Keeping myself honest

The name of this post may be misleading as I haven’t gotten a professional to write an entry on my blog, gotten a copy editor or even proof read this blog post any more than usual (Which I just noticed in the number of typos here). What I mean to say is that I’m going to talk about something that I am professionally knowledgeable about and therefore something that will not be interesting to most of you, but this is my blog so stop reading if you don’t like (Just kidding, no seriously just kidding I love you all for reading this. Please stay to keep me from being depressed that no one likes me).

In a recent episode of the excellent security podcast Security Now the host Steve Gibson had a good rant about Microsoft Windows and how it’s a “Steaming pile of crap” and there are better solutions. Now as someone who uses windows on my 3 computers and develops all of my personal and professional with Microsoft’s tools so I know that I’m definitely biased in my opinion of the company.

It was an interesting discussion of the use of windows and the problems associated with using it. On the one hand Windows is a marvel of technology that somehow works its magic to allow everyone to do the day to day activities they like. Everything from my mom doing her report cards and eBay to me programming new software and running applications that were created back in the 1980’s. At the same time Windows is a pain with programs crashing often for what seems like no reason and a legacy of bad or outdated decisions that haunt the product to this day.

As a programmer it is a fine line (especially with security) between getting something working out as fast as you can and at the same time getting the program to be robust. Code is interesting as that there is really no right or wrong way to do something as long as it works but at the same time there is definitely a good and bad way and most programmers make both types of programs.

Sometimes you want to make a quick and dirty program that just works as fast as you can get it out the door and other times you have a foundation layer that you want to build upon for years to come so it is planned out and implemented in a way to make it easy to work with and upgraded on the fly. The problem is that normally it isn’t so black and white and that quick and dirty program ends up becoming the foundation layer when it was never planned to be that.

To not make this a very long and technical rant, the easy way to explain it is that Windows suffers from many of the same problems and this means that there are continually major security concerns with the product. Microsoft recently released a locked down version of Windows XP for the US Air Force but that doesn’t solve the root of the problem which is the same problem that happens if you’ve ever seen an ATM or automated kiosk showing you a windows log in screen.

The problem is that Windows is a consumer product and as such has advantages and disadvantages associated with that. It still runs very old programs so that business users don’t have to rewrite legacy applications but that means that they can’t overhaul portions of the system that they know are wrong or outdated because they don’t want to break anything that already works. This combined with how ubiquitous Windows has become means that it is used in applications it was never originally designed for.

I read a story how the current worm going around is infecting MRI and other machines in hospitals because they had security updates disabled because the computer was restarting in the middle of surgery. Now why a mission critical system like this would be running windows is absurd and comes down to the same problem that usually happens in programming which is if it works then no one wants to take it to the next step and makes sure it works well. It was probably cheaper for the company to build their software on top of windows as apposed to trying to learn how to used a real time OS or something designed specifically for industrial devices.

Your car, phone, TV, gaming system and toaster don’t have Windows built into them (or shouldn’t) not because Windows is bad or is programmed poorly but because it isn’t designed for use in that situation. Nothing catastrophic will happen if the program you are using crashes on your desktop, it will be annoying for sure but wouldn’t be the same as a nuclear reaction or an airplane having to be reset while they are being used.

In closing I’m excited for the release of Windows 7 and will probably put it on all of my computers but I think the market needs to step back and realize that there is a better way to use this (and many other forms) of technology to make them and advantage to society and not a liability.

— Update After going through the post with a little bit more of a fine toothed comb I fixed a disturbing number of typos and grammatical error (which is what I get for Proof reading it late at night). So I apologize to anyone who had to suffer through that and will make sure to do a better job from now on —

Scotty B Commentary