
    • In late 2017, YouTube started demonetizing videos that were found to be unsuitable for advertisers. Some of the videos that got hit with this included suicide prevention videos, Professional Wrestling videos, any gaming video with a gun in it, and even videos that hadn't finished uploading yet. Meanwhile, an A-List celebrity talks about a mass shooting and that didn't get demonetized for some reason (he kept the ad revenue, by the way). Other incidents include demonetizing any video with the word "dong" in its title (leading to the popular Vsauce series DONG being renamed to D!NG, and game streamer AdmiralBulldog's DongTales series being changed to CuteTales), and footage of Mortal Kombat games. The worst was the platform accidentally discriminating against the LGBTQ+ community due to the LGBTQ+ topic in general being associated with homophobic videos and the mistakes not being corrected due to Heteronormative Crusaders in sexually conservative countries reviewing the decisions. YouTube later came out and stated that this was all being done by a trigger-happy machine-learning bot. Time will tell if this actually improves.
    • The filter used for YouTube Kids has been flawed since day one. At varying points, the filter's recommended white nationalist political content, offensive parodies of cartoons such as Peppa Pig and Mickey Mouse, absolutely bizarre live-action videos featuring copyrighted characters acting out pregnancy and severe illness scenarios, and other nonsense that children should probably not be watching. Don't trust it.

    • In early 2017, a bug caused several YouTube channels to continuously lose subscribers. One such channel got their sub count in the negatives because of this glitch. They later stated on their Twitter that this only affected the number being displayed, and not the actual sub count. Allegedly.
    • Its algorithm for recommending videos, simply put, is not very well-coded. For instance, it has a tendency to recommend videos that the user had already watched as soon as yesterday, or flood users with clickbait videos that aren't relevant to what they watched. There is also the ongoing problem with rabbit holes apparently caused by an exclusive focus on watch-time, wherein looking up certain innocuous search terms will turn your recommendations into nothing but conspiracy theories, skinheads, or in one case Poor Man's Porn of children. (Don't worry; that last link describes the issue and is safe for work.)
    • How YouTube enforces its community guidelines is notoriously flawed. How a three-strike system is supposed to work is to give users penalty when they break the rules in hopes that they won't do it again. However, that doesn't stop you from getting three strikes all at once (usually from Content ID takedowns), and your account gets suspended out of the blue, often with little-to-no reasoning as to why. Popular music channel SiIvaGunner had this happen to them near the end of 2018, who got hit with a total of eight different copyright strikes, and it took them weeks to get them all appealed before the channel finally came back up. Nor is there a cooldown period protecting you from further strikes while the first batch is still fresh, meaning you may not be able to respond to the first strike(s) before further strikes happen. All this makes it easily abused by individuals who are particularly hostile to criticism, such as Gilson B. Pontes, who waited for James Stephanie Sterling to review enough of his games for him to slap their channel with multiple bogus copyright strikes in quick succession, leaving them no recourse but to threaten legal action.
    • Google literally bottlenecked Microsoft Edge so that YouTube performs worse on it. This was an attempt to sabotage the browser's video playback capabilities, which normally outdid Chrome by a long shot. Apparently, this isn't the first time they've done this. Sadly, this eventually caused Microsoft to finally cave in, and Edge's codebase has since moved over to a Chromium fork.
  • Google Assistant devices tend to pull up Wikipedia articles if you ask them for information about something. Burger King infamously tried to use this as a gimmick for a Whopper commercial. Then came the thousands of vandalizers who thought it would be funny to edit what the devices were reading, and replaced it with complete non-sequiturs and toilet humor. It got so out of hand, to the point that Google blacklisted the audio clip entirely so nobody else would try it. Wikipedia themselves have since put an edit lock on their article for the Whopper to prevent it from happening again.
  • For reasons unknown, Gboard even with self-correction disabled will often glitch while writing on comment services such as Disqus, causing it to begin to repeat what has already been written and/or garbling it, to the point that it's better to write your comment in a text editor, copy the text, and paste it on the comment box. Earlier versions would also be memory hogs, staying in the background and consuming up to hundreds of megabytes of RAM, which was a pain in the ass especially on lower-end smartphones/tablets with low resources.
  • In February 2009, Google Search temporarily marked every single website as unsafe, because someone blacklisted the forward slash. You know, /, that character every URL has in it?
  • Android offers the Smart Lock feature to make unlocking the phone more convenient under certain circumstances. One option is unlocking through Trusted Places. In theory, it's supposed to allow the user to leave the phone unlocked in places like at work and at home as long as the user is within a radius of a certain location. In practice, this feature rarely actually works, more often than not keeping your phone locked when you're at a place you designated as Trusted. Or worse, thinking the phone is always in a trusted place, even if you moved away from it for over an hour.
  • Google Play has a bizarre habit of occasionally failing to update apps due to the downloads pending indefinitely. Normally, resetting the app by clearing the data and cache restores normal operation. To their credit, the problem was mostly resolved eventually.

    Hewlett-Packard: Inventing New Headaches 
  • HP's printers, scanners, and fax machines come with software to go with the hardware. All of that software except the printer's drivers are optional, but HP does everything short of flat-out lying to suggest that the other crap is required. If you do install the optional software, the stupid thing will pop up a "Error: Your HP printer is disconnected" every time you turn off the printer.
  • In The New '10s, HP and several other printer companies started using DRM in their printers to block refilled cartridges in an attempt to exploit printer ink's ridiculously high markup rates. However, they're notoriously inaccurate, which means they randomly reject new cartridges fresh out of the box, ostensibly for no reason.
    • This is because part of the system is a microprocessor on the ink tanks that will completely brick the cartridge after a certain date. That's right — ink cartridges now ship with an expiration date that the retailer sees on the shipment box, but since they're not "perishables" or food items, they're not required to display this information on their packaging.
  • The Hewlett-Packard support assistant that is equipped with many of their computers, such as the Pavilion, is very poor at automating automatic updates of included software such as Cyberlink's utilities and HP's own service software. Batch updating often results in several updates failing to install, requiring the user to manually download the failed updates themselves.
  • In an effort to better suit beginning users, HP includes bundles of software on their pre-configured computers (including the infamous Norton Security software) that adds functionality like CD and DVD authoring tools, some Wild Tangent game trials, and other stuff. Unfortunately, if you're a power user who wants to only install your preferred software, this software just gets in the way and can potentially interfere in the smooth operation of Windows.

    Worse, back when Microsoft was pushing for Windows 10 as the universal "NT" standard, if you took Microsoft's free offer to upgrade to Windows 10, the upgrade may not go as expected, leaving a barely usable system with slowdowns and even fatal crashes. Fortunately, if your system wound up a disaster, you can use a software tool (such as "Produkey") to copy down your installation key, download Windows Media Creator to make a bootable installation DVD, and install a clean copy of Windows 10 without the extra bloat on the hard drive and processor and enjoy a pristine system.
  • Some of HP's printers come with a feature called HP Smart Install. Ostensibly, this is supposed to make the printer quick and easy to setup by utilizing an autorun program to install its drivers. However, some computers might simply detect the printer as a CD drive when plugged in, and even if the setup program is run manually it might fail halfway through. In fact, going into the printer's menu (if it has a physical control panel) and disabling Smart Install is the better option, as the computer will search for the drivers online and install them itself with the added bonus of not installing the extra, unnecessary software included with the Smart Install package.
    • They wised up... by moving the HP Smart and its associated drivers to Windows Store and somehow ran worse that the in-disc Smart Install drivers.

    Microsoft Doesn't Take You Where You Want to Go Today 
With a company which specialized on an operating system that's made to work for many different computer systems, do you think it will be really, really flawless?

  • Microsoft in general tends to have a lot of problems with Not Invented Here and an inability to let go of problematic legacy code and designs (often because lots of third-party software relies on the problematic behavior) in their own unsung examples of Idiot Programming.
  • Like The Daily WTF, Microsoft veteran Raymond Chen's blog The Old New Thing is a good place to look for explanations of things that at first seem to be Idiot Programming on Microsoft's part. As Chen puts it, "no matter what you do, somebody will call you an idiot".
    • As of October 2010, this is a list of programs that can be described as "we found this program doing stupid shit and have to work around it". One of the reasons Vista was so poorly received was because a lot of programs that did stuff they shouldn't have done wouldn't work properly, "properly" being based on guidelines formed around 2001 but actually enforced in 2007.
  • Mac Word 6 is infamously known for being so bad, that the Windows version ran faster in an emulator. Bear in mind that this was back when PCs ran x86 code and Macs were on the 68k architecture. Exacerbated by the quality of its immediate predecessor, Mac Word 5.1, often regarded even today as Microsoft's finest work and possibly the best word processor ever written. The troubles of Word 6 were mainly due to an attempt to make it universally coded (i.e., both Mac- and PC-friendly), but the result was a slow, memory-intensive clunker.
  • Versions of Word as recently as 2003 have had a document filesize limit of 32 megabytes, even though that could be reached by a document with 30 reasonably-sized photos embedded in it.
  • Despite its beautiful and fairly responsive user interface, Windows Live Mail has several glaring flaws, such as pegging the CPU for a full minute to fetch mail from an IMAP server and popping an error message every time it's disconnected, even though it should be a Foregone Conclusion if you leave a dormant connection lying open for several minutes with no activity.
  • Every version of Microsoft Windows gets this when it first comes out (except, strangely, for Windows 7), but Vista and ME have had the highest amounts of backlash.
    • The common belief now is that most of Vista's bad reception came from a sub-optimal initial release, which had a number of serious bugs relating to file transfers and networking (they mostly caused speed problems rather than data corruption ones, but it made using pre-SP1 versions of Vista a pain in the backside). Most of the serious problems were fixed with Service Pack 1, but Vista's reputation, which had already been dented by its failure to live up to Microsoft's early promises, never really recovered (to the point that Microsoft itself dropped support for Vista fairly quickly in some of its applications, with Office 2010 and Internet Explorer 9, released in 2010 and 2011 respectively, being the last versions of those applications to be compatible with Vista). Even after applying service packs, Vista is still very noticeably heavy compared to Windows 7/8/10, especially on budget Pentium D systems and comparable AMD chipsets.
    • Windows ME, on the other hand, was considered to be the worst operating system (apart from the infamously broken MS-DOS 4.00) ever released by Microsoft, to the extent that geeks have been wondering for years whether it was some kind of Springtime for Hitler plot to make the upcoming NT-based "Whistler" (which would eventually become Windows XP) look good by comparison. The biggest problem was that its memory management system was so catastrophically broken that up to one-third of any given system's RAM was often rendered unusable due to memory leaks.
      • There is a particularly facepalm-worthy bug where Windows ME, for the first time, supported Zip files without an external program. This was back in an era when diskettes were still ubiquitous, so the use case of a Zip file spanned across multiple diskettes was not a particularly uncommon situation. Opening a spanned archive would result in a prompt for the first diskette... and it would keep asking you until you produced that diskette. If it was lost, reformatted, or damaged, you were out of luck because there was no way to cancel out of that dialog box and no way to terminate it without terminating Windows Explorer.
      • Another stunning Windows ME design decision that seems brilliant on paper but turned out to be terrible in execution: In Windows 3.x and 9x, if a program was stalling, you could press CTRL+ALT+DEL to interrupt it, and pressing the buttons again would force a reboot. In Windows ME, CTRL+ALT+DEL became the key combination to open up the Task Manager instead, but pressing the buttons again would still force a reboot. However, since this is Windows ME we're talking about, there was absolutely no way to tell if the computer was majorly lagging or if it didn't read the input at all. And of course, if the system is lagging, it still keeps track of which buttons you've pressed. So, naturally, when you push CTRL+ALT+DEL to open up Task Manager just to shut down a program that isn't working right, the Task Manager doesn't appear. Wait 30 seconds. Still nothing, so you push CTRL+ALT+DEL again. After another ten seconds, it finally pops up. You go to close the program, and then... "Windows is shutting down."
      • ME's biggest problem was that, like its predecessor Windows 98, it supported two driver types: the new, NT-style WDM DLLs we're all comfortable with today, and the old VxDs that originated way back in the days of Windows 2.1. The idea was to phase out the old drivers while maintaining backward compatibility; alas, what actually happened is that the two driver types didn't play nice with each other. As a result, if you needed a combination of the two driver types for your computer (which almost everybody did), ME crashed often and with great enthusiasm. However, if you were one of the lucky few whose hardware only needed one driver type, ME actually worked kind of decently — hence the occasional user who can't quite figure out why everybody hated ME when it worked so well for them, especially those trying it out in modern times with a virtual environment, as VxD hardware has become all but extinct decades later, thus the issue never appears.
    • Windows 2000, which came out the same year as ME, was marketed by Microsoft as the most secure version of Windows, ever. This was an accidental case of Damned by Faint Praise, as inevitably demonstrated when high-profile malware such as Code Red, Nimda, and the ILOVEYOU worm made the scene over the next year and a half. This was exacerbated by the OS being intended for business use and web servers, meaning that any production environment which either couldn't afford to upgrade to later versions of Windows or decided to stick with 2000 was essentially a sitting duck for malware authors, hackers, and scammers. Microsoft also wound up omitting a TCP/IP-related fix from a 2009 security update because much of the OS would have to be rewritten just to make it possible, and there was no guarantee that applications designed for Windows 2000 would continue to run on the patched system.
    • Windows XP was pretty decent in most aspects when it was released... except for the OS' security, which was broken beyond belief — to the point where it was arguably even less secure than 2000 had been, which is particularly ironic as the codebases of Windows 2000 (internal version NT 5.0) and XP (NT 5.1) were for the most part identical — even if it wasn't obvious at the time of release. This owed to an attempt to make it backwards-compatible with the past four OSes. Famously, it was demonstrated that if you installed the RTM build of XP on a computer in mid-2007 and browsed the internet for just an hour, the OS would be hopelessly corrupted by viruses and malware, to the point of requiring a complete reformat and reinstall of the system. That said, most of the major issues were fixed by Service Pack 2, and it became the longest-supported version of Windows to the point that it received critical security updates to protect it against WannaCry and BlueKeep three and five years after extended support ended, respectively.
      • This was exacerbated by the decision to assign the main user account administrative privileges, opening up many ways to potentially ruin the operating system. This helped the operating system to behave more like Windows 98 (whose internal architecture did not fully support multiple users) for compatibility; a very risky choice, leaving an uncontested back-door open to attacks that required patch after patch to remedy.
    • Vista was particularly hilarious in the way it restructured so many things that Microsoft actually had to set up workshops to teach people how to use it; customers found these workshops very helpful. Snarkers were quick to pick up on the fact that Vista was perfectly intuitive, provided you had a trained expert holding your hand every step of the way.
    • A major annoyance for new Vista/7 users who migrated from XP is the Read-Only bug. Any hard disk with a NTFS file system that was created in XP that gets imported into a Vista/7 system will by default have all files and folders stored in it as read only, even for a user with administrative privileges, and even if one uses the "take ownership" feature. The solution would be go to the Security properties of each and every file and folder (the fastest way would be to go to the file system's root directory and select all files, and apply the following steps to all child files and folders), add the current user account to the list, declare it the owner, and grant all privileges.
    • Windows Update may sometimes screw up the bootloader on the hard drive, necessitating a reinstall of sorts to fix this. Particularly annoying if the Windows install didn't install the recovery environment and, thus, a way to fix the computer. Also, the occasional Windows update seems to not regard the drive letter of the Windows installation they're being installed on, instead just selecting the earliest drive letter with a Windows installation on it, or some other arbitrary means. This is evidenced by trying the update, having it fail, turning off the computer and physically disconnecting the other drive, trying again, and the update works.
    • Users that updated to Windows 8.1 via the Microsoft Store noticed one crucial feature about Windows 8 that was really nice to have: Refresh. This way you can effectively "reinstall" Windows without having an install disk. The problem? It actually relied on a special file (presumably an ISO copy of the install disk) and the 8.1 update failed to include this, making it impossible to use the Refresh command. Though, some people have figured out a way around this.
    • Windows Vista introduced the ProgramData note  folder and encouraged application developers to store system data there, with adding content in many applications simply involving dragging and dropping new files in to read. Cue Windows 8.1 making the directory writable only by admins...
    • Windows Update on many machines (from Vista to 10) may sometimes install a driver update for Ethernet and Wi-Fi adapters. This wouldn't be a huge problem, except the drivers installed are produced by Microsoft, instead of the manufacturers of the adapters in question. The ensuing software conflicts tended to kneecap said adapters' ability to resolve DNS, which is basically what outputs an IP address clientside when input the corresponding web address.note  Inevitably, the affected machines would surf the internet very slowly, if at all. The workaround involves rolling back or tricking Windows to install earlier drivers, in one case, even Windows 10 have to run with a Windows 8.1 driver!
    • A notorious problem is that Task Manager, the interface primarily used to halt crashed programs, became a standard program itself from Windows Vista onward. This means that it can be impossible to start Task Manager if the crashed program is "spin locking" (constantly using the CPU without achieving anything) because Task Manager has no special claim on the CPU compared to the crashed program. Task Manager also tries to place itself on top of other windows, but again has no special claim on this, so it can be forced to the back by fullscreen or aggressive programs — an exploit frequently used by malware. Ironic because in Windows 3.1, Task Manager took priority over absolutely everything, although this may have been because of the much simpler multitasking architecture and lack of DMA.
      • Likewise, Windows Explorer (the software that provides the desktop interface) is considered just another program, not part of the operating system. This means that even fundamental tasks like starting programs and moving and copying files can be disrupted by other programs.
    • The search indexer introduced with Windows 2000 has gradually become more of a performance hog in the Windows versions since, but it really reached its zenith in Windows 10, where the indexer harvests just about every bit of data (and metadata) imaginable from files, and will re-index the entire hard drive at the slightest provocation. For anyone with a halfway decent SSD this generally won't be too obnoxious, aside from the odd bout of short-lived, seemingly random slowdown, but for those still stuck on mechanical drives (especially the slower ones in laptops) it can make using your computer an absolutely torturous experience, with a common performance tip being to disable the Windows Search service.
  • The (now-defunct) Zune software. The interface is fine, but at first it devoured RAM and hog way too much CPU power for what it does. Each subsequent release managed to improve performance, though, to the point where as of Version 4 even machines that don't have much higher than the minimum specs can run it with all the visual effects turned on with little to no problem. iTunes, on the other hand, started at bloated garbage and got even more slow and bloated over time.
    • The Zune player itself, on the other side, had a leap-year glitch which made them freeze up on New Year's Eve of a leap year because of the clock driver screwing up on how it handles leap years.
    • The Zune was also incompatible with PlaysForSure-protected media. Microsoft apparently can't even maintain compatibility with its own stuff.
  • Windows Live Hotmail. Until late 2010, despite being entirely capable of handling everything the application did, Opera and Chrome had to spoof as something else before Microsoft would allow access. They also had to supply their own scripts, because the ones served by the site itself were broken.
    • In 2011, they've fallen prey to yet another issue. They're attempting to fight spam... by preventing it from leaving the user's draft box. Perfectly legitimate mail is often blocked, which they acknowledge, giving no clue for how to change it so you can send your message beyond "re-edit it so it looks less spam-like". "Spam-like" has, among other definitions, content-free subject lines such as "RE: How's it going?".
  • Active Desktop was an optional Windows 95 update released in 1997 in an effort to catch up with that "World Wide Web" thing that had taken Microsoft by surprise and capitalize on the new push technology hype (basically RSS feeds). The concept was ahead of its time: you could place webpages and things like weather and stock updates right on your desktop and bypass the browser altogether. It also gave your folders a spiffy overhaul, introduced the quick launch bar, and made everything clickable look like hyperlinks. In fact, folder windows were browser windows and you could type both URLs and folder paths into the address bar. There was one problem (aside from the need to be constantly connected over pay-per-minute dialup to receive push updates): many user interface elements were essentially outsourced to your browser, and this was back when a crash in one browser window tended to take down all others with it. The browser was the paragon of instability known as Internet Explorer 4. You can see where this is going.
    • Things got more sensible and less crash-prone in Windows 98, but the desktop components remained unstable all the way until Microsoft realized nobody used the feature for exactly this reason and replaced it with desktop gadgets in Windows Vista.
  • Microsoft Outlook:
    • Outlook 97 through 2002 used one giant .pst blob for all emails, which tends to get corrupted once it reaches two gigabytes. This page acknowledges this, and implies that it is the user's fault for exceeding the size limitation, since users have nothing better to worry about in their lives. Note how the error doesn't come up until after it is a potential problem, and the fix simply truncates the .pst to 2GB, destroying the messages that don't make the cut without doing anything to prevent the issue from coming up again.
    • Prior to Version 7, Exchange did much the same thing: all mail for its users was stored in a single flat file on the Exchange server. This file was generally created in its entirety in advance and populated over time rather than constantly expanding. Problems: if the file became "fragmented" as users deleted messages, it would require a compression cycle, which required the server to be taken offline for possibly hours. Additionally, if the file reached its limit, it would simply stop accepting new messages without even attempting to notify users that something was wrong. The file could be increased in size, but only to about 16GB (as of Exchange 5). The safest solution was to migrate to Exchange 7, which in and of itself is a nightmare that often required rebuilding the entire system to deal with the absolute requirement of Active Directory.
    • IT security experts advise to turn-off message preview because if you click on a infected message, you'll still end-up opening the message and activating the malware. Microsoft obviously didn't care about security: they enable message preview on all your Outlook folders by default with no way to turn it off globally.
    • Outlook 2007 had a very bizarre problem where merely having the font Helvetica installed on the PC would cause Outlook to crash whenever opening a new email.
    • Outlook 2013. Want to see your old messages in the inbox? Well, you can't! You have to click a damn link at the bottom of the screen "to see more". You just changed folders and want to return to the inbox? Guess what, you need to click on the damn link again! There are no options to display all your messages in your inbox.
    • You've inserted a joint file and have opened it up to make sure it's good before sending. Outlook will warn you that you're about to alter the file and ask you if you want to continue or not. If you keep saying no, it will not stop harassing you.
    • On January 1, 2022, users of Microsoft Exchange Server around the world found the service totally shut down, with servers crashed and emails stuck in limbo indefinitely. The reason? The program stored date and time data as signed integers, which max out at 2147483647. This is all well and good unless you decide that you're going to store the year in the first two digits, then find yourself releasing an update with the reasonable-sounding version number 2201010001. The oversight, which Ars Technica called a "rookie programming error," was swiftly nicknamed the "Y2K22 bug."
  • Internet Explorer:
    • Internet Explorer 6...note  hoo boy! At the time of its release it was widely seen as being a decent enough browser, though a lot of people complained that it hadn't really changed that much since Internet Explorer 4. What became obvious as the years progressed note  was that it suffered from unbelievably poor security, to the point where new exploits were being found literally every day by the hacker community by early 2004. The fact that it was an integral component of Windows and didn't adhere to the principle of least privilege made things worse, as it meant that exploits could affect the whole system if it was run using an administrator account. This, combined with Microsoft's stubborn refusal to do anything more than patch the most serious bugs, effectively restarted the Browser Wars which had largely been over since 1998, and saw Microsoft's 90+% share of the browser market get demolished by Chrome, Firefox, and the other browsers, leaving Internet Explorer (and its eventual successor, Edge) used by only a small minority of users.

