MS is now KOS

But that might be a good thing for Microsoft in the longer run…

Ever since the announcement of Windows 7, it seems a vast number of publications seem to be seething over the apparent abandonment of Vista. And MS has felt the wrath from the likes of Dvorak who goes as far as to call Microsoft the “Spandex Granny” in a PC World article.

Are they really abandoning Vista or are they more concerned with abandoning what ties Vista to XP and, by extension, Win2000?

I think it’s more toward the latter.

Microsoft must be aware that it’s not 1995 and that type of tech dream-team domination will never happen again. Then this new impetus must involve setting fire to some of the old-world baggage. Kill it all. While this will also, potentially, kill our application compatibility (even more than it has with Vista) it may not necessarily be outright evil if their final product is genuinly safe, stable, bloat free and, above all else, secure. Who knows, if the above criteria are met, there might even come about stable emulation tools that will still enable apps to function normally.

The gaping holes in Windows security is part Microsoft’s fault, and part the fault of application developers who open up their users’ systems to the Big Bad Wolf of the Net. Why huff and puff when all it takes to compromise a Windows system is a remote hole in an application?

This brings me to the MS apps…

It may be true that the train wreck known as Vista was probably rushed with all the best intentions, it’s a direction that’s new to Microsoft. They’ve made WPF such a big deal, perhaps, to dump what makes MS apps so vulnerable and be able to focus on the OS security itself. Maybe the added features and rendering capability was primarily to entice programmers so they can be better controlled and herded by the OS. It’s a lot easier to keep track of Betsy if she’s in her pen.

I think it’s fair to say, and many other programmers would agree, Microsoft has made programming for Windows so nonchalant, that they have actually encouraged writing shoddy code. This is partly due to the way MS has promoted their development tools, which tend to appeal to the novice programmer. And every Tom, Dick, and Harry has become a self-proclaimed MS application developer. I’m by no means encouraging user un-friendliness, but I am encouraging caution when designing developer apps where proper structure (and practical “best practices”) are emphasized.

There’s a reason why some dangerous roads atop mountains don’t have guard rails. It encourages safe driving. When you have that safety net, you don’t worry as much about being careful. When developer apps are designed with all-or-nothing excecution, where tools recognize potential for unstable behaviour or fail compilation on warning, sure it could be frustrating, but it ensures your app is stable. Though application security is an integral, but seperate topic, in many cases stability = security.

Then there’s the issue of documentation…

While MSDN does a very decent job of listing language capabilities, it isn’t complete. There are many commonly asked questions on developing methods, and sure there are many ways to accomplish the same task… but why are we repeating ourselves? Why not create example desktop applications that implement many of the “best practices” that MS itself seem to be promoting? MS already has an Open Source variant license called the MS Source Available License. Here’s a chance to set a precedent in application development by leading the way.

It’s easy to say don’t develops apps like “this”, do it like “that” instead, but actually seeing the source code implemented will help all novice programmers.

So are we abandoning the Windows we knew? If we’re getting something better in return, maybe it isn’t all that bad. Microsoft has a culture war within the organization to fight in addition to fighting hackers. Its culture of security through obscurity will not work for the foreseeable future as they might have already realized with the flood trojans out there. Hiding errors, obviously, doesn’t work. Maybe building it more securely from scratch will.

In this regard, the MS folks and app developers have a lot to learn from the OpenBSD community. Focus on correctness of code and keeping safe and secure will come more easily. Let’s stop calling the Find Exploit→Patch cycle and proactively ensure the OS and its apps are ready to hit the ground running. If it means killing off all if not most ties to the previous branches in the family, then so be it.

If Old Yeller can’t learn some new tricks or can’t shake loose the myriad of diseases it’s caught from within and without, then it might be time to put him down.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s