Aaron N. Tubbs bio photo

Aaron N. Tubbs

Dragon chaser.

Twitter Facebook Google+ LinkedIn Github

I’m in the business of writing software that has to exist in a hostile host environment. To some extent, anybody who writes software is in this situation. On the best end of the scale the hostile environment is relatively well designed and all its parameters and parasites are known by the engineer. Additionally, the environment does a good job of protecting processes from one another, and minimizes interference to things that can pass across communication layers and shared resource exhaustion. Take, for example, writing daemon processes on a unix system.

The other end of the scale is represented by host environments out of engineer control and observation, full of other parasites that aren’t prevented from interfering with the engineer’s efforts. Some examples are writing browser extensions or Microsoft Office add-ons … or just about anything on Windows, for that matter. In these situations, you can write a program that is theoretically perfect and bug free, and it still runs the risk of crashing, misbehaving, or doing something wrong because a less civilized parasite in the host could change the host, clobber its memory, or cause a state that should not be possible.

Part of engineering software in such a hostile environment is making the software defensive against such threats. The downside, of course, is that it is impossible to do so completely, one keeps adding overhead, and it takes a lot of time to code defensively.

I think a lot of the pain comes from the platform, however. Microsoft is pouring loads of effort (well, I guess they’re done now) into Vista/Office 2007, in order to make them, as environments, easier to use and more internally secure. The downside is that things like UAC and file virtualization are a complete disaster, and the dream that they will be able to yank file virtualization out in the future (nobody uses legacy apps, right?) is a pipe dream. Because either these new features will get in the way, or people will just not adapt, these sorts of adjustments will actually do nothing to increase the security and integrity of these host environments.

Beyond the marketing and everything else, I suppoe what made Windows an Office popular platforms in the first place is that they are such a complete mess — they’re sloppy environments with years of abuse and hacks, and no amount of work after the fact is going to fix that. Sort of like HTML and XHTML, I guess.