      The transition from IE6 to newer browsers wasn't helped by IE6's support for HTML standards somehow being even worse than its security, requiring massive re-coding of websites. In fact, some had to maintain separate IE6-compatible versions for several years after IE7 was released. On top of all of this, a ton of corporate intranet applications were designed with IE6 in mind and simply didn't work at all on any other browser, forcing many big companies to stick with the browser (and, by extension, Windows XP) even to this day, thus still posing a massive security risk. There are several more things we could talk about, but the bottom line is that IE6 is often regarded as being not just Microsoft's worst product, but arguably one of the worst tech products of all-time.
    • Internet Explorer 7 and 8 both talked up a "new commitment to standards and performance", with each one certifiably supporting more features than its predecessor, but each paling in comparison to every other browser available when released. IE7 did fix some of the most severe bugs that IE6 had suffered from, but the underlying engine was near-identical with most of the new features being cosmetic, and for the most part the browser was just as insecure and bug-ridden as its predecessor. IE8 by comparison had a redesigned engine that fixed most of the security problems, but added a new problem in that it kinda sucked at rendering older websites. Microsoft tried to divert attention from this by hyping up its "Web Slices" and "Accelerators", both of which were features that only Internet Explorer supported, but all the other browsers could feel free to implement themselves! While this trick worked for Netscape during the first Browser War (until Microsoft ended it by fiat by bundling IE4 with Windows 98), it didn't take this time around, and both versions languished in obscurity, hemorrhaging market share all the while.
    • Internet Explorer 9, however, looks like Microsoft has learned their lesson in what they have to do, and that it's going to finally avert this, with development focusing exclusively on W3C-standardized features (as in HTML5, CSS3, and EcmaScript 5), many that every other browser already supports, and some that they don't — but only ones that are part of the World Wide Web Consortium-approved standards. Of the tests that Microsoft has submitted that IE9 passes but other browsers fail, most are passed by at least one other browser, with some tests they've submitted not even passing in Internet Explorer 9, but passing in Opera or Safari.
      • Many legacy features are finally being re-architected to match the reality of modern Web browsing, such as JavaScript being implemented as part of the browser instead of going through the generic Windows COM script interface that was introduced over a decade ago and used through IE8.
      • To top it off, the IE9 Platform Previews run completely platform-agnostic examples an order of magnitude faster than every other browser out there (by implementing hardware-accelerated video through Windows' new Direct2D API).
    • Not that the later, stabler versions of Internet Explorer don't have their share of irritating issues. IE has the ability to reopen your last browsing session after a crash. Seems fair enough... until you realize that this will not only reopen the tabs and windows you had open but anywhere from five to over 30 additional windows open to your home page, for no apparent reason.
      • It usually keeps track of any browser window that crashes, and opens all of them the next time you're prompted. Normally this isn't a problem, but if you open IE by clicking a link (or double-clicking an internet shortcut on your desktop/start menu) while it's your default browser, you won't be prompted to re-open your last session. If this one crashes, too, it's added to the record. You can see where this is going. Open 20 browser windows like that and crash them, and then when you finally open one by just double-clicking the IE icon, and choose to restore your last session, and it brings all 20 back. A good practice, taken much too far.
    • With Edge, Microsoft introduced support for "desktop notifications", allowing websites to show toaster notifications using JavaScript. Unfortunately, they hooked it to Windows' own notification API, without any forced title to make it obvious that the notification is coming from a website through Microsoft Edge. A boon from heaven for malvertisers!
    • In 2019, after years of trying and failing to push Microsoft Edge, Microsoft decided to abandon its proprietary EdgeHTML engine and switch to the Blink engine used in Google Chrome and all of its derivatives. This led to a minor mistake in which early versions of the Blink-based Edge had the same user agent as Chrome, which led Microsoft sites to detect as Chrome and urge users to switch to Edge, even though they were already using it.
    • Windows users have criticize Microsoft underhanded tactics to force to users to use Edge, comparing them to malware: opening Edge on start-up, importing bookmarks from other browers, changing the default browser without the user consent, changing the default program for HTML and even PDF for Edge, forcing Bing as the default search engine. And that's just the tip of the iceberg.
  • While Microsoft Office 2007 introduced some new features that were well-received, its introduction of the ribbon interface saw considerable controversy. The ribbon took up a good portion of the screen at the cost of usable editing space (exacerbating the problem in Word where you would have to either constantly scroll up or spend most of your time looking at the bottom of the screen if you typed a lot) and was not customisable without third-party tools. Many features were shuffled around and renamed, which made the ribbon even more confusing to use for Office veterans. On top of that, Office 2007 was a RAM hog, making it crippingly slow even on machines with 4GB of RAM, although this was fixed as of Service Pack 3 in 2011. Eventually, the problems that plagued the ribbon in Office 2007 were resolved: future Office versions allowed ribbon customisation out of the box, users got used to the interface, multiple-core processors and better systems made Office 2007 really light as of 2011 (coupled by the aforementioned update), and the screen cluttering became less of an issue as larger, high-definition screen resolutions became more commonplace.
  • In all word processors regardless of the OS, the CTRL key combined with the arrow keys allows you to navigate the text word by word, making things a lot faster. Microsoft thought it was a wonderful idea to screw everyone by turning the CTRL key in a pop-up windows for its copy-paste. And no, you can no longer turn it off in later versions of Office.
  • Whenever a large copy/paste is made, Office will make the baffling request to users to either they want the copied information be made available for further copy/paste or not. What's next? Asking users to handle the SWAP file by themselves?
  • You open a file and Office tells you can't because it's locked and someone is already using it. And that someone happens to be you. And you have to wait until you close it so can you can open it. Congratulations Microsoft on making people waste their time.
  • Games for Windows Live was Microsoft's attempt to take on Steam, and given Microsoft's sheer resources, many thought they would have some success in this. To put it lightly, however... they didn't. Poor design choices all around meant that it never attracted many users, and was eventually discontinued in August 2013, to be replaced by an integrated app store in Windows 8 — and for all that OS' faults, the app store sensibly decided to target casual games, a market which Steam and the others haven't exploited as much — until Windows 10, that is. As for why the GFWL marketplace was discontinued:
    • To install a game, the user had to have enough room to store three entire copies of that game on your hard drive note . For some games, that's well over 30 gigabytes (and by the end of the store's life, could reach 100 gigabytes). Contrast with Steam, which requires enough room to store one entire copy that you actually use.
    • Also, while Steam will automatically update your games for you so that you never have to worry about not having your game up to date, Games for Windows Live would only tell you it needed to update a game when you actually tried to play it. You know, the exact moment when you don't want to wait several minutes for your game to be ready.
      • It is also a crapshoot over whether you can actually get that update — DLC could be denied to a player for no reason whatsoever. Red Faction: Guerrilla's multiplayer mode was rendered entirely unplayable until the developers, like many others, updated the game years after the fact to integrate it with (who else) Steam instead, because GFWL basically decided that faking an update and then slowing the game to a crawl rather than finding whatever it was looking for sounded like jolly good fun.
    • Another terrible aspect of GFWL is that a lot of games using it have their save games locked down in a way that makes you essentially lose them every time you reinstall a game or try to transfer your progress to another system. Again this compares unfavorably to Steam, which either just keeps out of the way of screwing with save-files in the first place, or, with Steam Cloud, outright embraces transferring them to different systems or installations.
    • Also, if you somehow registered for the wrong country, there was no way to go back and change it. At all, not even with customer service. The only solution was to create another account with a different name (and lose everything in the previous one, of course).
    • To add to grievances, the program is so bad that Microsoft blacklisted its own program in Windows 8.1. If you attempt to install GFWL, it will ask "This program has compatibility issues, do you want to run it?" However, in Windows 10, running a GFWL game without GFWL might call Program Compatibility Assistant to "helpfully" suggest you install GFWL... And Steam will be forceful in installing prerequisites in first time run including GFWL...
  • Unfortunately for gamers, once Microsoft attempted supporting hardcore gamers again on PC on Windows 10, said gamers discovered that the Microsoft Store is an absolute disaster. Drive space limitations, issues downloading games, and now requiring patches to play a game at all even in single-player, the fact that the Store client refuses to run if the Windows 10 version is slightly outdated, and the way downloading patches works essentially means you need to have enough space on your hard drive to be able to download the entire game again just to patch it, among other issues. Some gamers are claiming that these issues make GFWL look competent by comparison, with many considering it the second incarnation of GFWL. No wonder PC games such as Quantum Break and Rise of the Tomb Raider have sold terribly on the Microsoft Store, in the realm of single-digit percentage of total sales with the rest being the Steam versions. To the point that in around 2019 Microsoft, or more accurately XBOX Game Studios, gave up exclusivity and allow selling their games to Steam no strings (except for Windows 10 requirements) attached. In late 2021, Microsoft announced that they were going to update the Xbox app on Windows to support traditional, unobfuscated installs like Steam and other launchers do.
    • There is also the UWP format, which is essentially an attempt to replace the standard Win32 executable. Except not only is it severely locked down and limited as far as PC gamers are concerned, the way the DRM works also clearly wasn't thought through well enough — for instance, Forza Horizon 3 has a DRM system involving encrypting and decrypting sections of the game data in real-time when said data is needed. Problem is, this is a massive performance hog, and doesn't mesh well with an open-world driving game that loads sections of its game world on the fly, resulting in massive performance drops. Bafflingly, Denuvo did the same thing with (comparatively, as different build of Denuvo and its attached game demonstrates) little performance hogging. Thankfully, Microsoft Studios learned their mistakes, as shown in how Forza Horizon 4, which runs on UWP, was massively better optimized.
    • That being said, UWP repeats the same problem GFWL did, and even worse, now the files are obfuscated and encrypted. If you're lucky, installation errors may force you to redownload an entire game from scratch like a buggy download manager from 2012 (which were also a common problem in Windows Update). In the worst case scenario, the systems made for handling UWP apps can fail to properly clear out space used for downloads when something goes wrong. This means the game essentially becomes trapped on your drive, gigabytes of data locked in folders you're barred from accessing, causing any attempt to reinstall it to fail and making it completely unplayable. The only real solution to get the drive space back and play your game is to wipe the drive entirely and reinstall Windows; the system for handling app installation is extremely fragile and not made to be touched by users, so trying to take control of where the files are being kept so you can delete them is likely to break it, preventing you from ever installing or updating UWP apps. It wasn't until late 2021 that Microsoft officially deprecated UWP, and then later introduced "Advanced Installation" features for games that would let you manually delete files like any other service has always let you do.
  • Versions of Windows Media Player randomly crash with a cryptic message about "server execution" failing. Even when you're trying to play a simple .wav file on your computer with no DRM and network sharing disabled, and there's no conceivable reason it would even need to access a remote server in the first place.
    • Also, Windows Media Player started as a very simplistic, lean-and-clean little software that did its basic job (of playing multimedia files), and did it decently well. Then at some point each new version of it added more and more eye candy to it, increasing its resource consumption and decreasing its usability, up to a point where it became almost unusable. This is the reason why Media Player Classic was made, actually: to give people the good old WMP without the bloat. The Windows 7 version of WMP backed up a bit on the eye candy and bloat and is at least barely usable.
    • Then came "Groove Music" and "Movies and TV" as the replacement, which, on older systems, is barely running and even more bare-bones than the feature-packed K-Lite and Combined Community Codec Pack (which includes the aforementioned Media Player Classic), let alone VLC, with the embedded store functionality bloats more than it's necessary. Windows 11 would later combine the two programs together, marketing it as a redesigned Windows Media Player, and even naming it that. While it's definitely more convenient that there's one single app dedicated for playing media files again instead of two, the same issues still linger.
    • Windows Vista introduced a new module called the "Rich Preview Handler", which allows audio and video files to be played right from File Explorer without having to open anything else. For this to work, however, Windows Media Player needs to be set as the default program. If an extension doesn't have WMP as its File Association, files of that type simply won't show up. This became even more problematic in Windows 8, which deprecated WMP in favor of the aforementioned "Groove Music" and "Movies & TV", and had them be the default for their respective extensions. Thankfully, many codec packs use workarounds to have File Explorer ignore what's set as default, and force Rich Preview Handler to always show up.
  • Any Windows installer that ignores the default install directory in the registry and tries to put the app in C:\Program Files regardless belongs on this page, but especially if:
    • The documentation advises against putting the app in Program Files (because, say, it tries to save its settings in its own directory, multiple users be damned).
    • The installer tries to put the app in Program Files even when you tell it to put it somewhere else.
    • The installer refuses to work at all if you don't have a C: drive.
    • The program is 32-bit, and puts itself in the Program Files folder instead of Program Files (x86) on a computer running a 64-bit version of Windows.
    • Perhaps most infuriatingly, telling the program to install somewhere else will cause it to install some of itself in the specified location, and the rest in Program Files anyway. Bonus points if it only makes a token effort, putting a couple megabytes where you told it and hundreds in the default location.
  • When trying to make a Windows 8 boot disk, it may fail unexpectedly. The reason is because the screensaver or sleep mode kicked in after minutes of inactivity and messed up the whole process.
  • With the development and release of Windows 10, Microsoft released an update for Windows 7 and 8.1 that did nothing except pester users to get the new OS. This would merely be annoying if it didn't cause the occasional error, slow down boot time, and use lag-inducing amounts of processing power, all for the purpose of informing users of Windows 7 and 8.1 about an OS that hadn't even been released yet.
    • Even after getting rid of the update that caused those annoying pop-ups, they kept coming back! Microsoft just kept getting more and more aggressive in their campaign for 1 billion machines with Windows 10 installed. Rather than annoying users relentlessly, they shortly turned to trickery to force users into installing it with misleading pop-ups, users' consent or not. When angry users complained about Microsoft's unethical and devious tactics, they played it off as unfortunate update errors or blamed it on the users. Mercilessly parodied here. That said, Microsoft learned from this, as the dialog notifying users about the impending end of support for Windows 7 on January 14, 2020 is similar to the Windows 10 upgrade prompts, but does not explicitly mention Windows 10.
    • In its relentless drive to get users to upgrade, Microsoft offered Windows 10 for free to users of Windows 7 and 8.1 as an optional update through Windows Update. Many users have Windows Update set to "download optional updates and ask before installing". Cue 4 GB of data being delivered to users in countries with low data caps or on netbook-type devices with minimal onboard storage. Regular Windows updates are several orders of magnitude smaller. It got so out of hand, that a local news station doing the day's weather had an update prompt pop up on the weather map during the live broadcast and a few hotels had their entire systems bricked.
    • Windows 10 installs updates by default, leaving home users with no way to defer or refuse defective updates except through ways that seem like hacking (which involves using registry entry script to trick Windows Update to pause for a very long time). Before launch, Microsoft claimed they would perform rigorous testing of each new update through their Windows Insider program. Long story short, the first update that left users with an unusable computer occurred before launch, as the beta phase was winding down.
    • If you're on a previous version of Windows, notice it installing the "Upgrade to Windows 10!" nag screens, go "hell no you don't" and delete the applet and registry keys (probably using GWX Control Panel) after it's downloaded and started the preinstall but before rebooting and letting it finish, the system will become broken beyond rescue and will need a full reinstall.
    • One of Windows 8's somewhat-new features was Fast Boot (similar to hybrid sleep mode from earlier versions), which speeds up how quickly your computer starts up and shuts down at the cost of not being able to simply shut down for things that require a restart. This feature stuck around for Windows 10, now called Fast Startup. Cue an update that broke it so badly that a bluescreen was guaranteed within hours of a fast startup until the user disabled the feature. And then, in an amazing display of poorly-timed hubris, immediately after this bug was fixed, cue another update which forcibly turned Fast Startup back on for everyone who left it off after the last update — on top of this update breaking everything running on Chromium.
      • Fast Startup in general can be more trouble that it's worth. If you migrated to a solid state drive, you can easily turn it off without much extra delays. However, the real can-of-worms is that Fast Startup replaces the ability to perform a true shutdown, which is a good practice for starting Windows fresh without any bugs from save-stating Windows, even if it takes more time. Some usually pre-Windows 8 hardware wasn't necessarily designed with Fast Startup anticipated, which may lead to system anomalies. However, when Fast Startup became standard since then, using the Restart command equals true shutdown, as the CPU uptime is reset to 0.
  • If you thought GUI programming in general was bad (see below), well, Microsoft has you covered. Windows has five separate GUI toolkits (Win32, MFC, Forms, WPF, and Metro). Win32 is the one all others are implemented on top of, but its (never used nowadays) default settings produce controls that look like the ones in Windows 3.1. MFC is a C++ library on top of it, but was designed before C++ was fully standardized and comprises numerous ugly hacks such as DIY exception management and classes that simulate diamond inheritance. Windows Forms is the much cleaner .NET-based equivalent and WPF is supposed to be the revolutionary new interface for the Windows desktop, but Microsoft roughly alternates between apparently abandoning each one. And then came Metro, better known as "Who put a smartphone UI on my desktop?".
    • And the real killer with this is that because Forms and WPF are designed around C# and the .NET CLR, there is no up-to-date native code UI toolkit for Windows. This has resulted in a proliferation of third-party toolkits (all implemented atop Win32)... which in turn ties down Microsoft to keeping those old toolkits around, because there's so much software using old third-party toolkits that require the old interfaces to be maintained bug-for-bug.
      • Microsoft appears to be trying to fix this with the introduction of the native code C++/CX and UWP in Windows 10. In fact, the aggressive pushing of the Windows 10 upgrade was likely to be partly motivated to maximize the availability of this system to developers.
    • It's also kind of bad if you want to program in Ruby. Or Python. Or Factor. Or any language whose low-level libraries are written in C, which is practically all of them. Because of the awkwardness of the Windows native UI libraries, they tend to use cross-platform UNIX-based ones, which often have very badly maintained Windows ports, and again produce software that looks more than 10 years old without extensive retooling (Java is the one exception).
    • Did we mention that all the work to transform the programmer's use of MFC/Forms/WPF/etc. into Win32 is done by your computer and your CPU, every time any program you ever run under Windows does anything?
  • For a year or so, Windows 10 had multiple bugs and slowdowns until Microsoft incrementally updated these problems as a token of goodwill. These annoyances (along with many new mandatory features) did not help Windows 10's negative image in the eyes of the owners of previous versions of Windows.

