Microsoft, like most software companies in the world today, practices object-oriented principles in their software design, a fact clear from the near universal adoption within Microsoft of COM. Granted, this isn't a silver bullet that magically slays all software bugs, but it does imply that the CODE is separate for each component within Windows, whether or not the distribution of compiled code is scrambled with other system dlls (something that is done, in my opinion, in order to satisfy the "integration" requirement of past settlement decrees). In other words, I doubt that a programmer on the Internet Explorer team has to slog through GDI code to find the parts that relate to Internet Explorer. The IE development team likely deals EXCLUSIVELY with IE code, a division of labour that adds no more complexity to Windows OS maintenance than Microsoft Office adds to it.
Of course, applications might interfere in such a way as to create a security issue, but in this case, the advantage goes to a standardised system. With a standardised system, you can predict what configuration will tend to exist on a given computer. This standard system, therefore, will respond in a more predictable fashion than a system with a configuration that can't be predicted in advance.
OEMs tend to prefer standard configurations, as standard configurations are well understood and easier to fix. The same applies to operating systems. An operating system with standard interfaces and components is a standard base that can be updated as needed. Patches are a reality for Linux as much as Windows, and I would argue that the higher levels of standardisation on Windows systems will make it easier to patch more fully a wider swath of systems than a fragmented and diverse system where security bugs can hide within applications an update detection tool knows nothing about.
On a different tack, integrated features are what enable regular users to perform a number of advanced functions they would be unlikely to have discovered on their own. Windows consumers can, out of the box, log onto the Internet, browse Web pages, play music and streaming movies, and create home movies using just the features that come with Windows. Call these training wheels for the non-technical user, but just as training wheels lead to increased proficiency in riding a bicycle, Windows defaults provide entry to areas of technology that the non-technical might not have used on their own. I would suggest that Microsoft's decision to turn Media Player into a competitive product (versus just the stripped-down tool of days past) has done more to boost the fortunes of digital media than any action on the part of third parties with a vested interest in the market. This is market-building, and enables new companies to offer services in areas of technology that, previously, lacked a market of sufficient size as to justify the expense of entry.
Default features also present a standard base that non-technical users can expect will always be present on every Windows system. Why has "vi" managed to persist as a text editor, even though its interface (IMO) is about as much fun as making a transatlantic all using tin cans and a very long piece of wire? Quite simply, Unix administrators and programmers have come to expect that every Unix OS they come across will have it. Such standardisation matters to technical users, who have the wherewithal and interest to investigate new technology. It matters all the more for non-technical users, as such standardisation is what makes it possible for them to navigate the computing universe.
Complexity in the form of more integrated product can make it easier for bugs with security implications to hide. However, the costs are not as severe as they might appear at first glance, given that most computers users would have little use for a stripped down, but highly secure, product. Likewise, there are benefits derived from a product with a high-feature, standardised configuration which may outweigh the remaining costs associated with complexity.
John Carroll is a software engineer now living in Geneva, Switzerland. He specialises in the design and development of distributed systems using Java and .Net. He is also the founder of Turtleneck Software.
Talkback
Excellent column so far. I look forward to reading the rest of it.
You mention one point that I really wish Unix fans would get: Windows is integrated ONLY in that it all comes in one box. Windows is no more one monolithic thing than Unix is and in much the same way that any standard Unix distro comes with tons of little apps which get installed with the OS, Windows is a collection of objects (mostly COM) and apps delivered with the core OS.
Each object is independent as code, although they may talk to each other and expect other specific objects to exist to function - that's the core of why Microsoft said IE couldn't be removed from the OS. They were right in the sense that a lot of things in the OS expect to find the IE COM object to do their thing.
That's a dependency, but no more so than a Unix app expecting libc.a to exist. The IE COM object isn't the browser, it's the component that does browser stuff - and any app can use it to do browser stuff - which is really powerful and useful - and desirable.
For those who argue that Microsoft is still at fault for not letting other companies replace their IE COM object - let me ask - would you be happy about the idea of some application replacing libc.a with their own personal copy?
I didn't think so.
Why then does Microsofct change the namme of its "security initiative" AKA Paladiam and a dozen other names?
That is what most of us who have looked at the problem are scared of.
In the name of "fighting piracy", MS will determine what can be run on your computer!
Whilst I thoroughly agree with the statement on the issues and the problems that this causes (today or later) for the users, it is difficult to see what can be done about it in a practical sense.
As a real dinosaur, I remember the days when there was IBM, and a bunch of "others". I worked in an IBM shop on a 1440 and then a 360. My brother woirked in an ICL shop on a 1905. Where I worked, we had a maintenance visit once a month from the CE; at my brother's place they had a more or less resident engineer.
I certainlywould not have liked to see ICL artificially suppoorted by court cases, legislation or other pressure, and I don't think it would have done any good anyway. In my opinion, artificial support makes people less inclined to support themselves, so the quality ultimately goes down and not up. The ultimate examples of this are, of course, the local councils and central government.
Unfortunately, I see no practical alternative to letting Bill Gates and his crew go down the same slippery road as IBM, and when they become arrogant and lazy enough, someone else, who may not even exist today, will leap into the gap and we shall be off again, singing the praises of this wonderful new company.
Does anyone else remember how great we all thought the early Windows stuff was, compared with DOS? Of course we also compared it with other systems that we saw, which had "drop down menus" (even our childrens' Atari had them which Windows did not), and asked each other how Bill Gates could be so silly!