    On startup, if Windows 10 detects a problem with the hardware, it will scan through as usual. After making a slow-ass scan of the whole system, it invites the user to click on the repair button, except the mouse and the keyboard may not be responding. With no way to initiate repairs, the OS is utterly useless.

    The System Restore feature has also been problematic historically. If you ever need to roll back the system, there is no indication that the available restore points are usable until you attempt to use it. Maybe it's antivirus software misbehaving, but it can be like flipping a coin to see if your restore point works. Chances are, you've tried rolling back the system only for the system to reboot and Windows to notify that your system has not been changed and the restore point failed. Also ridiculous is when the system reports a failure to restore, but rebooting the system will reveal that the restoration was fine. Additionally, using System Restore after a major Service Pack update may actually ruin the system, requiring an installation DVD for a clean install (your files are moved into a directory unharmed).

    You may as well just ignore System Restore and just use Control Panel\System and Security\Backup and Restore (Windows 7) to save a drive image to a removable HDD/flash-stick and create an emergency boot DVD. Use this combo for when your computer goes insane; there is too much that can go wrong with System Restore.
  • As of Version 7.18, Skype has a tendency to crash whenever the user tries to copy something out of a chat window, or even when they try to browse through folders! Windows Explorer being a completely separate process which shares no resources whatsoever with Skype, this last one is particularly inexcusable. It's never a good sign when the official solution for a problem is "switch to an older version".
  • Speaking of Skype, starting around 2022, users signing up for a Microsoft account from there are presented with a frustrating challenge as a form of captcha. This would merely fall into Scrappy Mechanic (or an actually effective security check if it actually and properly works) if not for the fact that any new user, no matter the network the registration is done from, is forced to play the "spin until 2 arrows are facing exactly upwards" game for 10 times, and can still fail, even if all 10 puzzles are done correctly, for no reason. What is more insulting is that registering a Microsoft account from any other service (official website, Outlook, etc.) does not impose this challenge at all, which really makes one wonder what Microsoft were thinking when they came up with that captcha.
  • Although solid state hard drives render file fragmentation a moot point, on conventional hard disks, the anti-fragmentation routines of NTFS are not very forward-thinking. When NTFS tries to place new files, it does place them in a location where they tend to be contiguous, but files that undergo alterations in size tend to fragment.

    This is perplexing as the Linux Extended series of file systems seamlessly manages file fragments on mechanical drives without any user input. One may wonder why Windows 10 can't have such an optional toggle for on-the-fly file consolidation at certain intervals.

    On top of this, Microsoft was so convinced that NTFS was immune to fragmentation that the Windows NT line prior to Windows 2000 didn't include a defragmenter. Never mind that a lot of NT users installed it on drives with FAT or HPFS file systems in order to maintain compatibility with Windows 3.x/9x and OS/2 systems.
  • Windows 10 has a tendency to install apps (most infamously Candy Crush, later the launcher to the cloud version of Office) without the user's consent, and no way to disable this feature other than changing the registry. Or simply don't connect to a network during install, and unpin all the downloading tiles before connecting online.
  • Windows 10's start menu search got a little... overzealous... with its Internet integration, to the point where web results are frequently prioritised over things readily found in major directories on your own hard drive, so good luck trying to remember where you left that file — Cortana sure as hell isn't lifting a finger to help. If you wanted to stop this from happening in the first place, you'd have to dig into the Windows Settings and find the Start options... and most would click out and look somewhere else, because the option to turn this "feature" off wasn't called "Turn off Web Results" or something helpfully obvious, it was labeled as "Show suggestions occasionally in Start". The Windows Explorer system search fortunately still works for finding mislaid files.
  • The revamped version of the Windows Calculator included with Windows 10 will randomly softlock completely out of the blue. It still looks fine, it doesn't say "Not Responding" when you click on it, even Task Manager still says it's running okay. It will simply stop responding to any and all inputs and have to be closed and restarted.
  • Windows Aero (replaced by Metro in Windows 8 and later) may look cool, but there are many programs (especially ones that make use of transparency layers) that flat out do not display correctly if Aero is turned on.
  • Ever wondered why Windows Explorer on Windows 7 and later is missing the folders pane's horizontal scrollbar, forcing users to resize said pane to visualize folders that are within many subfolders? That's because Vista removed it when it introduced an auto-scrolling feature that rendered it obsolete. The problem is that the programmers broke the feature when they updated Windows Explorer for Windows 7, and never bothered fixing it or bringing back the scrollbar. Thankfully, Classic Shell (and its open-source derivative, Open Shell) brought back the feature.
  • Windows 10 is infamous for forcing users to download updates regardless of whether it is convenient or not, at one point interrupting a Twitch stream. However, ruining a Counter-Strike: Global Offensive streak live on Twitch is not why this is a terrible idea. The real reason became clear in October 2018, which saw the beginning of a series of chronic issues with update quality control that at this point has arguably become an Audience-Alienating Era and risks making users terrified that their computer will be the next one to be broken. One ex-employee blames all the problems on Microsoft deciding to make the bulk of their QA team redundant and outsource any QA beyond "slap it in a virtual machine and see what happens" to volunteers, causing potentially catastrophic programming brainfarts to slip through the cracks simply because they don't cause crashes and only cause problems on specific hardware. And of course, that's when long-term testing is possible...
    • First, that month's Feature Update prompted technology news flashes for reports of the patch deleting people's local user files, forcing Microsoft to withdraw the update until they could stop it from doing this. How the bug happened  Mercy to those who didn't have spare copies of critical files in a backup area. One may wonder how this "feature" managed to get by quality assurance, especially with an Insider Program intended to warn Microsoft about such "features".

      Apparently, people in the Insider Program did warn Microsoft about the bug, but because the reports weren't given enough upvotes, Microsoft did not "see" the reports of the glitch, thus the update went live without anyone checking. On top of this, the October 2018 update had even more bugs such as files inside zipped folders being lost if you cut and paste the files inside without extracting them first, incorrect CPU usage displayed in the task manager, and certain HP PCs bluescreening/crashing due to keyboard drivers not being compatible with the update. It wouldn't be until March 2019 that the update was finally deemed acceptable for business users, and even then it didn't play nice with Internet Explorer 11 or computers with multiple audio devices.
    • In November 2018, the reports of noticeable bugs in updates still persisted, such as issues with older Intel drivers calling incompatible features in Windows, and sound being disabled on some computers.
    • After an April 2019 patch was determined to cause certain computers to freeze at boot, Microsoft publicized that they'd allow users to decline updates (after reluctance to add such a feature since releasing Windows 10 in 2015). This incident finally motivated Microsoft to better test for fatal updates. One of the causes of said freezes were the OS fighting with anti-virus software, which you would think Microsoft would take into account since such software is vital for a Windows computer. However, there is a set limit to decline updates, until the end of support for the current build of Windows 10 (which could range from 1.5 to 2 years, essentially allowing the user to skip at least 2 or 3 feature updates).
    • The May 2019 update had a bug where it refused to install if it detects USB or secondary storage devices attached to the computer because "An external USB device, SD memory card, or UFS card that is attached to the computer can cause an inappropriate drive reassignment on Windows 10-based computers during the installation of the Windows 10, version 1903 update." If you were unable to temporarily disconnect such devices, you may have been out of luck, barring some arcane work-around. This was a likely scenario if you had a tablet with a small 32 GB drive and need a spare flash drive for the installer to have space to unpack the files.

      Another problem with this update is that it doesn't like certain Intel and Broadcom Wi-Fi adapters... as in, the driver will completely brick itself, preventing the adapter from working on boot. This seems to specifically be a problem with NEC computers and some gaming motherboards. Microsoft has suggested manually enabling the driver in Device Manager — essentially forcing the driver to run — but you have to do this every time you restart the computer.
    • At one point, a cumulative update introduced a less serious problem to Lenovo laptops — the Eye Care mode gradually increasing the red hue if you took a screenshot, resulting in orange screens. Although the problem was caused by Microsoft, Lenovo fixed it with an update to Lenovo Vantage, but this may not have been necessary with more rigorous testing on Microsoft's part.
    • What happens when Microsoft can't send an update to Insiders for bug testing purposes because it's a patch for a catastrophic security flaw that they have to release posthaste, leaving them with their long-since-diminished in-house testing facilities? The update in question is extremely difficult at best to install and causes BSODs and boot failures for a number of people who did manage to install it, that's what happens. Whatever is going on with this update — some people blame disabling Connect, some think it wasn't tested with Ryzen processors — it's yet more evidence that farming bug testing out to volunteers was a bad idea.
    • On 03/09/2020, a potentially catastrophic bug(s) was found in optional update KB4535996, putting another nail in the coffin to farming out bug testing. Manually installing drivers may fail and can even break an installation due to a conflict with Core isolation in Windows Security. If a computer is really unfortunate, it may fail to boot at all, or produce the infamous Blue Screen of Death at the login screen. Even uninstalling the offending update may not be enough, leaving the system with glitches. Slowdowns, audio problems, and breakage of Visual Studio were reported as well.
    • The May 2020 update (Build 2004) introduced another potentially catastrophic error to the Storage Spaces feature. If this feature is used to protect your data as a form of backup, the data may become corrupted which is the complete opposite of what you'd expect. One recommendation is for users of this feature to input a fairly intricate command line command to make the feature read-only which is hardly an elegant solution for users who are unfamiliar with how the command lines work and isn't much consolation if one had their data corrupted already. More ironically, running CHKDSK on drives that seem corrupted would make the situation worse.
  • Windows Malicious Software Removal Tool has a tendency to place everything on external hard drives, and keep everything hidden so the user doesn't notice. That is, unless, you have "Show hidden files, folders, and drives" turned on, in which case, congratulations — you found out why your hard drive is going off all of a sudden.
  • The Windows SmartScreen feature (that usually block apps without proper signatures though it can be unblocked) in Windows 10 will sometimes block access to applications opening... even if they were made by Microsoft itself.
  • There is a reason the Microsoft GS Wavetable is so infamously bad. In actuality, it's an entire fork of a Roland Sound Canvas SC-55. ...But almost none of it is accessible. For whatever reason, it only loads Bank 0; everything else is Dummied Out. On top of that, Chorus and Reverb effects aren't there either, so you're stuck with your MIDIs sounding unnatural and cheap. Wanna exchange it for something else? Well, too bad. As of Windows 7, the option to change MIDI devices is gone. So, even if you have an expensive sound module hooked up to your PC, there's no way to actually make use of it without third-party software. This is a large part of why MIDI as a whole gets the So Bad, It's Good reputation it has today.
  • One feature introduced in an update to the Windows 10 version of MS Paint is that you can move the cursor with the arrow keys. While this works fine when you're actually using the program, this behavior lingers on if Paint is still running. Even if the window currently isn't active.
  • An update to OneDrive made it so that the program notifies you if a file is deleted. It's an alright idea if you rarely delete files and need extra peace of mind, but this backfires with games that frequently modify files that might be on OneDrive (due to most default setting synchronizes Documents folder to the user account's OneDrive) such as StarCraft II, interrupting the game by stealing focus when the game deletes an outdated file such as a save. Very helpful, Microsoft! You can disable it easily with the notification dialogue, fortunately.
  • The Windows installer has difficulty dealing with computers equipped with multiple hard drives, often to refusing to install on your drive of choice even if there's ample space available. Usually your only solution is to disconnect every drive from the computer except for the one you want to install Windows on, and then reconnect them after the installation is complete.
  • Whenever Windows 10 makes its monthly update, you're treated with a progress in percentage of the download, then it install itself...and nothing happens for the next several long minutes. The update does install, but without any on-screen indications, users are left wondering either if it's bugged, broken or finished. The better alternative is to manually download the damn update yourself from the Catalogue service and install it. At least you'll have a progress bar.
    • Said monthly update will download itself at Windows's convenience, disregarding every single setting you have about active hours, as long as it has detected a suitably short time without any keyboard/mouse inputs, grinding the OS to a pace slower than walking through a wall of molasses. Then said update will sit on the computer until it's installed, slowing down the startup process to take up to an hour (and that's with the update force-installing itself along the way right when the device needed to be in use, too).
    • Thankfully, Windows 10 can be configured to functionally blacklist the updater, it takes three or four different edits to the registry to cover the backups and redundancies as sometimes the smooth usage of a device is preferable to playing Update Roulette.
  • In earlier Windows 10 major updates, it would literally reset every Windows setting on the computer to the default setting and log them out of everything. For example, it would turn back on Search Indexing, a well-known resource hog for that operating system. The user would have to re-login to everything and re-configure the Windows settings they had prior to the update. Thankfully, this was fixed in a patch.
  • On the 4th of September 2022, a faulty Windows Defender update identified every single Chromium-based app—including Google Chrome, Microsoft Edge, Discord, Spotify, and Steam—as "Behavior:Win32/Hive.ZY", resulting in frequent, if not constant, nuisance warnings throughout the day.
  • A ongoing problem with Windows is how attackers use its driver signature feature against the OS. Microsoft has a program to allow drivers to go through a vetting process, a sensible thing because drivers run at administrative levels and so if there's something that goes wrong with the driver, all sorts of bad things could happen in the system. Once the driver is vetted, it's essentially trusted without question. The problem comes if a vetted driver has a vulnerability. While Microsoft has a system in place to revoke vetted drivers, the problem is the amount of drivers, including different versions of said driver, Microsoft has to support. So they may be able to revoke trust of a handful of drivers, but there may be thousands out there. So a common exploit is to find one of those vulnerable drivers and load it into the OS.
  • As a possible effort to push users onto OneDrive, Windows 11 modified the File History backup system so that it was no longer possible to add custom folders chosen by the user. Worst of all, it did not tell users that this had happened. Hope you enjoy finding out that your files silently stopped being backed up. And really hope you find that out before the rotation of backups means that the older backups, with those files still in, are deleted..

    Sony — Functionality is Make Believe 
  • As discovered in the months when the PS3 was hacked, some of the code in the system involving signing software was discovered to use a constant integer for all systems, which was barely obfuscated at all. Some simple algebra was all it took to get it. Click here for a full explanation 
  • The Sony rootkit designed to install whenever a user placed an audio CD in their computer. Ironically, this wouldn't get installed on many users' computers because it required administrative privileges to install, and a safe setup will deny these privileges to prevent just this kind of software from installing. On top of that, the rootkit installed on AutoPlay, which means (on Windows XP and earlier from before AutoPlay was changed to be prompt-only) you could defeat it by, on top of disabling AutoPlay altogether, holding the Shift key when you insert the disc. If the rootkit did manage to get itself installed on a paying customer's computer, it would slow down the CPU and open up gigantic security holes that would invite (additional) malware. Not helping matters was Sony taking down posts from bands (including Switchfoot) made to help fans who wanted to bypass the rootkit, and when then-Sony BMG president was asked about the whole ordeal he actually said "Most people don't even know what a rootkit is, so why should they care about it?". Sony later released a program that would supposedly remove the rootkit, but only installed more crap. And to download it required submitting a valid e-mail address, which Sony was free to sell to spammers. It's perhaps the greatest example of an anti-piracy action that does nothing to discourage piracy, and, indeed, punishes people who purchased your product legally — all in the name of Copy Protection. Because Digital Piracy Is Evil, and committing destruction of property on computers is apparently better than possibly letting customers copy a CD they've legally bought. Ironically, it later turned out the code used in the program that the XCP-infected CDs installed was directly plagiarized from several programs, including the LAME MP3 encoder, mpglib, FAAC, id3lib, mpg123, and VLC Media Player.
    • In a similar vein was BMG's MediaMax CD-3 installer, which was implemented and scrutinized around the same time as the Sony scandal (coincidentally, Sony would later acquire BMG). Sony's rootkit at least had the courtesy of asking whether or not you wanted to install it if it loaded; this one went a step further, as not only did it have nearly all the same features as Sony's rootkit, but it installed whether or not you declined the installation! Thus, not only did it operate as a rootkit, it was downright malware. Because that's what you want when legally purchasing and listening to a CD, isn't it? Some bands like My Morning Jacket even offered to burn DRM-less copies of their albums affected by the malware for fans.
  • Another idiotic Sony DRM idea: Key2Audio, a DRM system that worked by violating the Red Book Compact Disc standard and putting a dummy track claiming the disc was empty around the outer edge of the disc (which is read first by PC disc drives, while stereos read from the inner track first). The trick to breaking this one? Keep the outer track from being read. How to do that? Draw over the edge with a permanent marker.
  • A PlayStation 3 firmware bug in which some models believed that 2010 was a leap year resulted in lockouts on single-player games due to the machine refusing to connect to the PlayStation Network, forcing owners to either manually change the date to one that existed or wait for Sony to release an over-the-air date change. What was the reason for this system having such a perilous dependency on the judgement of its system clock? DRM! The bug stemmed from the hardware using binary-coded decimal for the clock. Because apparently converting that time for display is so difficult for the eight-core Cell processor.
  • Sony releases frequent updates for their PlayStation Portable, mostly in an attempt to fix "security holes" that would allow running "homebrew" applications in the name of preventing piracy. On one occasion, a fix for an exploit that would allow such "unauthorized" code to run with the use of a specific game ended up opening an exploit that required no game at all.
    • Sony tried to do the same thing with the PlayStation 3, in addition to numerous other security features such as the Hypervisor and the Cell Processor's SPE Isolation. As the hacking group Fail0verflow (the same guys responsible for the major Wii breakthrough) discovered, the only bits of security that are actually implemented well are user mode/kernel mode, per-console keys, and the "on-die boot ROM" — everything else was either bypassed or broken through. This includes the public-key cryptography. Yes, the cryptography in the PS3 used to check the signature on software was cracked, and Sony's private keys (which are used to sign software for the PS3) were obtained.
  • In a possibly related hack, custom firmware enabled hackers to obtain free games and DLC from the PSN store. Why? Sony made the classic mistake of trusting the client software and assuming that a certain variable in the PS3's firmware could never be modified.
  • The first-generation PlayStation 4 had an issue with the capacitive sensor in its disc eject button. Over time it tends to spuriously activate, leaving the console spitting out discs and then refusing to allow them back in, making it impossible to play any game that comes on a disc. The only official Sony solution? Replace the entire console under warranty, or buy a new one. Never mind that simply adding a software patch allowing the user to tell the software not to pay attention to the hardware button would be easy and fine (it's not a mechanical system and when you want to eject a disk it can be done through the system menus). Sony replaced it with a mechanical button on all later versions.
  • Among the many marketing and management screwups that doomed the Minidisc in classical Sony fashion, the few technical issues of the format tend to get lost in the noise — but there is one irritation that plagued Minidisc from the start. If your portable recorder was bumped while writing the TOC — that is, the partition table, as opposed to the actual data on the storage part of the disk — and managed to burn bad data into it, it would render the disk completely unusable. Players wouldn't recognize it anymore and it was impossible to re-record the bad TOC with a good one, despite the rewritable nature of the media. The kicker: the inability to rewrite a good TOC wasn't a hardware limitation, it's just that nobody thought of programming it into the recorders, whose mechanisms were otherwise perfectly capable of doing it. This is evident because there are a small number of early models — rare and expensive then, moreso now — that do have a TOC-restoring feature... hidden in the debug menu, of course, because why would any normal user ever need that?
  • Whereas other similar networks such as Xbox Live or Steam allow you to change your screen name, such a simple thing is impossible on the PlayStation Network. This may baffle anyone with the most basic understanding of how databases work, since such a change ought to be easily effected with a single request. The prevailing theory for why that is, is that whoever was in charge of designing the database made the unbelievably idiotic move of making the "Users" table's primary key the account name, which is the kind of thing you're taught to not do within the first weeks of a Databases 101 class since it causes conflicts with every other table that references Users when trying to change it. The result? If, for whatever reason, you need to change your account name (for example, if your account was banned due to an inappropriate name), the only solution is to beg Sony's customer service to transfer your purchases to a new account, which also means losing all your save files and Trophy progress. Only in late 2018 did Sony announce the upcoming ability to change your PlayStation ID, and even then it isn't compatible with older games and applications which will still display your original account name.
  • When Sony first started out with their portable music players, they didn't support the MP3 standard due to their historical unwillingness to support anything that could encourage piracy of any kind. Their players instead supported Atrac3, a proprietary Sony audio format. Being (somewhat surprisingly) smart enough to figure out that users would want to listen to their MP3 music, Sony sold the players with SonicStage, an upload program capable of converting MP3 files to Atrac. SonicStage promptly proceeded to annoy a whole lot of people: buggy and prone to crashing, some computers couldn't run it at all (for reasons unknown), prompting many to return the players and switch brands.
    • The effective demise of SonicStage and unpopularity of early Sony players ended up killing off the Atrac3 format, which — despite its very proprietary design — was liked by some regardless of the players it supported due to somewhat better quality compared to equivalent-bandwidth MP3.

Multiple Brands, Sorted By Category

    Automotive Annoyances 
It's times like these that may make you wonder if you're better off driving a trusty classic car.

    Digital Rights Mismanagement 
Hey developers, we paid for your software — you will show the proper respect.

  • Dragon Age: Origins has a really bad bit with its installer where, when it asks for your CD key, you can use Task Manager (AKA "Ctrl-Alt-Delete") to stop one of the processes that is part of the installer and skip it. Under the DMCA, Task Manager is now illegal, though so are markers and the Shift key.
  • Games using SecuROM V10 or below will also fail to launch (without explanation) if they detect a process named "procexp.exe" (Sysinternals Process Explorer, a program provided by Microsoft), ostensibly out of fear that hackers will use it to reverse-engineer their DRM process, even though Process Explorer is basically just a beefed up version of Task Manager, and Process Monitor is the one that reveals any action taken by any program whatsoever. There are two ways you can circumvent this:
  • StarForce, another Copy Protection program, was so poorly-written that upon installation, it would open huge holes in security, crashing the computer's OS (Windows Vista in particular would require a reinstall), and could break the disk drive's hardware. For example, it would disable SCSI and SATA drives based on the OS' presumption that they were both virtual CD/DVD drives. It doesn't help that the latter is a common connector for newer disc and hard drives. Of note, the company took it personally that people called their product faulty and threatened to sue the first two outlets who brought its problems to light.
  • In fact, the problems of disc-based DRM like SecuROM, StarForce, and SafeDisc made it so that Windows 10 and updates for Windows 7 and 8 in the same time of the Windows 10 release outright not allowing to play games protected by those... except cracked ones (though "legally cracked" games are available in GOG if they're properly licensed).
  • Norton was once the ultimate antivirus software, and the standard the others aspired to. Then, they decided to focus on anti-piracy. The result: The virus scanner hardly works, and even when it does, the virus discovered cannot be expunged in most cases. For this, Norton now has the ultimate pirate defense: it's such an awful program, anyone knowledgeable enough to pirate software is going to get the paid, more feature-rich version of a program with a free version, or just go the legal route and get either the free versions of either of those or the newer Microsoft Security Essentials (replaced by Windows Defender in Windows 8 and later), which are all free, yet somehow still far better than Norton.
    • With Norton 360, attempting to create a backup will take you to a section where you have to login with your Norton Account. The problem is, if you don't happen to know the account's password (like if your parents gave you the CD as one of the 3 or so allowed copies of the program), the window's exit and right-click-close buttons are grayed out, and Task Manager can't kill the application. You have to sign in properly or it declares your copy pirated despite providing the CD Key earlier.
    • Many antivirus suites such as Norton, Kaspersky, and McAfee have a certain yearly subscription which users must pay, or else the antivirus will stop protecting their computer. So far, so uninteresting. However, with many of these suites, when the subscription expires, the antivirus will continue scanning every webpage the customer visits, and be unable to clear it for viewing. This results in extreme slowdowns and general lack of connectivity, which can only be fixed by either uninstalling the program in question — or paying more for another year's sub. This is a brilliant marketing tactic right up until you realize that many customers have McAfee, Norton, or Kaspersky on their freshly-purchased computers for the rough equivalent of one month, at which point their shiny new piece of hardware goes defunct and they become justifiably outraged by what functionally works as a scam.
    • BitDefender on the Mac will sometimes ask you to pay a monthly subscription for their hard disk encryption software... on the grounds that it will prevent your hard disk being encrypted by software asking for money.
  • Ubisoft's online DRM, which prevented players from playing their games when the servers went down.
    • One piece of DRM from Ubisoft only allowed users to install their games on a limited number on PCs. As if this wasn't bad enough, the software would detect any change in system specs or configuration as a new install, so if you upgraded your RAM or replaced your graphics card (as PC gamers often do) you could risk rendering your Ubisoft games unplayable.
    • It's starting to get worse with their UPlay software, which is simply another copy of Steam, like EA did with Origin. However, whereas Origin started Growing the Beard in 2013, UPlay is nowhere near polished enough for prime time, and it's their main DRM platform now.
    • At one point, their UPlay software had an remote code execution bug. One hacker built a proof-of-concept exploit that would launch Windows Calculator remotely simply by visiting his website.
    • Uninstalling a game that uses UPlay can cause massive memory leaks that will grind systems to a halt just with regular use — you have to use System Restore to a point before you installed the game at all.
    • In 2013, UPlay was hacked and a version of Far Cry 3: Blood Dragon was downloaded, full and complete, a few months before its official PC release date. This forced Ubisoft to release the game around the same time as the console "exclusives".
    • On July 30, 2012, it was discovered by Google that UPlay is a rootkit. Ubisoft denied the security issue, blaming an unintentional "coding error," which they patched out shortly after it was unearthed.
    • Because of the way Ubisoft's games use this DRM measure, if you were to buy their games on Steam, you still need to install UPlay and run it with the game to play it.
  • The PC version of Gears of War had a DRM certificate that expired on January 28, 2009, making the game unplayable after that date. Luckily, Epic released a patch to fix this shortly after.
  • EA's smartphone version of Tetris requires an active Internet connection despite being a singleplayer game. And if your connection drops in mid-game, it'll kick you back to the title screen. Despite the fact that there are no features in the game that should even require Internet connectivity. Fortunately, this isn't the case with the iOS and Android versions. Said game eventually became an Allegedly Free Game and started showing ads. So there you go.
  • The copy protection for the original CD version of Melty Blood Actress Again Current Code had a truly insane activation procedure: You have to insert the CD, type in the CD key, and install the game. Then, remove the CD, try to run the game (which will give an error), and click a second button to connect to a website into which you must type a code the game gives you plus a second CD key from the game box. It will then allow you to download a file which you must place in the game's install directory — which requires going through elevation if you are using Windows Vista or later. Finally, you can then run the game... ack.
    • The "type CD key to install" part is especially hilarious, because you don't need to install — the game is stored as a folder on the DVD itself, unpacked. As many Japanese games actually are. You can just copy this folder to any destination you want.
    • The Steam version of the game lacked this ridiculous protection, but did also include a refreshingly honest item in its news file where the authors admitted they were investigating "Tremendous lag in Online gameplay".
  • Cross Beats, despite being a primarily single-player game (with some social elements), has always-on DRM that accesses the server for literally everything, including every menu transition. Perhaps not so coincidentally, less than 2 hours after launch the whole game had to be temporarily taken down for "emergency maintenance". The official reason given was "user data load distribution processing", which was most likely PR-speak for "Oops, we accidentally DDoS'ed ourselves."
  • Even Steam is not immune to this. If you haven't run it in a while, you may discover that it's trapped in an infinite loop: it attempts to update itself, but aborts partway through because your internet connection faltered for a few milliseconds, and it quits without saving what it's already downloaded. You can't run Steam because it needs an update, and you can't update Steam because you can't run it. You'd think the solution would be to download the update outside of Steam, but Valve doesn't provide any way to do so.
    • The solution for this was to re-run Steam and go through the entire download process again. Of course, then your internet hiccups again, and you spend half of the day repeating this over and over until you get lucky and the update completes without your internet hiccuping even once, just so Steam is updated and you can get into the damn game you paid for. You'd think it'd be too much effort for Valve to implement download resume functionality and hash check (in case a newer update was released while you're in the middle of downloading the current update).
  • The process of installing Battlefield 3 can be used as an argument as to why EA should stop forcing its Origin platform on their physical releases, as it didn't really provide a good first impression of the service. The first is that Origin treats installing from a DVD as "downloading" the game, which feels kind of odd when you can't pause and resume it. The second is you cannot quit Origin while downloading and installing an update, which is something Steam can do. If you want to run the game, you also need to logon to their Battlelog website. And lastly, if this is a clean install, you have to install a plugin for your browser so the website can launch the game (which sounds kind of fishy; they eventually added an option, albeit never advertised and hidden under about three different menu screens, to enable plugin-less support). But overall, you do not launch Battlefield 3 from Origin, you launch it from the Battlelog website — attempting to run Battlefield 3 the same way you'd run any other game simply brings up a new tab in your browser that brings you to Battlelog (unless the service is offline for any reason, at which point it runs the single-player like a normal game).
  • One quite infamous example is Rainbow Six Vegas 2. The game can't be played unless the game detects the CD is inserted in the PC's disk tray. However, when it came time to release the game digitally, they couldn't reverse the process. The developer's "remedy" to this is actually using the unofficial no-CD crack, and pass it off as an update patch. They also did nothing in trying to hide it.
  • SEGA System 16, 18, X Board, and Capcom CP System II (CPS-2) all share a unit nicknamed the "suicide battery", a battery placed on the board that powers RAM that holds essential game data, usually decryption keys for their ROMs. If that battery ever dies out, your game will never work again. This is why you see a lot of arcade enthusiasts retrofitting their machines with an emulator instead, because that battery is just too much of a hassle to deal with. Although it's kinda hard to pinpoint the fine line where idiot programming ends and corporate greed begins in this case, since suicide batteries, Capcom Sequel Stagnation and Updated Rereleases go hand in hand, the problem really begins once the game company ceases all repairs of that board and just tells you buy a new machine outright...
  • Nintendo's means to try and stomp out piracy for Pokémon Sun and Moon are especially questionable. Since they couldn't differentiate whether a copy was legitimate or not and since a complete build of the game leaked over a week in advance, they decided to ban any account that used ingame online services before the official release. However, this meant that even legitimate copies that just happened to arrive early, be it through broken streetdates or early shipping, were treated the same. To add insult to injury, the hackers quickly found means to bypass the bans.
  • All Oculus Rift Virtual Reality headsets were temporarily rendered completely inoperable on March 8, 2018, thanks to an expired security certificate that caused the driver software to stop working. This was quickly patched, but you'd have thought Oculus would have remembered the aforementioned Gears of War fiasco, which had the same underlying cause... and at least that only affected a single game, not a piece of hardware worth around $400.
  • Sometimes, it is not a case of how heavy the protection is, but rather how light it is. For example, a lot of early PC games can't run unless the CD is in the disk tray. Most of the time, all it's doing is looking for the volume name, and nothing else. This means that cracking a game is as simple as mounting an empty ISO with the exact same volume name, and running the program.
  • The newer versions of the infamous Denuvo anti-tampering DRM is known for heavily affecting performance in certain games and ports, up to making them 30% slower in some cases — Just Cause 3 (where the DRM also causes massive memory leaks on systems with less than 16GB RAM) and Batman: Arkham Knight being some of the more notorious examples. This is rather baffling, considering older versions of Denuvo used in Metal Gear Solid V: The Phantom Pain, Mad Max, Tales of Berseria, and Doom (2016) did not have anywhere near the performance hit on game code (although Doom would have Denuvo removed in a late-2016 patch, presumably because of the infamy it had gained in just a year).
    • To make matters worse for some PC gamers, newer versions of Denuvo require certain processor features that are only available on newer processors, even if the game is capable of running on older ones just fine.
    • In 2021 Intel released the 12th-gen Core series of processors with a unique (for PCs anyway) feature: it has high performance cores and power efficient cores. For whatever reason, Denuvo backed games thought the power efficient cores were another computer entirely, causing said game to refuse to run or crash with some cryptic error.
    • Denuvo does not play well with cloud gaming PCs, since opening and closing a game is treated as installing and uninstalling a game, which trips up its install counter and suspends the user temporarily from that game for "multiple" installs of it in a single day.
  • Starting from Assassin's Creed Origins, Ubisoft thought it was a great idea to cram as much DRM as they can on the PC version. To wit, it requires Uplay and not only was it protected by Denuvo, but also the even more infamous VMProtect (essentially making the game run in an encrypted virtual machine), thus triggers abnormal CPU usage on older CPU users. And then the game was cracked anyway, rendering the attempt not only useless, but as with every other attempt at anti-piracy Ubisoft has ever seriously attempted, hurting legitimate customers more.
  • There's been a shocking increase in games that use server-based DRM. While a good idea on paper, it's not ideal in the slightest. Not only does it require you to be connected to the internet at all times, but once those servers inevitably shut down, the game you paid good money for will no longer work, and you can never play it again. Games that have already met this fate include Darkspore, the Mac port of Metal Gear Rising, and Gears of War.
    • Mobile games, especially the freemium ones, commonly use the above to deter cheaters and adding community-based functions. And God only knows how many mobile games have been lost due to various reasons since 2013...
    • An example of this where the worst-case scenario has already happened is the Ouya. The Ouya required an internet connection so that it could connect to Ouya's servers to authenticate your copy of the game. If it couldn't connect to the internet or, say, the servers were to shut down for good, you would not be able to play your games, and they would instead revert to demo versions. The latter is exactly what happened on June 25, 2019. As a result, the full versions of the games you've bought (and the money you spent on them) are gone forever, rendering the Ouya as a useless paperweight.

    Foul and Obscene Programming Language 
It's times like this that make you wonder if you ought to stick to programming a VCR than deal with source-code debugging.

  • In a typical program in modern C++, 40-50% of the syntax will consist of calls on templates designed to shore up the language with modern features. Although C++ proponents argue that the fact that it's possible to hack in such features at all, albeit with difficulty, is evidence of the language's expressiveness and power. note 
    • What most people who have to use C++ will agree on, however, is that libraries that provide modern features in C++ like the Boost C++ Library (and even the C++ standard library, as of C++11 and C++14) note , count as the other trope.
  • Let's be honest, unchecked memory referencing has to count. It's fast, but it has led to so many crashes, seg faults, outages, and costly security exploits that the damage must be in the trillions of US dollars. The basic problem is creating an area of memory and assigning it a reference value (like a pointer variable in C) and then allowing other functions to reference that area (passing the pointer into another function, etc.) without checking that it's still valid. If that memory was freed or allocated to a different process, any reference to it will lead to unfortunate consequences. The best result is a crash, as at least then the programmer KNOWS something was wrong. The worst is a quiet overwrite or read of memory not intended to be in that variable, leading to the infamous buffer overrun exploits and numerous "fun" mechanics, usually resulting in security breaches or outing of private data. C does not have any legitimate method to check that a pointer is still pointing to valid memory, making programmers develop their own tropes (such as setting a freed pointer to 0) to deal with it. And this doesn't even get into sharing this memory (in various unknown states) between concurrent threads...
    • Several languages, especially those that run on a just-in-time compilation system, use garbage collection as a means to combat this. This system periodically checks all of the memory allocated data and removes anything that's no longer referenced. Apps written for Java Virtual Machine or .NET/Mono based systems use this. Python and Golang also use garbage collectors and reference counting, but in Golang it is still possible to dereference null pointers if one doesn't pay attention. However, it also leads to many unfortunate side-effects, such as pausing critical threads to collect unused memory, or keeping references around past the point they are needed, leading to memory leaks, or bloating the application so much as to require a 500MB JVM just to run a process that would nominally take maybe 1K of memory in a lower-level language. In addition, many experts (Joel on Software being one of them) are worried that training young programmers on Java before a lower-level language like C/C++ provides them crutches, so they never have to learn about memory management or why or how memory works, thus turning programming languages and computer hardware into a "black art" for these young programmers, whereas before they had to know how all this "magic" worked in order to even get their application to run for more than a few seconds.
    • Another way to tackle this is by using so-called smart pointers. To the programmer, these act like regular pointers but with stuff happening behind the scenes to avoid the need to manually handle deallocating the data from memory. One type simply tags an "owner" to the pointer, and when the owner goes out of scope (e.g., a function returns), the smart pointer automatically deallocates the data from memory. It's possible to keep this type alive by transferring ownership. Another type has a reference counter which also automatically deallocates the data when the number of references is 0.
      • C++ has the auto_ptr smart pointer since it was first standardized. auto_ptr will automatically delete the thing its pointing to whenever it goes out of scope, though ownership can be passed around. This was replaced by unique_ptr in C++11, with a new type of smart pointer that lets passing references around behave like any other higher level language like Java or C#, just without the garbage collecting backbone. Probably the only reason why C++ gets a bad rap like C for unmanaged memory handling is because C++ still allows you to use so-called raw pointers just like in C without restriction; it's possible old habits just die hard.
      • Rust simply tags an "owner" onto each piece of memory and when that owner goes out of scope, the memory is freed. Deterministic, but complete. Other functions can either take ownership (which strips the original owner of any ability to access that memory) or "borrow" as a reference. In the latter case, a complex compiler sequence goes through all lifetimes of all references and makes sure that no reference outlives its owner, thus preventing access of deleted memory altogether as part of the compilation process. This ensures system integrity and security after the compile step. This setup does have its quirks that requires workarounds, especially with nested loops.
  • Earlier versions of Java would install updates not by patching the existing installation, but creating a completely new installation in a separate folder without removing the old one.
    • This could be justifiable in a sense — keeping the old versions serves as a crude form of backwards compatibility, ensuring that older code would be able to find the version of Java it was meant to use. If the install was small enough (not that Java is known for its brevity), it would be somewhat practical, though inelegant in the extreme and therefore a Bad Thing.
    • Even scarier is the constant discovery of security vulnerabilities that allow malicious software to escape from the touted "sandbox mode" and harm Windows. Some viruses will search for broken versions of Java installed on your computer, in parallel to new ones, then proceed to use that to attempt administrator impersonation.
    • While we're on Java... it was intended to be a platform-independent programming language, somewhere in-between a compiled and interpreted language. In practice, it worked okay on the processors used in Sun computers (mostly Motorola) and Intel-and-compatible processors (a market too large for Sun to ignore). On other architectures, it tended to be horrendously inefficient.
    • Lately (Java 1.7 and higher), there's been a distressing tendency for each new Java "update" to be less efficient in memory usage, slower, and more draconian about its security policies, which the user cannot disable (there are various security options, but even the most permissive settings merely tone it down slightly). Instead of Security Through Obscurity, Java seems to be aiming for Security Through No-One-Can-Stand-To-Use-It-Anymore.
    • A rather... interesting occurrence happens when certain programs written for 32-bit Java get run on a system with the 64-bit Java Runtime Environment installed. Namely, they don't work. This is because 32-bit Java has certain features which the 64-bit Java compiler compiles into streamlined settings, but if those features are specifically called rather than used "as intended" it can cause anything from lag to memory leaks to random crashes or even just not starting at all. The workaround is to install both the 32-bit and 64-bit JREs into different directories... but your system will only ever update one of them, so you now have to uninstall Java and reinstall it with every update you choose. Fortunately, the 32-bit version of the Java runtime has been dropped entirely in favor of just the 64-bit version for Java versions beyond 8, since pretty much any modern computer will be running a 64-bit OS.
  • The phenomenon of "ceremony" where large amounts of boilerplate code must be written even for relatively simple functions. In Java, for example, a class holding two values that can be read or written requires at least 4 lines of which 2 are ceremony, or if good OOP practice is used, 10 lines of which 8 are ceremony. Some languages, such as Factor and Common Lisp, attempt to eliminate ceremony entirely, but are often complex to use and potentially hard to understand as a result. Fortunately, libraries such as Lombok for Java are available to automatically generate the boilerplate code during code compilation.
  • Nullable types, the bane of many programmers. In older pointer- or object-based languages, any time a programmer declares that a function or procedure inputs a complex value, it can be passed a "null" value which represents an absence of any value and will bring the program to a crashing (literally) halt if one attempts to do anything with it. This means that the programmer must manually test every input or every subprogram to check if it is null. Some modern languages such as Swift and Oxygene are starting to rectify this, but it still exists firmly in Java, C++, and C# — the most commonly used languages (although some development systems are implementing design contracts allowing a program to guarantee that a value will not be null, and warning the programmer when an input value does not provide this guarantee).
    • Nullable-by-default is so bad that C.A.R. Hoare, who suggested allowing it in an early programming language so as to allow the creation of cyclic data structures, later called it a "Billion-Dollar Mistake".
    • C++ introduced references, which cannot hold a value of null (and have a few other restrictions) and are recommended for anything that doesn't need the low-level features of pointers.
    • Many functional-based languages, such as Rust, Scala, Haskell, and others, have an "Option" type which codifies the need for a null value in a variant type (something like a union in C).
  • Exceptions were originally a nifty way of allowing a function to report that something had gone wrong. Unfortunately, they have a major problem: if a function calls other functions that call other functions, it is possible that the top-level caller has to handle so many potential exceptions that it cannot possibly deal with them all. This is a common cause of "an unknown error occurred" or "there was a problem"-type error messages. Common Lisp attempted to work around this by offering restarts which allow the function to offer a method of fixing the problem as well as a notification that it happened, but these are complicated to use and often not that beneficial.
    • Worse, there are two common bad practices for "handling" exceptions. One is to "swallow" any exception that the section of the program doesn't know how to handle note . Another is to repackage the exception (generally in a common format used for the company in question) and to throw out the information in the original Exception. Both practices make it difficult for calling classes to properly handle errors due to a lack of information.
    • This is another area where functional programming excels. It posits that the only exceptions that should be allowed are "system-level" exceptions and not normal errors from functions. Several modern languages have language features to allow for this. Rust, for example, allows no exceptions. Instead it codifies the exception into a "panic", which will unwind back to the system (unless caught by a `catch_unwind`). Furthermore Rust provides a Result type to codify an error case and an "OK" case. Scala and Haskell did this with their "Either" mechanic (which Rust took and modified to codify it as a Result type), which allow for a "Right" (usually the OK) and a "Left" (usually the Error). This way, normal errors were handled by the caller naturally, as a part of processing, not as a part of catching an exception thrown solely to prematurely exit a function.
  • The process of creating a GUI. On most operating systems, the programmer's method for creating a GUI is to build a big complicated data structure describing what's supposed to be in the window, then hand control over to the OS and wait for clicks to be reported. Very few languages have elegant ways of building structures of that type, leading to incredibly messy code. Some platforms tried to help by providing a way to create the data structures in question separately from the program… but eventually the program has to access them, and at least one such platform requires the programmer to write code to manually unpack the data structure again in order to get a reference.
  • Software bloat is major issue today where programs get loaded up with more and more features without regard to the difficulty of preventing security exploits with such a thick "book" of code.

    As an example, the Heartbleed exploit was an encryption flaw in a library called OpenSSL that allowed an attacker to send requests to read data that should not be read, allowing the theft of confidential information from websites. Theo de Raadt, founder and leader of the unrelated OpenSSH and OpenBSD projects (the latter of which strongly prioritizes security in a default OS installation, as noted on the project's website), criticized the team for writing their own memory-management routines and bypassing the exploit counter-measures put in place by OpenBSD's C library. The OpenSSL project being severely underfunded with only two people to write, maintain, and test 500,000 lines of business-critical code was not helpful either. The LibreSSL project, which is a fork of OpenSSL, was founded by the OpenBSD project partly to trim down the code bloat, and to make the software suite easier to harden against exploits. Google also ended up making its own fork of OpenSSL, called BoringSSL, which works with the LibreSSL project.
  • Esoteric Programming Languages turn this into an art form, with a helping of Stylistic Suck. How about a programming language that uses nothing but whitespace characters? Or a language whose code is written in bitmaps that look like abstract art?
  • The Arduino IDE (Integrated Development Environment) isn't completely flawless, despite its popularity. For one thing, in order to use it, you obviously need to install a plugin to make it communicate with your Arduino-board. That's okay. Except there are only 6 or 7 plugins, two of which cover every single board Arduino has made, with the rest being other Arduino-compatible boards (such as Intel's). The problem is that when you have the potential to communicate with more boards than you actually need to, the software occasionally freezes, even if you have selected the right board, because it is checking constantly to make sure it's the right board. At least this problem got fixed, but prior to fixing it, the only solution would have been to unplug the board when not working.
  • MATLAB is the programming language that most college engineering majors have to use, which comes with its own set of frustrating quirks:
    • The language had no built-in function to convert degrees to radians, one of the most basic utilities a language commonly used to solve math problems should have, until 2010.
    • Indexing for arrays starts at 1 instead of 0, as in most other programming languages. While not a critical flaw, it's still annoying to those who are used to other languages and their indexing systems.note 
    • MATLAB2017b has a known error where the program will crash and close the window, but still run in the background sucking up memory as a process that cannot be killed by Task Manager. To get rid of it, you must reboot your computer.
  • An issue with compilers is they don't abort on the first problem they encounter. That first problem can be reported as dozens of other problems that make developers think their code is horribly broken. A damning case of this is when a compiler at the end goes "Your code is trying to call this function, but this function doesn't exist" and you'll be scratching your head because looking at the code, everything seems fine. But if you look further up the output, you'll find out that this function simply didn't compile because it had an error. An oft-given tip for budding programmers is if the compiler lists a bunch of complaints, fixing the first few usually fixes the rest. Some compilers, such as the one that comes with Rust, will helpfully point out not only what happened in a much clearer manner, but it'll actually point where in your code the problem is at.
  • Solidity, the main programming language for the Ethereum Virtual Machine (cf, Bitcoin), has historically had severe bugs and oddities related to the necessity of being 256 bits widenote  and to the restrictions of the intended execution environment. Inter alia:
    • Because there cannot be multithreading, there cannot be a JVM-style garbage collector. But because the language was derived from Java and Javascript, there was no manual memory management either, despite the scarcity of system resources; even as of 2021, memory management is based almost entirely around wiping the memory for each new call to the program.
    • There are numerous miscompilation bugs related to register width, often trashing storage:
      In some situations, the optimizer replaces certain numbers in the code with routines that compute different numbers
      Types shorter than 32 bytes are packed together into the same 32 byte storage slot, but storage writes always write 32 bytes. For some types, the higher order bytes were not cleaned properly, which made it sometimes possible to overwrite a variable in storage when writing to another one.
      Access to array elements for arrays of types with less than 32 bytes did not correctly clean the higher order bits, causing corruption in other array elements.
    • The "var" keyword in "for" loops defaults to byte, so that it only goes up to 255 (even though it is stored in 32 bytes); if your array goes above that, you need to specify "uint" or you'll overflow and enter an infinite loop.
    • Making a byte array with "byte[]" takes up thirty-two bytes per element; the actual byte array is "bytes[]".

    Miscellaneous Madness 
Needless to say, there are more bad coders out there than good ones.

  • You can't talk about idiot programming without mentioning one of the most infamous software glitches of all time. Most of the glitches on this page probably caused inconveniences, lost data, or locked someone out of using a product. But what about a software glitch that actually killed people? That would involve none other than the infamous Therac-25, a piece of radiology equipment so poorly programmed that it gave everyone who used it massive (and often quite fatal) overdoses of radiation. The Other Wiki's article on it describes it as "involved in at least six accidents between 1985 and 1987, in which patients were given massive overdoses of radiation. Because of concurrent programming errors, it sometimes gave its patients radiation doses that were hundreds of times greater than normal, resulting in death or serious injury. These accidents highlighted the dangers of software control of safety-critical systems, and they have become a standard case study in health informatics and software engineering. Additionally, the overconfidence of the engineers and lack of proper due diligence to resolve reported software bugs, is highlighted as an extreme case where the engineer's overconfidence in their initial work and failure to believe the end users' claims caused drastic repercussions." This machine's shoddy programming was so infamous that it is cited in introductory programming classes to this day as an example of how not to program. One of the main causes was that while the machine's precedessor used hardware interlocks to make sure an overdose couldn't happen, the Therac-25 made that entirely in software by incrementing an 8-bit variable, which overflowed on every 256th increase. Furthermore, it used a series of magnets which needed about 8 seconds to realign. If the user made a correction within these 8 seconds, the control system would work with the new data while the hardware was still aligned for what was originally entered. Combined, this could result in the patient being hit with a high-current electron beam that was only supposed to be used with a tungsten target to produce X-Rays.
  • While the Therac-25 is likely the deadliest result of poor programming, the maiden flight of the ESA Ariane 5 is likely the most expensive. The design of the Ariane 5 reused the inertial guidance platform (basically, hardware and software that lets the rocket track its own position and trajectory) from the very reliable Ariane 4 rocket, without any modifications. However, a platform realignment routine from the Ariane 4 was not intended for the Ariane 5, but was left running in the program. The Ariane 5 had a different flight profile, with a much higher horizontal acceleration than the Ariane 4. Finally, the conversion programming for the horizontal acceleration variable didn't have a range check, which resulted in an integer overflow error. All of this combined to overload the guidance computer memory, which triggered an attempt to realign the guidance platform during flight but which instead shut it down. This caused the guidance computer to apply an unncessary attitude correction, causing the rocket to turn sideways and suffer a catastrophic structural failure, then self-destruct 39 seconds after liftoff. The loss of $390 million worth of rocket and the four satellites onboard could have been completely avoided if they had run a simulated Ariane 5 flight profile on the Ariane 4 guidance system. Indeed, such a simulation after the explosion perfectly replicated the series of failures.
  • Actual code that causes these observed effects is a weekly feature at
    • Also from the programming side, libraries developed by the Department of Redundancy Department where you have to lapse into Pokémon Speak to write any meaningful code. For instance, take this line from Debian's version of awesome's rc.lua:
      { "Debian", }
      • To be clear, "menu" is the only member of "debian", and "Debian_menu" is the only member of "".
    • Java should have filled the niche of web-based games that Flash mostly owned... except that early versions of Java were so slow and so unnatural-looking that Flash actually looked good in comparison. By the time they fixed it, Flash had become the de-facto standard for this kind of thing, much to the chagrin of just about everyone except Adobe.
  • The Computer Stupidities section of has its own section for programming.
  • As with Sony, before Creative started supporting the MTP format (widely supported by many music managers), the only way you could upload stuff to their first hard-disk players was by using the godawful PlayCenter program, later superseded by the even worse MediaSource. Many users preferred to keep PlayCenter — buggy as it was, at least it did its job sometimes. Both programs also attempted to set themselves as default players and music managers, further irritating users.
  • Computers don't truly have random number generation. Instead, they take a number (often something like the system time) as a "seed" and use that to generate a stream of random-looking numbers (called a "pseudo-random number generator", or PRNG), and a given seed will always produce the same sequence each time it's used. This isn't Idiot Programming itself — the way computers work means that they can't actually generate proper random numbers without an outside source of randomness — but considering that this fact is mentioned in every basic computer science class worth its salt, any code that fails to take it into consideration is Idiot Programming.
  • For graphing calculators, it often happens that there exist several different hardware for linking them to computers. It also happens that different linking software, from different authors, don't support the same hardware. But unlike Texas Instruments calculators, linking applications for Casio calculators all used different, incompatible file formats on the PC.
  • While Windows Vista (see below) did introduce a ton of problems, it also did something that revealed many a programmer's idiot programming choice: assuming that the user account always had administrative rights. In Windows Vista, Microsoft introduced UAC, which would only assign standard user rights to a program, even if the user was an administrator. This is sensible, as it limits the damage that the program can do if it goes rogue. Programs that needed administrator rights were detected based on the file name and an optional configuration file called a manifest. Of course, older software that needed administrator rights knew nothing of manifests, and would fail in unpredictable ways, usually spouting an error message that wouldn't make the actual problem obvious to the non-technical (or necessarily even to the technical) — although Windows did sometimes spout a dialogue box along the lines of "Whoops, this program looks like it needs admin rights, but it didn't ask for them and I didn't realize until just now, do you want me to make sure it runs as an admin in future?"
  • BitTorrent, since 2004, still has the issue of "stopping the Internet", usually due to overloading the DNS cache. It's convenient to have another device, another connection, or access to another computer to look up the solution to this problem, attempting steps like resetting the router from the router itself, accessing the router software interface and resetting the router from there, flushing the DNS cache, and adjusting settings in the OS, firewall, and BitTorrent client. Wherever the problem is, such as the process of manufacturing router hardware and programming router software, you'd think it would be fixed by now so the end user would not have to deal with it.
  • Tech sites have noted a rather disturbing trend in how certain handheld devices handle firmware updates. The sane way to do such an update over the internet is to check for the existence of updated firmware, download it, validate its checksums, erase the old firmware, and then load the updated version. Ideally there's also a backup firmware chip, or some other way of restoring the device if things go pear-shaped. Unfortunately, a lot of devices (especially cheaper ones) don't actually do that — instead they check for a firmware update, and upon getting confirmation that that there is such an update, the device immediately wipes the old firmware, then downloads and installs the updated version. If anything goes significantly wrong during the download (e.g. loss of internet connection, loss of power, or a software error), then the device will almost certainly be bricked. On top of that, most of the time there's no way to restore such a device to working order outside of replacing the motherboard, and only a 50/50 or so chance the manufacturer will replace it under warranty.
    • Curiously, most so-called "smart TVs" will do this — Samsung and Sony seem to be particularly bad about it.
  • A flight of ultra-high-tech F-22 Raptors suffered multiple computer failures and were practically crippled because their programming couldn't cope with the time zone change of crossing the International Date Line. Somehow, it never occurred to the designers that a fighter aircraft just might cross the International Date Line and forgot to program its systems to adjust for it — which is a standard part of the programming of modern cellphones. This oversight resulted in a temporary grounding of all Raptors for a time.
    • Similarly, this story about a C-130 that flew below sea level in Israel, causing the navigation system to crash.
  • On June 06, 2021 Nintendo released the 12.03 version of the Nintendo Switch firmware only to pull it the next day after users complained that it was affecting the performance of the system. The update was nothing more than Nintendo's common and typical "General stability improvements to enhance the overall user experience" but many fans called it a "System instability update" as many users reported that installing the update was causing issues including inability to download purchased games from the eShop or to download software patches for physical games while others reported an inability to move Save data between Switch consoles or saved snapshots being deleted. Nintendo would put out instructions on how to manage downloads that can't be completed until a new firmware update could release.
  • At some point, the client software for AOL was so intrusive that a page on horrible software (now part of the Permanent Red Link Club) said that you shouldn't download it, and that the only way to get rid of it was to use a Live CD with support for NTFS partitions.
  • UEFI in modern computers has become commonplace and it offers many benefits over the old BIOS such as support for better interfaces, so configurations can be easily done and none of the old limitations from the 80s like being limited to 640KB of RAM. Hell, some computers don't even have so much as the old POST screen anymore. Thanks to the "compatibility support module" found in most UEFI firmware, it can still be used with older operating systems emulating a BIOS. But of course, UEFI mode causes issues once in a while due to shoddy coding, e.g. where filling the UEFI memory with too many variables (which could be triggered by simply running Linux or Windows in UEFI mode) bricks your laptop.
    • One issue with UEFI being generally prettified in comparison to BIOS is that some manufacturers remove the old POST screen without replacing it with anything but a non-removable manufacturer logo. The average user is unlikely to mind, but it's a massive pain to any tech who used to rely on the POST messages to figure out the hardware, and potential early errors, without having to load the OS and from there a hardware-scanning application. Thankfully, many companies are catching on and compensating by adding two seven-segment displays to the motherboard to display the test status (one company, ASRock, even modifies their UEFI BIOSes to display the code on the lower right corner of the active screen), and some companies like Asus are adding OLED displays to their motherboards that will display each test step and error encountered.
    • Software commands destroying hardware was a problem we'd managed to remove from the world of computing as a whole in the eighties — count on UEFI to bring it back, prompted by a Linux quirk. Technical description 
    • Lenovo got into hot water when it was discovered that a program called the Lenovo Service Engine was installed in some of their computers from 10/2014 to 6/2015. The program persists even if one does a clean install of Windows and was installed using a feature of UEFI that is intended for hosting anti-theft software. This came back to haunt them not just because the program helpfully restores crapware that got removed when you did a clean install, but because the program had a host of vulnerabilities that made it an inviting target for hackers. Fortunately, Lenovo issued UEFI updates to remove the programs.
  • Zamfoo. This web hosting control panel software, as discussed at Webhosting Talk and Reddit, is an absolute goldmine of examples of how not to program anything in existence. Some examples:
    • The "easy upgrade" script has you enter your server root login information on the company's website, which is then transmitted as plaintext through HTTP.
    • The code (which is supposedly encrypted) is devoid of any logic or decent coding sense in the slightest, doing things like enabling and then disabling "strict mode" to "fix" errors and using only the most basic programming code possible.
    • The released updates were literally hacked in about five minutes flat, and didn't fix any of the issues properly.
    • Add "support" which amounts to threats and personal attacks, the use of nulled (stolen) software by the coder and the chance that the whole thing could well have unlicensed code from other software in it, and the whole thing is literally a disaster in every way possible.
  • In Finale Notepad 2003, there's no limit as to how high or low you can put a music note on the music sheet, but be warned: placing a note very high or very low on a music sheet can sometimes freeze the whole entire system, with the only solution being to force-shut down your computer with the power button.
  • Oracle's VirtualBox (like many of Oracle's products) has gotten a lot of flack because of extremely poor programming. Version 4.3.14 is especially bad: despite the release notes saying it doesn't need to restart a computer running Windows after installing, it still does. After restarting, as with certain previous versions, guest operating systems won't be able to boot; this was due to a conflict with DLL injectors such as anti-virus programs, the removal of which is absolutely not an option on a Windows computer note . Unlike previous versions, before saying something vague about why the virtual machine won't start, it gives the user another error message, which is written in hexadecimal. After attempting to repair the installation (which actually worked in previous versions) and restarting again, this time VirtualBox itself won't start, instead greeting the user with the same indecipherable error message.
    • VirtualBox also conflicts with Microsoft Hyper-V. This isn't idiot programming in itself, since the nature of virtualization means that you can only use one such program at once. What's idiot programming is how it deals with the conflict: namely, it bluescreens the entire computer. Even more ironically, if you turn off Hyper-V and then run VirtualBox, it'll still bluescreen... and then Windows will reinstall Hyper-V, because since the system bluescreened, Windows' recovery features will undo the change to the operating system that they believe caused the fault. This has largely been fixed and VirtualBox can now even coexist with Hyper-V... as long as your motherboard doesn't have SMP (which, again, causes coexistence failure if you run a first or second generation Threadripper. But the main reason people go for Threadripper is because the sheer amount of cores make it possible to run a huge amount of virtualization instances concurrently...).
  • In general, any and all interfaces made for specific gadgets and intended to look non-threatening to the end user. This is less of a problem today than it used to be, thanks to universal interfaces such as USB, MTP and various other platform-agnostic protocols that let you just plug in a device and see its contents, upload to it, or just have it work with little-to-no attention required. Back when this stuff wasn't so well-baked, though, it was common to receive a nice software package with, say, your camera, and you needed that to get the pictures — which might well be in some proprietary format, or even encrypted — out of the device's memory and into your computer. The software was almost always Windows-only, natch, and typically written by someone who would've lost a programming competition against a trained monkey. So you'd get horrors like this, which might — if you were particularly lucky — actually let you ignore all the family-friendly features (filters! colors! cropping tools! Instagram before Instagram existed!) and just dump the damn data on the hard drive without crashing. But it wasn't unusual to have to relaunch the application several times before it would just do its job.
  • Speaking about MTP: it was born as a substitute for the mass storage protocol for devices whose data stream would benefit from some form of manipulation as it was being sent through — or to make DRM easier, according to who you listen to. It was slow in being adopted because mass storage is just so much simpler and easier, but then the Android project picked it up to solve its age-old problem with separate filesystems. note  With MTP, all the data gets translated by the computer's processor; this makes it filesystem-independent and means a Windows computer can access the whole of an Android device's storage space, but it has a heavy cost in terms of speed — a large backup operation can take hours when it'd take tens of minutes on the earlier mass storage protocol. Not to mention that the Windows Explorer is, for no clear reason, extremely impractical and ungainly in handling MTP folders.
    • Its Linux implementation, libmtp, is an horrid mess. To copy to or from an Android device or especially between two with a computer in the middle means the file manager more than often freezes (see "Caja" further down) while preparing to copy files or in the middle of a file transfer (you must copy the files in small batches to the computer and transfer from there to the other device). Likewise, it will often crash out of the blue just when accessing the device.
  • Steam:
    • The installer refuses to work if it detects Steam itself already up and running, which sounds like a good idea. Unfortunately, you merely need to have a file called "Steam.exe" being executed for it to believe this to be the case, not expecting there to be users who, not expecting this to matter, have saved the installer itself under that filename.
    • A misconfiguration in Steam's caching on Christmas Day 2015 let logged-in users briefly see other people's accounts, as Tom Scott explains here. Caching pages for logged-in users is another big security no-no.
    • In February 2017, an exploit was discovered where the titles of user-made guides on one's profile page would be executed as JavaScript code, meaning anybody who visited a profile page could potentially be redirected to a fake phishing website, asked to download malware, or have marketplace transactions made with their account. Since Steam normally displays a warning page before linking users to external sites, users were more likely to fall for phishing and malware downloads. Protecting one's website from things like code injection is very important for security, so how a large company like Valve let something like this slip through is baffling.
  •'s "Galaxy" client has certain issues with download size (namely, getting it wrong) and download speed (roughly comparable to having the code yelled at you over the phone and programming it yourself). For example, take the Diamond Edition of Neverwinter Nights. This comes to about 2.5GB, a maximum of 3 if you count all the music and avatars and so on that come as freebies. Galaxy will report the game size as being 5GB. It will then take an obscenely long time to download that 5GB; on a connection where Origin can get a game of that size downloaded within an eight-hour period, Galaxy will take twelve. Read that again: 12 hours to download all five gigabytes of a three-gigabyte game. Thankfully, Galaxy is completely optional and you can just download games directly from your account on the site, saving time, frustration, and bandwidth.
    • Start a long download in Galaxy. Switch off your router. Wait a minute or two, switch it back on, watch as your devices all reconnect. Think Galaxy will resume the download where it left off? Think again - it'll try a few times, then if the connection is still offline it'll report a download failure and when you click download it'll start the download again from zero. Just so we're clear: it has the ability to resume downloads, but intentionally gives it up after a few attempts. This stuff was a solved problem two decades ago, yet here we are wasting time and bandwidth for no good reason.
    • For a website dedicated to preserving older games, Galaxy occasionally fails spectacularly when it comes to doing so. For instance, if installing Creatures Exodus through Galaxy, it will configure both the game's files and the Windows Registry to look for it in a non-existent directory with an extra space (i.e. "/Creatures /" instead of "/Creatures/"). To run the game after this, the files and registry both have to be edited and corrected manually.
  • Many mobile apps don't allow the user to exit them under certain conditions, forcing mobile users to reboot or shut down their devices. The mobile version of the newsfeed aggregator Feedly, for example, doesn't allow you to exit the app until the Internet connection is back, and doesn't allow you to either reload the app in order to check if there is truly an Internet connection (and there are cases where even with Internet connection, it still outputs the dreaded "Are you connected to the Internet?" error).
  • Users of the vastly popular Logitech C920 webcam are likely to have installed the Logitech Webcam Software application with the drivers. Any user should check their temp AppData folder for a file named "LWSDebugOut.txt". It appears that roughly every second the software detects that the webcam is disconnected, it feels the need to make a new entry in the error log. This can cause the file to swell to over 500 MB in only two months.
  • VLC used to "rebuild its font cache" every time you'd try to play a video that has subtitles (God knows why it tried to do this, especially if the video you're trying to watch uses the same font for its subtitles as ones you watched in the past). It would just be a minor annoyance if it didn't take several minutes and have a tendency to cause the entire program to become unresponsive. For a while, switching to a dummy font renderer or disabling it completely would fix this problem, but it was removed in an update around early 2016, meaning there is no way to avoid the frustration of having font rendering constantly crash your VLC every time you want to watch a video.
    • Did you know that VLC Media Player has a function to trim videos? If you think that sounds useful, think again. Instead of simply picking a start and end point, and automatically making a file containing the video in between these points, you have to click on the recording button, click Play, wait until the video reaches the point where you want your clip to end, then click the record button again. No, you can't just skip to the desired end point or even put it on fast forward: you have to sit there watching the video for however long you want your clip to be. Needless to say, this makes this feature frustrating to use, and nearly useless if your clip is any longer than a few seconds.
  • Email-Worm.Win32.Pikachu is a Pokémon-themed e-mail worm that circulated around 2000. It would've been very destructive too, if it weren't for one major flaw. What the worm was intended to do was completely wipe the hard drive upon the next start up. What does it do instead? Every time you boot up your PC, it gives you a "yes or no" prompt flat out asking you if you want it wiped.
  • The new Yahoo! Instant Messenger was a disaster. While tech sites all agreed that the older version was definitely showing its age in 2016, whatever bile they aimed at it could not hope to compare with the instant loathing that people had for the new app — which, amongst other woes, didn't tell you if you've been messaged nor who is online! The comment sections on articles announcing the release of the new messenger were filled with vows from people to never use Instant Messenger again, as two features that no chat program could seemingly do without were done without.
  • LINE is a very popular messaging app and was pretty much the go-to app for group chats before Discord came along, but if you change your phone, which inevitably will lead you to logging in, LINE will not transfer any data from your previous phone and automatically deletes it. Of course, there is a way to prevent this (losing all data) from happening using its own Backup and Import feature, but you can only do it one chat at a time and you'll need a computer to do it. Not so much annoying for tech-savvy users (although time-consuming), but is really annoying for casual users, which takes up most of LINE's market.
  • Killer Networking chips have been a popular feature on high-end motherboards, supposed to increase networking performance and offer the user more control over available bandwidth. Unfortunately, early versions of their drivers and software suite were known mostly for catastrophic memory leaks that could easily eat up tens of gigabytes of RAM within minutes of startup, especially on Windows 10.
    • On SMP systems (systems with two or more CPUs) running Windows 10, the Killer drivers have a second, more serious bug- namely, the driver would just up and report that network connection is lost randomly, and this will persist through reboots until the network cable is unplugged and plugged back in. While it’s mostly servers that use SMP (and such machines are unlikely to use Killer products), AMD decided to implement its first two generation of Threadripper CPUs to appear as up to four SMP connected CPUs of 8 cores each to Windows. And Gigabyte and MSI decided to make Threadripper-compatible motherboards with Killer networking. Cue networks dying randomly happening to people who bought those motherboards. There is a workaround, though- disabling multithreading on the driver, sacrificing performance for stability, indicating an idiot programming issue with the driver's threading calls.
  • The popular music production program FL Studio, for whatever reason, does not keep the contents of the clipboard between sessions. That is, unless you select "Copy to MIDI Clipboard", which will paste in another session if you select "Paste From MIDI Clipboard". And even then, that only works with Piano Roll patterns, or if you're using the trial version, not at all. So if you wanted to copy-paste notes between projects, you can't. Or, god forbid, if the program were to crash, anything you had in the clipboard would be gone.
    • One particularly annoying detriment of the trial version is that the simple act of saving projects is locked behind a paywall. If a project was last saved in the trial version, FL Studio will refuse to load it unless the program is registered. It also works the other way around — if a project is saved in the registered version, it will open in the trial version, but if it's saved, the project is rendered useless unless it's opened in a registered copy, and saved there. This is bad for a multitude of reasons, and anyone who's used any kind of computer program will understand why.
  • Amazon Alexa devices started spontaneously laughing without command for a day. What the problem boiled down to is that "Alexa, laugh" is too easy to misinterpret for something else. The command has since been blacklisted.
  • Even television programs aren't immune to this:
    • Older programs originally recorded in the 4:3 ratio can be botched by some broadcast channels. Rather than leaving well enough alone and preserving the aspect ratio, the studio might have the video tweaked and chop off parts of the video to fit it to the 16:9 ratio (losing video data), or stretched out and distorted to 16:9 (making the video look ridiculous). If the edit is done server-side, you normally can't do anything to see the show the way it's meant to be seen.
  • Mozilla Firefox:
    • Firefox 4's temporary file deletion algorithm was an unusual, since it was actually pretty effective at deleting older files and freeing up large amounts of disk space. It suffered a major problem, though, in that it chewed up huge amounts of CPU power and maxed out the hard drive in the process, which could slow your entire system to a crawl. Worse still, there was no way of aborting the cleanup routine, and if you killed the Firefox process, it would just invoke the file cleaner again as soon as you restarted the browser. It wasn't until Firefox 5 that the file cleaner got fixed, using much less CPU power and still being fairly disk-intensive, but not to the same extent as previously.
    • Firefox had an update that changed the system for syncing your passwords. This allowed recovery of accounts in case of losing your master decoder key, but had an outrageous problem: You could no longer sync passwords with a master password set on your Firefox user, requiring the user to disable it and then check-off passwords in the sync list. Thankfully, Mozilla updated this problem, and all is well again.
    • Syncing Firefox accounts makes it very convenient to keep your computers up to date with each other, but syncing for the first time causes the browser to eat CPU cycles — for a while — like narcotics. All this just to download data from a server and import it into the browser?
    • On May 3, 2019, a signing certificate used by Firefox addons expired, which disabled all addons and the ability to install them, under the false pretense that they could not be verified (for security reasons, this verification is a good step). Reinstalling them didn't work because Firefox declared in a canned response: "Download failed. please check your connection." This could alarm some people if they have security-based extensions to protect from known browser attacks, and suddenly they're turned off (like the browser has been hijacked). Fortunately, a temporary fix was found by navigating Options\Privacy and Security\Firefox Data Collection and Use\View Firefox Studies and updating the studies list. It was also fixed the following morning with another update.
  • PC-Doctor Toolbox is preinstalled in millions of Windows 10 computers such as Dell, Alienware, Staples, and Corsair machines, but security analysts found that it gives itself high-level permission to access all of your hardware and software so that it can be monitored, which is risky enough as it violates the Principle of Least Privilege. This makes the program an inviting target for hackers who can exploit unpatched programs to inject code into the target and basically take over affected machines. Ideally, uninstalling software powered by PC-Doctor Toolbox is the best course of action due to its flawed security model, even with the release of security updates.
  • A rare positive example: the WannaCry ransomware attack of May 2017 had its spread significantly crippled due to its faulty kill switch implementation. Malware tends to have anti-analysis defences programmed in, which usually involves it checking if it gets a response from an unregistered domain (which happens in the sandbox environments used for malware analysis) and shuts down if it does so. However, WannaCry used a static address instead of a randomly-generated one, which allowed a security researcher to register the domain and slow down the spread of the ransomware, giving time for defensive measures to be deployed in areas which had not been as significantly affected by it.
  • Mediatek-powered mobile devices with FM radio receivers, such as certain Lenovo tablets and Alcatel smartphones among others, come with an app to use it ("Transmission FM" as is often named) which if reception is anything but stellar will either emit an irritating and nasty if you're listening at high volume, static-like hissing without warning shutting down for a while or begin to cycle looking for a station with less interferences… except that pretty much anything will end up triggering said behaviour especially moving the headphone cables —unavoidable if you're walking or jogging, which is a pain in the ass when you're listening to a live event or important news. To add insult to injury, often the new station has a poorer reception than the earlier one and while it will often select the same station but emitting on a clearer frequency most of the times such selection is at random. Thankfully, such "feature" can be disabled in Qualcomm-operated devices with a FM radio receiver.
  • Some server-grade SSD, and maybe hard drive, models have a firmware bug that causes them to brick after a certain number of hours powered on — either 32,768 or 40,000. On the 7th of July 2020, TV Tropes was taken down by such a bug overwhelming RAID redundancy by causing six drives out of eight to brick simultaneously, destroying a day's worth of edits and three days' worth of edit history.
  • The first generation version of Nest Labs' Nest Protect Smoke Detector included a feature called "Nest Wave" which allowed users to wave at the device if it was sounding a false alarm to silence it. After the product was released fire safety groups who tested it found that the Nest Wave feature could easily activate if it sensed any motion thereby easily silencing even a genuine alarm during an emergency. Concern over this feature was enough to cause a consumer recall of the Protect and also made Nest release a firmware update for it that permanently disabled the feature. To make matters worse the first generation Protects were also prone to giving false alarms at an "emergency" level meaning the alarms could not be silenced. Nest would release a dramatically improved Protect in 2016 which no longer had the problem with false alarms, and used an app-based silence feature to stop a false alarm.
  • An update to Firefox, Chrome and Edge around Feb 2022 was warned to have the ability to break a number of popular websites because they didn't anticipate that browser versions would ever exceed two numbers. As a contingency, Google made Chrome read as version 99 for compatibility sake. In short, some websites have the classic programming error of handling an insufficient number of digits for reading browser numbers, causing a wrap around when that number is exceeded.
  • The Virus.MSExcel.Sugar virus could have had the potential to be rather destructive: it infects an Excel workbook, creates a copy of itself in the XLStart folder so it automatically infects every workbook that's opened on the machine, disables the macro warning after its first run to hide its activity, and triggers its payload in October, November, or December when the day is equal to the minute. It then overwrites a 20 by 20 square in the spreadsheet with either nothing or "{-Dr. Diet Mountain Dew-}" (in random colors and Comic Sans MS), while the A1 square becomes "The -[Sugar.Poppy]- by VicodinES". Erasing that much data could be quite harmful, but fortunately, the virus doesn't save the workbook after being triggered, meaning that you can simply close Microsoft Excel and click "No" when asked if you want to save the changes.
  • There are games that utilize anti-cheat operating in kernel mode. This is dangerous, as this leaves the user's system open for exploitation due to the anti-cheat's high-level privilege in the system, which can be abused to bypass protections. And this became reality when a ransomware actor made use of the anti-cheat driver from Genshin Impact to bypass all manner of protection/antivirus systems on any Windows device with the driver installed (and this is independent of the game, so the victim does not even need the game to be installed). The thing is, once again, this is not mere executable that a clueless user would click open, but a driver signed by Microsoft, hence why just having it leaves the user's device vulnerable. Even worse, for those that did play Genshin on their Windows computers, they found out that the driver still remained even after uninstalling the game.
    • In the end, the idiot programming lies on two parties: Microsoft for its tendency to sign vulnerable drivers and miHoYo for making such a vulnerable driver. The former has been an endless frustration for Windows users that has never been properly fixed, while the latter is more jarring, as despite being reverse-engineered two years before this incident and even proof-of-concepts were shown off, it took until that to be properly brought into public consciousness.
  • Discord is a very popular application for text and video chatting. However, it does have some poorly-coded aspects that can occasionally cause frustration.
    • Discord uses a machine-learning algorithm to automatically detect and block sexual images from being sent in safe-for-work channels. However, it's far from perfect, and false positives are very common, especially when people post photos of non-erotic body parts like their arm, or of hairless animals. What makes it worse is that there's no option to have a moderator manually review and approve the image: if Discord thinks it's sexy, you just can't share it. Thankfully, this only applies to images that are directly uploaded to Discord, so using an external image host can bypass this.
    • The search feature has a certain amount of fuzziness to it, so searching for messages containing a word will also include related words (for example, searching for "eating" will also search for "eat" and "eats"). This system may also occasionally decide that two words that mean something completely different, but happen to have a similar spelling (for example, "status" and "statue"), are related, bogging down your search results with irrelevant content. And there's no way to search only for an exact word or phrase, which can make it almost impossible to search for certain words.
    • Around the end of August 2022, the standalone app got bugged so that changing anything on the user's profile (like profile pictures) ended up sending hundreds of requests to the API, triggering the anti-spam mechanism and thus banning the user. While this got resolved, the userbase got riled up, especially considering that account-related matters are complicated because of...
    • ...the verification system, primarily due to the demographic. Like every other web service, registrations require identity verification, usually via e-mail or phone number. Most of the time, a phone number is optional and if it was used the user may remove it at any time. However, on Discord, starting around 2018, phone number verification is mandatory, and the same number cannot be used on a different account. This all would be fine on its own, if not for the fact that despite having an official guide for removing it, the user, usually a new one, is immediately marked as suspect upon removing the number... and has to provide a phone number again to verify, rendering the guide moot. And sometimes, a user would like to bind their phone number only to be told that it was already used even though it was not. The verification scenario easily angers the more privacy-aware users as the inability to remove their phone numbers from their accounts is the equivalent of holding their sensitive info hostage and with the move to using third-party authenticators like Authy or Google (which are allowed on Discord) and the risk of SIM swapping scams (which tend to be outside the users' control as they are left at the mercy of their mobile number providers), users have endlessly requested the Discord team to fix this issue.
  • Dreamily, a story-writing AI service, suffers from this when its version 2.0.0 update resulted in loss of access to certain users' account and stories/worlds after the update forcibly logged everyone out without warning. While much of the confusion lies on the log-in method (manual input or third-party authentication and case sensitivity, though sometimes the problem eventually resolved itself with no way to know how), there are still users that managed to log in with their presumably valid info only to be treated as a new user (and thus no stories/worlds). Web users are the most affected, as the web version is behind the mobile version in updates, which resulted in desync issues. The web version since then provided a temporary recovery service to help out with accounts affected by this bug, but there is no hope for anonymous users (as in playing without logging in) that got affected similarly and this service only applies to accounts made during a certain timeframe.
  • The programming bug that led to the DAO hack, which was discovered to be extremely common shortly before the attack, particularly notable because even after the discovery, The DAO'snote  developers bragged that "No DAO funds [were] at risk". The bug itself is arguably an example of Idiot Programming on the part of Solidity, because even though the language was explicitly intended for financial purposes, there was no protection against writing this sort of bug into one's codenote .
  • The Brave browser boasts that it can block malicious malwares with its Brave Shield. It does recommand users not to set the protection level too high, otherwise it can break websites functionality. Guess what? Setting the damn Shield at the highest level, closing the browser and opening it again will cause the Brave Shield to quietly set it to medium level without informing the user. What's the point of having options if they never work as intended? Cue uninstalling Brave browser.

    Systems, Yes; Operating, No. 
A free or low-cost operating system is great, but bad programming (or none at all) can ruin the fun quickly.

  • While Linux is sometimes described as the most stable OS, the opposite was true for the 1.1 kernel, which was notoriously unstable and bug-prone, and had poor back-compatibility. Users quickly reverted to Version 1.0 and waited for 1.2. This is the reason behind the convention of using odd version numbers only for beta releases, which continued with Version 2.x of the kernel, but is no longer used as of Version 3.x of the kernel; the odd-numbered Version 3.19 was the last major stable 3.x release before 4.0's release.
  • The Sparse file system used in Linux or Android potentially make the virtual image, if ran on a virtual machine application in Windows, consumes more space than is necessary by keeping allocated blank data in disk spaces.
  • Some programs that come shipped with Linux distros often leave a lot to be desired. The file manager Nautilus (or its fork "Caja" for the MATE desktop) used for GNOME-based desktops has (or at least had) a nasty habit to freeze without warning when moving or copying files, not just large file transfers, and often being even able to lock up the entire system after killing it and attempting to restart it again — just Google "Caja (or Nautilus) freezes copying files". The same program, for reasons only known to the gods of computing, will often disable even on local hard drives the commands to copy, move, rename, or delete files forcing to kill and restart it.
  • For all its wonders, Linux still occasionally shows some issues with features that really should have been fixed by this point. For instance: copying some big files with the file manager to a USB drive or other external media, and you're surprised that the progress bar finished so quickly? Yeah, that's because the operation is not completed yet, with a sizable part of it still progressing in the background. You can see that because if you eject the device you'll have to wait a fair bit for the rest of your stuff to be copied over — with a "wait" mouse cursor but no progress bar or even dialog to let you know what's happening — before it'll tell you it's safe. If you're used to other systems whose progress bars work correctly on copy operations, and just yank out the drive after it's "done" copying, you'll have a broken copy operation, lost files, and sometimes a mangled filesystem on the target device that needs a repair before you can even access it. This can be worked around, but it's surprising how many distributions still have a broken progress bar by default.
  • Even if this not a fault of Android itself, the custom UIs some manufacturers put on top of such OS for their devices fall into this, including useless bloatware that cannot be removed or disabled, to be buggy messes that crash or freeze regularly and hog lots of system resources slowing it down a lot in the process, and to aggresively manage memory closing apps that are in the background for long despite unused memory being plentiful and without caring at all if they were being used or not.
Professional, proprietary commercial systems can have problems too.
  • Back in the 1970s-90s, Digital Equipment Corporation produced the RSTS/E Operating System for its PDP-11 mini computers. It had one terminal for the master console (used for the operator to take care of special tasks) and 63 regular user terminals. One release of RSTS/E had a bug (derisively referred to as "ultra-secure mode") that would crash the computer if a key was pressed on any terminal except the master console.
  • OS/2 had a problem with the Synchronous Input Queue (SIQ) where a program that had stopped responding to window messages could bring the whole system to a halt. A single program that can freeze a system negates the point of having a multitasking operating system. This was one of the many reasons that OS/2 was nicknamed "half an OS" and lost out to Windows.

    Threat Prevention Prevention Software 
It's never a good thing when your antivirus software is being just as annoying (if not more so) than an actual virus infection.

  • One common problem among non-tech savvy users is that antivirus programs are often designed to work alone, not cooperate with other antivirus programs. As a result, if you accidentally install two different antivirus programs (or Windows Defender and any other), three things can happen:
    • One: The first program recognizes the second and quarantines it.
    • Two: The two programs start fighting each other, attempting to quarantine each other, which takes up a lot of RAM and CPU power, because both programs want to protect your computer from each other.
    • Three: The two programs do the same as in Two, except they also screw up various system settings and/or quarantine important files.
  • Thousands of computers using McAfee Antivirus were brought down on April 21, 2010 by an update that misidentified an essential Windows file as a virus, causing computers to constantly reboot. Barring exploits your average user wouldn't be familiar with in the slightest, users would have to go to an unaffected computer to get the fix and install it manually, as they couldn't go online on the infected PC.
    • McAfee's strength is that it blocks everything that might be a threat...which is also its main weakness. If you wish to use a program that it considers a threat (and as of this writing, it considers Dhux's Scar, Postal III and Sonic Mania, among other things, to be such programs), you cannot get it to grant an exception. You're supposed to send McAfee's developers an email telling them it's a false alarm. If they don't respond, you need to disable McAfee every time you want to use the program. It may also delete files within the recovery drive for no apparent reason, making Windows impossible to recover unless you have a Windows installation disk.
    • On many computers, McAfee will make the CD drive stop working. And for a while, McAfee would often be stealthily installed by default during installations of something completely unrelated, most notoriously Adobe Flash Player.
    • McAfee is also easily thwarted by memory-resident viruses; the DOS version of ViruScan fails to detect the AntiCMOS virus note  back in the days of MS-DOS if the system was booted from an already infected disk in the first place, even if it has an up-to-date signature file. For comparison, other anti-viruses would have detected the virus in memory, frozen the PC and instructed the user to reboot and run said antivirus from a "rescue" floppy to proceed.
  • On April 15, 2013, Malwarebytes had a catastrophic false positive error which caused it to mark every DLL, media file, and EXE as a trojan downloader and quarantine it. This ate up many users' hard drives and rendered hundreds of machines inoperable, causing a large number of files to be lost forever.
  • Comodo Antivirus had a brief problem where it recognizes rundll32.exe as a virus and told the user. However, since the file was stored in a System-folder, Comodo was unable to quarantine it and simply resorted to notifying you every time you closed the Error-window. While this was a nuisance, the real problem occurred when it failed to scan the system or provide basic security because it was displaying an error message, leaving the computer open to actual viruses.
  • Norton's notorious for this sort of thing:
    • Norton Internet Security blocks any and all images with certain dimensions, specifically those that are commonly used for advertisements. Problem is, at least one of the sizes is also commonly used by sites for non-ad purposes. In older versions, this could not be turned off without disabling all filtering completely.
    • Some older versions of Norton products, particularly SystemWorks and Internet Security, cannot be uninstalled without risking damage to the computer — PCs would wind up crashed, bricked, or with corrupted files on the hard drive (including Windows Registry). Symantec had to create a special program for the sole purpose of safely and cleanly uninstalling Norton products, dubbed the Norton Removal Tool.
    • It is not unheard of for Norton Antivirus to declare itself a virus and attempt to delete itself.
    • Norton 360 in particular...
      • ...blocks and deletes any less-than-common executable run by the user, which includes code written by the user themselves.
      • ...deletes DLL files at random without any option to override this (and the "Learn More" button directs to a Japanese version of the Norton product page).
      • ...disables all network access (including offline), even when the firewall is listed as disabled in the options. The only way to address this is by removing Norton with the Norton Removal Tool in order to reverse the damage done to networking components.
      • ...disables Firefox for no reason.
      • ...increases the time it takes to boot Windows by over 500%.
    • Norton has also fallen prey to a host of other problems, such as a rather frivolous firewall and bad updates that at best gave BSODs when simply inserting a USB key and at worst forced users to perform a system restore.
    • Norton Antivirus' uninstaller also often accidentally deletes DLL files that are used by other software and drivers. One particular uninstall instance caused a system to BSOD and lost the ability to play sound upon reboot because said DLL was also being used by the Creative SoundBlaster Live! Drivers. One had to reinstall said drivers to fix the issue and restore the ability to play sound to the computer.
  • Symantec Antivirus tends to interfere with right-click menus and, more glaringly, cause BSODs within 5 minutes of starting up your computer more often than it actually blocks threats to the operating system. One could say that Symantec is a threat to your operating system.
  • Sophos Antivirus, sometime in late 2012, released a virus database update which blocked files with certain extensions, but only when they were auto-downloaded by programs without user prompts. Apparently, several malware programs would do just that in an attempt to hijack Windows computers. However, one of the files that wound up in the database was the antivirus' auto-updater. Any system with that update would grind to a halt during startup. The patch (which wasn't released for nearly a month) had to be downloaded from a disk or drive while the computer was in safe mode, and in office networks it could only be done by somebody with top-tier administration privileges. This was because the software, once disabled, would automatically reactivate (which isn't a bad feature on its own, but here it exacerbated existing problems).
  • Sadly, AVG is getting in on the same problems as Norton.
    • As discussed above, the AVG Toolbar slows down your browser by absurd amounts. Its core process vprot.exe also eats up a tremendous amount of CPU time (on laptops it will often hog a whole core) even when the browser is idle or occasionally not open at all.
    • Not bad enough? In January 2012, the toolbar was bugged to continuously add onto its log file. This would quickly reach upwards of 40 gigabytes in length of nothing but acknowledging calls to arcane functions. Any user who's been using AVG is advised to check WINDOWS/Temp/toolbar_log.txt, because the toolbar prevents most disk cleanup tools from deleting it.
    • Or how about the 2010 update that rendered systems unbootable (and thus inoperable) by mistaking a critical file in 64-bit versions of Windows 7 for malicious coding?
    • Like Norton, it's also starting to randomly identify almost any file it's never seen before as a Trojan Horse. This mostly includes executables you developed yourself, arbitrary setup.exe files in your Downloads folder, and occasionally key files of development tools such as the Irvine Assembly libraries.
    • In the early days of 64-bit consumer Windows, AVG would detect Windows XP Professional x64 Edition as Windows Server 2003 R2 (the former is based on the latter), and instead of installing, complains about the software not being licensed to run on Server OSes and pushes the user to buy AVG antiviruses for servers instead.
  • Avast!:
    • Avast made a blunder in 2012 which caused the antivirus to freeze Windows XP Professional x64 Edition machines, and only XP Professional x64 Edition machines. The 64-bit versions of Vista and 7 were unaffected. The biggest kick in the nuts is, to restore the machine to usable state, one has to reboot into safe mode, which renders the uninstaller unusable because safe mode also disables the Windows Installer services note . One has to somehow get the Avast remover program from Avast's website and move it to said affected PC and run it in safe mode to be able to remove Avast and return the PC to a usable state.
    • Like AVG and Norton, Avast is now starting to block and quarantine programs that you've compiled yourself.
    • Avast once got defensive when you tried to install the Razer Synapse mouse software for your Razer mice. Simply plugging in a Death Adder caused Windows 10 to start retrieving the needed drivers, possibly triggering a threat detection. Razer later updated their driver with a proper signature to prevent this, which may make one wonder why the driver wasn't signed in the first place, but that's another story.
    • Avast! very rarely has trouble with false positives, but every so often, it will have a spectacular glitch in this regard. Avast! virus definitions 170221-1 22.2.2017 caused many files to be detected as VBS:Malware:Gen. If a user panics and deletes all of those files and a critical system file(s) was removed too, then the system would likely be inoperable. Randomly deleting your files: Isn't that malware's job?
    • Starting May 2023, Avast! for Android started detecting Samsung Core Services as having Malware on multiple phones. The solution presented was to disable the service which is essentially disabling your operating system. Another issue was the Report False Positive feature failing to send the report and not explaining why it didn't go through, so it could be impossible to report this bug.
    • Avast! Cleanup has the option to put programs to sleep to supposedly improve performance. Unfortunately, if Cleanup gets corrupted and unable to launch, as it often does, or is uninstalled, said programs become permanently comatose until you reinstall Cleanup and get it to work again, or manually delete the "Debugger" registry entries from the respective applications' Image File Execution Options keys.
    • While Avast was known for its light-weight interface, the same can't be said of the 2018-2019 interface, which took a while for loading it despite it has no eye-candy even compared to the 2012 iteration which has the most eye-candy yet still pretty light (and even then that kind of design has been scrapped and replaced with a simpler one since 2013)
  • Panda Antivirus has joined the ranks of security software that flags itself as a threat, tries to intervene, and borks the system as a result.
  • Antivirus software may tout their ability to make sure apps behave properly. The best way to do that is to snoop at the app's memory contents and making sure whatever code its executing is done safely. Except in the mid 2000s, Windows, Linux, and later macOS started shipping with what's called Address Space Layout Randomization, or ASLR. The idea is that on boot and every time an app is run, the layout of how things are stored in memory is randomized. This makes it so if an attacker finds a memory address that's exploitable, the next time the system boots or the app is launched, that address is no longer valid. But Mozilla's developers found out antivirus software bypasses this feature by forcing apps to launch with libraries that the AV software knows where they're located. In other words, in order to "protect" your computer, AV software actively makes your computer more insecure.
  • Immunet Antivirus, which was Cisco's attempt at adding cloud-based protection and real-time protection to Clam Antivirus for Windows, was commendable. However, it has one single major annoyance: It would randomly kill Steam and display a popup saying that gaming is not allowed and you should contact your systems administrator for more information. Even if the computer is not connected to any enterprise network with such policies in place and the use owns the PC. More stupidly, the issue would go away with a system restart, and that Cisco has claimed that the antivirus is not for enterprise use and is only for non-commercial uses.

    WTF-Inducing Websites 
  • Many streaming video websites have a ridiculously small buffer size: quite often only 3-4 seconds of video, and possibly even less at HD resolutions. In optimal conditions it's not so problematic, but if the site is particularly busy or if your Internet connection isn't too fast, it can make the videos all but unwatchable. A part of this problem is actually politics of internet service providers. The content providers (YouTube and Netflix, for example) and service providers are in heated debates about who should fork over dough for the upkeep of the network. When this fails to make any progress, certain aspects of how videos get to your home suffer. It's not that content providers suck, it's that they have to hop through more loops to get to you. You can read more about it at this article.
    • An additional problem caused by the introduction of ad breaks on certain longer videos, both for the commercial networks and independent web producers, is an annoying tendency for the players to just stop working after an ad break and never go back to the video originally being watched. Fortunately most sites are kind enough to remember where you were in the video and just pick up after the last commercial break, but several will force you to restart from the beginning. Which means sitting through some (if not all) of the ads again.
  • vBulletin 5 has this in spades. Thousands of bugs? Check. Bugs that let members do things like figure out what private sections exist, not search/view more pages/post if JavaScript is disabled? Check. Changing every aspect of the URL structure on upgrade in one fell swoop and completely mauling the site's search engine rankings? Check again. There's even a code review that breaks down the poor programming that's filled with examples of Idiot Programming and inconsistency line by line.
    • vBulletin 4 wasn't that great either: the old developers fled the coop after they somehow thought selling out to Internet Brands was a good idea. All hell broke loose.
  • Want to register on Finale PrintMusic's forums (or certain others, such as the Magic Set Editor ones)? We hope you don't plan on being away from your account for too long, because it will deactivate after a few months and you can't log back in. You can't simply create a new account, either, because the old information will still be in the system and it won't allow you to use the same information for another account. You can contact a forum administrator and have them reactivate the old one, but you need to view the admin's profile to gain their contact information... and you can only view user profiles if you're logged into an account.
  • Many websites are distressingly bad at password security, as Tom Scott explains. The worst offenders will simply email a password to you in cleartext on request, which implies that the website is not hashing and salting user passwords, allowing password thieves to crack the easy passwords like "12345" to log in. Scott claims that handling passwords at all is Idiot Programming to begin with, and that programmers should use a third-party service like Facebook if possible, because security is so hard to get right. A good sign that a website has insecure passwords is if it imposes a limit on password length: a hashing function always returns strings of the same length, whether you give it one character or a thousand.
  • Browsing the Internet is a different experience depending on whether you're on a full computer or a portable device such as a smartphone or tablet. For this reason, many websites offer different page layouts for PC and mobile devices, making the mobile site more compact and easier to navigate with touch controls. The standard method of doing this is to automatically detect what web browser you're using, and load the mobile layout if it's a mobile browser. However, for whatever reason, some sites instead redirect you to a completely separate page (usually indicated by adding "m." to the URL), which always loads the mobile layout regardless of which device you're using. The result is that, if a mobile user wants to share a link to this site, they either have to manually edit the URL to the regular version, or every PC user who follows the link has to find the "Go to desktop site" button (which is often hard to find). Even giants such as Wikipedia, Twitter, and Facebook do this, which can make one wonder why they can't just follow the more user-friendly standard method.
    • Speaking of the standard method of code that responds to screen size on a single page, all too often links and other content are Dummied Out in the process of streamlining the page, something that best practice seems to encourage. In the interest of keeping things not-general, one major offender is Reddit which, among other problems such as squeezing long comment threads unreadably thin, hides the option to create subreddits this way.
    • This problem can come up when going the other way as well, where a mobile user tries to go to a webpage and the server redirects them to the mobile site's home page instead of the page they actually wanted. xkcd sums up the situation.
  • When the Epic Games Store had its first Mega Sale in May 2019, many users found themselves getting their accounts flagged for fraud and blocked from making further purchases after taking advantage of the sale and buying many games in quick succession. While locking down accounts after numerous purchases or requests are done in a short amount of time is an industry-standard practice, it became a problem in Epic's case since their store lacked a shopping cart like other online storefronts, requiring many transactions in a short time if anybody wanted to buy multiple games.
  • In April 2019, LyricWiki locked all the wiki pages from editing by users due to escalating problems with inappropriate content and malicious editing, which is a reasonable reaction to the situation. However, all of the primary communication methods on the site are wiki-based, such as editing Talk pages or submitting correction requests. The only other ways to contact anyone are via their Twitter or Facebook pages, or by posting to the larger Wikia/ forums, which no one from LyricWiki appears to be paying attention to. This completely negates the point of having a wiki.note 
  • In August 2019 it was discovered that the identity and personal information, including phone numbers, e-mails, and even possibly home addresses of the literal thousands of journalists, media, and industry professionals that attended E3 for years had been leaked out onto the internet, putting thousands of people at risk. How was it that this information was leaked out to the public? It turned out that it wasn't leaked at all. The ESA, the group that runs E3, had listed this information in an unencrypted spreadsheet file that was freely available on its website for years. This information was supposed to be used by vendors and industry professionals at the event, but the ESA had never required any sort of login or check to make sure it was only accessible by these parties. Without these, the file and directory were accessible by anyone.
  • Cpedia was a bizarre attempt by failed Google competitor Cuil to combine a search engine with an encyclopedia. Basically a search engine that would format the results as wiki-like pages, Cpedia's pages were little more than incomprehensible, schizophrenic messes because the level of artificial intelligence required for such a bot to create anything we squishies could make sense of was well over a decade away. Cuil, and by extension cpedia, has since been put out of its misery, but many reports of its failure remain. But at least we got a meme out of it.
    "I threw up a little in my mouth trying to decipher the results for Batman Returns, which according to Cpedia includes such characters as Heath Ledger and Edward Scissorhands."
  • Yahoo doesn't have the best track record when it comes to thinking security policies through:
    • In 2002, Yahoo admitted they were filtering the words "eval", "mocha", and "expression" and replacing them with "review", "espresso", and "statement" respectively in a misguided attempt to corrupt Javascript viruses. This was after a little over a year of the filter causing mysterious nonsense words like "statementist"note , "reviewuation"note , "prreviewent"note , and, most notably, "medireview"note  to appear all over the internet because no effort was made to respect word boundaries or limit its effect to script sections in case either of these opened loopholes.
    • In 2005, Yahoo! Mail tried to shield their accounts from automated hacking attacks by implementing a system whereby the first time a user entered their password it would be rejected as incorrect, and they would have to enter the correct password a second successive time before being allowed into their account — the logic being that anyone who knew the correct password would just think they had mistyped it, try it again and then get into the account, whereby an automated hacking program would move onto the next possible password. Unfortunately, Yahoo opted to introduce this system right as most major websites started demanding much longer and more elaborate passwords (usually involving mixtures of lowercase characters, uppercase characters, numbers, and/or symbols), meaning that instead of just re-trying the correct password, users tended to be left uncertain as to whether what they had entered actually was the correct password, and instead try entering something else, thereby resetting the system and leaving them with no clue what they were doing wrong. Unsurprisingly, Yahoo quickly dropped this system.

Alternative Title(s): Genius Programming